Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/CmrsrPb6iAu6J8WJDj3KPcIlOgU.roa
File: CmrsrPb6iAu6J8WJDj3KPcIlOgU.roa (raw, json)
Hash identifier: eZdYiAaibE5dIm2uQh5fdEcIIZekoztygTTKjX+J1SM=
Subject key identifier: 0A:6A:EC:AC:F6:FA:88:0B:BA:27:C5:89:0E:3D:CA:3D:C2:25:3A:05
Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial: 019E20F6A9DFEC1CCE3E25E3C1312E19D222
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/CmrsrPb6iAu6J8WJDj3KPcIlOgU.roa
Signing time: Wed 13 May 2026 10:51:36 +0000
ROA not before: Wed 13 May 2026 10:51:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 45.81.116.0/24 maxlen: 24
45.81.117.0/24 maxlen: 24
45.81.118.0/24 maxlen: 24
45.85.240.0/24 maxlen: 24
45.85.241.0/24 maxlen: 24
45.85.243.0/24 maxlen: 24
45.145.216.0/24 maxlen: 24
185.37.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:f6:a9:df:ec:1c:ce:3e:25:e3:c1:31:2e:19:d2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Validity
Not Before: May 13 10:51:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a6aecacf6fa880bba27c5890e3dca3dc2253a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:5c:82:a7:cc:2b:55:ae:4f:04:df:69:5b:
b9:51:3c:24:0b:8e:4f:6d:37:df:aa:31:b4:73:0d:
a7:87:56:71:83:ac:4c:e3:a2:08:6e:0f:2a:f9:d8:
ca:2a:da:de:c9:42:0e:26:dd:1b:de:92:24:0a:a7:
94:0c:e4:3f:d5:e5:60:b8:4d:a0:57:a4:66:51:97:
49:d2:8b:6b:84:01:f2:56:e5:14:e4:bc:37:dc:e0:
4e:96:a6:db:1b:4a:33:8d:66:b8:07:ed:76:10:02:
44:69:9d:fe:48:ab:89:1f:8c:25:66:6a:3b:43:36:
9c:26:f0:be:81:7f:2d:80:42:c4:35:0c:b5:32:e1:
f2:72:ac:ef:92:4f:bf:bb:1f:2c:41:44:bd:4e:b1:
ab:11:04:d2:12:c5:0a:9c:41:c6:81:cc:e3:63:ba:
80:7f:52:79:ac:16:4f:8b:0f:99:14:d2:ca:5e:ae:
0b:81:74:88:f9:82:c8:50:fb:d8:52:dd:3f:69:65:
d5:ce:d1:e3:00:c0:d4:10:3e:35:0d:14:7b:83:85:
b5:51:80:65:fe:a3:00:41:7c:9f:ef:71:73:46:a9:
7c:15:f2:0f:b1:5e:2d:6c:2e:95:60:fa:79:e2:ec:
f6:f3:a5:a8:51:b7:b3:74:1f:78:eb:50:dc:55:e1:
6a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6A:EC:AC:F6:FA:88:0B:BA:27:C5:89:0E:3D:CA:3D:C2:25:3A:05
X509v3 Authority Key Identifier:
keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/CmrsrPb6iAu6J8WJDj3KPcIlOgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.116.0-45.81.118.255
45.85.240.0/23
45.85.243.0/24
45.145.216.0/24
185.37.2.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:dc:ce:2a:7c:90:7d:0a:e2:fe:e8:d0:3d:a3:72:92:db:04:
f4:32:e9:5c:d3:e4:b8:67:9a:f2:62:16:9b:73:a8:2f:d8:8f:
5a:80:55:5d:f7:24:e0:41:c9:9c:b1:1f:a8:dd:a6:eb:2d:77:
8d:ce:66:e7:4a:1f:af:a9:80:e7:36:50:43:4d:a0:fe:ed:e5:
28:d8:c0:29:63:83:d8:06:cc:8e:3d:3c:9c:e1:51:a9:c5:8a:
eb:0d:b7:a7:09:81:f4:65:9b:f3:e9:92:2c:ef:a9:0f:04:6d:
bc:e3:14:84:cf:70:55:b5:42:32:64:6d:90:1f:57:cd:51:8b:
94:4b:45:e2:f0:42:a9:fa:80:ac:f2:b8:cf:62:f1:14:82:bc:
94:25:df:f3:76:91:f6:a5:e4:54:f0:f8:04:6b:a6:9a:3d:a2:
b0:da:11:de:cd:47:11:5d:d3:fc:db:2d:14:d2:ff:d0:e7:7a:
db:33:75:e5:cf:e1:95:a7:f7:c3:2d:54:88:e6:f3:db:6c:9e:
2b:ff:08:07:c7:56:99:1a:f3:54:f7:05:4c:ec:c9:7a:35:60:
31:72:7d:4d:e9:a5:9a:64:2e:d1:81:5a:18:e4:7e:42:f6:b1:
95:64:42:69:50:f8:1d:87:c5:3f:0c:b5:5d:9e:8a:37:ea:fd:
e9:86:d0:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ4g9qnf7BzOPiXjwTEuGdIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjYwNTEzMTA1MTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZhZWNhY2Y2ZmE4ODBiYmEyN2M1ODkwZTNkY2EzZGMyMjUzYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveBcgqfMK1WuTwTfaVu5UTwkC45P
bTffqjG0cw2nh1Zxg6xM46IIbg8q+djKKtreyUIOJt0b3pIkCqeUDOQ/1eVguE2g
V6RmUZdJ0otrhAHyVuUU5Lw33OBOlqbbG0ozjWa4B+12EAJEaZ3+SKuJH4wlZmo7
QzacJvC+gX8tgELENQy1MuHycqzvkk+/ux8sQUS9TrGrEQTSEsUKnEHGgczjY7qA
f1J5rBZPiw+ZFNLKXq4LgXSI+YLIUPvYUt0/aWXVztHjAMDUED41DRR7g4W1UYBl
/qMAQXyf73FzRql8FfIPsV4tbC6VYPp54uz286WoUbezdB9461DcVeFqgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFApq7Kz2+ogLuifFiQ49yj3CJToFMB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvQ21yc3JQYjZpQXU2SjhXSkRqM0tQY0lsT2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAItUXQD
BAAtUXYDBAEtVfADBAAtVfMDBAAtkdgDBAG5JQIwDQYJKoZIhvcNAQELBQADggEB
AEvczip8kH0K4v7o0D2jcpLbBPQy6VzT5LhnmvJiFptzqC/Yj1qAVV33JOBByZyx
H6jdpustd43OZudKH6+pgOc2UENNoP7t5SjYwCljg9gGzI49PJzhUanFiusNt6cJ
gfRlm/PpkizvqQ8EbbzjFITPcFW1QjJkbZAfV81Ri5RLReLwQqn6gKzyuM9i8RSC
vJQl3/N2kfal5FTw+ARrppo9orDaEd7NRxFd0/zbLRTS/9DnetszdeXP4ZWn98Mt
VIjm89tsniv/CAfHVpka81T3BUzsyXo1YDFyfU3ppZpkLtGBWhjkfkL2sZVkQmlQ
+B2HxT8MtV2eijfq/emG0E0=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:36:12 2026 by rpki-client