Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/nMAcs66LO6TjEu1sWF2MJ23tCPU.roa
File: nMAcs66LO6TjEu1sWF2MJ23tCPU.roa (raw, json)
Hash identifier: qDwWTIaJBe4gCFHzWktg1n8lhqYY0YQHvsLVhHqIB1w=
Subject key identifier: 9C:C0:1C:B3:AE:8B:3B:A4:E3:12:ED:6C:58:5D:8C:27:6D:ED:08:F5
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 019CDD591D64E3AB3D030DF3CCE25CF31B81
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/nMAcs66LO6TjEu1sWF2MJ23tCPU.roa
Signing time: Wed 11 Mar 2026 14:42:10 +0000
ROA not before: Wed 11 Mar 2026 14:42:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205122
IP address blocks: 45.92.52.0/22 maxlen: 24
45.92.52.0/24 maxlen: 24
45.92.53.0/24 maxlen: 24
45.92.54.0/24 maxlen: 24
2a0a:f742::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:59:1d:64:e3:ab:3d:03:0d:f3:cc:e2:5c:f3:1b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Mar 11 14:42:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cc01cb3ae8b3ba4e312ed6c585d8c276ded08f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:eb:15:6a:9f:c3:a0:29:e2:f5:4f:3e:3f:b5:
9f:e1:72:39:bd:2b:10:b2:c5:7a:d7:3e:dd:53:58:
62:f7:bf:b5:3c:f7:a0:62:5b:53:1c:b5:34:e9:0d:
bb:7a:b4:12:f4:7a:9c:0d:a9:fe:7d:37:b1:04:67:
d6:3a:cb:c4:50:e7:e2:2f:e0:6f:ef:d4:a3:33:82:
f9:08:fe:2b:7f:67:a5:92:28:47:a2:29:50:4e:51:
e1:56:cf:2a:ce:e0:99:7c:ec:ba:c8:e2:a3:2b:3b:
40:36:e8:ae:0e:6e:36:42:f5:66:19:39:0a:47:68:
19:03:6b:2c:dc:41:ad:68:eb:f9:a3:94:be:e1:5d:
d7:84:dd:da:5a:e5:6c:d5:88:35:45:3f:14:ca:3f:
bb:b0:a5:65:02:cd:f9:83:4a:29:d1:27:53:8b:39:
9d:f1:b4:25:79:31:eb:19:1d:ba:f1:b1:39:f1:f2:
76:c3:06:b3:66:f1:9e:a6:59:7e:47:49:0d:94:99:
d7:df:8f:c3:88:78:a9:86:e0:d4:e9:fe:70:9f:e6:
03:4c:98:33:11:ec:6d:17:c0:41:39:eb:02:16:9b:
9f:bf:d1:98:ee:d1:82:d8:64:66:83:74:0c:6d:b7:
71:bd:2d:d5:6c:f1:35:de:ec:15:9e:e8:9b:c3:74:
97:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C0:1C:B3:AE:8B:3B:A4:E3:12:ED:6C:58:5D:8C:27:6D:ED:08:F5
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/nMAcs66LO6TjEu1sWF2MJ23tCPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.52.0/22
IPv6:
2a0a:f742::/32
Signature Algorithm: sha256WithRSAEncryption
06:cc:25:20:bf:87:a0:93:83:de:77:a5:c9:a4:23:52:8c:10:
78:a0:3a:c0:82:99:13:a7:15:c5:03:1f:25:d0:f7:63:db:36:
ad:cc:cb:a7:81:54:cb:0d:3f:8c:5e:5a:69:81:37:3b:91:25:
51:c0:ee:5c:c4:7d:b1:45:33:01:7c:0b:ff:30:37:c0:98:e9:
d1:3a:e3:c0:48:d3:1f:0c:df:89:52:43:b7:b3:5a:9b:30:f4:
56:77:b2:de:66:d2:36:a1:3c:c0:12:91:7a:8f:cc:7b:74:eb:
ac:ca:29:67:06:8a:14:7f:36:e8:b2:99:68:62:bc:64:22:b9:
10:d8:da:a2:36:2b:d0:77:e6:18:db:23:ba:7e:34:83:e7:aa:
44:53:70:a2:c9:31:44:c6:29:a6:88:25:3f:7c:46:2d:e0:08:
6d:81:b1:3e:97:f1:6e:d3:9d:05:20:7f:a7:28:94:2b:4f:33:
c9:f3:de:b6:44:71:c3:3b:31:e2:f8:3c:4d:3f:4e:85:9c:2b:
4c:64:65:77:36:5d:6f:b1:28:37:4f:89:11:af:b4:8f:32:77:
50:65:8b:2e:21:be:5e:a0:17:a9:90:c4:03:2f:b0:8f:be:48:
9f:78:6e:5a:57:2c:01:12:d3:30:7f:bd:4e:00:f5:5a:6d:73:
40:f4:a5:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZzdWR1k46s9Aw3zzOJc8xuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWM0NWU0MzYyNTUyMjA4MGFlYzUzOTUyOTg5YTEzYTI4
YWJkMDAwHhcNMjYwMzExMTQ0MjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2MwMWNiM2FlOGIzYmE0ZTMxMmVkNmM1ODVkOGMyNzZkZWQwOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6esVap/DoCni9U8+P7Wf4XI5vSsQ
ssV61z7dU1hi97+1PPegYltTHLU06Q27erQS9HqcDan+fTexBGfWOsvEUOfiL+Bv
79SjM4L5CP4rf2elkihHoilQTlHhVs8qzuCZfOy6yOKjKztANuiuDm42QvVmGTkK
R2gZA2ss3EGtaOv5o5S+4V3XhN3aWuVs1Yg1RT8Uyj+7sKVlAs35g0op0SdTizmd
8bQleTHrGR268bE58fJ2wwazZvGepll+R0kNlJnX34/DiHiphuDU6f5wn+YDTJgz
EextF8BBOesCFpufv9GY7tGC2GRmg3QMbbdxvS3VbPE13uwVnuibw3SXuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJzAHLOuizuk4xLtbFhdjCdt7Qj1MB8GA1UdIwQY
MBaAFCOcReQ2JVIggK7FOVKYmhOiir0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2Njgt
OTc1YTIzN2VjZDA2LzEvbk1BY3M2NkxPNlRqRXUxc1dGMk1KMjN0Q1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2NjgtOTc1YTIzN2VjZDA2
LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVw0MA0E
AgACMAcDBQAqCvdCMA0GCSqGSIb3DQEBCwUAA4IBAQAGzCUgv4egk4Ped6XJpCNS
jBB4oDrAgpkTpxXFAx8l0Pdj2zatzMungVTLDT+MXlppgTc7kSVRwO5cxH2xRTMB
fAv/MDfAmOnROuPASNMfDN+JUkO3s1qbMPRWd7LeZtI2oTzAEpF6j8x7dOusyiln
BooUfzbosploYrxkIrkQ2NqiNivQd+YY2yO6fjSD56pEU3CiyTFEximmiCU/fEYt
4AhtgbE+l/Fu050FIH+nKJQrTzPJ8962RHHDOzHi+DxNP06FnCtMZGV3Nl1vsSg3
T4kRr7SPMndQZYsuIb5eoBepkMQDL7CPvkifeG5aVywBEtMwf71OAPVabXNA9KWk
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:19 2026 by rpki-client