Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/NB0aH6OOCebNV60ghv0p2gPbNWw.roa
File: NB0aH6OOCebNV60ghv0p2gPbNWw.roa (raw, json)
Hash identifier: /9rlQ1XN3AQEA0is6CHHICzhqLVHFMmR/Xfd2U8bL3c=
Subject key identifier: 34:1D:1A:1F:A3:8E:09:E6:CD:57:AD:20:86:FD:29:DA:03:DB:35:6C
Certificate issuer: /CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Certificate serial: 019DAAF046D61F559D33A2BB7B443FAD6582
Authority key identifier: B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/NB0aH6OOCebNV60ghv0p2gPbNWw.roa
Signing time: Mon 20 Apr 2026 12:49:26 +0000
ROA not before: Mon 20 Apr 2026 12:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57724
IP address blocks: 45.10.240.0/22 maxlen: 32
45.10.240.0/24 maxlen: 24
45.10.241.0/24 maxlen: 24
45.10.242.0/24 maxlen: 24
45.10.243.0/24 maxlen: 24
91.215.40.0/24 maxlen: 32
91.215.41.0/24 maxlen: 24
91.215.42.0/24 maxlen: 24
91.215.43.0/24 maxlen: 24
95.129.232.0/24 maxlen: 32
95.129.233.0/24 maxlen: 32
95.129.234.0/24 maxlen: 32
95.129.235.0/24 maxlen: 24
95.129.236.0/24 maxlen: 32
95.129.237.0/24 maxlen: 32
153.80.232.0/21 maxlen: 32
185.129.100.0/24 maxlen: 24
185.129.101.0/24 maxlen: 24
185.129.102.0/24 maxlen: 24
185.129.103.0/24 maxlen: 24
185.178.208.0/24 maxlen: 24
185.178.209.0/24 maxlen: 24
185.178.210.0/24 maxlen: 24
2a0a:4180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:f0:46:d6:1f:55:9d:33:a2:bb:7b:44:3f:ad:65:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Validity
Not Before: Apr 20 12:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=341d1a1fa38e09e6cd57ad2086fd29da03db356c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:0b:ff:c6:fd:e2:0f:ac:bf:07:2c:47:dd:20:
32:2f:bc:e4:e2:3f:9e:21:5d:04:2a:4a:c0:53:95:
43:c0:6d:80:db:02:0e:c4:aa:ee:99:7b:e2:ba:5d:
c6:55:e1:52:40:7e:a9:61:5e:6a:5b:b2:d2:1c:4a:
22:18:1f:37:f1:8c:f3:dd:58:60:25:ae:9d:82:86:
cb:80:b4:01:b2:e7:e6:14:53:6e:03:b5:7a:07:a2:
e1:e6:99:1b:dc:72:45:71:d1:62:99:79:72:4f:6f:
e9:82:68:04:4b:10:76:98:a8:88:ef:1d:00:a6:dc:
c6:16:4c:79:55:62:d1:7e:99:a1:b0:80:4a:6d:3d:
4e:66:2f:35:22:96:21:82:2c:3b:b8:63:64:54:09:
41:0e:fa:b5:24:93:5e:0f:25:8e:7e:79:dc:21:8a:
bf:c1:a1:a0:ff:cb:bd:75:45:f6:85:70:12:50:dd:
34:29:82:0e:28:5e:74:2f:ed:da:c7:ce:b0:b1:07:
b2:14:d6:75:00:9a:00:4e:53:9d:98:8a:95:bf:49:
a1:74:46:41:24:76:35:9f:b4:71:5b:17:45:05:97:
c0:62:a0:f9:1a:a1:5b:d9:5f:ca:86:21:02:ec:72:
9d:0f:d9:49:0c:bd:73:8c:93:2f:2b:11:2f:8c:2a:
98:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:1A:1F:A3:8E:09:E6:CD:57:AD:20:86:FD:29:DA:03:DB:35:6C
X509v3 Authority Key Identifier:
keyid:B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/NB0aH6OOCebNV60ghv0p2gPbNWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.240.0/22
91.215.40.0/22
95.129.232.0-95.129.237.255
153.80.232.0/21
185.129.100.0/22
185.178.208.0-185.178.210.255
IPv6:
2a0a:4180::/48
Signature Algorithm: sha256WithRSAEncryption
43:30:68:d3:3a:82:e3:01:73:90:c9:03:de:3c:d1:c2:76:d8:
ba:e1:9a:a2:79:cc:b4:2f:51:fe:9e:8b:c4:75:51:e6:3c:29:
67:0a:fd:4d:6c:ab:5b:e9:2a:4b:55:23:15:9e:25:dc:b3:f6:
bc:10:53:e4:28:a0:6f:27:3b:52:b2:6c:21:97:d4:5e:a3:ba:
21:91:ff:a9:e9:d5:e3:d7:d1:21:b1:b3:06:89:20:c6:30:9f:
cf:55:be:11:ae:c5:95:bc:eb:b8:41:ee:24:0a:76:e6:4a:5f:
16:1b:91:8c:a7:41:42:98:b7:19:d6:a4:1d:22:39:4e:c2:98:
a1:2b:76:67:ab:f2:90:80:01:63:44:de:be:7d:b3:2d:0f:92:
c8:16:cf:c6:29:b3:3b:de:cf:ed:11:13:ab:62:6d:4d:2b:e0:
31:1f:f3:20:a6:4c:7f:22:db:73:a8:87:f0:0b:85:be:f0:e9:
6a:70:c7:d8:1f:59:e7:92:9e:ca:47:3c:e6:ea:16:14:09:bf:
1a:17:2b:c1:94:5c:2a:c2:c0:96:f7:65:96:df:5e:31:a5:76:
04:ca:bf:a3:96:2c:3c:b4:17:67:13:d2:d1:57:1d:07:08:46:
28:c3:49:60:e4:fb:8d:a8:66:4e:13:5b:9b:62:ad:b3:d7:bc:
07:47:fa:ea
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ2q8EbWH1WdM6K7e0Q/rWWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODUzYWExZWIzMmJmZWUwZmViMTQ4M2MxNDkzNmQxMDFm
MTZlZGYwHhcNMjYwNDIwMTI0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFkMWExZmEzOGUwOWU2Y2Q1N2FkMjA4NmZkMjlkYTAzZGIzNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Av/xv3iD6y/ByxH3SAyL7zk4j+e
IV0EKkrAU5VDwG2A2wIOxKrumXviul3GVeFSQH6pYV5qW7LSHEoiGB838Yzz3Vhg
Ja6dgobLgLQBsufmFFNuA7V6B6Lh5pkb3HJFcdFimXlyT2/pgmgESxB2mKiI7x0A
ptzGFkx5VWLRfpmhsIBKbT1OZi81IpYhgiw7uGNkVAlBDvq1JJNeDyWOfnncIYq/
waGg/8u9dUX2hXASUN00KYIOKF50L+3ax86wsQeyFNZ1AJoATlOdmIqVv0mhdEZB
JHY1n7RxWxdFBZfAYqD5GqFb2V/KhiEC7HKdD9lJDL1zjJMvKxEvjCqY4wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDQdGh+jjgnmzVetIIb9KdoD2zVsMB8GA1UdIwQY
MBaAFLKFOqHrMr/uD+sUg8FJNtEB8W7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29VNm9lc3l2LTRQNnhTRHdVazIwUUh4YnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMWM4MTUtZDk2YS00YmI2LThjY2Yt
ZjJiODEwNzliNzQ2LzEvTkIwYUg2T09DZWJOVjYwZ2h2MHAyZ1BiTld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMWM4MTUtZDk2YS00YmI2LThjY2YtZjJiODEwNzliNzQ2
LzEvc29VNm9lc3l2LTRQNnhTRHdVazIwUUh4YnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQCLQrwAwQC
W9coMAwDBANfgegDBAFfgewDBAOZUOgDBAK5gWQwDAMEBLmy0AMEALmy0jAPBAIA
AjAJAwcAKgpBgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBDMGjTOoLjAXOQyQPePNHC
dti64Zqiecy0L1H+novEdVHmPClnCv1NbKtb6SpLVSMVniXcs/a8EFPkKKBvJztS
smwhl9Reo7ohkf+p6dXj19EhsbMGiSDGMJ/PVb4RrsWVvOu4Qe4kCnbmSl8WG5GM
p0FCmLcZ1qQdIjlOwpihK3Znq/KQgAFjRN6+fbMtD5LIFs/GKbM73s/tEROrYm1N
K+AxH/Mgpkx/IttzqIfwC4W+8OlqcMfYH1nnkp7KRzzm6hYUCb8aFyvBlFwqwsCW
92WW314xpXYEyr+jliw8tBdnE9LRVx0HCEYow0lg5PuNqGZOE1ubYq2z17wHR/rq
-----END CERTIFICATE-----
Generated at Tue Apr 21 22:27:38 2026 by rpki-client