Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nF5HdgiPnkXQ1O_wpbifMihCnME.roa
File: nF5HdgiPnkXQ1O_wpbifMihCnME.roa (raw, json)
Hash identifier: v5tuY16EbuhdWbDapXRPSIbKmPPRX2oyBmtsRT3+8KA=
Subject key identifier: 9C:5E:47:76:08:8F:9E:45:D0:D4:EF:F0:A5:B8:9F:32:28:42:9C:C1
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019E0CB25F9B83EDA0D09BBF2725713C4A4E
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nF5HdgiPnkXQ1O_wpbifMihCnME.roa
Signing time: Sat 09 May 2026 12:24:36 +0000
ROA not before: Sat 09 May 2026 12:24:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213535
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.91.248.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
45.141.118.0/24 maxlen: 24
92.119.166.0/24 maxlen: 24
152.89.253.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
204.11.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0c:b2:5f:9b:83:ed:a0:d0:9b:bf:27:25:71:3c:4a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 9 12:24:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c5e4776088f9e45d0d4eff0a5b89f3228429cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:19:23:20:21:50:de:52:83:97:bd:98:86:7b:
95:d3:aa:c8:3a:d1:81:cc:93:ea:42:82:4d:f7:c1:
d6:cb:be:38:de:50:63:91:62:60:b7:3d:51:e5:5b:
48:65:d6:af:8a:32:9b:8d:b4:d9:ba:ba:78:ca:1b:
16:ed:1c:05:c1:9e:5d:d2:f5:9f:38:9b:52:94:76:
d4:42:58:71:d8:22:fe:62:50:ce:cc:eb:ee:e8:f1:
db:9c:35:01:67:57:50:45:2e:ed:a5:92:69:86:f8:
73:6d:cb:61:b5:5a:8c:19:61:19:1d:3e:4f:d4:57:
63:78:28:72:dc:40:79:0c:44:fc:6a:a8:b4:08:25:
d0:e5:8d:73:75:71:cd:6d:b4:6a:d3:b0:c6:64:b0:
41:3b:f6:2d:63:81:20:ad:de:11:07:b5:c0:d1:4f:
4e:20:9a:78:48:91:b2:59:8a:53:90:50:33:8e:36:
b4:6d:33:56:97:2d:44:bb:19:f8:37:0e:8f:84:6c:
a3:97:bf:9b:81:43:31:87:aa:42:52:c2:51:e4:d1:
4e:bf:85:02:fd:c9:59:67:c2:b8:ba:96:2a:17:b0:
59:4d:36:8b:64:f8:27:b9:50:77:41:b6:a7:fe:d3:
41:6d:a6:84:49:f4:8d:21:f8:fa:92:4b:45:8e:d8:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5E:47:76:08:8F:9E:45:D0:D4:EF:F0:A5:B8:9F:32:28:42:9C:C1
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nF5HdgiPnkXQ1O_wpbifMihCnME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.136.0/24
45.67.139.0/24
45.91.248.0/24
45.92.218.0/23
45.141.118.0/24
92.119.166.0/24
152.89.253.0/24
185.117.0.0/24
204.11.2.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:8e:c0:a5:e9:e7:cc:6c:ea:ff:19:de:37:36:49:1a:16:87:
bf:ac:89:11:ad:dd:7a:91:aa:5a:30:df:97:fa:98:c1:e3:31:
d3:e2:87:ac:6b:0c:80:0c:55:a0:30:de:ab:87:c2:e8:07:d8:
0c:60:bb:fd:49:97:ec:b5:95:1a:c9:fe:5c:32:c3:b3:67:d3:
cc:39:a9:e7:da:5e:40:6c:5a:54:c3:f9:9d:40:dc:fa:53:7d:
ae:60:46:e0:24:bd:40:08:1d:f4:8c:9b:b6:21:35:ae:15:d6:
aa:08:02:10:33:77:18:55:5d:88:e4:ab:9a:b9:3c:ef:9d:9c:
fc:ab:1e:a1:cc:a3:c0:0a:0c:d0:b0:6d:97:1e:79:51:66:f1:
0c:bc:55:1c:04:50:37:49:a0:9e:0f:43:f8:84:6b:93:2f:86:
4e:fd:1d:b2:fe:14:37:51:66:6d:0a:5f:ff:a0:cd:ff:51:ba:
ee:1b:66:ec:d1:1a:92:55:ec:8b:97:bf:e2:9f:d3:fe:a8:72:
50:d5:7a:c8:ad:97:5d:ff:a9:bc:58:9c:a6:09:65:18:9e:7a:
26:7b:24:13:c0:d3:54:2a:a2:47:19:df:16:00:00:46:3f:45:
39:73:a9:13:03:58:00:ea:df:26:96:d5:9d:89:5c:db:22:fc:
80:fb:37:26
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ4Msl+bg+2g0Ju/JyVxPEpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjYwNTA5MTIyNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVlNDc3NjA4OGY5ZTQ1ZDBkNGVmZjBhNWI4OWYzMjI4NDI5Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRkjICFQ3lKDl72YhnuV06rIOtGB
zJPqQoJN98HWy7443lBjkWJgtz1R5VtIZdavijKbjbTZurp4yhsW7RwFwZ5d0vWf
OJtSlHbUQlhx2CL+YlDOzOvu6PHbnDUBZ1dQRS7tpZJphvhzbcthtVqMGWEZHT5P
1FdjeChy3EB5DET8aqi0CCXQ5Y1zdXHNbbRq07DGZLBBO/YtY4Egrd4RB7XA0U9O
IJp4SJGyWYpTkFAzjja0bTNWly1Euxn4Nw6PhGyjl7+bgUMxh6pCUsJR5NFOv4UC
/clZZ8K4upYqF7BZTTaLZPgnuVB3Qban/tNBbaaESfSNIfj6kktFjtibewIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJxeR3YIj55F0NTv8KW4nzIoQpzBMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvbkY1SGRnaVBua1hRMU9fd3BiaWZNaWhDbk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQ3iAwQA
LUOIAwQALUOLAwQALVv4AwQBLVzaAwQALY12AwQAXHemAwQAmFn9AwQAuXUAAwQA
zAsCMA0GCSqGSIb3DQEBCwUAA4IBAQCojsCl6efMbOr/Gd43NkkaFoe/rIkRrd16
kapaMN+X+pjB4zHT4oesawyADFWgMN6rh8LoB9gMYLv9SZfstZUayf5cMsOzZ9PM
Oann2l5AbFpUw/mdQNz6U32uYEbgJL1ACB30jJu2ITWuFdaqCAIQM3cYVV2I5Kua
uTzvnZz8qx6hzKPACgzQsG2XHnlRZvEMvFUcBFA3SaCeD0P4hGuTL4ZO/R2y/hQ3
UWZtCl//oM3/UbruG2bs0RqSVeyLl7/in9P+qHJQ1XrIrZdd/6m8WJymCWUYnnom
eyQTwNNUKqJHGd8WAABGP0U5c6kTA1gA6t8mltWdiVzbIvyA+zcm
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:24 2026 by rpki-client