Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/KkDqDLNE240fCTXz3x0pbuKHvl4.roa
File: KkDqDLNE240fCTXz3x0pbuKHvl4.roa (raw, json)
Hash identifier: 8CcwM3+dFL+lua0flReoYrUHpd5rKuSGWfX4/qWe1QI=
Subject key identifier: 2A:40:EA:0C:B3:44:DB:8D:1F:09:35:F3:DF:1D:29:6E:E2:87:BE:5E
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 019E62AD7B0436CA81D9267A9D58EABBE9D2
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/KkDqDLNE240fCTXz3x0pbuKHvl4.roa
Signing time: Tue 26 May 2026 05:06:36 +0000
ROA not before: Tue 26 May 2026 05:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8932
IP address blocks: 46.36.124.0/22 maxlen: 24
46.36.124.0/24 maxlen: 24
46.36.125.0/24 maxlen: 24
46.36.126.0/24 maxlen: 24
46.36.127.0/24 maxlen: 24
46.162.220.0/22 maxlen: 24
46.162.220.0/24 maxlen: 24
46.162.221.0/24 maxlen: 24
46.162.222.0/24 maxlen: 24
46.162.223.0/24 maxlen: 24
185.48.240.0/22 maxlen: 24
185.48.240.0/24 maxlen: 24
185.48.241.0/24 maxlen: 24
185.48.242.0/24 maxlen: 24
185.48.243.0/24 maxlen: 24
2a00:cc40:1::/48 maxlen: 48
2a00:cc40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:62:ad:7b:04:36:ca:81:d9:26:7a:9d:58:ea:bb:e9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: May 26 05:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a40ea0cb344db8d1f0935f3df1d296ee287be5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:67:13:98:5c:96:fb:04:aa:d8:1b:c9:d2:
70:fd:7a:2b:b8:0f:71:60:84:de:22:04:a2:25:4b:
05:23:37:6f:06:46:5d:b0:d8:d4:92:c8:cc:17:8d:
03:09:3e:bd:4c:44:c2:57:17:f5:74:2a:8b:29:72:
d4:45:fd:ee:85:22:7e:c0:03:f5:91:96:e7:5b:18:
a4:1d:01:f8:92:04:b8:15:71:5d:02:06:5a:4b:3e:
36:06:71:83:f3:b0:81:7a:c0:30:fe:b4:24:1e:18:
b1:b4:c0:e1:c4:d1:22:80:4d:ab:ec:1f:9a:d8:4d:
71:4d:82:cb:fe:03:4c:fb:77:12:5e:e5:44:16:ec:
c5:e8:80:35:51:e4:47:34:78:ff:33:40:8a:8c:88:
55:e6:d6:e5:b6:48:40:d3:ad:35:26:b5:33:80:09:
09:5e:c3:04:8f:86:f1:a2:1d:9e:07:36:de:db:69:
6a:aa:2b:73:f2:5d:00:59:c1:6b:a8:42:ac:2c:4d:
7e:10:19:39:86:d5:99:44:d9:3e:bd:4e:c1:6d:c4:
64:59:56:5b:e7:d0:19:99:85:ba:0b:80:f3:02:63:
ba:dc:c6:3d:97:a4:5b:09:34:03:fa:0d:5d:ae:8a:
a6:e1:da:b0:94:b2:00:58:40:ae:0c:e1:2b:7b:19:
27:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:40:EA:0C:B3:44:DB:8D:1F:09:35:F3:DF:1D:29:6E:E2:87:BE:5E
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/KkDqDLNE240fCTXz3x0pbuKHvl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.124.0/22
46.162.220.0/22
185.48.240.0/22
IPv6:
2a00:cc40:1::-2a00:cc40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bc:ef:29:ae:85:cc:9f:69:b9:49:4a:67:3d:89:9a:28:9f:3c:
8a:43:d4:97:b7:4e:71:7c:3f:0b:90:7a:45:0a:54:f8:c6:b5:
8a:32:81:b1:a0:f3:cc:87:28:9d:27:c0:3d:6d:de:30:9d:aa:
61:2e:ea:70:c6:96:33:a2:b6:fd:6d:9e:62:da:6e:03:b5:af:
7c:d5:f3:08:51:8d:8a:35:98:5c:af:19:7b:45:c5:ca:4b:cc:
b6:c0:dd:9f:10:23:47:c9:e9:a7:7e:32:a9:d3:d5:2c:f3:5d:
f8:77:1a:d7:e1:2b:a9:94:cd:73:e7:da:14:31:a2:5b:09:72:
f2:a1:89:69:29:80:8d:93:5f:34:e3:a3:02:ce:47:75:20:4e:
27:24:ac:4d:f9:0c:5a:dc:c4:15:ac:34:e5:8e:17:00:1c:90:
91:b6:11:14:4e:73:4b:be:71:2b:b9:1a:88:87:8c:01:83:6a:
a8:7b:4c:ac:d6:d9:9a:70:08:36:b8:60:4a:87:0e:ec:a0:2d:
8d:e1:d5:2c:88:dd:87:ef:10:02:e0:31:80:85:0b:23:11:67:
42:8e:e7:5e:a4:be:7b:29:da:bb:8e:cf:af:3e:01:79:f5:0e:
bf:d8:a0:ec:33:a9:19:c1:45:1d:10:ff:d1:b1:9b:da:83:f8:
46:d2:b0:59
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ5irXsENsqB2SZ6nVjqu+nSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjYwNTI2MDUwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQwZWEwY2IzNDRkYjhkMWYwOTM1ZjNkZjFkMjk2ZWUyODdiZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8tnE5hclvsEqtgbydJw/XoruA9x
YITeIgSiJUsFIzdvBkZdsNjUksjMF40DCT69TETCVxf1dCqLKXLURf3uhSJ+wAP1
kZbnWxikHQH4kgS4FXFdAgZaSz42BnGD87CBesAw/rQkHhixtMDhxNEigE2r7B+a
2E1xTYLL/gNM+3cSXuVEFuzF6IA1UeRHNHj/M0CKjIhV5tbltkhA0601JrUzgAkJ
XsMEj4bxoh2eBzbe22lqqitz8l0AWcFrqEKsLE1+EBk5htWZRNk+vU7BbcRkWVZb
59AZmYW6C4DzAmO63MY9l6RbCTQD+g1droqm4dqwlLIAWECuDOErexknEQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCpA6gyzRNuNHwk1898dKW7ih75eMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvS2tEcURMTkUyNDBmQ1RYejN4MHBidUtIdmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQCLiR8AwQC
LqLcAwQCuTDwMBoEAgACMBQwEgMHACoAzEAAAQMHACoAzEAAAjANBgkqhkiG9w0B
AQsFAAOCAQEAvO8proXMn2m5SUpnPYmaKJ88ikPUl7dOcXw/C5B6RQpU+Ma1ijKB
saDzzIconSfAPW3eMJ2qYS7qcMaWM6K2/W2eYtpuA7WvfNXzCFGNijWYXK8Ze0XF
ykvMtsDdnxAjR8npp34yqdPVLPNd+Hca1+ErqZTNc+faFDGiWwly8qGJaSmAjZNf
NOOjAs5HdSBOJySsTfkMWtzEFaw05Y4XAByQkbYRFE5zS75xK7kaiIeMAYNqqHtM
rNbZmnAINrhgSocO7KAtjeHVLIjdh+8QAuAxgIULIxFnQo7nXqS+eynau47Prz4B
efUOv9ig7DOpGcFFHRD/0bGb2oP4RtKwWQ==
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:54:20 2026 by rpki-client