Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/kDc0T-wYc_NGJ-Etnedce11jNMQ.roa
File: kDc0T-wYc_NGJ-Etnedce11jNMQ.roa (raw, json)
Hash identifier: Q1JN1Iy9aoT7dirXksooE/1wLbmA+C3mydNCksgN+aA=
Subject key identifier: 90:37:34:4F:EC:18:73:F3:46:27:E1:2D:9D:E7:5C:7B:5D:63:34:C4
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 019D00B7F8E3E8C77BC260113A723F45DBB2
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/kDc0T-wYc_NGJ-Etnedce11jNMQ.roa
Signing time: Wed 18 Mar 2026 11:32:29 +0000
ROA not before: Wed 18 Mar 2026 11:32:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25098
IP address blocks: 46.248.100.0/24 maxlen: 24
46.248.112.0/22 maxlen: 22
82.136.7.0/24 maxlen: 24
82.136.12.0/22 maxlen: 22
82.136.16.0/22 maxlen: 22
85.116.8.0/24 maxlen: 24
85.116.10.0/24 maxlen: 24
85.116.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:b7:f8:e3:e8:c7:7b:c2:60:11:3a:72:3f:45:db:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Mar 18 11:32:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9037344fec1873f34627e12d9de75c7b5d6334c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ca:c7:48:5f:2c:93:ff:8b:ba:be:44:9d:53:
38:9c:4c:7e:11:de:f2:66:82:f0:de:4b:09:e5:21:
95:c1:d7:89:4c:a4:c3:17:f3:d0:18:11:44:d9:97:
cd:2b:b4:1f:ef:1d:c3:72:ee:a9:08:54:bb:88:39:
ca:bd:e0:87:6d:2d:52:10:f0:4f:a1:0d:49:52:f3:
e3:3c:11:30:48:dc:f2:92:80:72:a5:4a:b3:89:b0:
b4:86:f7:46:d5:46:9f:c5:f6:a7:9e:ed:53:1e:13:
02:43:c3:fe:85:ca:6c:89:a3:ad:34:8b:aa:3f:de:
29:3c:bd:51:66:70:c6:71:d6:9b:66:49:ee:a9:73:
30:12:9c:88:64:f3:f3:14:a1:b2:2b:08:eb:a4:a3:
59:12:4f:cf:cb:93:d6:38:c8:20:fe:6b:9b:6e:32:
6e:93:e6:0f:58:8f:3e:2b:e4:aa:73:58:c8:64:fd:
95:03:e3:6a:7c:69:c8:93:43:48:a7:6b:e0:f6:93:
f0:81:95:7d:cf:01:fd:48:f7:0f:4a:b9:d3:85:0a:
df:46:0f:5d:bc:62:3b:33:19:ff:e6:9a:6d:e6:9a:
a7:1a:1d:f4:04:66:d4:c0:ae:9e:2b:5c:69:4e:93:
bd:0d:1d:82:fd:6a:1d:06:0c:9c:98:df:79:f1:bf:
f7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:37:34:4F:EC:18:73:F3:46:27:E1:2D:9D:E7:5C:7B:5D:63:34:C4
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/kDc0T-wYc_NGJ-Etnedce11jNMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.100.0/24
46.248.112.0/22
82.136.7.0/24
82.136.12.0-82.136.19.255
85.116.8.0/24
85.116.10.0/24
85.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:44:fa:a7:db:e3:0e:95:73:47:12:77:43:2e:a6:20:74:d3:
12:56:67:b9:be:1d:d5:34:59:ce:b6:4d:cb:d6:4d:e9:0b:8a:
c9:ee:9c:e9:7d:ba:e5:d1:9e:d3:a0:53:bd:48:44:27:78:8b:
29:3a:d2:63:9b:6b:0f:91:35:54:84:ba:03:22:c8:d6:47:6f:
51:32:15:9b:44:04:d1:2a:95:13:2e:f1:ec:f8:0a:12:fe:9d:
a2:bd:8b:e2:c9:70:87:73:ca:ae:27:21:8c:9f:f0:2d:3f:19:
02:6b:a0:f6:91:99:ca:02:83:aa:fe:00:1e:38:4d:95:f6:5e:
a9:05:1e:23:c2:f0:dc:6d:26:83:fd:fd:39:29:2d:57:1c:9f:
ac:8d:4e:e0:99:d5:af:cf:75:eb:c3:ac:4c:bc:b8:9e:3d:20:
ec:d4:df:f0:b7:40:37:af:04:ce:9a:ff:12:4c:db:be:a7:cc:
e4:81:df:59:03:d7:48:87:18:14:8d:51:6d:d8:69:f4:06:c3:
f8:16:82:a2:e2:f4:38:0d:43:bb:e6:19:98:7f:4e:5a:02:95:
dc:58:a7:5c:49:17:d4:70:81:39:be:f9:2c:d0:05:a1:37:e3:
7c:2f:68:c9:d9:00:61:21:af:72:ef:3e:47:33:a7:e2:1b:47:
58:55:bc:fa
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ0At/jj6Md7wmAROnI/RduyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjYwMzE4MTEzMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM3MzQ0ZmVjMTg3M2YzNDYyN2UxMmQ5ZGU3NWM3YjVkNjMzNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1srHSF8sk/+Lur5EnVM4nEx+Ed7y
ZoLw3ksJ5SGVwdeJTKTDF/PQGBFE2ZfNK7Qf7x3Dcu6pCFS7iDnKveCHbS1SEPBP
oQ1JUvPjPBEwSNzykoBypUqzibC0hvdG1Uafxfannu1THhMCQ8P+hcpsiaOtNIuq
P94pPL1RZnDGcdabZknuqXMwEpyIZPPzFKGyKwjrpKNZEk/Py5PWOMgg/mubbjJu
k+YPWI8+K+Sqc1jIZP2VA+NqfGnIk0NIp2vg9pPwgZV9zwH9SPcPSrnThQrfRg9d
vGI7Mxn/5ppt5pqnGh30BGbUwK6eK1xpTpO9DR2C/WodBgycmN958b/3eQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJA3NE/sGHPzRifhLZ3nXHtdYzTEMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEva0RjMFQtd1ljX05HSi1FdG5lZGNlMTFqTk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALvhkAwQC
LvhwAwQAUogHMAwDBAJSiAwDBAJSiBADBABVdAgDBABVdAoDBAFVdAwwDQYJKoZI
hvcNAQELBQADggEBALJE+qfb4w6Vc0cSd0MupiB00xJWZ7m+HdU0Wc62TcvWTekL
isnunOl9uuXRntOgU71IRCd4iyk60mObaw+RNVSEugMiyNZHb1EyFZtEBNEqlRMu
8ez4ChL+naK9i+LJcIdzyq4nIYyf8C0/GQJroPaRmcoCg6r+AB44TZX2XqkFHiPC
8NxtJoP9/TkpLVccn6yNTuCZ1a/PdevDrEy8uJ49IOzU3/C3QDevBM6a/xJM276n
zOSB31kD10iHGBSNUW3YafQGw/gWgqLi9DgNQ7vmGZh/TloCldxYp1xJF9RwgTm+
+SzQBaE343wvaMnZAGEhr3LvPkczp+IbR1hVvPo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:01 2026 by rpki-client