Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/4KsNQpqZCzqF5DWTGMqSZIdafk4.roa
File: 4KsNQpqZCzqF5DWTGMqSZIdafk4.roa (raw, json)
Hash identifier: LOn9PMfVYWd9yqbUArMEkf8C7kjYf3BgWxcSoG8pKwI=
Subject key identifier: E0:AB:0D:42:9A:99:0B:3A:85:E4:35:93:18:CA:92:64:87:5A:7E:4E
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 019CE6E0FEC31661ABED819F538E55D54AAC
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/4KsNQpqZCzqF5DWTGMqSZIdafk4.roa
Signing time: Fri 13 Mar 2026 11:07:10 +0000
ROA not before: Fri 13 Mar 2026 11:07:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201917
IP address blocks: 37.25.128.0/17 maxlen: 24
45.144.96.0/22 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
47.73.0.0/16 maxlen: 24
47.73.25.0/24 maxlen: 24
47.73.31.0/24 maxlen: 24
47.73.81.0/24 maxlen: 24
47.73.85.0/24 maxlen: 24
47.73.86.0/24 maxlen: 24
47.73.114.0/24 maxlen: 24
47.73.146.0/24 maxlen: 24
47.73.214.0/24 maxlen: 24
47.73.250.0/24 maxlen: 24
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:e0:fe:c3:16:61:ab:ed:81:9f:53:8e:55:d5:4a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Mar 13 11:07:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e0ab0d429a990b3a85e4359318ca9264875a7e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:5a:80:9a:40:7b:6b:c5:e4:3d:d8:5c:0c:
de:32:ea:05:5d:6f:c8:62:bc:13:28:5b:dd:39:fd:
ca:33:18:19:85:53:11:fa:5b:f7:8f:df:0a:9f:5a:
7d:a7:95:06:4a:a6:55:19:2f:1e:49:f1:86:d7:5e:
3c:1a:f9:ab:cb:65:d1:55:fc:dd:26:9e:40:2b:f1:
8b:1b:ad:49:37:80:59:74:55:da:4b:b5:64:df:0f:
a3:49:9f:bb:de:a2:d5:b5:85:b3:ef:04:28:a5:a2:
b6:e6:6c:8d:07:8e:18:3e:3d:59:95:ac:83:a8:11:
9c:7c:36:3d:63:e3:38:62:ff:8e:11:f1:30:7f:ae:
54:0c:93:5b:56:ef:56:21:ce:e4:fc:03:4b:68:d5:
6a:a3:41:f4:dd:7a:ea:f6:31:8d:9b:91:43:d7:da:
0f:61:b1:e7:ff:52:c1:00:7b:17:fa:e9:6e:69:06:
bb:84:dc:f4:2c:07:2e:f8:1e:65:7d:a4:21:8a:39:
e0:ed:d6:da:5b:3c:2c:b9:fd:cc:9d:eb:f1:73:82:
b1:ec:26:09:b4:36:f1:62:4a:79:26:fe:5b:f9:db:
68:9c:e2:09:62:9c:76:ae:47:d8:86:c2:78:e0:b5:
b3:a9:59:9a:42:78:68:b6:1a:6e:94:d6:09:c8:45:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AB:0D:42:9A:99:0B:3A:85:E4:35:93:18:CA:92:64:87:5A:7E:4E
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/4KsNQpqZCzqF5DWTGMqSZIdafk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
45.144.96.0/22
46.108.0.0/16
46.190.128.0/17
47.73.0.0/16
139.47.160.0-139.47.255.255
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
41:f0:39:8a:dd:5f:fc:76:31:b4:18:68:96:bd:a4:71:e5:e6:
32:dc:fc:0e:cc:9f:73:61:4f:bc:4f:8c:20:43:3b:78:34:a4:
8b:75:b4:f8:21:d2:bf:4f:73:6d:c1:ba:fd:b7:05:fc:cc:15:
10:94:96:f1:87:0b:39:11:5e:66:10:3a:67:9d:b7:7d:36:2d:
f1:50:c7:84:a8:a4:c1:c0:87:71:ad:a1:72:20:88:e7:9b:9e:
c6:5d:f6:56:af:53:c8:bf:27:c6:8e:57:75:9a:25:5c:fe:03:
20:80:25:97:20:f8:8a:76:72:69:7f:48:6d:23:58:23:e2:13:
0c:66:a0:c2:e2:75:2d:7b:c3:7b:3d:d5:8a:3b:1f:40:a8:d4:
8e:3d:10:a2:56:0c:5b:ee:10:d4:87:17:c8:21:11:ad:72:5d:
53:78:e9:cc:fe:6e:df:08:0d:ee:c0:1c:35:31:f4:3e:ac:99:
39:d4:d6:1d:e0:3b:9c:25:75:d1:2f:d6:45:0e:0c:61:41:cb:
bc:3d:a1:b4:0f:86:b2:6f:78:6a:d5:b2:a4:b6:48:a0:4a:70:
e7:7f:a3:c8:72:e5:d8:03:0c:90:09:b4:cb:82:02:8b:f6:a9:
65:07:6a:c7:ea:88:14:bf:2f:e5:87:0a:63:d3:aa:40:07:41:
45:00:d0:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZzm4P7DFmGr7YGfU45V1UqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjYwMzEzMTEwNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGFiMGQ0MjlhOTkwYjNhODVlNDM1OTMxOGNhOTI2NDg3NWE3ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBBagJpAe2vF5D3YXAzeMuoFXW/I
YrwTKFvdOf3KMxgZhVMR+lv3j98Kn1p9p5UGSqZVGS8eSfGG1148Gvmry2XRVfzd
Jp5AK/GLG61JN4BZdFXaS7Vk3w+jSZ+73qLVtYWz7wQopaK25myNB44YPj1ZlayD
qBGcfDY9Y+M4Yv+OEfEwf65UDJNbVu9WIc7k/ANLaNVqo0H03Xrq9jGNm5FD19oP
YbHn/1LBAHsX+uluaQa7hNz0LAcu+B5lfaQhijng7dbaWzwsuf3Mnevxc4Kx7CYJ
tDbxYkp5Jv5b+dtonOIJYpx2rkfYhsJ44LWzqVmaQnhothpulNYJyEW15QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOCrDUKamQs6heQ1kxjKkmSHWn5OMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvNEtzTlFwcVpDenFGNURXVEdNcVNaSWRhZms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQHJRmAAwQC
LZBgAwMALmwDBAcuvoADAwAvSTALAwQFiy+gAwMEiyAwCwMEB8PogAMDAcPoMA0G
CSqGSIb3DQEBCwUAA4IBAQBB8DmK3V/8djG0GGiWvaRx5eYy3PwOzJ9zYU+8T4wg
Qzt4NKSLdbT4IdK/T3Ntwbr9twX8zBUQlJbxhws5EV5mEDpnnbd9Ni3xUMeEqKTB
wIdxraFyIIjnm57GXfZWr1PIvyfGjld1miVc/gMggCWXIPiKdnJpf0htI1gj4hMM
ZqDC4nUte8N7PdWKOx9AqNSOPRCiVgxb7hDUhxfIIRGtcl1TeOnM/m7fCA3uwBw1
MfQ+rJk51NYd4DucJXXRL9ZFDgxhQcu8PaG0D4ayb3hq1bKktkigSnDnf6PIcuXY
AwyQCbTLggKL9qllB2rH6ogUvy/lhwpj06pAB0FFANDJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:03:26 2026 by rpki-client