Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mR2VgpUeIkByOi-FP_fIKjS95bg.roa
File: mR2VgpUeIkByOi-FP_fIKjS95bg.roa (raw, json)
Hash identifier: gSSQQUWvAuuJj9LKju1G38u/ekMfsk5jiPCrwLLkZ7I=
Subject key identifier: 99:1D:95:82:95:1E:22:40:72:3A:2F:85:3F:F7:C8:2A:34:BD:E5:B8
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019D523A9C3622BF7611EAD43D52ED2298A6
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mR2VgpUeIkByOi-FP_fIKjS95bg.roa
Signing time: Fri 03 Apr 2026 07:24:25 +0000
ROA not before: Fri 03 Apr 2026 07:24:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212219
IP address blocks: 45.74.244.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.141.151.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
45.147.47.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:3a:9c:36:22:bf:76:11:ea:d4:3d:52:ed:22:98:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Apr 3 07:24:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=991d9582951e2240723a2f853ff7c82a34bde5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:38:8d:ab:ed:5e:21:e5:4b:2e:ac:85:11:1b:
6e:c2:f2:de:92:d2:00:98:d7:01:da:1d:31:1b:9f:
a9:be:92:ff:ba:ac:2a:37:78:0a:48:fe:0e:f8:a4:
10:46:0d:96:55:9c:c1:cb:e3:e1:4f:e3:8e:df:d8:
8b:4f:82:39:cd:d1:31:28:8f:7b:65:c5:5d:b4:53:
42:75:48:a3:c1:67:72:83:0a:c3:09:c1:03:ed:e9:
1c:4b:3d:3e:d1:15:46:78:f1:2b:af:91:97:f8:1f:
00:8e:a7:99:b5:c1:e5:91:f2:92:0f:2d:24:eb:28:
0d:b8:22:0c:15:31:ce:70:5f:ea:a8:a4:b8:ef:c6:
7c:f0:e9:7d:9c:e0:ac:c6:46:17:0a:c3:d9:fe:da:
d9:f8:fa:20:74:a3:c0:70:b3:0d:03:e2:9d:2d:e8:
7f:3a:2c:fd:7b:53:07:ec:81:08:81:48:27:81:24:
f6:66:ba:a0:c6:03:0e:8f:ae:4f:e7:42:60:57:e8:
ce:82:46:3a:e3:f8:28:2d:4c:28:bd:f7:c7:54:24:
11:e2:68:6a:38:9b:cc:3c:b5:79:6b:3a:74:0f:9b:
5a:eb:21:2e:69:d7:1c:bf:b1:34:47:ff:5c:ca:47:
61:47:d6:60:35:3d:76:35:7d:53:1a:39:e7:ef:f1:
10:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1D:95:82:95:1E:22:40:72:3A:2F:85:3F:F7:C8:2A:34:BD:E5:B8
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mR2VgpUeIkByOi-FP_fIKjS95bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.74.244.0/24
45.131.1.0/24
45.136.6.0/24
45.141.151.0/24
45.147.46.0/23
194.146.36.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c3:be:f0:94:2e:2f:2f:96:9a:8b:33:4c:69:dc:8d:6a:fa:
62:59:31:47:27:88:ee:be:b4:5f:c4:4b:9b:44:2e:b9:09:13:
7b:ad:40:93:09:8b:04:58:d8:84:7a:ae:85:fd:d3:f0:07:82:
56:4e:b0:00:10:87:5f:57:08:8c:69:7f:c7:43:1c:2e:6e:23:
18:fd:02:18:3f:bc:01:9f:d8:4e:24:43:cd:b8:e6:3e:46:5a:
81:39:a4:1e:bc:5c:2a:20:4e:36:48:80:00:06:e5:be:70:ff:
b7:88:f2:75:38:a6:58:03:97:55:90:84:33:57:31:0b:61:b6:
63:b4:8c:f3:2d:68:96:fb:bf:5d:42:f3:d5:39:2f:b3:ce:41:
dc:63:9d:f7:e0:62:22:f8:c0:20:4e:dd:a7:d1:06:77:15:70:
f3:fc:72:8d:b5:59:84:59:ad:f1:8e:92:5a:e0:6d:0e:c2:fd:
a1:f5:cf:1e:b4:34:f4:97:ee:c6:97:cf:f6:73:b1:eb:45:2f:
f0:a9:61:8b:5e:39:cd:5a:8d:76:bc:4b:f1:2e:d0:5b:d1:c9:
a9:53:2b:06:4a:3d:48:ec:a5:7f:8c:46:58:92:1f:33:e4:12:
04:e2:f7:f6:8b:20:b1:5a:16:a5:7f:d6:40:12:13:35:47:bf:
c6:35:cb:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1SOpw2Ir92EerUPVLtIpimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwNDAzMDcyNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFkOTU4Mjk1MWUyMjQwNzIzYTJmODUzZmY3YzgyYTM0YmRlNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjiNq+1eIeVLLqyFERtuwvLektIA
mNcB2h0xG5+pvpL/uqwqN3gKSP4O+KQQRg2WVZzBy+PhT+OO39iLT4I5zdExKI97
ZcVdtFNCdUijwWdygwrDCcED7ekcSz0+0RVGePErr5GX+B8AjqeZtcHlkfKSDy0k
6ygNuCIMFTHOcF/qqKS478Z88Ol9nOCsxkYXCsPZ/trZ+PogdKPAcLMNA+KdLeh/
Oiz9e1MH7IEIgUgngST2ZrqgxgMOj65P50JgV+jOgkY64/goLUwovffHVCQR4mhq
OJvMPLV5azp0D5ta6yEuadccv7E0R/9cykdhR9ZgNT12NX1TGjnn7/EQlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJkdlYKVHiJAcjovhT/3yCo0veW4MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvbVIyVmdwVWVJa0J5T2ktRlBfZklLalM5NWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALUr0AwQA
LYMBAwQALYgGAwQALY2XAwQBLZMuAwQAwpIkMA0GCSqGSIb3DQEBCwUAA4IBAQB6
w77wlC4vL5aaizNMadyNavpiWTFHJ4juvrRfxEubRC65CRN7rUCTCYsEWNiEeq6F
/dPwB4JWTrAAEIdfVwiMaX/HQxwubiMY/QIYP7wBn9hOJEPNuOY+RlqBOaQevFwq
IE42SIAABuW+cP+3iPJ1OKZYA5dVkIQzVzELYbZjtIzzLWiW+79dQvPVOS+zzkHc
Y5334GIi+MAgTt2n0QZ3FXDz/HKNtVmEWa3xjpJa4G0Owv2h9c8etDT0l+7Gl8/2
c7HrRS/wqWGLXjnNWo12vEvxLtBb0cmpUysGSj1I7KV/jEZYkh8z5BIE4vf2iyCx
Whalf9ZAEhM1R7/GNcu9
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:33:22 2026 by rpki-client