Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/So7wgV37uMU10usyjc3NkFGk6ts.roa
File: So7wgV37uMU10usyjc3NkFGk6ts.roa (raw, json)
Hash identifier: 8Vbw5UOb8aVdIPULOCRAbsCHgBmlFwUXcGJtQEpFBfE=
Subject key identifier: 4A:8E:F0:81:5D:FB:B8:C5:35:D2:EB:32:8D:CD:CD:90:51:A4:EA:DB
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 019E2B0D5DE37B0ABF430B5786F0EBC7DD34
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/So7wgV37uMU10usyjc3NkFGk6ts.roa
Signing time: Fri 15 May 2026 09:52:36 +0000
ROA not before: Fri 15 May 2026 09:52:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8932
IP address blocks: 46.36.124.0/22 maxlen: 24
46.162.220.0/22 maxlen: 24
185.48.240.0/22 maxlen: 24
185.48.240.0/24 maxlen: 24
185.48.241.0/24 maxlen: 24
185.48.242.0/24 maxlen: 24
185.48.243.0/24 maxlen: 24
2a00:cc40:1::/48 maxlen: 48
2a00:cc40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:0d:5d:e3:7b:0a:bf:43:0b:57:86:f0:eb:c7:dd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: May 15 09:52:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4a8ef0815dfbb8c535d2eb328dcdcd9051a4eadb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:13:4a:56:e3:5c:39:14:e2:e6:f3:25:a8:bf:
b6:c2:e4:80:35:14:c2:12:d7:35:a1:ae:49:5e:e8:
85:f2:72:4e:d3:f8:09:51:10:d9:e2:7e:19:3c:a1:
7c:84:3d:75:0d:05:f0:41:1e:14:80:7f:c8:c3:cb:
42:8a:6e:71:fc:18:5b:f3:a0:6b:a0:aa:0f:3e:a7:
70:87:7d:39:34:1c:35:12:b9:5e:64:15:d2:84:7c:
e5:6b:c8:95:e2:f8:09:8f:69:5b:52:28:53:4f:f3:
19:70:28:bf:5b:99:b9:52:5b:1f:69:a2:a4:15:59:
16:5f:f3:49:b0:d7:61:ff:ca:e4:20:50:97:59:fb:
95:b5:86:77:b0:88:20:bc:7d:80:a3:c0:c3:1f:15:
0e:70:57:c4:ae:93:94:5f:5d:66:c2:86:5e:92:e0:
4c:1d:d6:28:71:ff:91:12:3b:02:e1:8a:79:59:97:
07:70:5e:d8:65:11:e5:43:23:9a:dd:30:af:fa:2e:
4e:c6:9c:0e:b9:20:45:e0:db:27:67:af:93:aa:3a:
01:8a:15:3b:b3:d4:15:b4:26:fc:be:91:32:46:31:
78:ea:f0:57:48:b6:d6:45:6e:94:cd:5b:26:b8:f7:
e2:da:e3:62:0c:d1:51:e4:e6:30:3e:06:e8:8e:1f:
d7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8E:F0:81:5D:FB:B8:C5:35:D2:EB:32:8D:CD:CD:90:51:A4:EA:DB
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/So7wgV37uMU10usyjc3NkFGk6ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.124.0/22
46.162.220.0/22
185.48.240.0/22
IPv6:
2a00:cc40:1::-2a00:cc40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:80:9b:90:25:52:1b:5c:e0:c8:81:4d:d4:4a:2a:85:2c:d7:
da:e9:69:43:66:92:a4:f1:3f:e4:83:96:71:46:0c:cc:da:68:
e3:83:9d:fa:fb:53:87:4e:70:dd:af:46:5c:53:7b:e2:bf:1e:
76:52:e8:8b:10:0c:9d:22:ad:19:5f:9a:e5:25:9b:95:dc:28:
a1:a2:e5:e8:52:52:81:c8:89:dd:02:ee:ee:de:b1:f7:a8:c7:
27:01:d4:7b:01:d9:95:52:1a:5c:41:b4:8a:60:f2:35:78:31:
10:a6:5e:4d:28:5d:01:33:fc:b6:46:81:81:a2:90:41:fa:6d:
bd:e0:f8:cb:85:68:3c:17:16:1d:2e:ec:d6:fa:89:f3:34:42:
e7:7d:ed:29:be:2c:33:bf:b5:dc:7a:a0:79:5d:08:9a:ea:27:
4f:db:60:55:17:4f:e2:4a:91:6e:5c:38:85:31:e2:7f:35:a7:
a3:51:b1:fd:6c:ca:c0:f3:8b:19:0c:6a:43:53:96:ba:99:26:
38:af:d6:18:2d:3e:25:b1:cf:be:cf:4e:d0:05:ea:0e:c7:6f:
8b:e4:9d:b1:fd:70:90:22:a8:3a:22:e9:23:c8:81:06:0b:5e:
cb:31:5f:16:fb:a9:5f:e3:d1:b8:ae:17:09:b0:e6:ff:d4:15:
00:41:5e:9d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ4rDV3jewq/QwtXhvDrx900MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjYwNTE1MDk1MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThlZjA4MTVkZmJiOGM1MzVkMmViMzI4ZGNkY2Q5MDUxYTRlYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BNKVuNcORTi5vMlqL+2wuSANRTC
Etc1oa5JXuiF8nJO0/gJURDZ4n4ZPKF8hD11DQXwQR4UgH/Iw8tCim5x/Bhb86Br
oKoPPqdwh305NBw1ErleZBXShHzla8iV4vgJj2lbUihTT/MZcCi/W5m5UlsfaaKk
FVkWX/NJsNdh/8rkIFCXWfuVtYZ3sIggvH2Ao8DDHxUOcFfErpOUX11mwoZekuBM
HdYocf+REjsC4Yp5WZcHcF7YZRHlQyOa3TCv+i5OxpwOuSBF4NsnZ6+TqjoBihU7
s9QVtCb8vpEyRjF46vBXSLbWRW6UzVsmuPfi2uNiDNFR5OYwPgbojh/XoQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEqO8IFd+7jFNdLrMo3NzZBRpOrbMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvU283d2dWMzd1TVUxMHVzeWpjM05rRkdrNnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQCLiR8AwQC
LqLcAwQCuTDwMBoEAgACMBQwEgMHACoAzEAAAQMHACoAzEAAAjANBgkqhkiG9w0B
AQsFAAOCAQEAbICbkCVSG1zgyIFN1EoqhSzX2ulpQ2aSpPE/5IOWcUYMzNpo44Od
+vtTh05w3a9GXFN74r8edlLoixAMnSKtGV+a5SWbldwooaLl6FJSgciJ3QLu7t6x
96jHJwHUewHZlVIaXEG0imDyNXgxEKZeTShdATP8tkaBgaKQQfptveD4y4VoPBcW
HS7s1vqJ8zRC533tKb4sM7+13HqgeV0ImuonT9tgVRdP4kqRblw4hTHifzWno1Gx
/WzKwPOLGQxqQ1OWupkmOK/WGC0+JbHPvs9O0AXqDsdvi+Sdsf1wkCKoOiLpI8iB
BgteyzFfFvupX+PRuK4XCbDm/9QVAEFenQ==
-----END CERTIFICATE-----
Generated at Sat May 16 18:37:08 2026 by rpki-client