Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/sTOBwCRHBQ_sd0AzHgSZRzqbkvA.roa
File: sTOBwCRHBQ_sd0AzHgSZRzqbkvA.roa (raw, json)
Hash identifier: xCjC9N6BGc51y0Rc7dZOWB6fIe+Dax7tYaITw6lBbZk=
Subject key identifier: B1:33:81:C0:24:47:05:0F:EC:77:40:33:1E:04:99:47:3A:9B:92:F0
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019E644051847F6E2FD1E06FBD9A2503BA55
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/sTOBwCRHBQ_sd0AzHgSZRzqbkvA.roa
Signing time: Tue 26 May 2026 12:26:37 +0000
ROA not before: Tue 26 May 2026 12:26:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213665
IP address blocks: 46.38.137.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:40:51:84:7f:6e:2f:d1:e0:6f:bd:9a:25:03:ba:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: May 26 12:26:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b13381c02447050fec7740331e0499473a9b92f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e0:a2:db:d3:65:12:13:d2:06:71:60:94:19:
dd:50:35:d3:ba:3a:3f:65:3a:cf:ce:e0:30:12:0b:
20:6c:98:57:e5:34:41:02:7f:3b:27:a5:81:96:d1:
59:f9:69:e0:d8:70:9a:9a:f0:c4:1a:8e:b9:3e:35:
ed:d8:1b:02:84:09:6a:75:6d:96:3f:f2:b2:f7:a2:
7b:da:73:93:a9:c9:9e:91:d2:81:7d:ec:92:d0:76:
6a:eb:e5:24:15:e8:b0:da:73:29:bb:ff:45:74:c9:
2f:47:04:84:8e:e5:b7:79:c0:2a:25:ef:b3:47:1d:
e3:e5:50:84:f7:fd:cc:47:11:86:3b:9a:79:ff:36:
ad:e4:17:97:81:1c:fa:be:ce:f7:38:f8:60:99:88:
16:b9:e7:7e:88:ef:31:3d:4b:09:ac:73:40:f1:1e:
d5:76:b0:d5:44:e1:e9:d4:24:ae:03:24:89:cd:f8:
6d:d5:7b:f3:a0:77:e7:37:ec:81:cb:8d:67:6f:ee:
f5:bd:89:d5:c5:cd:93:85:92:6c:26:bd:19:f9:47:
e2:97:14:06:89:e4:4e:c4:2c:5b:bb:dd:5d:7e:b3:
05:c3:f5:7b:73:76:b8:2c:2d:55:57:13:f0:f2:86:
ae:65:5a:28:57:0f:c5:83:7a:c2:ad:11:a4:64:a5:
d8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:33:81:C0:24:47:05:0F:EC:77:40:33:1E:04:99:47:3A:9B:92:F0
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/sTOBwCRHBQ_sd0AzHgSZRzqbkvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.137.0/24
46.38.148.0/23
109.94.165.0/24
212.80.24.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7b:0f:b6:86:ba:98:43:8b:a8:b2:46:3e:04:4d:51:ea:a2:
c1:12:ef:dc:8e:8c:13:46:7a:c2:79:26:e5:4a:d8:ac:0b:7e:
34:0c:e8:27:d4:9b:7c:e3:52:52:80:36:fa:5d:5a:4d:cc:b0:
ab:f2:69:be:4b:b9:95:b0:23:9b:68:33:45:e0:35:38:70:93:
f5:d2:61:bf:d3:a4:5b:2c:75:63:7b:e6:89:72:f0:83:91:b1:
7b:92:66:b5:76:9e:00:28:68:33:42:12:e2:9b:ad:0b:e7:24:
28:1d:3f:8a:d3:27:9e:46:91:0d:79:b4:aa:19:b3:2a:78:c1:
26:dc:99:1a:d1:60:54:60:f6:31:61:80:ab:0e:41:0c:7b:2f:
67:e7:e4:19:b8:ae:87:0e:c3:05:3a:9a:5d:77:a5:0f:54:66:
fc:5a:ac:1c:76:3f:48:f2:f8:43:0f:17:19:6e:4c:e5:dc:fc:
d3:37:e0:8a:90:e2:1a:1d:c0:3b:a3:e3:91:45:f5:2f:eb:a2:
5c:dc:90:02:46:ef:c5:e2:40:25:fe:3f:03:ec:ea:ee:3f:bc:
70:a3:35:ec:1b:2c:ec:10:84:2f:e5:b7:64:cd:fe:79:ed:72:
65:22:12:05:c7:3d:c2:cd:79:80:a0:07:c9:a4:38:66:e5:b0:
d2:69:80:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5kQFGEf24v0eBvvZolA7pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjYwNTI2MTIyNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTMzODFjMDI0NDcwNTBmZWM3NzQwMzMxZTA0OTk0NzNhOWI5MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uCi29NlEhPSBnFglBndUDXTujo/
ZTrPzuAwEgsgbJhX5TRBAn87J6WBltFZ+Wng2HCamvDEGo65PjXt2BsChAlqdW2W
P/Ky96J72nOTqcmekdKBfeyS0HZq6+UkFeiw2nMpu/9FdMkvRwSEjuW3ecAqJe+z
Rx3j5VCE9/3MRxGGO5p5/zat5BeXgRz6vs73OPhgmYgWued+iO8xPUsJrHNA8R7V
drDVROHp1CSuAySJzfht1XvzoHfnN+yBy41nb+71vYnVxc2ThZJsJr0Z+UfilxQG
ieROxCxbu91dfrMFw/V7c3a4LC1VVxPw8oauZVooVw/Fg3rCrRGkZKXYrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLEzgcAkRwUP7HdAMx4EmUc6m5LwMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvc1RPQndDUkhCUV9zZDBBekhnU1pSenFia3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiaJAwQB
LiaUAwQAbV6lAwQA1FAYMA0GCSqGSIb3DQEBCwUAA4IBAQAkew+2hrqYQ4uoskY+
BE1R6qLBEu/cjowTRnrCeSblStisC340DOgn1Jt841JSgDb6XVpNzLCr8mm+S7mV
sCObaDNF4DU4cJP10mG/06RbLHVje+aJcvCDkbF7kma1dp4AKGgzQhLim60L5yQo
HT+K0yeeRpENebSqGbMqeMEm3Jka0WBUYPYxYYCrDkEMey9n5+QZuK6HDsMFOppd
d6UPVGb8Wqwcdj9I8vhDDxcZbkzl3PzTN+CKkOIaHcA7o+ORRfUv66Jc3JACRu/F
4kAl/j8D7OruP7xwozXsGyzsEIQv5bdkzf557XJlIhIFxz3CzXmAoAfJpDhm5bDS
aYC5
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:39:07 2026 by rpki-client