Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kf6WXwERUB2UK5WtXxsSJIgK76M.roa
File: kf6WXwERUB2UK5WtXxsSJIgK76M.roa (raw, json)
Hash identifier: AXIUerhFG2dZ79X7fDQJvKC1a+E/4xiBLLeUOOiGwH4=
Subject key identifier: 91:FE:96:5F:01:11:50:1D:94:2B:95:AD:5F:1B:12:24:88:0A:EF:A3
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019CB3E0E84BE4E0A005B0CD0395B77C553D
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kf6WXwERUB2UK5WtXxsSJIgK76M.roa
Signing time: Tue 03 Mar 2026 13:26:27 +0000
ROA not before: Tue 03 Mar 2026 13:26:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203936
IP address blocks: 45.93.180.0/22 maxlen: 24
45.144.248.0/22 maxlen: 24
89.40.238.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
185.249.232.0/24 maxlen: 24
185.253.144.0/22 maxlen: 24
193.39.92.0/24 maxlen: 24
193.39.93.0/24 maxlen: 24
193.39.94.0/24 maxlen: 24
193.39.95.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
2a0c:1380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:e0:e8:4b:e4:e0:a0:05:b0:cd:03:95:b7:7c:55:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 3 13:26:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=91fe965f0111501d942b95ad5f1b1224880aefa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:e5:f0:d0:68:a8:b4:62:49:57:f1:57:fa:
dd:f4:5b:81:48:5d:11:e0:38:00:d6:0b:01:58:17:
be:55:85:b1:c2:7b:7f:78:ed:19:40:bf:95:77:9a:
2b:c5:51:1b:d8:14:0f:6d:ec:37:37:1e:37:f2:25:
d0:38:87:82:9b:d6:b5:6f:6e:e5:48:d5:47:0c:cd:
4d:9d:60:8c:c8:36:69:23:d9:c9:02:5d:ab:2b:e8:
bb:37:3e:c4:b7:66:04:29:fe:7e:a9:39:03:23:50:
78:d8:26:89:09:cd:51:5f:d1:d7:23:ef:7a:18:9e:
2b:f8:d2:ff:57:75:92:59:78:d4:fd:4e:80:fc:bd:
de:e3:67:a9:ea:9a:92:0c:f8:d0:98:5d:08:3b:e4:
5d:82:33:86:6a:ff:9c:c5:e0:33:4d:82:ea:e6:14:
a9:0c:ca:d5:94:3b:57:77:11:c2:a3:f6:cf:62:a0:
28:4d:c4:97:08:c8:57:e3:8b:35:8a:d1:1c:1d:4d:
b2:29:60:fe:14:f7:3a:96:b4:70:2e:92:22:71:fa:
c8:77:c6:5b:23:03:3d:a8:06:50:a6:37:3c:3e:19:
d1:c7:c7:a8:1e:9c:b3:32:82:35:1e:bd:2b:71:e3:
39:27:7d:0a:63:87:81:5f:49:28:51:53:3f:10:d4:
ff:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FE:96:5F:01:11:50:1D:94:2B:95:AD:5F:1B:12:24:88:0A:EF:A3
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kf6WXwERUB2UK5WtXxsSJIgK76M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.180.0/22
45.144.248.0/22
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
185.249.232.0/24
185.253.144.0/22
193.39.92.0/22
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a0c:1380::/29
Signature Algorithm: sha256WithRSAEncryption
55:b9:6f:52:f0:a3:3c:0b:e8:b5:1a:1e:d3:3c:bd:4e:0d:07:
25:a7:f2:a4:40:4d:9b:45:14:72:23:32:df:52:fd:d8:03:cd:
e5:c6:7c:96:18:76:1f:b5:64:aa:64:d0:6b:74:70:68:13:43:
6d:74:52:eb:78:9a:3d:c8:f1:e8:6b:bb:71:19:74:b8:76:8e:
68:0d:87:8c:cb:f1:88:86:fd:05:2a:d2:28:63:4a:fc:a7:5a:
f2:04:19:28:ba:ff:c7:71:99:3e:44:ed:00:63:9d:e6:b9:72:
cd:66:6e:93:2b:35:4b:ff:47:52:73:d7:08:46:17:30:7e:a5:
57:30:a1:ad:5b:a2:7c:bd:47:cb:36:8f:f8:ab:17:5d:63:07:
f1:97:fd:f4:c9:80:a2:09:36:7f:e4:8f:45:5b:8b:59:0a:6f:
f9:a5:ff:8a:00:78:1c:98:51:c9:55:be:3a:c4:65:47:3e:4b:
bb:5a:23:2c:c6:ec:56:5e:0e:96:aa:62:33:93:49:3b:0e:23:
31:3c:85:f2:a7:84:16:a0:60:fa:04:55:fb:88:c3:87:92:73:
88:db:ee:0f:05:09:00:39:16:27:a1:da:30:11:f4:c1:b0:dc:
4b:d3:45:52:9a:95:b6:29:5a:41:a2:c1:13:65:85:a6:65:75:
09:b4:6e:81
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZyz4OhL5OCgBbDNA5W3fFU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjYwMzAzMTMyNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZlOTY1ZjAxMTE1MDFkOTQyYjk1YWQ1ZjFiMTIyNDg4MGFlZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW3l8NBoqLRiSVfxV/rd9FuBSF0R
4DgA1gsBWBe+VYWxwnt/eO0ZQL+Vd5orxVEb2BQPbew3Nx438iXQOIeCm9a1b27l
SNVHDM1NnWCMyDZpI9nJAl2rK+i7Nz7Et2YEKf5+qTkDI1B42CaJCc1RX9HXI+96
GJ4r+NL/V3WSWXjU/U6A/L3e42ep6pqSDPjQmF0IO+RdgjOGav+cxeAzTYLq5hSp
DMrVlDtXdxHCo/bPYqAoTcSXCMhX44s1itEcHU2yKWD+FPc6lrRwLpIicfrId8Zb
IwM9qAZQpjc8PhnRx8eoHpyzMoI1Hr0rceM5J30KY4eBX0koUVM/ENT/lQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJH+ll8BEVAdlCuVrV8bEiSICu+jMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEva2Y2V1h3RVJVQjJVSzVXdFh4c1NKSWdLNzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLV20AwQC
LZD4AwQAWSjuAwQAWStIAwQAWSvGAwQAWSyRAwQAufnoAwQCuf2QAwQCwSdcAwQA
wg/bAwQAwg/oAwQAwg/sAwQAwhoBMA0EAgACMAcDBQMqDBOAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVuW9S8KM8C+i1Gh7TPL1ODQclp/KkQE2bRRRyIzLfUv3YA83lxnyW
GHYftWSqZNBrdHBoE0NtdFLreJo9yPHoa7txGXS4do5oDYeMy/GIhv0FKtIoY0r8
p1ryBBkouv/HcZk+RO0AY53muXLNZm6TKzVL/0dSc9cIRhcwfqVXMKGtW6J8vUfL
No/4qxddYwfxl/30yYCiCTZ/5I9FW4tZCm/5pf+KAHgcmFHJVb46xGVHPku7WiMs
xuxWXg6WqmIzk0k7DiMxPIXyp4QWoGD6BFX7iMOHknOI2+4PBQkAORYnodowEfTB
sNxL00VSmpW2KVpBosETZYWmZXUJtG6B
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:28:41 2026 by rpki-client