Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/RvkwfSnDm5oNKR4Vf0qFkYHZF8I.roa
File: RvkwfSnDm5oNKR4Vf0qFkYHZF8I.roa (raw, json)
Hash identifier: i55DsYSuBgCgzgDrmO/K3jiuDYogM0ADw+WnlFcSepA=
Subject key identifier: 46:F9:30:7D:29:C3:9B:9A:0D:29:1E:15:7F:4A:85:91:81:D9:17:C2
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019CD305BD699768B17DEE59E49F525DA246
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/RvkwfSnDm5oNKR4Vf0qFkYHZF8I.roa
Signing time: Mon 09 Mar 2026 14:34:54 +0000
ROA not before: Mon 09 Mar 2026 14:34:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6698
IP address blocks: 31.42.184.0/22 maxlen: 24
45.11.56.0/22 maxlen: 24
45.11.57.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.2.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.134.172.0/22 maxlen: 24
45.134.173.0/24 maxlen: 24
62.182.80.0/21 maxlen: 24
62.182.84.0/24 maxlen: 24
85.137.49.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
91.218.48.0/22 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
128.0.104.0/24 maxlen: 24
152.89.60.0/22 maxlen: 24
176.97.112.0/20 maxlen: 24
176.97.112.0/23 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.115.0/24 maxlen: 24
176.97.122.0/23 maxlen: 23
176.97.124.0/24 maxlen: 24
176.119.24.0/21 maxlen: 24
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.66.88.0/22 maxlen: 24
185.66.91.0/24 maxlen: 24
185.254.196.0/22 maxlen: 24
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
194.42.204.0/24 maxlen: 24
194.42.205.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.210.0/24 maxlen: 24
195.66.212.0/22 maxlen: 24
195.128.248.0/23 maxlen: 24
195.160.220.0/22 maxlen: 24
212.86.116.0/22 maxlen: 24
212.86.116.0/24 maxlen: 24
212.86.118.0/23 maxlen: 23
212.86.124.0/24 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:05:bd:69:97:68:b1:7d:ee:59:e4:9f:52:5d:a2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Mar 9 14:34:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=46f9307d29c39b9a0d291e157f4a859181d917c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:18:9b:b2:ef:45:b8:99:aa:a1:49:84:fa:02:
61:37:76:37:2e:38:fe:88:a8:4d:f0:ec:32:a5:16:
63:7d:2b:41:2f:b9:bc:e7:8c:9f:c2:eb:9f:7f:93:
28:80:a1:cb:40:88:c3:7b:b1:0b:d4:83:eb:b3:f7:
2b:75:9e:28:10:a6:6e:06:d7:9a:fc:7b:14:c6:ac:
e3:56:db:f1:d5:40:a6:0e:6d:d2:04:da:70:29:1e:
b9:5d:c6:34:5c:eb:d4:c1:90:39:d0:10:a8:f7:52:
2f:b2:f5:99:d8:16:f3:72:43:cf:a6:3b:36:54:37:
f6:a1:35:5a:03:f2:70:2e:c1:31:d4:ee:19:f6:07:
f7:8f:e1:fa:28:f9:b1:9c:b7:31:f8:bd:a6:8f:9e:
c6:03:8a:8b:c2:b9:0a:13:c7:af:9e:8c:3d:a0:b7:
3c:ed:06:39:b1:d1:00:25:9f:0e:64:79:03:c7:27:
08:c6:17:81:a7:71:f9:5d:9f:c4:ce:22:9a:7a:ff:
05:7a:d8:21:a5:ec:22:15:40:6f:df:be:43:73:0c:
0a:2d:02:97:2a:78:f1:67:6a:ae:59:64:75:6b:a3:
52:e9:48:23:7f:51:59:14:64:e2:6d:b6:10:04:fe:
f5:02:01:a9:5e:8b:b8:8d:ee:c0:85:7a:90:53:23:
53:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F9:30:7D:29:C3:9B:9A:0D:29:1E:15:7F:4A:85:91:81:D9:17:C2
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/RvkwfSnDm5oNKR4Vf0qFkYHZF8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
85.137.49.0/24
91.208.115.0/24
91.218.48.0/22
91.222.172.0/22
91.234.198.0/23
128.0.104.0/24
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.26.86.0/23
195.66.210.0/24
195.66.212.0/22
195.128.248.0/23
195.160.220.0/22
212.86.116.0/22
212.86.124.0/24
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
66:09:6d:fc:4e:42:7f:51:bd:5b:63:fd:f7:10:01:ea:4b:4c:
5a:f9:08:26:00:00:26:55:6d:81:4a:6d:c4:b5:ad:80:b5:24:
cc:5e:c1:16:fc:9f:c9:3b:9f:86:4e:11:5f:43:79:22:a3:0b:
df:a9:31:5a:e7:81:d9:8b:9d:be:e9:54:2f:75:d0:d2:cb:3e:
ab:09:c3:55:a8:44:c7:f6:fd:92:c1:a2:58:c5:3f:92:9b:7b:
12:41:84:c7:20:1b:7c:07:80:f4:52:84:e1:70:b0:c3:d2:08:
3c:ab:c0:96:57:5c:6c:2d:20:05:fe:8a:68:b7:74:f6:77:ac:
b5:1f:56:7c:b7:34:3f:ef:ea:05:1f:50:9d:4b:4e:a5:34:56:
95:85:9d:c2:bd:89:d0:30:3f:84:63:f2:de:47:41:3a:7a:95:
09:56:35:24:1b:95:35:7d:2e:61:e7:1b:77:cd:3f:86:80:ea:
fd:86:f9:82:2a:a3:dd:20:91:69:c4:5e:7a:81:91:cf:64:c4:
0b:69:1a:0c:e1:da:0b:86:58:e9:89:0b:13:80:ac:c1:55:6c:
69:05:b2:59:4d:fa:11:47:6a:0a:aa:d6:58:2e:90:aa:64:86:
1b:2b:71:b8:9e:47:83:33:68:37:4f:d1:b3:ac:84:7f:cd:cc:
8c:8d:47:68
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZzTBb1pl2ixfe5Z5J9SXaJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwMzA5MTQzNDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmY5MzA3ZDI5YzM5YjlhMGQyOTFlMTU3ZjRhODU5MTgxZDkxN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhibsu9FuJmqoUmE+gJhN3Y3Ljj+
iKhN8OwypRZjfStBL7m854yfwuuff5MogKHLQIjDe7EL1IPrs/crdZ4oEKZuBtea
/HsUxqzjVtvx1UCmDm3SBNpwKR65XcY0XOvUwZA50BCo91IvsvWZ2BbzckPPpjs2
VDf2oTVaA/JwLsEx1O4Z9gf3j+H6KPmxnLcx+L2mj57GA4qLwrkKE8evnow9oLc8
7QY5sdEAJZ8OZHkDxycIxheBp3H5XZ/EziKaev8FetghpewiFUBv375DcwwKLQKX
KnjxZ2quWWR1a6NS6Ugjf1FZFGTibbYQBP71AgGpXou4je7AhXqQUyNTuwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFEb5MH0pw5uaDSkeFX9KhZGB2RfCMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvUnZrd2ZTbkRtNW9OS1I0VmYwcUZrWUhaRjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAIf
KrgDBAItCzgDBAItDAADBAIthqwDBAM+tlADBABViTEDBABb0HMDBAJb2jADBAJb
3qwDBAFb6sYDBACAAGgDBAKYWTwDBASwYXADBAOwdxgDBAK5QlgDBAK5/sQDBADB
F7UDBALCKswDBAHDGlYDBADDQtIDBALDQtQDBAHDgPgDBALDoNwDBALUVnQDBADU
VnwwDQQCAAIwBwMFACoJLcIwDQYJKoZIhvcNAQELBQADggEBAGYJbfxOQn9RvVtj
/fcQAepLTFr5CCYAACZVbYFKbcS1rYC1JMxewRb8n8k7n4ZOEV9DeSKjC9+pMVrn
gdmLnb7pVC910NLLPqsJw1WoRMf2/ZLBoljFP5KbexJBhMcgG3wHgPRShOFwsMPS
CDyrwJZXXGwtIAX+imi3dPZ3rLUfVny3ND/v6gUfUJ1LTqU0VpWFncK9idAwP4Rj
8t5HQTp6lQlWNSQblTV9LmHnG3fNP4aA6v2G+YIqo90gkWnEXnqBkc9kxAtpGgzh
2guGWOmJCxOArMFVbGkFsllN+hFHagqq1lgukKpkhhsrcbieR4MzaDdP0bOshH/N
zIyNR2g=
-----END CERTIFICATE-----
Generated at Fri Mar 13 00:13:43 2026 by rpki-client