Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/41gQFO8hhDQ6jRec_sJeNJSsVN0.roa
File: 41gQFO8hhDQ6jRec_sJeNJSsVN0.roa (raw, json)
Hash identifier: wPXT7VXupfqOwrjZAsuMEZwWdY6hjpavddqr3EjcpLo=
Subject key identifier: E3:58:10:14:EF:21:84:34:3A:8D:17:9C:FE:C2:5E:34:94:AC:54:DD
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019DF67B50835DB79D3BE936148A3BDDB9A0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/41gQFO8hhDQ6jRec_sJeNJSsVN0.roa
Signing time: Tue 05 May 2026 04:52:49 +0000
ROA not before: Tue 05 May 2026 04:52:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210415
IP address blocks: 2.59.192.0/24 maxlen: 24
45.67.245.0/24 maxlen: 24
45.130.163.0/24 maxlen: 24
45.137.139.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
91.132.30.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
201.49.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f6:7b:50:83:5d:b7:9d:3b:e9:36:14:8a:3b:dd:b9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 5 04:52:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e3581014ef2184343a8d179cfec25e3494ac54dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8d:2d:99:26:78:03:09:20:95:ec:66:0a:e7:
ed:1d:0d:66:f8:81:4e:c8:88:a5:06:72:b9:5c:06:
54:60:df:83:e8:6d:e3:f1:94:99:63:64:65:52:12:
41:b7:e8:2a:ea:13:38:8e:bb:f9:80:c9:43:ba:9d:
5e:25:de:97:24:c2:5d:ea:08:72:57:f9:29:1d:1e:
17:0f:57:a2:95:04:cb:bf:14:04:ca:50:cd:2c:7b:
12:3e:45:e0:58:4c:0d:8a:c9:c7:e6:8a:96:13:fe:
03:f2:1b:37:8b:a9:15:ee:89:68:25:06:98:b1:74:
70:10:99:18:9e:a1:8a:7c:64:07:64:7b:0f:a7:1e:
ad:88:87:60:56:49:3d:57:77:9e:4f:a7:1f:0d:c9:
f8:79:3f:39:27:87:18:3e:13:b2:92:cf:3b:a6:b2:
ba:b2:c0:3d:65:b7:c6:50:f0:d0:f2:d7:95:31:b9:
ab:91:df:a1:32:9c:63:70:00:bf:11:87:ee:8c:dc:
ee:e5:5b:b5:d8:46:5e:3c:83:23:f5:c9:b8:1d:5c:
53:77:ed:1c:b5:f9:00:ed:de:1c:bd:e4:f5:bc:4d:
8f:6c:0f:1a:be:78:e6:ad:d2:61:13:94:0e:b4:4b:
c4:67:c7:9e:5a:c8:d5:39:1c:62:d7:02:cf:02:50:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:58:10:14:EF:21:84:34:3A:8D:17:9C:FE:C2:5E:34:94:AC:54:DD
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/41gQFO8hhDQ6jRec_sJeNJSsVN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/24
45.67.245.0/24
45.130.163.0/24
45.137.139.0/24
45.145.135.0/24
91.132.30.0/24
185.246.15.0/24
201.49.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ff:9f:ea:b7:50:7e:11:9d:e0:78:17:fb:b2:f6:23:ce:58:
b2:4f:4f:4e:9d:73:5a:67:89:0c:82:57:e2:95:7a:b4:62:09:
e8:69:35:c6:b9:7c:80:5e:f8:d4:db:64:50:a6:9c:52:3a:6d:
76:9f:5c:53:2d:28:ca:0b:bc:f1:a9:7a:0b:8d:36:0a:f3:12:
22:78:0c:26:f9:00:46:ed:03:4f:da:95:89:77:b0:37:ff:07:
a3:dd:e0:ea:05:43:15:31:29:a7:91:cf:7e:c7:ab:fb:37:47:
ea:f7:37:12:f6:83:2a:97:d9:40:97:7d:b8:6f:9c:72:1f:09:
94:d0:49:5a:22:fe:0b:cc:f9:ab:d0:07:9b:65:eb:f2:5d:b9:
52:67:7d:3d:f5:a9:6c:40:5e:46:e1:60:d5:3d:2a:2a:7e:90:
ae:33:db:7a:45:72:62:35:81:57:cf:64:fe:06:0d:42:3c:63:
d4:e1:e0:64:72:19:f4:9d:c9:ad:f4:d3:6c:cf:b8:f5:8b:29:
ea:3e:2b:92:9b:ed:38:9b:c0:c3:0c:06:3e:3a:a4:69:56:ae:
37:b6:a0:f7:fe:da:c9:70:29:f3:76:29:3d:6b:39:60:d9:2e:
25:4a:57:53:c3:55:ef:a2:25:8a:32:aa:60:08:f0:ee:a1:1d:
5b:c8:0e:f1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ32e1CDXbedO+k2FIo73bmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNTA1MDQ1MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU4MTAxNGVmMjE4NDM0M2E4ZDE3OWNmZWMyNWUzNDk0YWM1NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA240tmSZ4AwkglexmCuftHQ1m+IFO
yIilBnK5XAZUYN+D6G3j8ZSZY2RlUhJBt+gq6hM4jrv5gMlDup1eJd6XJMJd6ghy
V/kpHR4XD1eilQTLvxQEylDNLHsSPkXgWEwNisnH5oqWE/4D8hs3i6kV7oloJQaY
sXRwEJkYnqGKfGQHZHsPpx6tiIdgVkk9V3eeT6cfDcn4eT85J4cYPhOyks87prK6
ssA9ZbfGUPDQ8teVMbmrkd+hMpxjcAC/EYfujNzu5Vu12EZePIMj9cm4HVxTd+0c
tfkA7d4cveT1vE2PbA8avnjmrdJhE5QOtEvEZ8eeWsjVORxi1wLPAlC/+wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFONYEBTvIYQ0Oo0XnP7CXjSUrFTdMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNDFnUUZPOGhoRFE2alJlY19zSmVOSlNzVk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjvAAwQA
LUP1AwQALYKjAwQALYmLAwQALZGHAwQAW4QeAwQAufYPAwQAyTG9MA0GCSqGSIb3
DQEBCwUAA4IBAQC3/5/qt1B+EZ3geBf7svYjzliyT09OnXNaZ4kMglfilXq0Ygno
aTXGuXyAXvjU22RQppxSOm12n1xTLSjKC7zxqXoLjTYK8xIieAwm+QBG7QNP2pWJ
d7A3/wej3eDqBUMVMSmnkc9+x6v7N0fq9zcS9oMql9lAl324b5xyHwmU0ElaIv4L
zPmr0AebZevyXblSZ3099alsQF5G4WDVPSoqfpCuM9t6RXJiNYFXz2T+Bg1CPGPU
4eBkchn0ncmt9NNsz7j1iynqPiuSm+04m8DDDAY+OqRpVq43tqD3/trJcCnzdik9
azlg2S4lSldTw1XvoiWKMqpgCPDuoR1byA7x
-----END CERTIFICATE-----
Generated at Wed May 13 08:45:31 2026 by rpki-client