Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/BcjvqCw20vlSUqkMcH2OIN19k7g.roa
File: BcjvqCw20vlSUqkMcH2OIN19k7g.roa (raw, json)
Hash identifier: LwtF+uCxprVmgkkr+DnqU8Ri3wrgLRvmUXhKTVeiNnA=
Subject key identifier: 05:C8:EF:A8:2C:36:D2:F9:52:52:A9:0C:70:7D:8E:20:DD:7D:93:B8
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 019E8D052CA6E84B3A2B21CDDFB3E23D5A5C
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/BcjvqCw20vlSUqkMcH2OIN19k7g.roa
Signing time: Wed 03 Jun 2026 10:26:27 +0000
ROA not before: Wed 03 Jun 2026 10:26:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51484
IP address blocks: 46.45.64.0/18 maxlen: 18
46.45.104.0/23 maxlen: 23
46.45.112.0/20 maxlen: 20
46.45.124.0/22 maxlen: 22
2a03:24c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Jun 2026 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:05:2c:a6:e8:4b:3a:2b:21:cd:df:b3:e2:3d:5a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Jun 3 10:26:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05c8efa82c36d2f95252a90c707d8e20dd7d93b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f8:ae:f8:a2:01:d7:15:fc:ea:18:95:4d:53:
c3:d6:23:a0:1e:cf:9e:fe:8b:d5:a5:98:ab:44:0a:
6a:47:a3:eb:0a:13:37:02:6d:de:9b:04:75:50:21:
8a:3b:98:67:fc:3f:bb:cf:e2:11:3a:43:32:41:23:
ac:3d:7e:4d:f7:cb:6d:88:af:54:82:f6:dd:28:b6:
77:aa:11:fc:58:7a:3e:bd:63:f0:23:33:1b:f9:52:
25:0e:62:29:69:23:d9:c1:70:9f:43:ba:c0:ad:46:
f4:fc:95:b9:a3:a6:27:72:b4:a0:ba:cf:04:fc:f8:
31:15:52:ca:6c:a2:17:f7:bb:6c:e2:6e:a2:21:13:
df:cd:b0:a1:22:74:d7:1f:77:de:b6:79:ee:9c:ad:
ac:32:51:20:1d:11:ef:54:84:c4:d3:e4:05:1e:11:
73:01:fc:83:08:c9:35:d9:ec:07:d5:b8:e7:a9:5f:
4a:2b:96:84:a4:e9:0b:98:46:b7:d8:07:0d:c0:3f:
78:a4:2e:f0:36:b1:31:7a:f4:93:4c:e0:63:b7:79:
32:96:87:51:97:7a:7e:d5:66:a0:5a:2b:77:73:53:
34:8b:10:8a:1b:c9:6c:87:02:a0:d1:f9:67:70:1d:
87:94:c7:4b:0d:30:80:bf:0e:4d:02:51:b3:21:ef:
cc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C8:EF:A8:2C:36:D2:F9:52:52:A9:0C:70:7D:8E:20:DD:7D:93:B8
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/BcjvqCw20vlSUqkMcH2OIN19k7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.64.0/18
IPv6:
2a03:24c0::/48
Signature Algorithm: sha256WithRSAEncryption
36:7f:82:31:ae:68:b7:1b:84:c8:f5:54:ed:0f:4e:d7:a1:2e:
cd:8e:8a:de:53:b5:5b:73:85:40:5a:a2:08:a3:f2:8e:f2:7f:
0b:85:a6:1c:64:83:1e:a1:05:6d:a4:45:8c:55:ea:43:41:d9:
a4:dc:e2:57:0d:85:06:fe:fd:c6:96:cc:33:74:dc:4b:e7:b3:
d9:5d:71:2e:cc:f5:e3:59:49:09:b4:d7:df:c1:49:3c:d9:1c:
d1:0c:9b:63:e8:6b:99:69:c4:7e:dd:a0:c0:ce:5b:1d:31:a0:
03:0e:e9:e8:24:8c:6b:a7:1e:1d:54:07:52:60:fe:a2:78:50:
6d:df:f0:59:29:b2:2e:fd:43:8e:26:58:23:96:24:03:3d:10:
57:de:94:16:de:82:e9:69:be:fe:79:33:ef:b4:bd:69:d8:0b:
e6:3b:fc:46:f1:c0:07:50:b9:87:bc:f9:1b:24:4e:27:cb:73:
33:ee:cd:d9:73:25:7e:0e:e6:d9:08:c7:70:15:f6:ce:ea:fa:
fd:79:2e:3a:8e:8c:92:bc:e3:05:4f:3c:8e:00:bd:e6:09:4f:
b7:cd:bd:c6:59:d3:34:bc:e3:63:f8:c0:a7:e4:bc:5b:1d:24:
3b:e7:b8:df:36:88:3d:9a:f9:22:90:e0:0c:16:2d:f3:d4:3e:
46:8e:65:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ6NBSym6Es6KyHN37PiPVpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjYwNjAzMTAyNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM4ZWZhODJjMzZkMmY5NTI1MmE5MGM3MDdkOGUyMGRkN2Q5M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxviu+KIB1xX86hiVTVPD1iOgHs+e
/ovVpZirRApqR6PrChM3Am3emwR1UCGKO5hn/D+7z+IROkMyQSOsPX5N98ttiK9U
gvbdKLZ3qhH8WHo+vWPwIzMb+VIlDmIpaSPZwXCfQ7rArUb0/JW5o6YncrSgus8E
/PgxFVLKbKIX97ts4m6iIRPfzbChInTXH3fetnnunK2sMlEgHRHvVITE0+QFHhFz
AfyDCMk12ewH1bjnqV9KK5aEpOkLmEa32AcNwD94pC7wNrExevSTTOBjt3kylodR
l3p+1WagWit3c1M0ixCKG8lshwKg0flncB2HlMdLDTCAvw5NAlGzIe/MGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXI76gsNtL5UlKpDHB9jiDdfZO4MB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvQmNqdnFDdzIwdmxTVXFrTWNIMk9JTjE5azdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQGLi1AMA8E
AgACMAkDBwAqAyTAAAAwDQYJKoZIhvcNAQELBQADggEBADZ/gjGuaLcbhMj1VO0P
TtehLs2Oit5TtVtzhUBaogij8o7yfwuFphxkgx6hBW2kRYxV6kNB2aTc4lcNhQb+
/caWzDN03Evns9ldcS7M9eNZSQm019/BSTzZHNEMm2Poa5lpxH7doMDOWx0xoAMO
6egkjGunHh1UB1Jg/qJ4UG3f8Fkpsi79Q44mWCOWJAM9EFfelBbegulpvv55M++0
vWnYC+Y7/EbxwAdQuYe8+RskTifLczPuzdlzJX4O5tkIx3AV9s7q+v15LjqOjJK8
4wVPPI4AveYJT7fNvcZZ0zS842P4wKfkvFsdJDvnuN82iD2a+SKQ4AwWLfPUPkaO
ZYs=
-----END CERTIFICATE-----
Generated at Sun Jun 14 13:58:27 2026 by rpki-client