Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/9r5J7T5BhIxtKVThGXCQHNAVowU.roa
File: 9r5J7T5BhIxtKVThGXCQHNAVowU.roa (raw, json)
Hash identifier: ykyequurN1wV0ZJZTpo9BBDL+9QL0hiSMrvF47HLXu8=
Subject key identifier: F6:BE:49:ED:3E:41:84:8C:6D:29:54:E1:19:70:90:1C:D0:15:A3:05
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 019E93AAE17AE71602C465C3A2729C80D526
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/9r5J7T5BhIxtKVThGXCQHNAVowU.roa
Signing time: Thu 04 Jun 2026 17:25:09 +0000
ROA not before: Thu 04 Jun 2026 17:25:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48539
IP address blocks: 45.85.120.0/24 maxlen: 24
45.85.122.0/24 maxlen: 24
45.85.123.0/24 maxlen: 24
109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.17.247.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
193.246.161.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
194.147.218.0/24 maxlen: 24
213.239.152.0/24 maxlen: 24
213.239.153.0/24 maxlen: 24
217.180.23.0/24 maxlen: 24
2a11:6a00::/48 maxlen: 48
2a12:2780::/48 maxlen: 48
2a12:8200::/48 maxlen: 48
2a12:ab00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:93:aa:e1:7a:e7:16:02:c4:65:c3:a2:72:9c:80:d5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Jun 4 17:25:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6be49ed3e41848c6d2954e11970901cd015a305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:fb:44:4c:0e:64:c8:39:54:35:c9:20:db:
53:55:88:7e:88:16:9f:ec:df:f7:c4:00:58:6d:90:
0b:0c:4f:9d:c1:08:9b:17:b3:37:25:d9:9e:33:ab:
27:d5:b4:d7:b8:ab:c3:64:e6:92:b3:b2:65:46:99:
55:60:16:ef:75:c1:20:aa:5c:20:2b:16:b2:db:42:
9e:81:9f:be:1f:89:f8:41:96:dc:36:82:de:78:a1:
83:10:47:20:a8:e9:b5:74:8f:27:4e:79:a1:54:05:
5c:a8:8c:95:d4:c6:72:fd:43:56:3c:89:0c:db:2d:
05:53:1c:64:e0:e3:29:3b:3c:9e:62:a1:07:06:63:
44:e6:63:31:15:11:f4:e5:5e:7e:ef:ef:07:f4:31:
87:55:17:ce:d7:bf:cb:af:71:ec:35:4d:b8:6d:2f:
35:1c:f4:f5:5c:88:b9:f1:de:60:6a:23:d6:fe:d8:
07:b8:87:37:53:24:77:d2:1b:18:91:4d:95:0f:4f:
22:0b:01:a5:29:8e:62:15:8d:65:fd:92:71:ef:d0:
f5:70:5f:ef:65:da:8c:0c:3b:26:a6:3c:2f:91:6d:
e7:93:f3:e5:08:84:9c:de:22:3f:99:db:01:77:d8:
bb:dc:65:31:fa:24:fe:9b:e1:36:60:39:f3:e4:24:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BE:49:ED:3E:41:84:8C:6D:29:54:E1:19:70:90:1C:D0:15:A3:05
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/9r5J7T5BhIxtKVThGXCQHNAVowU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.120.0/24
45.85.122.0/23
109.205.189.0/24
146.19.131.0/24
178.17.247.0/24
178.212.137.0/24
193.246.161.0/24
194.63.144.0/24
194.147.218.0/24
213.239.152.0/23
217.180.23.0/24
IPv6:
2a11:6a00::/48
2a12:2780::/48
2a12:8200::/48
2a12:ab00::/48
Signature Algorithm: sha256WithRSAEncryption
aa:db:59:7b:0a:9b:d3:8c:d4:82:5d:83:8b:6c:d0:5e:9b:c4:
d0:4e:da:c8:13:52:c9:36:71:2a:76:d3:eb:61:b7:20:47:8b:
a3:33:a4:42:42:ff:6f:0b:c2:7b:36:eb:dc:a6:89:aa:41:11:
cd:89:23:9c:4a:00:d2:3c:ed:af:c1:00:95:b7:80:3d:ba:d2:
cc:7d:85:a6:e8:22:1b:e9:3c:fc:1d:1a:94:7f:45:7b:c3:12:
90:50:b1:3c:fa:fd:2f:c1:80:5e:ef:27:24:9b:c8:57:ad:5f:
a6:30:07:bb:65:9c:6c:79:72:fc:c6:37:c5:89:88:4c:51:d5:
d4:d2:0f:57:1d:d7:03:e4:4b:dd:00:5f:2d:4d:21:5b:b4:d1:
f6:bb:13:a2:d5:b6:ed:ba:eb:e5:9d:48:a5:4e:6a:ef:d2:27:
5e:18:31:5a:c5:ad:86:1d:f2:a1:40:d5:43:03:3c:54:b8:db:
e6:2d:6f:17:f8:ca:67:1d:63:d3:35:38:ea:f5:43:1e:1a:c5:
bc:1f:2a:5c:23:64:44:d6:82:db:91:0b:73:4b:7f:ad:0c:f5:
9b:c2:c4:09:f6:9c:a0:dd:5e:0b:eb:61:c9:ab:a4:61:09:14:
c9:d8:b8:a2:18:bb:a0:31:39:33:a8:af:a6:0c:1f:d9:d6:25:
9c:e7:c1:ed
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZ6TquF65xYCxGXDonKcgNUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjYwNjA0MTcyNTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmJlNDllZDNlNDE4NDhjNmQyOTU0ZTExOTcwOTAxY2QwMTVhMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcn7REwOZMg5VDXJINtTVYh+iBaf
7N/3xABYbZALDE+dwQibF7M3JdmeM6sn1bTXuKvDZOaSs7JlRplVYBbvdcEgqlwg
Kxay20KegZ++H4n4QZbcNoLeeKGDEEcgqOm1dI8nTnmhVAVcqIyV1MZy/UNWPIkM
2y0FUxxk4OMpOzyeYqEHBmNE5mMxFRH05V5+7+8H9DGHVRfO17/Lr3HsNU24bS81
HPT1XIi58d5gaiPW/tgHuIc3UyR30hsYkU2VD08iCwGlKY5iFY1l/ZJx79D1cF/v
ZdqMDDsmpjwvkW3nk/PlCISc3iI/mdsBd9i73GUx+iT+m+E2YDnz5CTGlwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPa+Se0+QYSMbSlU4RlwkBzQFaMFMB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvOXI1SjdUNUJoSXh0S1ZUaEdYQ1FITkFWb3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwSAQCAAEwQgMEAC1VeAME
AS1VegMEAG3NvQMEAJITgwMEALIR9wMEALLUiQMEAMH2oQMEAMI/kAMEAMKT2gME
AdXvmAMEANm0FzAqBAIAAjAkAwcAKhFqAAAAAwcAKhIngAAAAwcAKhKCAAAAAwcA
KhKrAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCq21l7CpvTjNSCXYOLbNBem8TQTtrI
E1LJNnEqdtPrYbcgR4ujM6RCQv9vC8J7NuvcpomqQRHNiSOcSgDSPO2vwQCVt4A9
utLMfYWm6CIb6Tz8HRqUf0V7wxKQULE8+v0vwYBe7yckm8hXrV+mMAe7ZZxseXL8
xjfFiYhMUdXU0g9XHdcD5EvdAF8tTSFbtNH2uxOi1bbtuuvlnUilTmrv0ideGDFa
xa2GHfKhQNVDAzxUuNvmLW8X+MpnHWPTNTjq9UMeGsW8HypcI2RE1oLbkQtzS3+t
DPWbwsQJ9pyg3V4L62HJq6RhCRTJ2LiiGLugMTkzqK+mDB/Z1iWc58Ht
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:48:14 2026 by rpki-client