Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Va9o2kdN9N7aiguoc5m8k8bYEmY.roa
File: Va9o2kdN9N7aiguoc5m8k8bYEmY.roa (raw, json)
Hash identifier: NejUi7tzEf1P3SyGs9BusZ2kyZTal2+3qk7B69uozF0=
Subject key identifier: 55:AF:68:DA:47:4D:F4:DE:DA:8A:0B:A8:73:99:BC:93:C6:D8:12:66
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019DAFC7E86605D119893C3874071C00A6C2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Va9o2kdN9N7aiguoc5m8k8bYEmY.roa
Signing time: Tue 21 Apr 2026 11:23:27 +0000
ROA not before: Tue 21 Apr 2026 11:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206092
IP address blocks: 45.8.68.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
82.197.193.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 18:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:c7:e8:66:05:d1:19:89:3c:38:74:07:1c:00:a6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 21 11:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=55af68da474df4deda8a0ba87399bc93c6d81266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:16:35:ef:ce:b1:cd:ce:11:ea:13:ae:93:
2b:e5:d0:a4:66:bd:e4:c2:e1:12:a4:26:e0:fe:3f:
e0:a0:45:b1:3f:00:49:2b:94:73:6f:ad:20:7a:02:
fa:8a:58:37:d6:44:2b:a3:a1:82:0d:e5:0d:2b:bf:
a6:4d:92:22:95:9d:a9:10:28:7d:8f:f1:cc:e1:a4:
78:28:f1:aa:5d:8f:76:00:c6:37:0f:81:8f:cb:d8:
4c:79:0f:94:63:47:92:1e:98:5e:b9:af:25:82:84:
e5:c1:60:e8:2c:ae:9f:68:5c:31:4d:36:e7:81:4a:
c5:60:31:09:ee:c7:80:3b:65:e6:87:5e:dd:57:e2:
42:85:65:14:7f:92:59:b8:86:63:70:47:6f:64:44:
98:76:8c:54:f4:45:fa:88:29:ff:d3:7c:32:eb:b7:
7e:b5:32:82:0a:5f:9a:d0:c1:0a:66:df:ec:d1:21:
68:b0:fc:c0:ed:ad:8e:d8:1a:c4:d7:42:11:e4:52:
ff:a1:ff:a4:ba:ec:6d:01:e6:5c:04:64:64:20:66:
60:9c:ea:11:70:86:61:49:f2:7e:9c:1d:97:f6:e1:
d9:b1:c7:1d:2e:ea:38:b2:5a:ef:e0:de:f2:c3:04:
02:30:ae:e3:31:41:0d:ae:24:af:07:6e:81:28:9e:
e9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AF:68:DA:47:4D:F4:DE:DA:8A:0B:A8:73:99:BC:93:C6:D8:12:66
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Va9o2kdN9N7aiguoc5m8k8bYEmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/24
45.140.135.0/24
82.197.193.0/24
89.38.70.0/24
89.47.15.0/24
91.217.249.0/24
185.192.16.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:bf:aa:43:00:b7:3c:a9:c3:db:d2:7b:8c:24:81:0a:c2:40:
12:f0:ea:e8:c1:14:21:69:75:61:ca:c0:5d:c1:7c:19:d8:3b:
93:04:1c:0c:b3:c5:b9:e5:ab:8e:ed:da:33:21:36:bd:9a:e3:
7a:64:3e:93:89:d4:aa:9c:92:11:00:a1:3f:fd:31:27:c1:51:
94:15:c1:67:0d:f5:63:58:24:f3:20:c2:2f:82:98:ca:5e:57:
89:ed:93:30:0f:8e:f9:58:ba:f3:87:dd:e6:78:b0:ff:09:84:
d6:9d:e9:1c:f7:52:57:2a:26:50:e4:f8:cc:82:cd:d2:20:87:
d4:1a:d1:f8:cc:d1:d5:24:4e:12:cd:81:e4:c4:9a:da:98:e4:
5f:bb:23:14:b0:24:43:a1:49:10:10:c2:d5:10:0f:b3:17:31:
9a:46:56:32:75:9e:c6:82:47:7b:42:41:e6:c9:6c:ef:75:97:
db:92:0e:7a:59:c1:32:a2:e5:66:e4:0c:b1:a8:cd:d8:f9:49:
f6:7a:bb:18:95:b0:00:d8:89:7b:96:9b:4c:c9:96:57:54:1a:
bf:1b:b7:58:be:cf:09:db:db:5e:b2:c5:95:6a:68:18:9d:51:
a4:a0:c0:5e:f1:22:d2:9a:a7:de:37:28:28:af:69:42:f6:82:
ab:6d:eb:ff
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ2vx+hmBdEZiTw4dAccAKbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwNDIxMTEyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFmNjhkYTQ3NGRmNGRlZGE4YTBiYTg3Mzk5YmM5M2M2ZDgxMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8QWNe/Osc3OEeoTrpMr5dCkZr3k
wuESpCbg/j/goEWxPwBJK5Rzb60gegL6ilg31kQro6GCDeUNK7+mTZIilZ2pECh9
j/HM4aR4KPGqXY92AMY3D4GPy9hMeQ+UY0eSHpheua8lgoTlwWDoLK6faFwxTTbn
gUrFYDEJ7seAO2Xmh17dV+JChWUUf5JZuIZjcEdvZESYdoxU9EX6iCn/03wy67d+
tTKCCl+a0MEKZt/s0SFosPzA7a2O2BrE10IR5FL/of+kuuxtAeZcBGRkIGZgnOoR
cIZhSfJ+nB2X9uHZsccdLuo4slrv4N7ywwQCMK7jMUENriSvB26BKJ7pEQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFFWvaNpHTfTe2ooLqHOZvJPG2BJmMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVmE5bzJrZE45TjdhaWd1b2M1bThrOGJZRW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALQhEAwQA
LUNgAwQBLYJQAwQALYJTAwQALYe6AwQALYyHAwQAUsXBAwQAWSZGAwQAWS8PAwQA
W9n5AwQAucAQAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3
DQEBCwUAA4IBAQBKv6pDALc8qcPb0nuMJIEKwkAS8OrowRQhaXVhysBdwXwZ2DuT
BBwMs8W55auO7dozITa9muN6ZD6TidSqnJIRAKE//TEnwVGUFcFnDfVjWCTzIMIv
gpjKXleJ7ZMwD475WLrzh93meLD/CYTWnekc91JXKiZQ5PjMgs3SIIfUGtH4zNHV
JE4SzYHkxJramORfuyMUsCRDoUkQEMLVEA+zFzGaRlYydZ7Ggkd7QkHmyWzvdZfb
kg56WcEyouVm5AyxqM3Y+Un2ersYlbAA2Il7lptMyZZXVBq/G7dYvs8J29tessWV
amgYnVGkoMBe8SLSmqfeNygor2lC9oKrbev/
-----END CERTIFICATE-----
Generated at Sat May 2 03:42:34 2026 by rpki-client