Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IPO8B5ETWmW7HPM5sgNtE9uEi2o.roa
File: IPO8B5ETWmW7HPM5sgNtE9uEi2o.roa (raw, json)
Hash identifier: 2LFsFyNdAXIKgnYF914q0qjw+yvdpJqFC5RkxiB1Rio=
Subject key identifier: 20:F3:BC:07:91:13:5A:65:BB:1C:F3:39:B2:03:6D:13:DB:84:8B:6A
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019E364E87FEE246D83E92B2B6F03215E365
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IPO8B5ETWmW7HPM5sgNtE9uEi2o.roa
Signing time: Sun 17 May 2026 14:19:36 +0000
ROA not before: Sun 17 May 2026 14:19:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.99.0/24 maxlen: 24
91.205.228.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:36:4e:87:fe:e2:46:d8:3e:92:b2:b6:f0:32:15:e3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: May 17 14:19:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=20f3bc0791135a65bb1cf339b2036d13db848b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5f:99:b1:0e:36:73:83:ba:2b:72:65:a3:ec:
0b:fd:4f:1f:dc:97:85:29:56:3b:1c:0b:7b:5c:46:
61:ec:ad:b7:cf:e5:72:cb:70:ad:43:a0:85:68:bb:
7c:79:17:2b:57:7c:58:a9:16:88:7c:f1:71:77:b9:
bd:4c:f0:72:4d:da:4f:23:89:44:92:76:c6:79:b6:
68:1a:67:7d:57:22:01:66:4f:ad:05:4d:2e:8e:e8:
88:18:70:84:8a:2c:b5:75:c6:30:d6:0f:97:6f:77:
40:43:39:f9:9b:0b:2c:fc:df:9c:e9:53:be:6a:ac:
32:a5:44:fc:a4:54:dc:e6:83:9b:10:26:f0:a6:9f:
45:08:91:fd:77:e9:11:59:46:8c:5e:31:db:7e:24:
6f:9d:71:0c:9b:e5:1a:d8:f7:95:4b:76:83:7b:cd:
db:c8:08:67:19:46:b9:40:45:e0:c5:ea:25:3e:d7:
0a:d7:ec:ef:c3:a8:36:d5:54:8d:e7:41:40:a6:4c:
89:f5:28:ee:e7:1c:1b:11:72:bf:99:ae:dc:8f:5c:
0c:f8:32:4b:17:28:98:b5:03:98:04:e0:38:c5:61:
f3:d0:4a:f9:da:6d:02:99:b0:b4:89:f5:ff:95:e5:
e0:6c:cd:93:bd:f6:17:d2:db:bf:16:95:52:ff:cc:
c0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F3:BC:07:91:13:5A:65:BB:1C:F3:39:B2:03:6D:13:DB:84:8B:6A
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IPO8B5ETWmW7HPM5sgNtE9uEi2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/23
91.205.228.0/24
185.92.45.0-185.92.46.255
Signature Algorithm: sha256WithRSAEncryption
23:ee:10:bb:18:ee:b8:72:92:ac:f6:dd:28:fc:5d:b5:93:04:
26:fc:82:8b:54:c4:d8:e0:64:6b:0b:49:8a:93:86:6e:64:09:
0c:01:9e:94:6d:ac:ce:9d:cb:9b:17:68:46:4f:9b:3c:03:e7:
9d:e9:ff:fe:7a:03:5e:0b:a0:be:74:1a:a4:8d:e4:2b:a8:34:
8f:aa:bf:40:77:56:26:f1:48:b0:46:fa:66:8c:06:9a:af:bd:
ce:18:0d:08:d4:07:fc:8a:b7:47:7d:62:3b:58:c2:45:cd:56:
40:a9:2a:2f:2a:dd:03:dd:53:4f:de:df:4f:40:8b:49:8b:03:
d9:21:bd:5b:c2:c6:7b:1c:6a:bf:6d:33:98:12:1f:00:b6:53:
29:0d:34:7d:c4:0b:5a:ee:8b:c6:5e:3f:b8:95:7e:95:ad:ea:
95:82:d0:ca:73:71:6f:7d:b2:04:b6:f4:6e:98:82:68:df:79:
fa:87:e5:8d:00:92:fa:a9:af:da:89:f1:e6:ec:1b:31:16:b5:
a9:7a:cd:71:ee:fd:74:95:84:16:ca:69:1b:98:ea:04:ad:68:
04:cd:b7:98:d6:8c:3e:d0:3a:ee:b9:a9:f1:d9:72:f4:71:ba:
0c:89:86:22:50:e1:66:40:14:5e:c2:68:72:5c:13:7c:75:8f:
6a:cb:98:b3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ42Tof+4kbYPpKytvAyFeNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjYwNTE3MTQxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYzYmMwNzkxMTM1YTY1YmIxY2YzMzliMjAzNmQxM2RiODQ4YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF+ZsQ42c4O6K3Jlo+wL/U8f3JeF
KVY7HAt7XEZh7K23z+Vyy3CtQ6CFaLt8eRcrV3xYqRaIfPFxd7m9TPByTdpPI4lE
knbGebZoGmd9VyIBZk+tBU0ujuiIGHCEiiy1dcYw1g+Xb3dAQzn5mwss/N+c6VO+
aqwypUT8pFTc5oObECbwpp9FCJH9d+kRWUaMXjHbfiRvnXEMm+Ua2PeVS3aDe83b
yAhnGUa5QEXgxeolPtcK1+zvw6g21VSN50FApkyJ9Sju5xwbEXK/ma7cj1wM+DJL
FyiYtQOYBOA4xWHz0Er52m0CmbC0ifX/leXgbM2TvfYX0tu/FpVS/8zAmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCDzvAeRE1pluxzzObIDbRPbhItqMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvSVBPOEI1RVRXbVc3SFBNNXNnTnRFOXVFaTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLiViAwQA
W83kMAwDBAC5XC0DBAC5XC4wDQYJKoZIhvcNAQELBQADggEBACPuELsY7rhykqz2
3Sj8XbWTBCb8gotUxNjgZGsLSYqThm5kCQwBnpRtrM6dy5sXaEZPmzwD553p//56
A14LoL50GqSN5CuoNI+qv0B3VibxSLBG+maMBpqvvc4YDQjUB/yKt0d9YjtYwkXN
VkCpKi8q3QPdU0/e309Ai0mLA9khvVvCxnscar9tM5gSHwC2UykNNH3EC1rui8Ze
P7iVfpWt6pWC0MpzcW99sgS29G6YgmjfefqH5Y0Akvqpr9qJ8ebsGzEWtal6zXHu
/XSVhBbKaRuY6gStaATNt5jWjD7QOu65qfHZcvRxugyJhiJQ4WZAFF7CaHJcE3x1
j2rLmLM=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:16 2026 by rpki-client