Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bclcfk3AohSEyfi5Y64otGVWT9c.roa
File: bclcfk3AohSEyfi5Y64otGVWT9c.roa (raw, json)
Hash identifier: ysp1G9Ziw5niq3/mUwSzQT+C/hBVSZrnLie3pejb0Ak=
Subject key identifier: 6D:C9:5C:7E:4D:C0:A2:14:84:C9:F8:B9:63:AE:28:B4:65:56:4F:D7
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E1E2C8F95661967DF70D534C5C5DA4FC6
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bclcfk3AohSEyfi5Y64otGVWT9c.roa
Signing time: Tue 12 May 2026 21:51:37 +0000
ROA not before: Tue 12 May 2026 21:51:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215314
IP address blocks: 45.93.22.0/24 maxlen: 24
91.132.226.0/24 maxlen: 24
91.188.212.0/22 maxlen: 22
91.188.212.0/24 maxlen: 24
91.188.213.0/24 maxlen: 24
91.188.214.0/24 maxlen: 24
91.188.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:51:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:2c:8f:95:66:19:67:df:70:d5:34:c5:c5:da:4f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 12 21:51:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6dc95c7e4dc0a21484c9f8b963ae28b465564fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:a7:d1:c6:38:78:1c:05:70:5b:34:2e:07:
63:be:01:8d:16:d3:e0:5e:06:a4:3e:45:9e:f5:ea:
bb:92:24:f6:0f:ec:d8:44:d9:32:ac:7d:90:53:8b:
ac:09:f2:fc:c2:f8:9e:0a:36:be:e2:fa:ff:3b:a9:
7a:52:9a:49:fb:4c:9f:ec:19:d3:8a:d7:be:57:74:
2c:2a:8b:b7:d8:69:d4:0e:7d:8c:01:b4:75:46:be:
21:e7:7e:2f:84:fa:eb:bb:c9:28:69:26:c0:63:b9:
d2:0f:50:84:3c:e1:65:41:df:f2:80:fc:0d:9f:80:
25:72:23:d5:04:b5:9b:69:3f:dd:3d:8d:79:1e:f8:
7a:67:72:3c:87:b5:37:78:09:cf:12:51:42:f4:e5:
1a:66:74:ac:48:f4:df:ec:ac:cb:8a:76:cc:5e:b4:
58:ee:ff:40:92:ff:8f:a1:b3:22:cd:c2:d5:27:0e:
c7:e6:66:a1:89:e9:83:92:fe:06:28:58:4c:97:bf:
08:3e:a2:1b:69:2a:57:a6:d8:33:29:a4:4d:7d:96:
d9:56:25:00:db:ca:c6:81:31:7c:fb:fb:2b:fe:3a:
94:18:6e:e7:23:27:3c:e6:9c:6b:7e:7c:8b:c0:3c:
3c:5a:b3:cf:ce:db:6a:9d:e4:7f:97:d6:6c:33:df:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C9:5C:7E:4D:C0:A2:14:84:C9:F8:B9:63:AE:28:B4:65:56:4F:D7
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bclcfk3AohSEyfi5Y64otGVWT9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.22.0/24
91.132.226.0/24
91.188.212.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:ce:21:e4:6f:28:9d:cc:13:a7:e3:eb:57:fc:bc:ae:8f:3b:
79:0e:88:d2:1a:12:ee:92:bc:75:70:cb:b6:b8:96:86:2a:e7:
e3:a0:cd:71:77:83:4c:36:80:69:1e:d8:9d:e9:6f:7a:c0:cf:
d6:91:9d:5d:75:01:66:a7:47:21:cc:6f:53:e0:77:6d:d3:03:
74:8c:f0:68:9d:58:aa:1a:88:56:72:ee:db:b1:82:f2:9f:55:
11:ea:ff:59:ed:01:83:d9:66:c9:91:20:36:d9:62:fc:59:cd:
8a:cb:16:b4:44:1f:dc:25:dc:96:1f:ed:1f:68:ec:37:4f:62:
44:50:95:08:06:fa:9a:d5:52:66:f2:55:7d:43:3f:87:48:f5:
89:b6:05:54:7d:82:b2:85:80:9c:75:28:de:2e:32:3a:18:47:
f6:3f:ec:84:5c:95:a5:42:15:e3:dd:76:bd:91:2d:3b:44:68:
0a:ba:d7:06:56:de:df:98:a6:da:71:75:d7:e5:46:00:43:ae:
d4:e4:1b:c1:e7:91:f9:f6:ba:b9:ca:d5:9c:38:cd:15:31:a4:
42:c3:68:6e:34:e8:3f:1e:30:cb:78:a6:fa:21:a9:51:73:f9:
b7:97:f5:67:7e:6a:36:e8:2d:c9:2b:37:5e:0e:69:cd:ff:65:
02:f8:ce:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4eLI+VZhln33DVNMXF2k/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTEyMjE1MTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM5NWM3ZTRkYzBhMjE0ODRjOWY4Yjk2M2FlMjhiNDY1NTY0ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPKn0cY4eBwFcFs0LgdjvgGNFtPg
XgakPkWe9eq7kiT2D+zYRNkyrH2QU4usCfL8wvieCja+4vr/O6l6UppJ+0yf7BnT
ite+V3QsKou32GnUDn2MAbR1Rr4h534vhPrru8koaSbAY7nSD1CEPOFlQd/ygPwN
n4AlciPVBLWbaT/dPY15Hvh6Z3I8h7U3eAnPElFC9OUaZnSsSPTf7KzLinbMXrRY
7v9Akv+PobMizcLVJw7H5mahiemDkv4GKFhMl78IPqIbaSpXptgzKaRNfZbZViUA
28rGgTF8+/sr/jqUGG7nIyc85pxrfnyLwDw8WrPPzttqneR/l9ZsM9+DvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG3JXH5NwKIUhMn4uWOuKLRlVk/XMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYmNsY2ZrM0FvaFNFeWZpNVk2NG90R1ZXVDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV0WAwQA
W4TiAwQCW7zUMA0GCSqGSIb3DQEBCwUAA4IBAQArziHkbyidzBOn4+tX/Lyujzt5
DojSGhLukrx1cMu2uJaGKufjoM1xd4NMNoBpHtid6W96wM/WkZ1ddQFmp0chzG9T
4Hdt0wN0jPBonViqGohWcu7bsYLyn1UR6v9Z7QGD2WbJkSA22WL8Wc2Kyxa0RB/c
JdyWH+0faOw3T2JEUJUIBvqa1VJm8lV9Qz+HSPWJtgVUfYKyhYCcdSjeLjI6GEf2
P+yEXJWlQhXj3Xa9kS07RGgKutcGVt7fmKbacXXX5UYAQ67U5BvB55H59rq5ytWc
OM0VMaRCw2huNOg/HjDLeKb6IalRc/m3l/Vnfmo26C3JKzdeDmnN/2UC+M6r
-----END CERTIFICATE-----
Generated at Wed May 13 09:08:06 2026 by rpki-client