Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/b4p2jMta42mrYAQW2PDzY71BQxM.roa
File: b4p2jMta42mrYAQW2PDzY71BQxM.roa (raw, json)
Hash identifier: vig3XgpsHDlv1ClvCN6nBvia6IqVeDyFq+RR39uBNyk=
Subject key identifier: 6F:8A:76:8C:CB:5A:E3:69:AB:60:04:16:D8:F0:F3:63:BD:41:43:13
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 019D4D964115717986D471F9768078250F11
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/b4p2jMta42mrYAQW2PDzY71BQxM.roa
Signing time: Thu 02 Apr 2026 09:46:25 +0000
ROA not before: Thu 02 Apr 2026 09:46:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.192.0/24 maxlen: 24
91.108.193.0/24 maxlen: 24
91.108.194.0/24 maxlen: 24
91.108.195.0/24 maxlen: 24
91.108.196.0/22 maxlen: 22
91.108.200.0/22 maxlen: 22
91.108.200.0/24 maxlen: 24
91.108.204.0/22 maxlen: 22
91.108.204.0/24 maxlen: 24
91.108.208.0/22 maxlen: 22
91.108.208.0/24 maxlen: 24
91.108.212.0/22 maxlen: 22
91.108.216.0/22 maxlen: 22
91.108.216.0/24 maxlen: 24
91.108.220.0/22 maxlen: 22
91.108.220.0/24 maxlen: 24
91.108.224.0/24 maxlen: 24
91.108.226.0/24 maxlen: 24
91.108.228.0/22 maxlen: 22
91.108.232.0/22 maxlen: 22
91.108.236.0/24 maxlen: 24
91.108.238.0/24 maxlen: 24
91.108.246.0/24 maxlen: 24
91.108.247.0/24 maxlen: 24
91.108.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:96:41:15:71:79:86:d4:71:f9:76:80:78:25:0f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Apr 2 09:46:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f8a768ccb5ae369ab600416d8f0f363bd414313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:5b:09:ea:78:5f:f8:9f:5b:9f:1e:21:16:
ec:b8:f8:7b:c0:dc:d5:c6:5c:9a:14:5d:a8:f0:46:
9c:84:e9:19:75:b2:34:d8:34:44:bb:94:12:16:83:
14:97:5d:15:f1:df:04:5c:77:a5:e8:5d:8c:37:29:
5f:2c:03:5a:56:b8:17:cf:0e:63:e6:71:2a:29:66:
cc:55:10:12:ce:7d:43:c4:ff:19:b7:2e:a4:a3:b7:
50:7f:64:a1:73:f6:ed:de:06:c7:0d:f2:de:7b:e5:
e6:b4:6b:a1:dd:ff:17:d8:69:0a:8e:9c:51:1f:1f:
74:30:ec:eb:b6:40:41:0a:be:ce:59:14:5a:28:99:
13:55:15:96:71:ca:80:0e:54:65:aa:5a:df:3b:12:
5e:87:f5:5e:f0:d8:c9:c4:be:d9:56:8d:8f:6a:eb:
a6:0a:47:a8:8e:ca:53:15:5d:0e:f0:37:34:60:dd:
f3:a8:c0:1f:6f:b6:77:cd:1c:5e:15:ec:5f:be:ae:
3c:06:bd:03:02:bf:b0:ca:d4:1a:0a:99:cf:2a:b6:
56:df:e0:c1:92:4c:f9:8f:8f:3d:88:ac:12:eb:06:
51:aa:ab:de:1b:bd:f0:0d:7a:8d:6d:14:20:10:75:
51:82:00:70:2d:a6:7a:86:c9:19:7f:eb:c7:65:71:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8A:76:8C:CB:5A:E3:69:AB:60:04:16:D8:F0:F3:63:BD:41:43:13
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/b4p2jMta42mrYAQW2PDzY71BQxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0-91.108.224.255
91.108.226.0/24
91.108.228.0-91.108.236.255
91.108.238.0/24
91.108.246.0/23
91.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1f:ec:42:17:49:dc:67:a4:c2:e2:7b:2c:7f:8c:2a:e3:b4:
5e:05:b1:a1:e6:84:78:80:1f:a0:36:6d:f9:eb:12:03:38:0f:
d1:6b:f3:2d:e2:4a:ff:e5:4f:db:39:85:87:a5:ac:ca:fa:9f:
76:b8:7b:1f:b8:2a:8f:63:d7:92:44:46:46:a1:aa:e1:1c:4a:
5b:6b:1f:09:1b:ff:36:b2:3a:60:87:ce:8c:42:80:82:38:24:
f5:70:06:2b:95:2b:ab:b9:c2:96:e8:a5:99:5e:92:d3:ce:56:
60:e1:ac:e5:7a:56:02:8f:f7:03:ec:b0:69:2f:d5:cf:04:48:
4c:2f:4c:35:d6:d0:ae:11:95:14:49:9d:97:e0:c2:56:10:80:
7b:2b:3a:4a:e4:60:88:ed:ff:24:74:c2:6f:10:85:f3:31:35:
ce:0d:1d:7d:1a:b8:ac:bf:9d:92:bf:14:35:58:15:36:e3:89:
09:41:b3:04:a6:b0:5f:17:0c:16:8b:12:74:96:37:80:51:63:
ea:a3:d4:d1:d9:7a:7d:7d:8a:d4:55:93:a8:63:7d:ee:7c:b0:
73:6b:e2:32:db:be:50:cd:44:70:9c:03:61:b6:c3:27:07:f9:
cd:0f:6b:94:70:a8:e4:2f:08:6d:cb:ed:7c:fe:b6:d7:8d:2b:
7e:ac:d1:e7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ1NlkEVcXmG1HH5doB4JQ8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjYwNDAyMDk0NjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhhNzY4Y2NiNWFlMzY5YWI2MDA0MTZkOGYwZjM2M2JkNDE0MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluNbCep4X/ifW58eIRbsuPh7wNzV
xlyaFF2o8EachOkZdbI02DREu5QSFoMUl10V8d8EXHel6F2MNylfLANaVrgXzw5j
5nEqKWbMVRASzn1DxP8Zty6ko7dQf2Shc/bt3gbHDfLee+XmtGuh3f8X2GkKjpxR
Hx90MOzrtkBBCr7OWRRaKJkTVRWWccqADlRlqlrfOxJeh/Ve8NjJxL7ZVo2Pauum
CkeojspTFV0O8Dc0YN3zqMAfb7Z3zRxeFexfvq48Br0DAr+wytQaCpnPKrZW3+DB
kkz5j489iKwS6wZRqqveG73wDXqNbRQgEHVRggBwLaZ6hskZf+vHZXHzEwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFG+KdozLWuNpq2AEFtjw82O9QUMTMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvYjRwMmpNdGE0Mm1yWUFRVzJQRHpZNzFCUXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAZbbMAD
BABbbOADBABbbOIwDAMEAlts5AMEAFts7AMEAFts7gMEAVts9gMEAFts/zANBgkq
hkiG9w0BAQsFAAOCAQEAiB/sQhdJ3GekwuJ7LH+MKuO0XgWxoeaEeIAfoDZt+esS
AzgP0WvzLeJK/+VP2zmFh6Wsyvqfdrh7H7gqj2PXkkRGRqGq4RxKW2sfCRv/NrI6
YIfOjEKAgjgk9XAGK5Urq7nCluilmV6S085WYOGs5XpWAo/3A+ywaS/VzwRITC9M
NdbQrhGVFEmdl+DCVhCAeys6SuRgiO3/JHTCbxCF8zE1zg0dfRq4rL+dkr8UNVgV
NuOJCUGzBKawXxcMFosSdJY3gFFj6qPU0dl6fX2K1FWTqGN97nywc2viMtu+UM1E
cJwDYbbDJwf5zQ9rlHCo5C8IbcvtfP62140rfqzR5w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:24 2026 by rpki-client