Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/bxRUAjUWeDR2VIc-63GremTrTys.roa
File: bxRUAjUWeDR2VIc-63GremTrTys.roa (raw, json)
Hash identifier: O8siCtkZ1GeKtg1cn4wXajVYnP8L/hEy27bigkLexEc=
Subject key identifier: 6F:14:54:02:35:16:78:34:76:54:87:3E:EB:71:AB:7A:64:EB:4F:2B
Certificate issuer: /CN=162fcb467a9d9a65992ca831eae79bb8d6fc5cbf
Certificate serial: 019CC9ADF6CE6AC445A8F73009A616C85455
Authority key identifier: 16:2F:CB:46:7A:9D:9A:65:99:2C:A8:31:EA:E7:9B:B8:D6:FC:5C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fi_LRnqdmmWZLKgx6uebuNb8XL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/bxRUAjUWeDR2VIc-63GremTrTys.roa
Signing time: Sat 07 Mar 2026 19:02:27 +0000
ROA not before: Sat 07 Mar 2026 19:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35206
IP address blocks: 46.232.176.0/21 maxlen: 21
91.221.118.0/23 maxlen: 23
185.67.192.0/22 maxlen: 22
193.33.128.0/23 maxlen: 23
194.150.248.0/23 maxlen: 23
195.182.222.0/23 maxlen: 23
2a02:6200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/Fi_LRnqdmmWZLKgx6uebuNb8XL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/Fi_LRnqdmmWZLKgx6uebuNb8XL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fi_LRnqdmmWZLKgx6uebuNb8XL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c9:ad:f6:ce:6a:c4:45:a8:f7:30:09:a6:16:c8:54:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162fcb467a9d9a65992ca831eae79bb8d6fc5cbf
Validity
Not Before: Mar 7 19:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f145402351678347654873eeb71ab7a64eb4f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:1e:ad:21:05:b9:8d:60:67:84:a2:31:fe:
8a:64:54:ad:7e:f6:f2:ea:d6:6a:ab:c6:4f:1b:e9:
42:66:ad:31:e9:31:8b:d9:fd:7f:46:ed:0c:9e:3e:
76:83:37:29:d0:93:7b:b5:a9:8c:f8:5b:a7:2e:49:
ad:02:6c:d1:34:b6:c8:97:6a:0c:08:d1:10:1b:f1:
fb:f4:f2:0d:56:9e:91:be:65:4a:27:52:fe:eb:67:
a9:52:be:76:d2:20:4a:a5:0c:03:20:67:d4:84:84:
d7:44:69:4a:aa:38:05:39:d1:0d:35:93:90:0c:73:
0a:df:13:23:95:c2:97:6f:28:99:04:3d:dd:a6:40:
82:d4:b6:43:56:25:98:a4:8b:6d:50:53:8f:f4:83:
c6:c6:a9:f0:7e:15:c0:72:aa:02:d0:45:b7:4b:f8:
a4:1f:c6:9d:77:96:e2:6f:e5:04:76:11:0c:ee:2d:
40:80:89:f7:75:23:93:d6:fb:87:ca:ad:1d:35:a6:
4b:08:c7:54:77:c5:cf:8d:70:fc:92:ab:f0:84:41:
c6:7a:5d:e6:72:9f:3e:8b:3f:84:51:0e:7e:88:9b:
82:c9:6d:e7:bb:db:24:43:f3:d0:91:15:34:1f:7d:
3a:43:b4:5b:d5:53:05:3b:f7:a2:47:78:9a:41:00:
a7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:14:54:02:35:16:78:34:76:54:87:3E:EB:71:AB:7A:64:EB:4F:2B
X509v3 Authority Key Identifier:
keyid:16:2F:CB:46:7A:9D:9A:65:99:2C:A8:31:EA:E7:9B:B8:D6:FC:5C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fi_LRnqdmmWZLKgx6uebuNb8XL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/bxRUAjUWeDR2VIc-63GremTrTys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5168af-3102-4f7a-b649-887eba0b17d4/1/Fi_LRnqdmmWZLKgx6uebuNb8XL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.176.0/21
91.221.118.0/23
185.67.192.0/22
193.33.128.0/23
194.150.248.0/23
195.182.222.0/23
IPv6:
2a02:6200::/29
Signature Algorithm: sha256WithRSAEncryption
ac:e7:a7:c5:1a:3e:39:c5:3c:25:aa:cf:f1:56:f4:49:94:f7:
18:3d:05:24:b3:3f:ca:2b:44:8b:e8:a6:05:25:f8:40:a1:00:
6d:d2:b9:93:13:12:d2:78:1a:5c:ce:fc:db:47:f5:46:c9:84:
f0:a4:f2:fb:b2:8a:50:51:c5:13:2d:4a:8f:43:24:b4:a4:c6:
24:c1:e5:66:a0:dd:32:be:66:e8:15:71:71:cb:90:e6:7a:b6:
84:bf:66:45:0d:df:d0:2c:82:09:7f:11:77:d4:3e:f7:0a:11:
3b:03:c2:99:d0:a4:98:09:d4:fd:58:20:1b:dd:62:68:1b:65:
fa:35:4c:0f:31:f5:ca:2d:0e:cf:96:24:27:c3:f3:20:13:c8:
0a:fd:29:2b:df:e2:8a:99:ce:a7:28:6c:55:03:2a:f1:10:c9:
34:bc:0b:ac:dc:82:c2:61:54:4a:4e:bc:c5:47:09:de:23:19:
20:b2:45:e6:81:85:20:b4:4c:41:f5:91:b0:19:c2:17:ac:7f:
5b:d7:73:ee:cf:ad:9e:31:1f:c2:10:32:de:12:7b:3d:4a:09:
2c:30:a3:ea:10:61:1c:ee:69:c8:25:12:66:fb:98:37:c1:b7:
9f:87:85:0f:7d:9e:29:df:66:64:5c:5b:27:fe:e7:e4:49:af:
7e:b9:4a:a4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZzJrfbOasRFqPcwCaYWyFRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmZjYjQ2N2E5ZDlhNjU5OTJjYTgzMWVhZTc5YmI4ZDZm
YzVjYmYwHhcNMjYwMzA3MTkwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE0NTQwMjM1MTY3ODM0NzY1NDg3M2VlYjcxYWI3YTY0ZWI0ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWcerSEFuY1gZ4SiMf6KZFStfvby
6tZqq8ZPG+lCZq0x6TGL2f1/Ru0Mnj52gzcp0JN7tamM+FunLkmtAmzRNLbIl2oM
CNEQG/H79PINVp6RvmVKJ1L+62epUr520iBKpQwDIGfUhITXRGlKqjgFOdENNZOQ
DHMK3xMjlcKXbyiZBD3dpkCC1LZDViWYpIttUFOP9IPGxqnwfhXAcqoC0EW3S/ik
H8add5bib+UEdhEM7i1AgIn3dSOT1vuHyq0dNaZLCMdUd8XPjXD8kqvwhEHGel3m
cp8+iz+EUQ5+iJuCyW3nu9skQ/PQkRU0H306Q7Rb1VMFO/eiR3iaQQCnnQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFG8UVAI1Fng0dlSHPutxq3pk608rMB8GA1UdIwQY
MBaAFBYvy0Z6nZplmSyoMernm7jW/Fy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlfTFJucWRtbVdaTEtneDZ1ZWJ1TmI4WEw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81MTY4YWYtMzEwMi00ZjdhLWI2NDkt
ODg3ZWJhMGIxN2Q0LzEvYnhSVUFqVVdlRFIyVkljLTYzR3JlbVRyVHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81MTY4YWYtMzEwMi00ZjdhLWI2NDktODg3ZWJhMGIxN2Q0
LzEvRmlfTFJucWRtbVdaTEtneDZ1ZWJ1TmI4WEw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuiwAwQB
W912AwQCuUPAAwQBwSGAAwQBwpb4AwQBw7beMA0EAgACMAcDBQMqAmIAMA0GCSqG
SIb3DQEBCwUAA4IBAQCs56fFGj45xTwlqs/xVvRJlPcYPQUksz/KK0SL6KYFJfhA
oQBt0rmTExLSeBpczvzbR/VGyYTwpPL7sopQUcUTLUqPQyS0pMYkweVmoN0yvmbo
FXFxy5DmeraEv2ZFDd/QLIIJfxF31D73ChE7A8KZ0KSYCdT9WCAb3WJoG2X6NUwP
MfXKLQ7PliQnw/MgE8gK/Skr3+KKmc6nKGxVAyrxEMk0vAus3ILCYVRKTrzFRwne
IxkgskXmgYUgtExB9ZGwGcIXrH9b13Puz62eMR/CEDLeEns9SgksMKPqEGEc7mnI
JRJm+5g3wbefh4UPfZ4p32ZkXFsn/ufkSa9+uUqk
-----END CERTIFICATE-----
Generated at Sat Mar 14 11:21:19 2026 by rpki-client