Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/bilmbOHuvZm_WEpdwPJKBEepMWY.roa
File: bilmbOHuvZm_WEpdwPJKBEepMWY.roa (raw, json)
Hash identifier: VnsoNX9KE5Ea27LSWCBw5CdNdHnI4rKae1Wi1S2UjG0=
Subject key identifier: 6E:29:66:6C:E1:EE:BD:99:BF:58:4A:5D:C0:F2:4A:04:47:A9:31:66
Certificate issuer: /CN=ceacf3015d303f3bb20e37d66374c1c136feaf03
Certificate serial: 019D219FE083CBA322F45260B68076CB531F
Authority key identifier: CE:AC:F3:01:5D:30:3F:3B:B2:0E:37:D6:63:74:C1:C1:36:FE:AF:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqzzAV0wPzuyDjfWY3TBwTb-rwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/bilmbOHuvZm_WEpdwPJKBEepMWY.roa
Signing time: Tue 24 Mar 2026 20:53:38 +0000
ROA not before: Tue 24 Mar 2026 20:53:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200704
IP address blocks: 64.46.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/zqzzAV0wPzuyDjfWY3TBwTb-rwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/zqzzAV0wPzuyDjfWY3TBwTb-rwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zqzzAV0wPzuyDjfWY3TBwTb-rwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:9f:e0:83:cb:a3:22:f4:52:60:b6:80:76:cb:53:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceacf3015d303f3bb20e37d66374c1c136feaf03
Validity
Not Before: Mar 24 20:53:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e29666ce1eebd99bf584a5dc0f24a0447a93166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b5:e4:28:1e:6d:91:dd:85:13:a8:79:69:15:
39:7e:6f:48:f9:a6:20:a6:8b:2e:57:6d:a1:3f:55:
10:bf:45:ef:a7:87:38:eb:72:45:c7:42:e1:4c:db:
86:a6:a0:fc:4a:b1:4b:85:c5:9a:2d:39:99:b3:b6:
25:99:69:5b:16:32:eb:f0:c3:07:fa:04:66:0f:cb:
cf:dd:30:00:52:90:95:5f:fb:8a:d2:28:24:8e:9a:
a5:ad:8b:fe:e1:d9:17:53:09:48:30:e2:bb:01:17:
dd:78:75:a6:d8:12:03:f8:78:c1:1f:05:96:58:d6:
60:e5:de:b9:7a:20:e1:e6:79:87:77:5d:f4:5e:3c:
af:cd:67:86:a4:54:46:d8:08:08:a6:69:4b:85:0c:
e1:3c:6a:8f:a5:64:ea:81:33:02:bb:0d:f2:96:37:
3a:d9:d2:3c:33:59:35:1e:84:e3:1d:90:78:05:e4:
26:52:af:b1:8a:fa:b8:72:ba:65:3f:a3:64:e6:d5:
a5:28:4a:08:9a:a9:cc:09:21:9f:f5:9a:58:5b:39:
c5:3a:1a:01:2d:9d:a1:4a:55:48:0b:5e:c8:3c:8e:
23:9b:3a:3f:31:46:fa:cd:27:43:27:db:44:1a:5b:
52:a8:b5:58:ff:29:d3:39:2e:eb:47:8b:1c:f6:98:
15:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:29:66:6C:E1:EE:BD:99:BF:58:4A:5D:C0:F2:4A:04:47:A9:31:66
X509v3 Authority Key Identifier:
keyid:CE:AC:F3:01:5D:30:3F:3B:B2:0E:37:D6:63:74:C1:C1:36:FE:AF:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqzzAV0wPzuyDjfWY3TBwTb-rwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/bilmbOHuvZm_WEpdwPJKBEepMWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4d690d-5864-4e0c-b8cb-cfe24aac1099/1/zqzzAV0wPzuyDjfWY3TBwTb-rwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.46.127.0/24
Signature Algorithm: sha256WithRSAEncryption
71:fb:b5:1b:ec:a1:af:41:ea:16:d8:c0:e2:81:47:ba:1c:0d:
3c:32:31:37:3a:1b:c3:3a:d7:13:ff:22:99:2f:b8:91:ea:85:
1f:a8:a3:09:eb:4c:9f:a7:77:9a:9f:9f:9c:54:f2:b3:cc:7e:
1a:d9:a1:03:da:c7:9a:38:c5:cb:60:e2:18:bc:57:ae:a8:48:
b4:8e:b8:c8:2c:4c:03:0d:02:5b:c7:f2:39:be:5b:aa:ae:ff:
19:fa:6a:25:f0:aa:15:d0:43:4b:fd:dc:c0:53:01:6a:a3:30:
dc:19:12:cb:2f:f9:99:d6:9b:36:67:cf:d9:be:fc:13:c6:13:
31:c8:62:1d:b2:76:37:dc:c8:dc:c5:0e:53:ce:cd:e3:1f:e0:
3a:63:aa:f3:74:2e:41:18:9f:cd:b0:e9:4d:b8:89:ab:b5:e4:
2f:ca:3a:e0:2d:44:6b:db:24:e1:f9:9a:0c:9a:8d:b3:e3:33:
18:fa:17:cf:2f:4a:1b:de:0b:95:c3:20:65:c4:19:0f:88:31:
e7:b1:80:9c:14:cf:2f:b3:10:75:84:4a:f7:5a:23:1e:14:fb:
85:10:3a:e4:c3:3a:a3:69:75:fc:18:e3:dc:58:95:98:81:29:
87:7c:b7:9f:57:5b:ce:df:9c:0b:b4:79:e0:bf:9d:62:15:c3:
67:38:ab:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0hn+CDy6Mi9FJgtoB2y1MfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYWNmMzAxNWQzMDNmM2JiMjBlMzdkNjYzNzRjMWMxMzZm
ZWFmMDMwHhcNMjYwMzI0MjA1MzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI5NjY2Y2UxZWViZDk5YmY1ODRhNWRjMGYyNGEwNDQ3YTkzMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rXkKB5tkd2FE6h5aRU5fm9I+aYg
posuV22hP1UQv0Xvp4c463JFx0LhTNuGpqD8SrFLhcWaLTmZs7YlmWlbFjLr8MMH
+gRmD8vP3TAAUpCVX/uK0igkjpqlrYv+4dkXUwlIMOK7ARfdeHWm2BID+HjBHwWW
WNZg5d65eiDh5nmHd130XjyvzWeGpFRG2AgIpmlLhQzhPGqPpWTqgTMCuw3yljc6
2dI8M1k1HoTjHZB4BeQmUq+xivq4crplP6Nk5tWlKEoImqnMCSGf9ZpYWznFOhoB
LZ2hSlVIC17IPI4jmzo/MUb6zSdDJ9tEGltSqLVY/ynTOS7rR4sc9pgVvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4pZmzh7r2Zv1hKXcDySgRHqTFmMB8GA1UdIwQY
MBaAFM6s8wFdMD87sg431mN0wcE2/q8DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenF6ekFWMHdQenV5RGpmV1kzVEJ3VGItcndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZDY5MGQtNTg2NC00ZTBjLWI4Y2It
Y2ZlMjRhYWMxMDk5LzEvYmlsbWJPSHV2Wm1fV0VwZHdQSktCRWVwTVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZDY5MGQtNTg2NC00ZTBjLWI4Y2ItY2ZlMjRhYWMxMDk5
LzEvenF6ekFWMHdQenV5RGpmV1kzVEJ3VGItcndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQC5/MA0G
CSqGSIb3DQEBCwUAA4IBAQBx+7Ub7KGvQeoW2MDigUe6HA08MjE3OhvDOtcT/yKZ
L7iR6oUfqKMJ60yfp3ean5+cVPKzzH4a2aED2seaOMXLYOIYvFeuqEi0jrjILEwD
DQJbx/I5vluqrv8Z+mol8KoV0ENL/dzAUwFqozDcGRLLL/mZ1ps2Z8/ZvvwTxhMx
yGIdsnY33MjcxQ5Tzs3jH+A6Y6rzdC5BGJ/NsOlNuImrteQvyjrgLURr2yTh+ZoM
mo2z4zMY+hfPL0ob3guVwyBlxBkPiDHnsYCcFM8vsxB1hEr3WiMeFPuFEDrkwzqj
aXX8GOPcWJWYgSmHfLefV1vO35wLtHngv51iFcNnOKt2
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:33:23 2026 by rpki-client