Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bs3UdXNLtrfGIOoB63QYb5WA5GI.roa
File: Bs3UdXNLtrfGIOoB63QYb5WA5GI.roa (raw, json)
Hash identifier: e9hAf7YCbYrxjrwj2uHyu2Q2O6DcSy7IF40iveSpPT0=
Subject key identifier: 06:CD:D4:75:73:4B:B6:B7:C6:20:EA:01:EB:74:18:6F:95:80:E4:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019D294807C8C87309530AD0CBCD231418AD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bs3UdXNLtrfGIOoB63QYb5WA5GI.roa
Signing time: Thu 26 Mar 2026 08:34:39 +0000
ROA not before: Thu 26 Mar 2026 08:34:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.82.0/24 maxlen: 24
185.192.68.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
2a0b:64c6::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Apr 2026 08:03:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:48:07:c8:c8:73:09:53:0a:d0:cb:cd:23:14:18:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 26 08:34:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06cdd475734bb6b7c620ea01eb74186f9580e462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:05:30:02:e4:44:18:02:5d:9e:0a:47:12:
8d:02:a6:fa:78:47:26:30:fd:ac:a8:52:55:d9:a3:
95:16:f8:67:39:49:1f:79:b2:7f:3c:0b:c1:19:ed:
28:1f:1f:cd:93:8d:f7:e0:73:5d:8e:76:e1:1b:f1:
9f:4b:53:6c:c7:9a:d2:83:d0:c8:bd:21:d1:c0:e4:
01:ae:4f:fa:a6:4c:ad:c3:11:87:65:82:ce:a5:ab:
75:fd:e7:05:26:d2:10:dd:33:ec:45:d5:1f:92:bc:
d4:c7:eb:76:2e:a3:37:fd:8f:e3:40:6e:97:93:93:
c4:41:24:50:d0:95:d4:8c:75:dc:99:11:d4:8d:39:
d0:34:1d:07:e5:a6:51:f7:a0:67:b5:38:61:5e:dc:
00:ca:18:50:7b:b6:d1:da:52:da:82:cd:87:b6:a3:
a8:f1:1c:43:48:b6:9e:bb:44:38:56:bc:be:0c:b8:
99:1d:40:60:8a:0e:ed:b7:c6:dd:d5:71:b4:86:e8:
ce:b8:bc:d8:d5:d8:c5:8e:92:aa:7c:68:3d:d7:3b:
70:26:8c:01:af:ea:e1:35:2c:1a:d6:09:3f:b0:73:
58:28:aa:62:af:af:5c:f2:50:da:47:c9:c4:24:a9:
3e:e4:63:12:cd:fd:83:66:39:f4:f9:16:e5:94:cf:
7d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CD:D4:75:73:4B:B6:B7:C6:20:EA:01:EB:74:18:6F:95:80:E4:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bs3UdXNLtrfGIOoB63QYb5WA5GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.82.0/24
185.192.68.0/24
203.0.8.0/24
IPv6:
2a0b:64c6::/32
Signature Algorithm: sha256WithRSAEncryption
96:3f:65:54:1c:ec:af:68:50:80:c3:0f:a2:c0:68:dd:2d:af:
66:ea:9d:e4:ca:3f:04:22:cf:f1:29:58:fc:a8:91:b7:08:9a:
e3:29:5c:10:e0:20:0b:fe:99:31:fa:07:3e:50:85:a2:82:b1:
57:42:0e:d9:71:2a:df:24:6b:6b:11:f9:6f:d7:90:0f:a5:e5:
a6:9c:d2:b8:d1:35:e9:ed:b2:61:d4:b7:c5:54:f8:90:ca:10:
28:6f:62:16:55:5f:f1:9b:4f:a1:d9:b6:02:76:0b:62:ce:28:
37:d0:71:e0:e5:3b:b8:71:05:3c:6f:d2:04:c3:ed:35:19:bd:
17:5e:a4:1d:21:8b:f6:b0:d8:78:db:59:25:38:90:54:c7:de:
73:b7:32:26:62:71:b9:4d:11:5e:01:73:2a:d8:fd:66:e2:c4:
ee:22:71:e7:c9:de:f2:15:be:29:b2:2e:ef:c6:64:dd:5f:3f:
47:4f:96:c2:d1:b8:ef:90:4e:b9:f5:d4:86:17:b2:85:fd:f6:
22:35:f6:3d:66:85:e2:43:d2:db:00:78:ba:e5:9d:33:aa:73:
6a:15:06:4e:6b:8e:c5:f7:e1:47:bf:86:d8:08:3a:b4:37:05:
2b:56:2b:2f:fc:05:e3:17:51:76:4f:73:a2:a3:53:16:56:a0:
df:0f:e5:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ0pSAfIyHMJUwrQy80jFBitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMzI2MDgzNDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmNkZDQ3NTczNGJiNmI3YzYyMGVhMDFlYjc0MTg2Zjk1ODBlNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukMFMALkRBgCXZ4KRxKNAqb6eEcm
MP2sqFJV2aOVFvhnOUkfebJ/PAvBGe0oHx/Nk4334HNdjnbhG/GfS1Nsx5rSg9DI
vSHRwOQBrk/6pkytwxGHZYLOpat1/ecFJtIQ3TPsRdUfkrzUx+t2LqM3/Y/jQG6X
k5PEQSRQ0JXUjHXcmRHUjTnQNB0H5aZR96BntThhXtwAyhhQe7bR2lLags2HtqOo
8RxDSLaeu0Q4Vry+DLiZHUBgig7tt8bd1XG0hujOuLzY1djFjpKqfGg91ztwJowB
r+rhNSwa1gk/sHNYKKpir69c8lDaR8nEJKk+5GMSzf2DZjn0+RbllM996QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAbN1HVzS7a3xiDqAet0GG+VgORiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQnMzVWRYTkx0cmZHSU9vQjYzUVliNVdBNUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYJSAwQA
ucBEAwQAywAIMA0EAgACMAcDBQAqC2TGMA0GCSqGSIb3DQEBCwUAA4IBAQCWP2VU
HOyvaFCAww+iwGjdLa9m6p3kyj8EIs/xKVj8qJG3CJrjKVwQ4CAL/pkx+gc+UIWi
grFXQg7ZcSrfJGtrEflv15APpeWmnNK40TXp7bJh1LfFVPiQyhAob2IWVV/xm0+h
2bYCdgtizig30HHg5Tu4cQU8b9IEw+01Gb0XXqQdIYv2sNh421klOJBUx95ztzIm
YnG5TRFeAXMq2P1m4sTuInHnyd7yFb4psi7vxmTdXz9HT5bC0bjvkE659dSGF7KF
/fYiNfY9ZoXiQ9LbAHi65Z0zqnNqFQZOa47F9+FHv4bYCDq0NwUrVisv/AXjF1F2
T3Oio1MWVqDfD+Us
-----END CERTIFICATE-----
Generated at Tue Mar 31 13:05:03 2026 by rpki-client