Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/s9kGup8ETCR_TnIpADbpkN9_7es.roa
File: s9kGup8ETCR_TnIpADbpkN9_7es.roa (raw, json)
Hash identifier: Tl2xHND59kaKyod+n7S8xlRanBYJiPYsjS6E7wmOt/o=
Subject key identifier: B3:D9:06:BA:9F:04:4C:24:7F:4E:72:29:00:36:E9:90:DF:7F:ED:EB
Certificate issuer: /CN=86e99134171b5863f62f22b7d7abf740349528ec
Certificate serial: 019D6203BE78CA572460992B0CF597CCD9DB
Authority key identifier: 86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/s9kGup8ETCR_TnIpADbpkN9_7es.roa
Signing time: Mon 06 Apr 2026 08:58:25 +0000
ROA not before: Mon 06 Apr 2026 08:58:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60439
IP address blocks: 45.12.20.0/22 maxlen: 22
45.82.92.0/22 maxlen: 24
45.82.92.0/24 maxlen: 24
45.82.93.0/24 maxlen: 24
45.82.94.0/24 maxlen: 24
45.82.95.0/24 maxlen: 24
45.90.148.0/22 maxlen: 24
45.90.148.0/24 maxlen: 24
45.90.149.0/24 maxlen: 24
45.90.150.0/24 maxlen: 24
45.90.151.0/24 maxlen: 24
45.94.80.0/22 maxlen: 24
45.94.80.0/24 maxlen: 24
45.94.81.0/24 maxlen: 24
45.94.82.0/24 maxlen: 24
45.131.112.0/22 maxlen: 24
45.131.112.0/24 maxlen: 24
45.131.113.0/24 maxlen: 24
45.131.114.0/24 maxlen: 24
45.131.115.0/24 maxlen: 24
45.136.212.0/22 maxlen: 24
45.136.212.0/24 maxlen: 24
45.136.213.0/24 maxlen: 24
45.136.214.0/24 maxlen: 24
45.136.215.0/24 maxlen: 24
45.141.224.0/22 maxlen: 24
45.151.80.0/24 maxlen: 24
45.151.81.0/24 maxlen: 24
45.151.82.0/24 maxlen: 24
45.151.83.0/24 maxlen: 24
85.208.196.0/24 maxlen: 24
85.208.197.0/24 maxlen: 24
85.208.198.0/24 maxlen: 24
85.208.199.0/24 maxlen: 24
91.207.248.0/24 maxlen: 24
139.28.16.0/22 maxlen: 24
193.160.22.0/24 maxlen: 24
193.160.23.0/24 maxlen: 24
193.160.30.0/24 maxlen: 24
193.160.31.0/24 maxlen: 24
194.117.73.0/24 maxlen: 24
2a13:8240::/40 maxlen: 48
2a13:8240:42::/48 maxlen: 48
2a13:8240:44::/48 maxlen: 48
2a13:8240:100::/40 maxlen: 48
2a13:8240:200::/40 maxlen: 48
2a13:8240:205::/48 maxlen: 48
2a13:8240:206::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:62:03:be:78:ca:57:24:60:99:2b:0c:f5:97:cc:d9:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e99134171b5863f62f22b7d7abf740349528ec
Validity
Not Before: Apr 6 08:58:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3d906ba9f044c247f4e72290036e990df7fedeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:1d:30:3a:54:37:a1:f9:53:5e:16:cf:55:
e9:4f:97:f7:79:37:ec:63:5f:e8:41:74:42:54:c6:
6f:ea:f9:48:62:37:fb:c6:41:9f:a7:93:b9:6a:0e:
5f:b8:e7:d1:fd:b3:c8:d0:22:b1:f7:4e:03:12:61:
fe:c5:19:8b:ba:2e:2d:40:19:60:94:ab:8d:84:f5:
d2:1b:24:5b:df:2d:af:4d:f3:ea:36:fe:54:6c:5b:
ae:9e:79:f9:4c:84:5a:43:9e:6a:de:33:2e:e1:6f:
32:72:28:70:72:44:be:6c:b0:97:f9:76:a8:b1:6b:
a9:de:66:a8:cd:a1:1b:f2:2b:f0:c6:13:21:f6:6a:
2e:48:93:2e:cd:d4:93:8f:0a:c1:63:d5:12:aa:f5:
79:ad:78:e9:e8:6c:b8:2f:a9:61:16:e2:cf:d7:43:
75:97:fd:3e:87:5a:8d:67:62:4a:f7:23:a1:de:a5:
ed:3d:1d:bc:22:ab:73:8e:35:f4:b3:7e:aa:5e:73:
d8:d9:9b:c3:19:24:8a:29:48:ef:8f:3f:02:98:f2:
92:2f:83:8a:66:05:c9:af:d3:4f:bb:3e:66:51:9e:
f5:6c:67:cf:c5:8b:77:0a:2c:96:5c:ab:4d:ed:f8:
10:51:71:38:83:4e:5e:65:9e:33:5b:e5:8b:fb:70:
a4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D9:06:BA:9F:04:4C:24:7F:4E:72:29:00:36:E9:90:DF:7F:ED:EB
X509v3 Authority Key Identifier:
keyid:86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/s9kGup8ETCR_TnIpADbpkN9_7es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.20.0/22
45.82.92.0/22
45.90.148.0/22
45.94.80.0/22
45.131.112.0/22
45.136.212.0/22
45.141.224.0/22
45.151.80.0/22
85.208.196.0/22
91.207.248.0/24
139.28.16.0/22
193.160.22.0/23
193.160.30.0/23
194.117.73.0/24
IPv6:
2a13:8240::-2a13:8240:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:0e:ac:83:fd:92:a7:91:3e:be:2e:2c:7a:00:24:aa:1c:fb:
80:b4:44:1c:8f:2e:4a:87:fc:81:ff:97:a1:e8:8d:45:40:17:
21:63:09:2a:7b:97:1c:a2:9b:68:46:2e:7b:5f:32:5b:de:e8:
9c:f6:b2:6e:42:47:7b:66:34:b5:69:89:f0:f5:ef:9b:4c:21:
48:6b:21:fb:92:aa:bb:8a:6d:cd:7e:70:6e:59:d4:00:b2:5f:
ff:f7:4c:93:98:28:d7:f4:0d:3c:46:e9:36:36:be:84:6a:73:
b6:c4:24:e9:27:21:72:99:b1:3d:af:da:47:49:4c:8c:32:30:
47:3e:d8:37:d8:0f:94:f9:44:76:79:e9:97:1c:9a:e3:88:e6:
02:c9:3d:e8:d4:9f:3f:88:b9:44:aa:1e:6c:ba:7b:9d:78:9b:
6f:79:6e:c7:49:ae:a1:48:35:51:67:ed:2a:fa:90:f8:47:72:
a0:d9:18:7a:8f:c1:67:a6:3a:c1:56:a5:e8:5f:13:31:35:5e:
9c:e1:16:70:59:fd:1f:2a:32:9c:c2:32:0b:2b:64:5d:8a:bd:
4c:b2:c1:60:80:41:17:be:89:78:a2:74:24:93:20:86:d4:83:
3b:5b:84:bc:8e:32:17:10:91:da:3e:56:e6:8b:1b:2a:c9:07:
4a:51:de:3d
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZ1iA754ylckYJkrDPWXzNnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTk5MTM0MTcxYjU4NjNmNjJmMjJiN2Q3YWJmNzQwMzQ5
NTI4ZWMwHhcNMjYwNDA2MDg1ODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q5MDZiYTlmMDQ0YzI0N2Y0ZTcyMjkwMDM2ZTk5MGRmN2ZlZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ8dMDpUN6H5U14Wz1XpT5f3eTfs
Y1/oQXRCVMZv6vlIYjf7xkGfp5O5ag5fuOfR/bPI0CKx904DEmH+xRmLui4tQBlg
lKuNhPXSGyRb3y2vTfPqNv5UbFuunnn5TIRaQ55q3jMu4W8ycihwckS+bLCX+Xao
sWup3maozaEb8ivwxhMh9mouSJMuzdSTjwrBY9USqvV5rXjp6Gy4L6lhFuLP10N1
l/0+h1qNZ2JK9yOh3qXtPR28IqtzjjX0s36qXnPY2ZvDGSSKKUjvjz8CmPKSL4OK
ZgXJr9NPuz5mUZ71bGfPxYt3CiyWXKtN7fgQUXE4g05eZZ4zW+WL+3CkPQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFLPZBrqfBEwkf05yKQA26ZDff+3rMB8GA1UdIwQY
MBaAFIbpkTQXG1hj9i8it9er90A0lSjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQt
ZGE5NTgwOGJhMmMxLzEvczlrR3VwOEVUQ1JfVG5JcEFEYnBrTjlfN2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQtZGE5NTgwOGJhMmMx
LzEvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwWgQCAAEwVAMEAi0MFAME
Ai1SXAMEAi1alAMEAi1eUAMEAi2DcAMEAi2I1AMEAi2N4AMEAi2XUAMEAlXQxAME
AFvP+AMEAoscEAMEAcGgFgMEAcGgHgMEAMJ1STAXBAIAAjARMA8DBQYqE4JAAwYA
KhOCQAIwDQYJKoZIhvcNAQELBQADggEBAFYOrIP9kqeRPr4uLHoAJKoc+4C0RByP
LkqH/IH/l6HojUVAFyFjCSp7lxyim2hGLntfMlve6Jz2sm5CR3tmNLVpifD175tM
IUhrIfuSqruKbc1+cG5Z1ACyX//3TJOYKNf0DTxG6TY2voRqc7bEJOknIXKZsT2v
2kdJTIwyMEc+2DfYD5T5RHZ56ZccmuOI5gLJPejUnz+IuUSqHmy6e514m295bsdJ
rqFINVFn7Sr6kPhHcqDZGHqPwWemOsFWpehfEzE1XpzhFnBZ/R8qMpzCMgsrZF2K
vUyywWCAQRe+iXiidCSTIIbUgztbhLyOMhcQkdo+VuaLGyrJB0pR3j0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:57 2026 by rpki-client