Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/BlYKNaebEqnJcG7MjHMYllll4W4.roa
File: BlYKNaebEqnJcG7MjHMYllll4W4.roa (raw, json)
Hash identifier: 5rOtsWwUTndJqNVTM18t297dcWOrG9S+X6OosQK/cJ8=
Subject key identifier: 06:56:0A:35:A7:9B:12:A9:C9:70:6E:CC:8C:73:18:96:59:65:E1:6E
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019C8A3AACE9DF95CC8CFDBA0987E0178C35
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/BlYKNaebEqnJcG7MjHMYllll4W4.roa
Signing time: Mon 23 Feb 2026 11:20:27 +0000
ROA not before: Mon 23 Feb 2026 11:20:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214794
IP address blocks: 103.146.118.0/24 maxlen: 24
195.226.88.0/24 maxlen: 24
195.226.89.0/24 maxlen: 24
195.226.90.0/24 maxlen: 24
195.226.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:3a:ac:e9:df:95:cc:8c:fd:ba:09:87:e0:17:8c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Feb 23 11:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06560a35a79b12a9c9706ecc8c7318965965e16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:70:e7:cd:28:1c:cc:ed:13:24:a3:9a:08:
7b:7f:38:a8:0b:a4:b8:5a:5f:93:28:0b:8c:0b:65:
96:c4:cb:a7:76:6e:5d:06:f0:76:65:4e:48:ad:e5:
21:83:a1:03:dc:d8:26:73:0a:5f:1a:43:a6:b3:e3:
e3:1d:6f:94:6e:cf:28:7a:4e:db:92:53:d2:a2:06:
bf:e3:10:97:76:98:36:18:4a:db:72:5d:8f:b1:29:
56:e2:42:e3:13:dc:13:8e:ac:6b:5d:7c:61:cf:c3:
7d:11:12:3b:5b:be:ab:fd:47:c0:29:0f:eb:9b:07:
31:e8:05:3c:73:c1:c5:48:a2:38:e6:db:05:78:81:
19:ba:11:50:99:f4:08:43:1c:39:39:c0:59:0c:f5:
c7:51:37:a6:e5:2c:59:da:85:db:d2:46:fe:aa:bd:
e4:f4:64:cc:b7:d6:69:1c:be:15:1b:da:07:d3:a2:
f4:4f:c8:7b:8f:50:62:91:a4:1f:a7:f9:a5:d1:4b:
d4:03:a7:48:c8:31:cd:e2:f7:81:e5:97:74:58:8b:
be:f0:e8:26:42:6b:76:c2:2e:11:9c:45:26:79:1f:
2b:bd:74:b1:9e:4d:01:7c:14:61:98:26:eb:c2:98:
45:15:7f:45:c8:4d:e1:17:10:45:9b:58:0e:58:57:
d4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:56:0A:35:A7:9B:12:A9:C9:70:6E:CC:8C:73:18:96:59:65:E1:6E
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/BlYKNaebEqnJcG7MjHMYllll4W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.146.118.0/24
195.226.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:91:3d:eb:11:70:73:08:a8:04:61:b6:81:44:c3:b1:17:1b:
bf:fd:a5:9a:5b:2b:5d:6c:e3:74:e3:b6:ce:73:b9:a5:73:72:
73:cb:55:e8:ea:e0:20:b3:5e:2c:b2:f8:ca:d7:7c:d8:2d:29:
80:6f:15:96:a9:ac:cc:87:31:85:d5:fc:9d:82:22:b9:d7:46:
7f:d9:45:0b:0e:a1:e4:1d:d1:9c:c3:4b:57:ae:2b:ad:a0:82:
aa:13:a2:59:0f:7f:4f:c5:84:fc:82:41:71:da:0e:fe:8a:71:
9c:d5:04:25:3d:87:44:4f:a5:d1:3c:e3:76:00:9e:82:40:be:
01:25:ae:42:0a:2b:64:e3:d8:dc:11:b5:70:30:7d:61:0b:50:
ba:a8:66:9c:e1:12:e8:ef:2e:e9:c3:36:98:13:20:da:fb:1b:
8f:f8:f5:5c:24:8a:2d:c0:f4:d2:29:d7:b3:bc:05:9f:72:c4:
e8:0a:fe:13:d2:c6:9b:5b:56:1e:29:58:64:f6:0d:05:62:08:
33:88:7b:e1:da:71:c7:01:44:30:2b:1d:9b:eb:9c:15:13:3e:
01:69:c1:2c:55:4a:26:4d:a3:09:00:4c:a4:20:db:92:37:80:
33:e8:18:51:55:72:cc:8f:74:a1:38:d0:9f:44:ba:ea:f6:92:
69:c9:45:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyKOqzp35XMjP26CYfgF4w1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwMjIzMTEyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU2MGEzNWE3OWIxMmE5Yzk3MDZlY2M4YzczMTg5NjU5NjVlMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ9w580oHMztEySjmgh7fzioC6S4
Wl+TKAuMC2WWxMundm5dBvB2ZU5IreUhg6ED3NgmcwpfGkOms+PjHW+Ubs8oek7b
klPSoga/4xCXdpg2GErbcl2PsSlW4kLjE9wTjqxrXXxhz8N9ERI7W76r/UfAKQ/r
mwcx6AU8c8HFSKI45tsFeIEZuhFQmfQIQxw5OcBZDPXHUTem5SxZ2oXb0kb+qr3k
9GTMt9ZpHL4VG9oH06L0T8h7j1BikaQfp/ml0UvUA6dIyDHN4veB5Zd0WIu+8Ogm
Qmt2wi4RnEUmeR8rvXSxnk0BfBRhmCbrwphFFX9FyE3hFxBFm1gOWFfUpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZWCjWnmxKpyXBuzIxzGJZZZeFuMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvQmxZS05hZWJFcW5KY0c3TWpITVlsbGxsNFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ5J2AwQC
w+JYMA0GCSqGSIb3DQEBCwUAA4IBAQChkT3rEXBzCKgEYbaBRMOxFxu//aWaWytd
bON047bOc7mlc3Jzy1Xo6uAgs14ssvjK13zYLSmAbxWWqazMhzGF1fydgiK510Z/
2UULDqHkHdGcw0tXriutoIKqE6JZD39PxYT8gkFx2g7+inGc1QQlPYdET6XRPON2
AJ6CQL4BJa5CCitk49jcEbVwMH1hC1C6qGac4RLo7y7pwzaYEyDa+xuP+PVcJIot
wPTSKdezvAWfcsToCv4T0sabW1YeKVhk9g0FYggziHvh2nHHAUQwKx2b65wVEz4B
acEsVUomTaMJAEykINuSN4Az6BhRVXLMj3ShONCfRLrq9pJpyUVO
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:53:14 2026 by rpki-client