Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/k8zQtdqeD4eCbj4bxGVWhtUSVqQ.roa
File: k8zQtdqeD4eCbj4bxGVWhtUSVqQ.roa (raw, json)
Hash identifier: mGgxLJKpdU4bJS/C0UsU5pVevvLL/1XTeMzy2EPtfmg=
Subject key identifier: 93:CC:D0:B5:DA:9E:0F:87:82:6E:3E:1B:C4:65:56:86:D5:12:56:A4
Certificate issuer: /CN=eb39720bbf4506110f903d35ed1249bd491ea8bb
Certificate serial: 019CBA2FE46FF684E0E860A0188E4F84F10E
Authority key identifier: EB:39:72:0B:BF:45:06:11:0F:90:3D:35:ED:12:49:BD:49:1E:A8:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zlyC79FBhEPkD017RJJvUkeqLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/k8zQtdqeD4eCbj4bxGVWhtUSVqQ.roa
Signing time: Wed 04 Mar 2026 18:50:26 +0000
ROA not before: Wed 04 Mar 2026 18:50:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48347
IP address blocks: 45.15.252.0/24 maxlen: 24
45.81.253.0/24 maxlen: 24
45.81.255.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
178.22.24.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
194.107.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/6zlyC79FBhEPkD017RJJvUkeqLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/6zlyC79FBhEPkD017RJJvUkeqLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/6zlyC79FBhEPkD017RJJvUkeqLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ba:2f:e4:6f:f6:84:e0:e8:60:a0:18:8e:4f:84:f1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb39720bbf4506110f903d35ed1249bd491ea8bb
Validity
Not Before: Mar 4 18:50:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93ccd0b5da9e0f87826e3e1bc4655686d51256a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:82:4a:2c:ed:de:3c:88:60:f9:90:a3:f6:4f:
a9:4c:d9:1d:20:b1:b4:98:a8:f0:76:6c:b9:c1:34:
e1:75:31:13:a9:3c:b1:03:f5:95:2e:3e:a5:00:a1:
01:75:b6:8f:b8:e1:cd:1e:26:67:aa:bc:f3:93:55:
c1:a8:c7:7f:92:4c:e4:a6:18:79:a7:8e:91:4c:1d:
e2:cb:7f:75:4e:e8:33:ae:8d:8e:23:cc:31:54:63:
1a:81:c7:03:f6:d0:51:31:b8:54:3b:55:a1:fb:01:
60:a1:32:82:14:8a:64:b1:96:8a:51:30:1a:e4:c5:
55:16:8f:94:4c:8b:49:29:a4:71:42:58:d9:ce:bf:
c2:33:2f:ef:eb:f0:2d:36:31:14:c7:21:56:4c:47:
c3:8e:ef:17:27:59:8f:79:50:c6:51:8f:92:43:b2:
d2:c7:e2:0b:08:88:53:d0:25:f6:b7:46:3b:57:af:
b7:59:93:b4:ab:90:ba:f8:19:08:c9:75:93:49:8c:
2e:a3:bc:86:38:bf:0c:a1:ec:c7:72:36:91:95:87:
88:26:8b:31:4e:a7:8f:bc:16:8f:b2:a2:50:b9:68:
5b:91:cb:c8:7e:62:2b:eb:8e:31:ce:fe:a8:e2:88:
ad:d9:ab:7b:12:4d:b1:9a:a7:30:e4:4d:c2:61:62:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CC:D0:B5:DA:9E:0F:87:82:6E:3E:1B:C4:65:56:86:D5:12:56:A4
X509v3 Authority Key Identifier:
keyid:EB:39:72:0B:BF:45:06:11:0F:90:3D:35:ED:12:49:BD:49:1E:A8:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zlyC79FBhEPkD017RJJvUkeqLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/k8zQtdqeD4eCbj4bxGVWhtUSVqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4afee6-d2d9-4e96-8f23-b887e322229e/1/6zlyC79FBhEPkD017RJJvUkeqLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.252.0/24
45.81.253.0/24
45.81.255.0/24
146.19.142.0/24
178.22.24.0/24
185.40.105.0/24
194.32.243.0/24
194.107.200.0/24
Signature Algorithm: sha256WithRSAEncryption
46:7a:0b:61:6f:0c:b4:00:93:70:f2:dd:b4:fc:dd:04:29:08:
9b:c4:7a:69:83:64:fa:22:5d:a6:33:4e:d3:76:26:e3:8d:4f:
12:34:a4:5d:7e:89:e8:2d:f5:bd:b5:9b:29:52:c4:3c:d9:4a:
29:ff:39:91:7f:22:48:e9:41:82:4c:f6:f2:ce:9d:89:db:84:
1a:43:8f:a7:25:51:75:72:3a:04:c0:b2:52:17:7a:76:ab:03:
45:fc:cc:6e:db:d3:40:a1:bb:83:9e:56:d1:4f:d4:28:76:a6:
64:27:07:59:60:9d:03:98:88:b2:6b:21:93:9d:eb:51:37:94:
da:4c:1c:59:d2:0a:d7:6c:51:63:4c:b3:2e:d8:73:c6:04:d9:
3b:43:57:02:ee:8b:6e:e1:24:b0:be:3f:ce:97:28:c8:c8:75:
ff:6e:5a:7d:a9:f0:9d:7d:90:ed:c5:45:7f:dc:66:f0:03:81:
41:73:61:9f:40:4b:19:35:0e:51:40:8a:9d:a7:bd:01:74:30:
d5:fb:66:06:51:82:7d:58:57:40:a1:d8:32:59:9b:ed:4d:4b:
4b:d5:51:7e:8c:9f:38:c5:22:33:b2:da:8b:af:6f:23:c6:21:
01:21:89:10:c3:e9:63:f6:3d:56:d3:ba:95:8a:e6:7b:1a:43:
fd:20:90:aa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZy6L+Rv9oTg6GCgGI5PhPEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzk3MjBiYmY0NTA2MTEwZjkwM2QzNWVkMTI0OWJkNDkx
ZWE4YmIwHhcNMjYwMzA0MTg1MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2NjZDBiNWRhOWUwZjg3ODI2ZTNlMWJjNDY1NTY4NmQ1MTI1NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oJKLO3ePIhg+ZCj9k+pTNkdILG0
mKjwdmy5wTThdTETqTyxA/WVLj6lAKEBdbaPuOHNHiZnqrzzk1XBqMd/kkzkphh5
p46RTB3iy391Tugzro2OI8wxVGMagccD9tBRMbhUO1Wh+wFgoTKCFIpksZaKUTAa
5MVVFo+UTItJKaRxQljZzr/CMy/v6/AtNjEUxyFWTEfDju8XJ1mPeVDGUY+SQ7LS
x+ILCIhT0CX2t0Y7V6+3WZO0q5C6+BkIyXWTSYwuo7yGOL8MoezHcjaRlYeIJosx
TqePvBaPsqJQuWhbkcvIfmIr644xzv6o4oit2at7Ek2xmqcw5E3CYWLZuQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJPM0LXang+Hgm4+G8RlVobVElakMB8GA1UdIwQY
MBaAFOs5cgu/RQYRD5A9Ne0SSb1JHqi7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpseUM3OUZCaEVQa0QwMTdSSkp2VWtlcUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80YWZlZTYtZDJkOS00ZTk2LThmMjMt
Yjg4N2UzMjIyMjllLzEvazh6UXRkcWVENGVDYmo0YnhHVldodFVTVnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80YWZlZTYtZDJkOS00ZTk2LThmMjMtYjg4N2UzMjIyMjll
LzEvNnpseUM3OUZCaEVQa0QwMTdSSkp2VWtlcUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQ/8AwQA
LVH9AwQALVH/AwQAkhOOAwQAshYYAwQAuShpAwQAwiDzAwQAwmvIMA0GCSqGSIb3
DQEBCwUAA4IBAQBGegthbwy0AJNw8t20/N0EKQibxHppg2T6Il2mM07TdibjjU8S
NKRdfonoLfW9tZspUsQ82Uop/zmRfyJI6UGCTPbyzp2J24QaQ4+nJVF1cjoEwLJS
F3p2qwNF/Mxu29NAobuDnlbRT9QodqZkJwdZYJ0DmIiyayGTnetRN5TaTBxZ0grX
bFFjTLMu2HPGBNk7Q1cC7otu4SSwvj/OlyjIyHX/blp9qfCdfZDtxUV/3GbwA4FB
c2GfQEsZNQ5RQIqdp70BdDDV+2YGUYJ9WFdAodgyWZvtTUtL1VF+jJ84xSIzstqL
r28jxiEBIYkQw+lj9j1W07qViuZ7GkP9IJCq
-----END CERTIFICATE-----
Generated at Fri Mar 13 13:49:19 2026 by rpki-client