Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ril93XqGqpHgn_a3mmcRvDMwNwg.roa
File: Ril93XqGqpHgn_a3mmcRvDMwNwg.roa (raw, json)
Hash identifier: C0G9aJ8uE11e4r5qDVPQxF1KrtkzxXjH1fkV++k+EEY=
Subject key identifier: 46:29:7D:DD:7A:86:AA:91:E0:9F:F6:B7:9A:67:11:BC:33:30:37:08
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019D92D9315E0F531828AC755D81872E04A6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ril93XqGqpHgn_a3mmcRvDMwNwg.roa
Signing time: Wed 15 Apr 2026 20:33:20 +0000
ROA not before: Wed 15 Apr 2026 20:33:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.101.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 23:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:d9:31:5e:0f:53:18:28:ac:75:5d:81:87:2e:04:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 15 20:33:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=46297ddd7a86aa91e09ff6b79a6711bc33303708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:77:ac:a7:8f:84:7c:76:a8:2e:63:4d:d7:
cc:fb:e0:03:dc:02:c5:63:98:db:25:76:bb:e0:e3:
72:ad:8e:c7:ac:1d:5c:ff:f1:0e:e1:e4:0b:dc:76:
9f:06:53:c3:12:e7:f7:f9:d5:68:46:bc:8b:7d:a8:
cc:ff:93:30:5e:c5:72:6f:e6:13:f2:de:34:06:46:
da:d3:d4:c5:95:3f:23:a2:9f:29:05:12:c7:8b:27:
05:ca:3e:4f:df:73:fa:59:95:6f:c0:75:38:8c:bf:
04:73:27:fc:61:02:f7:ef:5a:eb:05:40:94:b7:ab:
2b:64:e5:c9:3c:5b:54:bc:0a:db:82:a4:3d:93:27:
3d:7e:b5:ba:a3:e0:a9:0c:0e:98:a0:b9:b9:e1:e6:
3f:f4:b8:e3:c8:67:f7:1b:55:ae:4d:90:e1:3a:1f:
83:c0:d0:b8:a3:bd:a0:7a:ea:53:34:63:e1:40:d5:
14:d6:87:97:d2:0b:e1:bb:c2:a0:57:a9:89:ec:cf:
af:8d:be:80:2e:9e:d9:ef:b2:83:78:44:0b:a6:32:
32:8d:9b:8e:6f:fc:7d:e2:b9:b6:6a:a8:1a:73:01:
65:65:f2:13:b6:5e:cc:36:b2:ea:a4:2a:c9:ff:00:
74:3b:c8:72:8c:ba:8a:16:21:41:35:71:28:42:e5:
b6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:29:7D:DD:7A:86:AA:91:E0:9F:F6:B7:9A:67:11:BC:33:30:37:08
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ril93XqGqpHgn_a3mmcRvDMwNwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.3.0/24
128.0.119.0/24
185.117.21.0/24
185.117.23.0/24
185.144.101.0/24
185.211.49.0/24
185.227.243.0/24
193.201.209.0-193.201.211.255
194.36.102.0/23
194.124.66.0/24
195.85.68.0/24
Signature Algorithm: sha256WithRSAEncryption
90:0c:c3:c3:9c:dd:ce:38:be:de:e5:a9:e7:a1:da:04:6f:69:
2f:bb:67:d1:4e:df:cd:28:d2:61:a0:cc:dd:39:f6:3f:09:0d:
02:ee:cf:f5:85:3f:a5:2b:d0:61:1f:fa:4c:89:fc:a3:3e:02:
8c:9c:2a:ad:d9:c7:92:5d:d0:cf:54:ba:70:d5:12:14:89:87:
9c:9f:0f:79:43:f2:60:0a:f3:a7:07:2e:3e:86:33:75:6b:e8:
e5:98:1d:48:e5:c2:45:67:c2:87:ed:31:09:94:31:bb:9a:9a:
43:62:0c:34:aa:9f:ef:fa:78:7a:ad:3c:b2:cf:7e:99:f5:6b:
5c:b1:7e:65:2c:d7:ad:97:33:8d:ba:17:e5:bf:b2:21:86:2f:
92:a9:ce:84:25:db:bb:6a:9d:6c:38:bd:5e:c9:17:67:08:99:
b0:e9:b2:ce:53:a5:6a:4f:0e:5f:79:24:18:2e:59:06:a9:88:
8f:34:c9:57:e2:5c:9f:e9:52:1e:f7:37:21:96:e7:10:a4:98:
26:d7:d1:d9:16:89:00:af:7b:73:c5:ce:0f:fa:7a:75:fc:ca:
e4:1d:61:1d:98:4f:40:3a:39:9e:07:2b:eb:e9:65:a8:11:e3:
42:17:cd:5e:35:a4:a8:a4:f1:59:91:fd:b0:53:62:6b:b9:b7:
ac:b4:52:f9
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ2S2TFeD1MYKKx1XYGHLgSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwNDE1MjAzMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI5N2RkZDdhODZhYTkxZTA5ZmY2Yjc5YTY3MTFiYzMzMzAzNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn53rKePhHx2qC5jTdfM++AD3ALF
Y5jbJXa74ONyrY7HrB1c//EO4eQL3HafBlPDEuf3+dVoRryLfajM/5MwXsVyb+YT
8t40Bkba09TFlT8jop8pBRLHiycFyj5P33P6WZVvwHU4jL8Ecyf8YQL371rrBUCU
t6srZOXJPFtUvArbgqQ9kyc9frW6o+CpDA6YoLm54eY/9LjjyGf3G1WuTZDhOh+D
wNC4o72geupTNGPhQNUU1oeX0gvhu8KgV6mJ7M+vjb6ALp7Z77KDeEQLpjIyjZuO
b/x94rm2aqgacwFlZfITtl7MNrLqpCrJ/wB0O8hyjLqKFiFBNXEoQuW2ywIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEYpfd16hqqR4J/2t5pnEbwzMDcIMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUmlsOTNYcUdxcEhnbl9hM21tY1J2RE13TndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALYgAAwQA
LYgDAwQAgAB3AwQAuXUVAwQAuXUXAwQAuZBlAwQAudMxAwQAuePzMAwDBADBydED
BALBydADBAHCJGYDBADCfEIDBADDVUQwDQYJKoZIhvcNAQELBQADggEBAJAMw8Oc
3c44vt7lqeeh2gRvaS+7Z9FO380o0mGgzN059j8JDQLuz/WFP6Ur0GEf+kyJ/KM+
AoycKq3Zx5Jd0M9UunDVEhSJh5yfD3lD8mAK86cHLj6GM3Vr6OWYHUjlwkVnwoft
MQmUMbuamkNiDDSqn+/6eHqtPLLPfpn1a1yxfmUs162XM426F+W/siGGL5KpzoQl
27tqnWw4vV7JF2cImbDpss5TpWpPDl95JBguWQapiI80yVfiXJ/pUh73NyGW5xCk
mCbX0dkWiQCve3PFzg/6enX8yuQdYR2YT0A6OZ4HK+vpZagR40IXzV41pKik8VmR
/bBTYmu5t6y0Uvk=
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:29:21 2026 by rpki-client