Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TgJn3vevlLwFcklD5UbiqJO08m0.roa
File: TgJn3vevlLwFcklD5UbiqJO08m0.roa (raw, json)
Hash identifier: i95MTSbjlj+/ArZlYjepuAp5S51/vPyT6JruBaN9fcI=
Subject key identifier: 4E:02:67:DE:F7:AF:94:BC:05:72:49:43:E5:46:E2:A8:93:B4:F2:6D
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019EC1489059CF27E3274EFA889521C57C69
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TgJn3vevlLwFcklD5UbiqJO08m0.roa
Signing time: Sat 13 Jun 2026 14:00:18 +0000
ROA not before: Sat 13 Jun 2026 14:00:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.99.0/24 maxlen: 24
46.37.111.0/24 maxlen: 24
91.205.228.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c1:48:90:59:cf:27:e3:27:4e:fa:88:95:21:c5:7c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jun 13 14:00:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e0267def7af94bc05724943e546e2a893b4f26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:15:b2:5d:3c:5a:1f:d8:a7:30:10:a2:b9:0b:
85:5d:c6:94:1d:c0:5d:cf:0a:ca:d2:24:39:ff:a1:
60:24:33:9c:ce:8d:1e:3e:24:07:c8:9a:48:c6:1b:
71:5c:df:07:af:23:af:c0:cb:07:e7:98:3c:7f:4a:
e1:43:34:50:75:6c:3d:74:af:5e:c9:40:93:0c:3e:
dd:93:80:31:a5:82:3f:8a:08:13:ce:83:5d:f6:1c:
b2:45:e1:f2:73:ea:93:fa:32:7b:52:dd:e0:f2:03:
7a:fc:b8:18:c1:a2:95:98:ca:7c:ae:b9:7f:82:03:
8d:f9:75:a0:bd:ce:c7:63:aa:69:cb:1d:d3:3b:45:
83:ff:18:41:b3:09:32:10:71:3a:65:aa:7d:45:25:
d6:e2:49:3e:d3:f0:06:6a:9e:94:3c:07:0c:b3:3b:
3f:1c:12:96:36:c0:ce:01:5c:c6:5f:5a:91:67:33:
83:69:df:b5:6a:fa:50:d3:7a:be:8d:47:1e:d7:19:
ae:70:8c:1d:4d:79:54:cc:0b:bf:50:b4:bd:60:42:
99:15:38:a9:a1:90:07:7f:64:43:c3:63:bd:04:85:
d8:55:17:44:1b:55:5b:bb:e9:8a:95:aa:c7:d5:32:
3a:d3:12:1e:02:97:98:47:75:68:4c:fd:d5:e2:c5:
26:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:02:67:DE:F7:AF:94:BC:05:72:49:43:E5:46:E2:A8:93:B4:F2:6D
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TgJn3vevlLwFcklD5UbiqJO08m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/23
46.37.111.0/24
91.205.228.0/24
185.92.45.0-185.92.46.255
Signature Algorithm: sha256WithRSAEncryption
0a:54:19:5e:c8:c4:15:bc:eb:1f:f5:ef:03:19:36:52:4b:37:
3b:42:97:d6:5b:b0:17:7a:2c:36:d6:40:bc:0b:44:bd:3f:ed:
db:dd:cc:bf:8e:78:bc:51:18:41:c5:bf:f0:d1:0f:5a:9d:45:
79:0b:18:10:cc:b6:76:06:86:ad:c9:4c:3b:d5:f9:6d:05:22:
31:5c:96:5b:98:d4:d5:c1:56:c7:66:a5:0c:99:6b:86:af:e5:
14:92:4b:b3:d5:33:21:41:0b:a6:ca:3b:fc:f4:52:1d:ea:04:
7e:57:4b:bb:82:06:5a:91:0b:26:72:77:c6:67:b1:9c:ee:77:
5f:4a:de:a5:c3:f5:5c:69:c5:5d:e3:e0:22:c1:8e:f2:14:8c:
24:6e:b1:04:8d:2f:08:93:99:fb:67:3a:74:31:ed:75:4a:14:
65:75:f0:53:b5:70:b6:36:97:f4:e7:b6:15:f0:c8:32:b0:13:
21:c1:28:f6:aa:07:6e:da:35:97:54:69:90:09:f6:52:b8:28:
28:2f:2a:be:56:18:62:28:7d:32:a8:7e:a3:a6:6b:74:54:2b:
72:60:17:a1:a4:a7:07:7f:e9:31:58:72:1d:9d:12:be:0c:bf:
43:f8:3e:22:5a:81:fc:c4:54:c7:57:44:54:5b:d6:b8:d8:77:
0a:c1:4e:c3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ7BSJBZzyfjJ076iJUhxXxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjYwNjEzMTQwMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTAyNjdkZWY3YWY5NGJjMDU3MjQ5NDNlNTQ2ZTJhODkzYjRmMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthWyXTxaH9inMBCiuQuFXcaUHcBd
zwrK0iQ5/6FgJDOczo0ePiQHyJpIxhtxXN8HryOvwMsH55g8f0rhQzRQdWw9dK9e
yUCTDD7dk4AxpYI/iggTzoNd9hyyReHyc+qT+jJ7Ut3g8gN6/LgYwaKVmMp8rrl/
ggON+XWgvc7HY6ppyx3TO0WD/xhBswkyEHE6Zap9RSXW4kk+0/AGap6UPAcMszs/
HBKWNsDOAVzGX1qRZzODad+1avpQ03q+jUce1xmucIwdTXlUzAu/ULS9YEKZFTip
oZAHf2RDw2O9BIXYVRdEG1Vbu+mKlarH1TI60xIeApeYR3VoTP3V4sUmfQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE4CZ973r5S8BXJJQ+VG4qiTtPJtMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVGdKbjN2ZXZsTHdGY2tsRDVVYmlxSk8wOG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLiViAwQA
LiVvAwQAW83kMAwDBAC5XC0DBAC5XC4wDQYJKoZIhvcNAQELBQADggEBAApUGV7I
xBW86x/17wMZNlJLNztCl9ZbsBd6LDbWQLwLRL0/7dvdzL+OeLxRGEHFv/DRD1qd
RXkLGBDMtnYGhq3JTDvV+W0FIjFclluY1NXBVsdmpQyZa4av5RSSS7PVMyFBC6bK
O/z0Uh3qBH5XS7uCBlqRCyZyd8ZnsZzud19K3qXD9VxpxV3j4CLBjvIUjCRusQSN
LwiTmftnOnQx7XVKFGV18FO1cLY2l/TnthXwyDKwEyHBKPaqB27aNZdUaZAJ9lK4
KCgvKr5WGGIofTKofqOma3RUK3JgF6Gkpwd/6TFYch2dEr4Mv0P4PiJagfzEVMdX
RFRb1rjYdwrBTsM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:28:45 2026 by rpki-client