Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/84JQ-q28IgepVWWn1RnkFQCMVDw.roa
File: 84JQ-q28IgepVWWn1RnkFQCMVDw.roa (raw, json)
Hash identifier: X/B5EUUIjqvihk73P21ehXhsz8HkVn/cr6XprBLK1c4=
Subject key identifier: F3:82:50:FA:AD:BC:22:07:A9:55:65:A7:D5:19:E4:15:00:8C:54:3C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019DF2D48D19B05771D6930CF38DE12DA8D7
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/84JQ-q28IgepVWWn1RnkFQCMVDw.roa
Signing time: Mon 04 May 2026 11:51:49 +0000
ROA not before: Mon 04 May 2026 11:51:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210970
IP address blocks: 45.152.11.0/24 maxlen: 24
46.161.208.0/23 maxlen: 24
46.161.208.0/24 maxlen: 24
46.161.209.0/24 maxlen: 24
46.161.212.0/23 maxlen: 24
46.161.212.0/24 maxlen: 24
46.161.213.0/24 maxlen: 24
46.161.214.0/23 maxlen: 24
46.161.214.0/24 maxlen: 24
46.161.215.0/24 maxlen: 24
195.60.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:d4:8d:19:b0:57:71:d6:93:0c:f3:8d:e1:2d:a8:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 4 11:51:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f38250faadbc2207a95565a7d519e415008c543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f2:67:82:0d:93:17:7c:73:43:1b:d2:f1:f2:
b6:91:db:97:cd:67:fb:3d:36:a7:27:8f:ba:fd:8a:
36:39:62:42:cc:d3:c7:d0:84:16:37:5a:11:e5:c2:
49:d3:f4:71:0b:07:09:d3:c1:11:42:e6:70:69:86:
51:53:4b:28:8c:6e:b8:29:5d:83:2f:66:b1:35:6e:
05:9e:d2:ff:81:b4:5e:37:0c:55:8f:1f:7c:66:5b:
d8:38:2d:ec:7f:3b:f8:2b:0e:37:d2:24:19:44:b6:
4a:15:d9:12:dd:3b:ac:f0:62:8d:5c:aa:07:fa:aa:
9d:4b:2d:d7:31:cc:6a:2e:2d:59:5d:8a:27:48:93:
2b:f8:62:73:e7:15:52:a5:3f:5b:5f:90:a4:df:b4:
94:91:b7:3a:56:29:ff:5c:44:b4:18:a3:71:2f:25:
81:11:b8:d1:d6:71:8f:e2:04:ba:bc:00:e6:cb:e3:
39:1b:b1:ae:49:a1:4e:3e:1e:0b:53:52:25:f2:cb:
b6:33:e3:a7:2b:13:c0:0e:c1:da:9e:49:55:0e:af:
e5:28:d4:2f:67:3e:dd:7e:a1:e1:24:78:ad:54:1d:
81:05:06:fa:c6:59:15:9e:b3:10:10:5c:9d:06:83:
6e:03:87:a0:60:f4:77:9d:15:17:0f:cd:a5:9c:a9:
5d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:82:50:FA:AD:BC:22:07:A9:55:65:A7:D5:19:E4:15:00:8C:54:3C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/84JQ-q28IgepVWWn1RnkFQCMVDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.11.0/24
46.161.208.0/23
46.161.212.0/22
195.60.176.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:58:f6:4f:dd:83:28:8a:f5:6a:1b:7f:b3:84:d9:cb:31:d0:
9b:89:1d:78:7f:18:d1:71:fe:77:99:fe:20:8c:9d:6c:15:79:
10:32:d0:d9:fd:74:4f:da:b7:14:d1:4a:5a:86:ea:22:42:ce:
48:ca:f4:0c:b7:95:7f:c8:6a:73:ab:45:79:20:88:f2:17:bb:
03:e3:02:ad:15:e5:d3:24:3d:85:32:4c:57:86:d7:03:a6:a5:
40:5a:74:1b:24:58:99:a7:e4:e9:85:6d:c9:87:65:67:4e:24:
f6:e8:45:b8:18:5c:8f:63:d6:77:14:30:bc:2d:00:37:7e:86:
4d:43:29:55:e0:97:41:ab:f8:97:4c:30:9d:25:ee:ff:c6:bb:
c8:33:88:88:21:5b:9c:d9:e1:71:e5:04:8f:59:73:8e:b9:50:
4c:d0:b9:f0:55:ef:80:38:18:b2:ba:da:19:e6:28:c1:59:40:
8c:a6:2d:f3:97:8c:5c:20:c5:b4:aa:f0:3c:49:e0:f7:fc:58:
6a:70:41:71:2e:a8:d7:ce:78:a6:82:19:e1:0d:80:0a:84:d3:
c1:ed:d0:d0:4b:52:01:46:22:89:0a:1a:26:6c:5e:74:63:c0:
4d:b6:fd:b7:a8:74:58:d4:34:49:ca:76:85:8c:cb:ca:10:c7:
44:be:2e:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3y1I0ZsFdx1pMM843hLajXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNTA0MTE1MTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzgyNTBmYWFkYmMyMjA3YTk1NTY1YTdkNTE5ZTQxNTAwOGM1NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvJngg2TF3xzQxvS8fK2kduXzWf7
PTanJ4+6/Yo2OWJCzNPH0IQWN1oR5cJJ0/RxCwcJ08ERQuZwaYZRU0sojG64KV2D
L2axNW4FntL/gbReNwxVjx98ZlvYOC3sfzv4Kw430iQZRLZKFdkS3Tus8GKNXKoH
+qqdSy3XMcxqLi1ZXYonSJMr+GJz5xVSpT9bX5Ck37SUkbc6Vin/XES0GKNxLyWB
EbjR1nGP4gS6vADmy+M5G7GuSaFOPh4LU1Il8su2M+OnKxPADsHanklVDq/lKNQv
Zz7dfqHhJHitVB2BBQb6xlkVnrMQEFydBoNuA4egYPR3nRUXD82lnKldwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPOCUPqtvCIHqVVlp9UZ5BUAjFQ8MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvODRKUS1xMjhJZ2VwVldXbjFSbmtGUUNNVkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZgLAwQB
LqHQAwQCLqHUAwQAwzywMA0GCSqGSIb3DQEBCwUAA4IBAQB9WPZP3YMoivVqG3+z
hNnLMdCbiR14fxjRcf53mf4gjJ1sFXkQMtDZ/XRP2rcU0UpahuoiQs5IyvQMt5V/
yGpzq0V5IIjyF7sD4wKtFeXTJD2FMkxXhtcDpqVAWnQbJFiZp+TphW3Jh2VnTiT2
6EW4GFyPY9Z3FDC8LQA3foZNQylV4JdBq/iXTDCdJe7/xrvIM4iIIVuc2eFx5QSP
WXOOuVBM0LnwVe+AOBiyutoZ5ijBWUCMpi3zl4xcIMW0qvA8SeD3/FhqcEFxLqjX
znimghnhDYAKhNPB7dDQS1IBRiKJChombF50Y8BNtv23qHRY1DRJynaFjMvKEMdE
vi7C
-----END CERTIFICATE-----
Generated at Wed May 13 12:18:57 2026 by rpki-client