Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PwNpNcu_KPAE2NEU3_FYMkH4QMo.roa
File: PwNpNcu_KPAE2NEU3_FYMkH4QMo.roa (raw, json)
Hash identifier: 9SOmpyMs/GD01GRB3/BDtcx5I1orOimGv1PrvwfmPSw=
Subject key identifier: 3F:03:69:35:CB:BF:28:F0:04:D8:D1:14:DF:F1:58:32:41:F8:40:CA
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019DD399415C572B1D6D035114FA45D0B3A1
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PwNpNcu_KPAE2NEU3_FYMkH4QMo.roa
Signing time: Tue 28 Apr 2026 10:18:49 +0000
ROA not before: Tue 28 Apr 2026 10:18:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216459
IP address blocks: 45.130.54.0/23 maxlen: 23
45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
109.206.248.0/22 maxlen: 23
193.109.137.0/24 maxlen: 24
194.156.176.0/24 maxlen: 24
194.156.178.0/24 maxlen: 24
194.156.179.0/24 maxlen: 24
195.60.177.0/24 maxlen: 24
195.88.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:99:41:5c:57:2b:1d:6d:03:51:14:fa:45:d0:b3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 28 10:18:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f036935cbbf28f004d8d114dff1583241f840ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bf:fd:8c:1f:ae:26:16:be:45:5c:54:77:03:
78:58:7f:43:41:ec:75:1a:1a:af:64:8d:00:8b:21:
26:fd:9e:89:ee:91:4c:98:26:32:38:a1:15:56:6b:
7f:77:eb:67:aa:83:f7:76:9b:29:48:4d:90:f9:0f:
d5:18:2c:5b:37:d1:27:71:9a:21:62:74:37:9a:3e:
f5:d0:60:e9:e5:f7:f3:b6:02:cb:5a:95:61:d4:36:
8f:84:65:c4:46:5a:67:29:d5:73:b1:2f:73:25:07:
01:08:a2:51:04:ce:7a:59:b7:8b:38:7c:36:61:15:
cb:8d:d8:b9:e9:67:28:0d:be:62:c9:75:5c:21:1b:
9b:40:e9:f6:3e:96:6e:07:79:64:58:a8:a7:52:e4:
82:a9:1e:cb:e7:4a:a1:1f:d0:6a:dc:f4:7d:db:b9:
dd:84:c3:1e:b6:b8:87:c0:47:c3:35:f1:8f:c5:c1:
7e:cc:28:a4:64:56:96:95:58:d7:61:33:25:eb:d4:
30:4d:d7:6a:c9:04:18:91:04:69:9f:c1:d1:28:23:
93:63:b8:3a:6e:6e:a9:d6:cb:26:fb:0a:9e:d1:a4:
40:93:4e:14:7e:b9:63:4f:af:99:05:31:51:b0:f9:
51:d6:a0:d4:17:88:9f:e5:2f:31:94:41:35:4e:dd:
64:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:03:69:35:CB:BF:28:F0:04:D8:D1:14:DF:F1:58:32:41:F8:40:CA
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PwNpNcu_KPAE2NEU3_FYMkH4QMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.54.0/23
45.141.204.0/23
45.148.51.0/24
109.206.248.0/22
193.109.137.0/24
194.156.176.0/24
194.156.178.0/23
195.60.177.0/24
195.88.190.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e9:c3:34:8d:9b:53:53:b9:85:29:97:cf:24:63:c3:72:14:
32:96:da:19:e0:55:79:2a:85:2e:96:fb:d0:4a:e3:d6:fa:90:
98:0a:e3:1e:93:95:14:21:8f:10:ef:9b:fc:7a:13:07:31:af:
a5:e0:80:98:02:1b:78:20:66:af:45:44:b2:19:8e:c1:10:71:
cb:3e:e2:0b:cb:a3:23:8f:19:50:96:4f:e0:19:cb:86:f1:c7:
23:ca:25:6c:8b:0d:9d:62:df:6b:e0:ec:42:c9:a5:be:b1:cf:
53:a2:43:b5:51:88:eb:9e:79:d5:9e:00:38:4d:89:52:3f:9f:
87:5f:71:91:91:5d:65:30:1e:5f:15:45:9e:3f:73:88:fe:81:
f8:ca:c2:f2:79:91:81:39:32:c2:3c:f0:87:66:83:83:a5:68:
89:69:c3:c9:c0:e3:02:c2:29:3c:ed:df:f1:69:7d:36:fe:f5:
a9:fd:aa:f9:de:73:b9:e7:05:6c:2d:20:3e:bc:b4:ea:14:73:
3e:56:9e:27:bb:40:f6:cf:97:44:e8:63:85:8a:6f:5e:83:c6:
1b:81:7e:cb:50:1c:47:63:87:7a:27:17:49:a6:83:17:03:11:
c7:5c:5a:11:5d:b8:8e:f9:4d:32:3b:fd:48:91:cd:93:14:36:
00:2e:49:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ3TmUFcVysdbQNRFPpF0LOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNDI4MTAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAzNjkzNWNiYmYyOGYwMDRkOGQxMTRkZmYxNTgzMjQxZjg0MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37/9jB+uJha+RVxUdwN4WH9DQex1
GhqvZI0AiyEm/Z6J7pFMmCYyOKEVVmt/d+tnqoP3dpspSE2Q+Q/VGCxbN9EncZoh
YnQ3mj710GDp5ffztgLLWpVh1DaPhGXERlpnKdVzsS9zJQcBCKJRBM56WbeLOHw2
YRXLjdi56WcoDb5iyXVcIRubQOn2PpZuB3lkWKinUuSCqR7L50qhH9Bq3PR927nd
hMMetriHwEfDNfGPxcF+zCikZFaWlVjXYTMl69QwTddqyQQYkQRpn8HRKCOTY7g6
bm6p1ssm+wqe0aRAk04UfrljT6+ZBTFRsPlR1qDUF4if5S8xlEE1Tt1kxQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFD8DaTXLvyjwBNjRFN/xWDJB+EDKMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUHdOcE5jdV9LUEFFMk5FVTNfRllNa0g0UU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYI2AwQB
LY3MAwQALZQzAwQCbc74AwQAwW2JAwQAwpywAwQBwpyyAwQAwzyxAwQAw1i+MA0G
CSqGSIb3DQEBCwUAA4IBAQAp6cM0jZtTU7mFKZfPJGPDchQyltoZ4FV5KoUulvvQ
SuPW+pCYCuMek5UUIY8Q75v8ehMHMa+l4ICYAht4IGavRUSyGY7BEHHLPuILy6Mj
jxlQlk/gGcuG8ccjyiVsiw2dYt9r4OxCyaW+sc9TokO1UYjrnnnVngA4TYlSP5+H
X3GRkV1lMB5fFUWeP3OI/oH4ysLyeZGBOTLCPPCHZoODpWiJacPJwOMCwik87d/x
aX02/vWp/ar53nO55wVsLSA+vLTqFHM+Vp4nu0D2z5dE6GOFim9eg8YbgX7LUBxH
Y4d6JxdJpoMXAxHHXFoRXbiO+U0yO/1Ikc2TFDYALkmw
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:37 2026 by rpki-client