Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/0bhc3GGcm8f0bE__ZpsQizYgihE.roa
File: 0bhc3GGcm8f0bE__ZpsQizYgihE.roa (raw, json)
Hash identifier: Bi63TxLqsSHf/YfgusHOFqNw/X9+Jj5qItNLHRX/nao=
Subject key identifier: D1:B8:5C:DC:61:9C:9B:C7:F4:6C:4F:FF:66:9B:10:8B:36:20:8A:11
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019E2C508C9C709E17746258CAA1873D064A
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/0bhc3GGcm8f0bE__ZpsQizYgihE.roa
Signing time: Fri 15 May 2026 15:45:36 +0000
ROA not before: Fri 15 May 2026 15:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208972
IP address blocks: 45.74.176.0/24 maxlen: 24
2a13:a440:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2c:50:8c:9c:70:9e:17:74:62:58:ca:a1:87:3d:06:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 15 15:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1b85cdc619c9bc7f46c4fff669b108b36208a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e2:c2:0f:54:e3:aa:6d:66:af:c7:2e:ca:53:
3b:eb:75:88:94:7a:72:bf:36:0a:05:07:90:f1:0a:
04:56:14:35:71:e4:58:77:7c:5e:d2:66:9c:61:19:
4b:48:4c:12:5b:26:dc:89:1f:40:f7:c9:3c:c5:4f:
57:6a:61:6e:d4:e9:78:3c:a1:cb:7d:72:9b:76:95:
a4:bf:9b:c2:61:bf:1b:60:98:a8:f4:1c:ec:bc:47:
08:93:b0:03:57:83:cd:1a:a9:c1:81:61:56:68:44:
82:58:95:5a:db:73:02:8e:a4:59:76:29:6f:ea:c7:
55:a7:69:01:82:80:81:43:f4:1e:40:21:78:6a:2d:
f2:fc:79:66:c8:b6:59:88:1f:5b:43:5b:72:81:6c:
f5:d7:21:de:16:22:a9:b2:60:0d:c9:d8:6b:93:e8:
3a:99:c0:dd:66:4e:ee:aa:5b:1b:11:97:c8:a1:e4:
dd:14:75:41:c4:d4:77:fc:4c:4c:c8:11:a5:b9:fe:
3c:6c:ea:5b:9b:16:f3:4b:d5:53:bb:42:90:60:5b:
e4:76:73:09:b0:df:4a:35:0b:ac:5c:23:0d:d4:c5:
be:ac:f9:bb:a4:c6:13:8b:7d:18:76:8b:cb:61:61:
a7:1c:f3:3f:64:76:41:23:7b:88:a5:a9:ae:94:5b:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B8:5C:DC:61:9C:9B:C7:F4:6C:4F:FF:66:9B:10:8B:36:20:8A:11
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/0bhc3GGcm8f0bE__ZpsQizYgihE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.74.176.0/24
IPv6:
2a13:a440:8::/48
Signature Algorithm: sha256WithRSAEncryption
15:0f:c2:ef:b0:03:10:37:bb:06:6c:92:35:f4:2d:05:2d:50:
f2:24:d1:b9:0d:5b:aa:01:7b:ea:0b:12:21:72:c5:32:8d:d5:
2d:b5:cd:2d:e3:a2:2f:52:ce:b1:2d:38:0a:fe:7a:0f:0d:de:
43:23:d9:c7:b9:0c:5e:3d:9c:ff:c6:b1:01:e2:d1:1c:ab:2f:
70:b7:65:03:81:09:43:11:64:76:4b:cc:b2:92:1e:65:ef:59:
6d:05:f6:c2:05:4a:76:6e:45:be:38:82:07:5f:94:d5:24:a9:
e5:5c:c8:99:55:a8:9a:1d:f0:ae:f9:31:eb:79:1c:ae:f4:0d:
73:43:c9:4c:bc:ba:a0:d8:95:de:d8:0b:40:a6:a1:71:56:76:
a6:60:a8:32:a5:27:4e:90:df:a9:07:ba:7a:af:1f:d2:0b:7b:
c2:81:af:76:41:2d:e3:2a:bd:bb:10:7b:66:14:e3:56:de:0d:
dd:b7:1c:ea:b5:fe:e9:bf:97:d9:c1:e8:3f:fa:19:9c:fa:05:
d2:f1:b8:eb:13:30:7c:e5:7e:7a:33:ad:bd:22:c0:e4:71:9b:
46:c5:5a:8c:8e:03:98:78:5d:84:4f:fd:19:04:9f:7b:c2:2e:
cc:6f:e5:cc:23:f1:57:32:ad:80:ef:ba:b5:3e:40:6b:f6:14:
62:c8:0a:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ4sUIyccJ4XdGJYyqGHPQZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwNTE1MTU0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI4NWNkYzYxOWM5YmM3ZjQ2YzRmZmY2NjliMTA4YjM2MjA4YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eLCD1Tjqm1mr8cuylM763WIlHpy
vzYKBQeQ8QoEVhQ1ceRYd3xe0macYRlLSEwSWybciR9A98k8xU9XamFu1Ol4PKHL
fXKbdpWkv5vCYb8bYJio9BzsvEcIk7ADV4PNGqnBgWFWaESCWJVa23MCjqRZdilv
6sdVp2kBgoCBQ/QeQCF4ai3y/HlmyLZZiB9bQ1tygWz11yHeFiKpsmANydhrk+g6
mcDdZk7uqlsbEZfIoeTdFHVBxNR3/ExMyBGluf48bOpbmxbzS9VTu0KQYFvkdnMJ
sN9KNQusXCMN1MW+rPm7pMYTi30YdovLYWGnHPM/ZHZBI3uIpamulFspXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNG4XNxhnJvH9GxP/2abEIs2IIoRMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvMGJoYzNHR2NtOGYwYkVfX1pwc1FpellnaWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUqwMA8E
AgACMAkDBwAqE6RAAAgwDQYJKoZIhvcNAQELBQADggEBABUPwu+wAxA3uwZskjX0
LQUtUPIk0bkNW6oBe+oLEiFyxTKN1S21zS3joi9SzrEtOAr+eg8N3kMj2ce5DF49
nP/GsQHi0RyrL3C3ZQOBCUMRZHZLzLKSHmXvWW0F9sIFSnZuRb44ggdflNUkqeVc
yJlVqJod8K75Met5HK70DXNDyUy8uqDYld7YC0CmoXFWdqZgqDKlJ06Q36kHunqv
H9ILe8KBr3ZBLeMqvbsQe2YU41beDd23HOq1/um/l9nB6D/6GZz6BdLxuOsTMHzl
fnozrb0iwORxm0bFWoyOA5h4XYRP/RkEn3vCLsxv5cwj8VcyrYDvurU+QGv2FGLI
CtY=
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:31:11 2026 by rpki-client