Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v1P5WyRXWx7bakXU9ltiZRmcfII.roa
File: v1P5WyRXWx7bakXU9ltiZRmcfII.roa (raw, json)
Hash identifier: gEWikvREjjTlHD1kdv39lVwI8X54RbcqV5TLsYPfYG8=
Subject key identifier: BF:53:F9:5B:24:57:5B:1E:DB:6A:45:D4:F6:5B:62:65:19:9C:7C:82
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019CAE0546D2FD59E611D5159049C1EF7C9D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v1P5WyRXWx7bakXU9ltiZRmcfII.roa
Signing time: Mon 02 Mar 2026 10:08:27 +0000
ROA not before: Mon 02 Mar 2026 10:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206092
IP address blocks: 45.67.96.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:05:46:d2:fd:59:e6:11:d5:15:90:49:c1:ef:7c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 2 10:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf53f95b24575b1edb6a45d4f65b6265199c7c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:a4:5e:4e:cd:39:fb:e7:ec:cc:f0:0d:78:
a2:11:59:c5:af:a9:63:16:38:61:1e:8b:85:b2:82:
86:2e:44:49:64:1b:f9:74:11:02:d3:73:7b:8e:f1:
80:58:97:af:f9:cf:ec:14:10:0f:e7:4a:62:36:31:
b2:42:78:18:99:8e:c0:9c:12:43:6c:d5:e4:3d:17:
9f:8a:31:b5:67:fc:5a:a6:3b:94:77:36:b5:9d:f5:
13:ea:be:88:e3:38:f9:90:3b:87:97:d3:5d:db:c4:
fb:78:0e:0e:bb:ec:96:8c:86:4f:e5:a3:3f:52:8a:
d2:84:64:2a:b9:03:64:c6:19:2a:ff:ca:00:a2:71:
f8:30:f7:31:ab:79:4c:4a:c5:a2:1f:0a:dd:9e:d2:
73:6a:36:7b:19:93:82:9e:c5:6d:1f:72:5b:b2:e3:
bf:f9:7e:e4:64:cf:b1:9b:b2:a2:e4:3d:ba:2c:d2:
2d:91:05:fd:15:f6:82:44:6c:b6:82:f9:37:62:7e:
7e:65:87:86:5d:4e:a7:30:57:3c:4a:74:3c:18:bf:
a3:d1:88:a2:67:65:de:2f:98:b6:9c:9d:a2:7b:70:
70:96:9a:d7:20:e9:41:d3:2d:65:83:4e:1a:4e:8b:
11:a9:fa:be:1a:64:3a:e5:e2:67:f8:ee:77:f8:2d:
64:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:53:F9:5B:24:57:5B:1E:DB:6A:45:D4:F6:5B:62:65:19:9C:7C:82
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v1P5WyRXWx7bakXU9ltiZRmcfII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/24
45.140.135.0/24
89.38.70.0/24
89.47.15.0/24
91.217.249.0/24
185.192.16.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
81:68:6f:1a:aa:51:35:84:e2:9c:2c:8d:c6:84:56:8b:a6:03:
d4:86:d7:50:50:0d:ee:e9:e0:17:ff:8c:46:45:2c:94:e0:b0:
b7:49:a0:55:94:f1:29:2d:3f:64:f4:fc:6a:82:9e:b8:15:5e:
fd:9b:3e:76:a2:e5:5d:6e:3a:7e:c2:3a:ce:a1:fc:64:2a:66:
fe:2c:1f:b4:f2:60:eb:12:f6:d6:67:95:8b:ac:a1:97:cd:4f:
48:f4:8b:cf:42:ae:ba:86:14:0d:1d:26:e4:bc:8a:ff:f7:e3:
53:1d:d1:63:59:52:da:e4:ab:bb:6b:44:07:bf:a7:ad:30:15:
3a:ad:8a:4f:87:af:9d:12:8f:fc:ae:e8:8c:87:6d:a5:8d:8f:
40:91:7a:07:27:3d:62:8a:24:dc:ad:59:ce:09:9c:74:e3:47:
f1:3a:f3:cb:f6:6c:00:b3:5e:16:e9:e9:12:e5:f5:74:bd:e6:
51:64:68:8e:eb:12:58:cb:54:ce:99:2a:b7:b9:19:5b:93:4a:
78:0e:65:6a:8f:4a:6c:87:9d:40:ab:e4:c1:e2:e5:27:64:30:
3b:42:35:3c:e6:f7:b4:37:7f:c9:20:21:ed:c9:82:af:ae:c7:
58:65:4b:61:2a:9a:2b:37:16:04:cd:ee:d9:52:40:d0:6e:7f:
7c:3f:62:a9
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZyuBUbS/VnmEdUVkEnB73ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMzAyMTAwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjUzZjk1YjI0NTc1YjFlZGI2YTQ1ZDRmNjViNjI2NTE5OWM3YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMakXk7NOfvn7MzwDXiiEVnFr6lj
FjhhHouFsoKGLkRJZBv5dBEC03N7jvGAWJev+c/sFBAP50piNjGyQngYmY7AnBJD
bNXkPRefijG1Z/xapjuUdza1nfUT6r6I4zj5kDuHl9Nd28T7eA4Ou+yWjIZP5aM/
UorShGQquQNkxhkq/8oAonH4MPcxq3lMSsWiHwrdntJzajZ7GZOCnsVtH3JbsuO/
+X7kZM+xm7Ki5D26LNItkQX9FfaCRGy2gvk3Yn5+ZYeGXU6nMFc8SnQ8GL+j0Yii
Z2XeL5i2nJ2ie3BwlprXIOlB0y1lg04aTosRqfq+GmQ65eJn+O53+C1k8QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL9T+VskV1se22pF1PZbYmUZnHyCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdjFQNVd5UlhXeDdiYWtYVTlsdGlaUm1jZklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALUNgAwQB
LYJQAwQALYJTAwQALYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAW9n5AwQAucAQAwQA
ucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQCB
aG8aqlE1hOKcLI3GhFaLpgPUhtdQUA3u6eAX/4xGRSyU4LC3SaBVlPEpLT9k9Pxq
gp64FV79mz52ouVdbjp+wjrOofxkKmb+LB+08mDrEvbWZ5WLrKGXzU9I9IvPQq66
hhQNHSbkvIr/9+NTHdFjWVLa5Ku7a0QHv6etMBU6rYpPh6+dEo/8ruiMh22ljY9A
kXoHJz1iiiTcrVnOCZx040fxOvPL9mwAs14W6ekS5fV0veZRZGiO6xJYy1TOmSq3
uRlbk0p4DmVqj0psh51Aq+TB4uUnZDA7QjU85ve0N3/JICHtyYKvrsdYZUthKpor
NxYEze7ZUkDQbn98P2Kp
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:04 2026 by rpki-client