Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fIYpZ9Ptfj1h2DLOLWp5LZZu9Zc.roa
File: fIYpZ9Ptfj1h2DLOLWp5LZZu9Zc.roa (raw, json)
Hash identifier: Yvz6knl3RuEjnsuMaHTDP4+NAZJ0NtxJq3lK88wQiAc=
Subject key identifier: 7C:86:29:67:D3:ED:7E:3D:61:D8:32:CE:2D:6A:79:2D:96:6E:F5:97
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019D92D9302E1D059C5D58ECDFD1EF0AB2B9
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fIYpZ9Ptfj1h2DLOLWp5LZZu9Zc.roa
Signing time: Wed 15 Apr 2026 20:33:20 +0000
ROA not before: Wed 15 Apr 2026 20:33:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:d9:30:2e:1d:05:9c:5d:58:ec:df:d1:ef:0a:b2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 15 20:33:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c862967d3ed7e3d61d832ce2d6a792d966ef597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:41:c2:2a:c0:f7:41:61:a0:0c:22:7d:04:
c6:72:00:ea:e5:f6:b8:ca:87:c9:c9:71:2b:d4:5b:
b4:37:58:80:56:94:b0:d9:2a:75:71:55:8d:76:ea:
0b:e6:8b:5a:3f:60:b4:cf:d4:a7:3d:83:ae:79:c5:
bf:f3:1f:a9:c3:01:76:d9:20:91:58:c4:8d:09:79:
3f:44:8a:be:06:85:a8:04:87:e8:47:16:b8:ce:dd:
56:f8:83:f6:2e:6b:b1:52:63:ba:cf:97:cf:c3:a0:
c6:6a:b0:de:c3:6d:8f:94:3a:ce:82:9d:19:19:aa:
48:79:c3:b4:3a:b8:c8:1c:6e:52:7e:f7:10:24:83:
11:7b:a2:52:aa:dd:c7:5e:92:af:4f:bc:94:a9:e6:
45:8c:dc:f3:12:35:8f:30:0d:1b:53:42:96:22:98:
d1:69:f2:a5:0b:eb:47:7e:29:87:d8:9d:97:e9:16:
bd:aa:82:57:b7:6f:04:c6:89:8e:e0:cf:95:91:85:
60:87:7a:68:df:22:4d:ed:95:1b:37:5b:90:ef:54:
e3:c8:36:77:60:a0:ee:16:c7:fa:8b:05:32:dc:f2:
b7:83:a8:4d:1e:7f:5d:76:ac:a4:82:cb:73:b8:c8:
e2:e4:bb:cf:43:ec:43:81:7e:2d:a8:12:72:e9:0f:
5a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:86:29:67:D3:ED:7E:3D:61:D8:32:CE:2D:6A:79:2D:96:6E:F5:97
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fIYpZ9Ptfj1h2DLOLWp5LZZu9Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.3.0/24
128.0.119.0/24
185.117.23.0/24
185.211.49.0/24
185.227.243.0/24
193.201.209.0-193.201.211.255
194.36.102.0/23
194.124.66.0/24
195.85.68.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6b:45:69:8b:a0:d5:45:29:80:1b:dc:07:a7:79:28:3a:00:
80:3b:f6:fe:19:06:e5:c6:78:db:a0:1c:7b:5a:a4:c4:e8:a0:
a5:08:ea:37:08:48:80:91:05:d1:61:94:cd:01:18:7a:fe:93:
4f:64:09:3d:ad:c8:70:69:65:3a:d4:48:f8:84:2c:c5:d8:18:
d6:9c:42:eb:b3:96:57:3c:39:2e:e8:41:88:9f:30:29:01:3c:
8b:99:f7:39:f9:50:15:d1:7a:af:1a:4b:e9:3d:7f:2d:d6:d2:
50:7c:f2:45:f8:17:74:0e:f1:94:ad:ca:a2:ca:7c:1d:f7:f5:
15:d4:98:dd:8e:91:b1:58:35:da:05:9b:af:d9:05:ea:74:d3:
99:59:0c:c0:c1:44:8e:7a:3d:75:31:0c:ef:a5:10:91:3a:c2:
cf:3e:4c:db:c9:b8:e8:b8:57:6a:88:ae:e0:e3:37:5f:9e:97:
44:6e:15:fd:6f:ed:d9:84:23:f0:f7:f6:d0:92:31:07:de:52:
50:d9:65:67:b2:32:63:2c:bc:c8:86:2f:99:aa:b6:8b:dd:4f:
ac:40:61:5e:15:5b:6b:81:9d:a3:7c:94:d0:91:2a:a5:b2:66:
01:5e:f1:df:ab:0c:96:57:72:ae:b6:65:a5:dd:2d:89:f4:e3:
10:90:54:62
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ2S2TAuHQWcXVjs39HvCrK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwNDE1MjAzMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg2Mjk2N2QzZWQ3ZTNkNjFkODMyY2UyZDZhNzkyZDk2NmVmNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1ZBwirA90FhoAwifQTGcgDq5fa4
yofJyXEr1Fu0N1iAVpSw2Sp1cVWNduoL5otaP2C0z9SnPYOuecW/8x+pwwF22SCR
WMSNCXk/RIq+BoWoBIfoRxa4zt1W+IP2LmuxUmO6z5fPw6DGarDew22PlDrOgp0Z
GapIecO0OrjIHG5SfvcQJIMRe6JSqt3HXpKvT7yUqeZFjNzzEjWPMA0bU0KWIpjR
afKlC+tHfimH2J2X6Ra9qoJXt28ExomO4M+VkYVgh3po3yJN7ZUbN1uQ71TjyDZ3
YKDuFsf6iwUy3PK3g6hNHn9ddqykgstzuMji5LvPQ+xDgX4tqBJy6Q9a+wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHyGKWfT7X49Ydgyzi1qeS2WbvWXMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZklZcFo5UHRmajFoMkRMT0xXcDVMWlp1OVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALYgAAwQA
LYgDAwQAgAB3AwQAuXUXAwQAudMxAwQAuePzMAwDBADBydEDBALBydADBAHCJGYD
BADCfEIDBADDVUQwDQYJKoZIhvcNAQELBQADggEBAERrRWmLoNVFKYAb3AeneSg6
AIA79v4ZBuXGeNugHHtapMTooKUI6jcISICRBdFhlM0BGHr+k09kCT2tyHBpZTrU
SPiELMXYGNacQuuzllc8OS7oQYifMCkBPIuZ9zn5UBXReq8aS+k9fy3W0lB88kX4
F3QO8ZStyqLKfB339RXUmN2OkbFYNdoFm6/ZBep005lZDMDBRI56PXUxDO+lEJE6
ws8+TNvJuOi4V2qIruDjN1+el0RuFf1v7dmEI/D39tCSMQfeUlDZZWeyMmMsvMiG
L5mqtovdT6xAYV4VW2uBnaN8lNCRKqWyZgFe8d+rDJZXcq62ZaXdLYn04xCQVGI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:34:37 2026 by rpki-client