Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hLg5s_MOhEsRElFb0nglDLy940I.roa
File: hLg5s_MOhEsRElFb0nglDLy940I.roa (raw, json)
Hash identifier: jUkMg+GscmnmQLhNFi9xn2WfpVkzHS5kM8JCfUwns3g=
Subject key identifier: 84:B8:39:B3:F3:0E:84:4B:11:12:51:5B:D2:78:25:0C:BC:BD:E3:42
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019DB765FA0003B9BE54CC03DBE3FF44051F
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hLg5s_MOhEsRElFb0nglDLy940I.roa
Signing time: Wed 22 Apr 2026 22:53:26 +0000
ROA not before: Wed 22 Apr 2026 22:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
2a14:80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b7:65:fa:00:03:b9:be:54:cc:03:db:e3:ff:44:05:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Apr 22 22:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=84b839b3f30e844b1112515bd278250cbcbde342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f0:32:29:63:aa:02:ee:c0:35:d1:fa:02:53:
0b:a9:c4:b0:ef:39:7c:d9:1a:40:01:ff:04:40:36:
5b:be:c2:84:75:b0:f7:8e:a0:b8:6a:b6:66:69:a7:
db:f8:17:07:3c:7e:2f:99:99:a8:31:99:ce:ca:2e:
04:98:92:8b:3b:92:c6:d8:7f:b5:a1:2a:a2:81:f6:
f9:9c:64:77:10:a8:4c:10:7d:8d:e8:11:07:c7:68:
c3:92:15:fa:28:b5:37:9b:11:75:86:95:44:07:66:
aa:41:39:b7:4c:75:85:39:85:f6:c7:e9:b0:72:da:
2f:b1:91:61:72:72:e3:fa:09:8d:8b:a7:20:8d:78:
c0:ae:1d:25:e5:ff:30:23:e8:70:54:b7:68:63:6c:
c1:62:b6:bf:fa:c4:52:c8:5c:e3:73:23:17:6c:df:
33:2e:0d:d1:8b:ed:2a:d0:05:56:12:7e:6b:83:5b:
b5:df:bb:e7:ab:d3:61:ac:f0:59:f1:28:f2:b5:be:
6b:e3:e8:a3:bd:41:27:d1:92:83:3c:26:dd:e1:e9:
ba:70:71:37:4f:e5:83:d1:d5:cf:2d:2d:8e:7e:3d:
e9:d3:7e:4c:29:09:66:34:d6:ef:82:54:5d:0c:32:
5a:e4:c4:cc:9a:12:a7:0d:68:b7:79:50:97:be:77:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B8:39:B3:F3:0E:84:4B:11:12:51:5B:D2:78:25:0C:BC:BD:E3:42
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hLg5s_MOhEsRElFb0nglDLy940I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.105.0/24
46.20.108.0/24
46.20.110.0/24
185.160.193.0-185.160.195.255
185.169.221.0-185.169.223.255
IPv6:
2a14:80::/48
Signature Algorithm: sha256WithRSAEncryption
20:63:6b:3a:6f:df:b3:56:70:98:a6:43:87:f0:69:85:77:dc:
ea:8b:35:21:fd:af:d0:13:39:b7:5d:cb:f8:78:c0:cb:f0:a2:
f5:eb:fe:6f:d0:a2:0f:51:3b:a0:a9:9b:f4:e1:54:12:70:f7:
df:5c:38:cb:2a:27:2e:da:f2:46:ec:3b:97:c5:f0:68:03:4b:
11:63:26:48:9c:9a:e6:e2:59:83:5f:b8:84:e8:8a:6a:40:36:
2f:79:37:65:b0:6e:f6:59:97:fa:6c:8a:e9:ba:9f:f4:d4:dc:
4c:d5:46:1f:d6:0a:1c:84:8d:5c:96:e1:be:3d:38:e7:80:fc:
08:c1:ac:9d:a6:24:ba:4b:96:5b:e6:18:6e:4d:f9:c0:38:7f:
02:60:46:f2:70:70:40:e6:7c:9a:15:36:b3:3a:85:97:1e:a9:
d7:43:aa:3f:98:da:b0:f6:0a:00:68:f5:20:da:b6:63:84:54:
9b:6d:ba:94:85:85:fa:4c:93:74:46:d3:60:f4:cd:49:21:99:
6a:c8:4e:3d:51:c1:2a:5f:5d:1e:41:f2:3c:2b:93:8f:1e:8c:
f8:ac:72:61:0e:b4:de:3f:26:91:32:47:e8:50:2a:e5:f6:52:
6d:62:fa:bc:01:9f:e2:13:4c:3c:27:59:18:16:7e:91:18:81:
f0:4b:42:48
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ23ZfoAA7m+VMwD2+P/RAUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjYwNDIyMjI1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI4MzliM2YzMGU4NDRiMTExMjUxNWJkMjc4MjUwY2JjYmRlMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfAyKWOqAu7ANdH6AlMLqcSw7zl8
2RpAAf8EQDZbvsKEdbD3jqC4arZmaafb+BcHPH4vmZmoMZnOyi4EmJKLO5LG2H+1
oSqigfb5nGR3EKhMEH2N6BEHx2jDkhX6KLU3mxF1hpVEB2aqQTm3THWFOYX2x+mw
ctovsZFhcnLj+gmNi6cgjXjArh0l5f8wI+hwVLdoY2zBYra/+sRSyFzjcyMXbN8z
Lg3Ri+0q0AVWEn5rg1u137vnq9NhrPBZ8Sjytb5r4+ijvUEn0ZKDPCbd4em6cHE3
T+WD0dXPLS2Ofj3p035MKQlmNNbvglRdDDJa5MTMmhKnDWi3eVCXvnf52wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIS4ObPzDoRLERJRW9J4JQy8veNCMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvaExnNXNfTU9oRXNSRWxGYjBuZ2xETHk5NDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQALhRhAwQA
LhRpAwQALhRsAwQALhRuMAwDBAC5oMEDBAK5oMAwDAMEALmp3QMEBbmpwDAPBAIA
AjAJAwcAKhQAgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAgY2s6b9+zVnCYpkOH8GmF
d9zqizUh/a/QEzm3Xcv4eMDL8KL16/5v0KIPUTugqZv04VQScPffXDjLKicu2vJG
7DuXxfBoA0sRYyZInJrm4lmDX7iE6IpqQDYveTdlsG72WZf6bIrpup/01NxM1UYf
1gochI1cluG+PTjngPwIwaydpiS6S5Zb5hhuTfnAOH8CYEbycHBA5nyaFTazOoWX
HqnXQ6o/mNqw9goAaPUg2rZjhFSbbbqUhYX6TJN0RtNg9M1JIZlqyE49UcEqX10e
QfI8K5OPHoz4rHJhDrTePyaRMkfoUCrl9lJtYvq8AZ/iE0w8J1kYFn6RGIHwS0JI
-----END CERTIFICATE-----
Generated at Wed May 13 14:03:38 2026 by rpki-client