Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8F6xBDF2hu5ane-PhoxLk36oZJQ.roa
File: 8F6xBDF2hu5ane-PhoxLk36oZJQ.roa (raw, json)
Hash identifier: vS1BSEEKFf+21yhzerLtY0paqKpylZdHL0hj/Ak/coQ=
Subject key identifier: F0:5E:B1:04:31:76:86:EE:5A:9D:EF:8F:86:8C:4B:93:7E:A8:64:94
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CA8A27D203D206AC6E0603470DDDFF47A
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8F6xBDF2hu5ane-PhoxLk36oZJQ.roa
Signing time: Sun 01 Mar 2026 09:02:26 +0000
ROA not before: Sun 01 Mar 2026 09:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.243.0/24 maxlen: 24
45.74.246.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:a2:7d:20:3d:20:6a:c6:e0:60:34:70:dd:df:f4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 1 09:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f05eb104317686ee5a9def8f868c4b937ea86494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:67:34:86:a9:ff:a0:d3:78:42:60:57:8a:
dc:be:e3:5a:67:d9:76:6a:d4:a2:c2:2a:70:dc:e6:
4a:e8:9a:12:cb:5e:50:f1:a7:bd:bb:86:e6:a9:c7:
b9:32:ec:cd:16:f2:c8:09:e2:64:c6:33:ac:82:32:
34:09:3f:03:a9:91:8b:12:10:7b:f9:d9:28:65:73:
3d:bd:9a:0d:ad:db:b2:e7:76:de:94:b2:ad:99:bd:
87:34:01:c3:1a:68:31:94:30:a0:c8:3c:67:54:9e:
2b:e0:e5:2e:91:46:da:08:18:e7:7d:69:1d:ab:d4:
d7:7c:d3:cf:7f:27:88:5c:e6:0c:90:f9:9f:01:e9:
4b:23:8e:7b:74:0a:38:a7:6a:2d:96:af:45:70:1e:
81:7c:73:65:cd:ec:c9:2f:cc:9d:07:b0:80:c0:cc:
d2:4b:dc:7a:16:74:cc:42:f2:4a:94:60:7a:d4:50:
ec:a7:39:66:ad:79:c0:56:07:3d:bb:98:21:fb:b4:
17:ac:be:1d:92:f7:59:f6:34:30:54:05:95:2e:74:
73:b5:f3:62:28:e9:ca:d3:f4:ea:32:47:c4:84:c6:
f4:0b:bb:f8:f7:ed:86:55:39:44:95:31:41:65:cb:
c9:8a:71:04:56:16:ea:7a:c0:19:fc:b4:18:33:31:
ef:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5E:B1:04:31:76:86:EE:5A:9D:EF:8F:86:8C:4B:93:7E:A8:64:94
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8F6xBDF2hu5ane-PhoxLk36oZJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.74.242.0/23
45.74.246.0/24
45.131.0.0/22
45.136.4.0/24
45.141.149.0/24
77.83.200.0-77.83.202.255
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
26:e7:c7:50:43:8e:30:47:94:d5:14:2d:04:f8:88:a3:5b:24:
b3:c7:e9:1e:81:a6:6f:be:68:19:d1:16:89:49:bb:61:cc:42:
49:60:da:28:e9:9c:ea:64:ed:b3:b1:b4:48:49:fb:f0:c8:65:
54:cc:b3:50:55:c2:6a:ad:44:16:47:8a:c4:6e:bd:cb:b3:a6:
18:c6:18:5f:3d:8c:20:9f:89:83:46:39:15:90:d9:bb:c7:75:
b8:ad:53:a8:36:30:fd:18:57:1b:fe:c5:d1:f5:ad:0b:15:df:
c9:5b:d9:65:62:e5:a2:46:7f:a0:92:12:6b:0b:7e:bb:1f:59:
8e:c4:36:f0:9b:8e:cd:72:e5:e1:be:5f:fc:56:63:ef:95:35:
06:ea:e9:6d:85:f4:27:4a:c6:9f:46:54:bc:7e:7a:49:4b:ef:
a0:a9:1f:ef:ab:7f:73:14:2c:22:c7:cd:08:54:60:fb:40:0c:
c3:43:f6:d6:1a:99:2d:b2:34:57:89:4e:0e:51:01:60:df:f0:
79:fc:86:dc:c9:de:27:a1:9a:60:42:7e:1f:94:67:ac:e0:17:
96:82:1b:9b:f5:05:62:f5:f4:e5:aa:e9:b7:72:b7:e2:79:87:
a1:b5:40:18:b8:73:01:fb:c4:78:4a:2e:bf:5a:db:92:d1:c3:
72:a7:1d:fc
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZyoon0gPSBqxuBgNHDd3/R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzAxMDkwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVlYjEwNDMxNzY4NmVlNWE5ZGVmOGY4NjhjNGI5MzdlYTg2NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGpnNIap/6DTeEJgV4rcvuNaZ9l2
atSiwipw3OZK6JoSy15Q8ae9u4bmqce5MuzNFvLICeJkxjOsgjI0CT8DqZGLEhB7
+dkoZXM9vZoNrduy53belLKtmb2HNAHDGmgxlDCgyDxnVJ4r4OUukUbaCBjnfWkd
q9TXfNPPfyeIXOYMkPmfAelLI457dAo4p2otlq9FcB6BfHNlzezJL8ydB7CAwMzS
S9x6FnTMQvJKlGB61FDspzlmrXnAVgc9u5gh+7QXrL4dkvdZ9jQwVAWVLnRztfNi
KOnK0/TqMkfEhMb0C7v49+2GVTlElTFBZcvJinEEVhbqesAZ/LQYMzHvSwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFPBesQQxdobuWp3vj4aMS5N+qGSUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvOEY2eEJERjJodTVhbmUtUGhveExrMzZvWkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzBMBAIAATBGMAwDBAAF
tGkDBAIFtGgDBAEtSvIDBAAtSvYDBAItgwADBAAtiAQDBAAtjZUwDAMEA01TyAME
AE1TygMEAFvQzAMEAMJ07TBXBAIAAjBRAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUD
Kg/rAAMFAyoP7QADBQMqD/kAAwcAKhOkQAAHMA4DBQAqE6RBAwUAKhOkQgMFACoT
pEUDBQAqE6RHMA0GCSqGSIb3DQEBCwUAA4IBAQAm58dQQ44wR5TVFC0E+IijWySz
x+kegaZvvmgZ0RaJSbthzEJJYNoo6ZzqZO2zsbRISfvwyGVUzLNQVcJqrUQWR4rE
br3Ls6YYxhhfPYwgn4mDRjkVkNm7x3W4rVOoNjD9GFcb/sXR9a0LFd/JW9llYuWi
Rn+gkhJrC367H1mOxDbwm47NcuXhvl/8VmPvlTUG6ulthfQnSsafRlS8fnpJS++g
qR/vq39zFCwix80IVGD7QAzDQ/bWGpktsjRXiU4OUQFg3/B5/Ibcyd4noZpgQn4f
lGes4BeWghub9QVi9fTlqum3crfieYehtUAYuHMB+8R4Si6/WtuS0cNypx38
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:01:01 2026 by rpki-client