
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vAi4XnPWVuNggeUtAfCEZXDontk.roa
File: vAi4XnPWVuNggeUtAfCEZXDontk.roa (raw, json)
Hash identifier: RYl6h4oTJftpVOEqSn4HEPzTH4/b0niM4jxD4+euYtU=
Subject key identifier: BC:08:B8:5E:73:D6:56:E3:60:81:E5:2D:01:F0:84:65:70:E8:9E:D9
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019F18F6EE9025EB8CC92E04F30A95F9CE54
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vAi4XnPWVuNggeUtAfCEZXDontk.roa
Signing time: Tue 30 Jun 2026 14:37:43 +0000
ROA not before: Tue 30 Jun 2026 14:37:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
2a14:80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:f6:ee:90:25:eb:8c:c9:2e:04:f3:0a:95:f9:ce:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jun 30 14:37:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc08b85e73d656e36081e52d01f0846570e89ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:22:b9:1d:cc:5f:41:47:a2:58:66:53:20:ad:
ca:e5:a1:9d:e1:71:f3:f2:1b:72:c7:2a:70:56:96:
5a:fa:da:26:27:cd:8a:4a:10:30:c3:f8:6a:98:db:
21:02:23:7f:3d:e9:ac:28:33:eb:82:a9:a7:59:3d:
3c:06:c9:87:e8:2e:94:b6:13:9b:08:2a:f5:7f:16:
d7:c8:5e:44:87:63:d8:1d:eb:fc:3b:b2:e5:25:24:
3d:1c:01:93:9a:38:8b:83:c2:20:e1:91:8b:58:46:
e9:48:67:6e:07:78:53:61:96:5d:6b:3d:a8:39:da:
9d:a3:39:2c:a1:b5:9f:a7:87:2d:05:0f:20:65:06:
52:43:0f:35:b8:59:a9:27:87:3a:01:36:2f:47:7d:
9e:f3:b1:c0:a8:9d:5e:4a:20:8b:f0:96:a1:b8:0c:
a3:1b:b1:16:c8:9f:92:2b:d0:10:7e:2a:88:ad:95:
d6:c7:46:ab:6d:58:ea:02:59:a0:d6:8f:ae:6c:8d:
98:df:e7:5a:be:c1:ca:2d:46:5a:a4:49:dd:12:0a:
c6:f5:70:ee:24:c5:10:11:7a:18:14:ba:f5:0c:2a:
ab:3e:3b:df:5c:a8:36:74:b1:ce:7a:e5:7b:ac:55:
a9:05:7a:4e:f4:a6:41:33:71:46:5d:82:39:47:51:
1d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:08:B8:5E:73:D6:56:E3:60:81:E5:2D:01:F0:84:65:70:E8:9E:D9
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vAi4XnPWVuNggeUtAfCEZXDontk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.105.0/24
185.160.193.0-185.160.195.255
185.169.221.0-185.169.223.255
IPv6:
2a14:80::/48
Signature Algorithm: sha256WithRSAEncryption
41:c0:45:26:f8:78:ff:1c:7a:f2:c8:c5:79:f9:7d:0c:e0:ac:
96:70:61:26:43:51:2d:06:17:0b:dd:c5:ff:22:47:78:ac:6c:
e2:83:2d:be:9d:74:66:63:be:fd:20:d4:6f:19:d2:00:57:b5:
7f:93:16:3f:c1:60:6a:49:be:9f:9e:68:d4:04:aa:2c:d1:0a:
00:55:04:f7:41:a3:53:dc:37:45:9f:60:ec:82:de:62:b7:d4:
eb:96:34:a9:c6:a6:c2:b1:39:bb:63:dd:6a:b2:07:e3:92:d3:
c8:96:f4:ca:bc:31:d6:25:3d:ec:6f:0d:61:9a:bd:79:94:09:
e6:13:18:77:ff:5f:95:94:f4:7b:74:56:f5:9c:f1:53:1c:55:
41:fd:a7:90:48:75:98:fa:96:53:c7:d6:1d:4b:ad:c3:18:cd:
12:67:a5:c7:c1:eb:62:1c:80:61:57:5e:43:ef:2b:3a:8e:19:
bf:c1:66:f9:db:0e:1e:3f:20:3d:c1:9c:57:03:2e:f1:13:55:
66:24:0c:f8:0e:14:a7:6c:e9:5b:a6:f4:42:3f:f4:08:4e:31:
a6:5f:3e:74:c6:93:ce:bb:8b:8f:44:cb:16:8c:3e:c9:04:4f:
51:33:ae:4d:bb:be:81:e7:ee:06:cd:b5:9f:3f:c7:ad:30:b4:
8d:c4:55:ef
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ8Y9u6QJeuMyS4E8wqV+c5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjYwNjMwMTQzNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA4Yjg1ZTczZDY1NmUzNjA4MWU1MmQwMWYwODQ2NTcwZTg5ZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCK5HcxfQUeiWGZTIK3K5aGd4XHz
8htyxypwVpZa+tomJ82KShAww/hqmNshAiN/PemsKDPrgqmnWT08BsmH6C6UthOb
CCr1fxbXyF5Eh2PYHev8O7LlJSQ9HAGTmjiLg8Ig4ZGLWEbpSGduB3hTYZZdaz2o
OdqdozksobWfp4ctBQ8gZQZSQw81uFmpJ4c6ATYvR32e87HAqJ1eSiCL8JahuAyj
G7EWyJ+SK9AQfiqIrZXWx0arbVjqAlmg1o+ubI2Y3+davsHKLUZapEndEgrG9XDu
JMUQEXoYFLr1DCqrPjvfXKg2dLHOeuV7rFWpBXpO9KZBM3FGXYI5R1EdDQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLwIuF5z1lbjYIHlLQHwhGVw6J7ZMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdkFpNFhuUFdWdU5nZ2VVdEFmQ0VaWERvbnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoAwQALhRhAwQA
LhRpMAwDBAC5oMEDBAK5oMAwDAMEALmp3QMEBbmpwDAPBAIAAjAJAwcAKhQAgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBwEUm+Hj/HHryyMV5+X0M4KyWcGEmQ1EtBhcL
3cX/Ikd4rGzigy2+nXRmY779INRvGdIAV7V/kxY/wWBqSb6fnmjUBKos0QoAVQT3
QaNT3DdFn2Dsgt5it9TrljSpxqbCsTm7Y91qsgfjktPIlvTKvDHWJT3sbw1hmr15
lAnmExh3/1+VlPR7dFb1nPFTHFVB/aeQSHWY+pZTx9YdS63DGM0SZ6XHwetiHIBh
V15D7ys6jhm/wWb52w4ePyA9wZxXAy7xE1VmJAz4DhSnbOlbpvRCP/QITjGmXz50
xpPOu4uPRMsWjD7JBE9RM65Nu76B5+4GzbWfP8etMLSNxFXv
-----END CERTIFICATE-----
Generated at Fri Jul 3 16:52:33 2026 by rpki-client