Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NtjROQP4scj-bd3rAQIfTM_a3J0.roa
File: NtjROQP4scj-bd3rAQIfTM_a3J0.roa (raw, json)
Hash identifier: 2Z01mIMovc7MNUUvtWcENZUi/UbUUYFottmL0jYMx2s=
Subject key identifier: 36:D8:D1:39:03:F8:B1:C8:FE:6D:DD:EB:01:02:1F:4C:CF:DA:DC:9D
Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a
Certificate serial: 019CAE60D2C585D145350CD2FAC36209397A
Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NtjROQP4scj-bd3rAQIfTM_a3J0.roa
Signing time: Mon 02 Mar 2026 11:48:26 +0000
ROA not before: Mon 02 Mar 2026 11:48:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46873
IP address blocks: 45.84.194.0/24 maxlen: 24
45.84.195.0/24 maxlen: 24
45.153.108.0/24 maxlen: 24
45.153.109.0/24 maxlen: 24
45.153.110.0/24 maxlen: 24
45.153.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:60:d2:c5:85:d1:45:35:0c:d2:fa:c3:62:09:39:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a
Validity
Not Before: Mar 2 11:48:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=36d8d13903f8b1c8fe6dddeb01021f4ccfdadc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:18:a1:a5:9a:9a:5b:d8:2d:77:61:80:81:
06:f1:52:dd:b1:ef:62:05:dd:b0:29:a4:42:63:67:
63:56:11:29:bb:00:74:fb:03:5f:36:82:cf:06:3d:
fe:00:18:d9:86:09:c8:e4:98:5e:c8:73:d5:06:04:
a1:57:7f:a0:9c:7b:53:4d:1f:3f:15:fa:77:6c:ff:
a1:b9:61:e9:63:ac:bd:61:0f:59:76:0a:75:df:9d:
f2:f0:75:c1:f1:ba:33:d7:2b:64:9a:6f:d2:52:aa:
d7:f8:8e:e0:a2:89:30:94:5c:23:3c:15:c7:81:d8:
5a:70:a6:37:6f:c2:0d:ef:1c:41:a2:e9:13:a3:1a:
c8:2b:3f:b4:34:5c:49:cc:9c:ad:35:d8:42:1e:28:
91:d3:a4:82:7e:14:76:64:79:b6:b4:7b:93:89:35:
b1:9d:a9:89:aa:9b:e4:f6:f3:46:d9:9a:0a:37:1b:
55:5c:35:73:17:5e:3f:b9:58:ce:61:5e:60:00:c0:
d1:69:99:7d:23:d2:d0:e5:c9:10:96:3e:93:09:9d:
2b:bd:0f:c0:8e:e8:63:0a:a5:cc:8d:09:af:5a:e1:
e8:1d:73:67:ee:83:97:62:ee:a4:5a:3f:f8:4d:47:
29:b5:85:d8:c5:1f:f5:a1:1e:2d:27:0b:d9:b7:8f:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:D1:39:03:F8:B1:C8:FE:6D:DD:EB:01:02:1F:4C:CF:DA:DC:9D
X509v3 Authority Key Identifier:
keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NtjROQP4scj-bd3rAQIfTM_a3J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.194.0/23
45.153.108.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:e9:2c:d0:95:c3:93:5d:b6:07:b3:71:c2:11:f0:2c:6f:9c:
a8:bb:59:f0:5a:9e:10:40:8b:21:4c:43:56:13:69:ce:d3:c3:
87:9f:3f:24:25:0c:c0:13:42:93:9e:92:28:1b:5a:38:f0:9c:
dc:41:27:8b:ca:d6:81:fc:b1:89:cf:d4:e6:f0:fd:52:d5:d4:
f7:7b:9d:41:db:f5:a9:2e:b4:0b:d5:89:98:30:62:f6:ff:87:
99:a8:a4:80:99:cf:c3:93:44:09:9e:1a:8e:39:d8:7a:42:05:
fd:5e:3c:1c:b7:80:05:56:ee:d6:33:b0:2d:34:c3:0f:03:f6:
6d:cf:f5:88:2f:37:75:c1:6f:63:8b:e9:c3:c1:fc:97:9d:40:
a4:d9:3f:e0:ab:7c:3c:e4:0c:0c:7e:c9:e8:05:3d:16:70:5b:
26:33:10:c0:14:8c:4a:68:49:28:b3:36:e9:57:de:78:82:32:
80:cd:d2:b7:fa:0f:15:6d:7e:5b:6d:48:16:96:d7:81:c4:41:
01:7e:2d:63:a4:c2:a8:bc:16:a9:29:3a:7f:4d:7c:76:c4:a3:
68:b0:7c:88:94:33:38:e5:ff:0b:25:5b:3f:7b:39:2a:65:4f:
d8:25:23:69:9c:80:eb:20:29:7f:ce:ce:2f:4f:43:64:6d:4d:
2f:95:7e:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyuYNLFhdFFNQzS+sNiCTl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2
NmE1OGEwHhcNMjYwMzAyMTE0ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4ZDEzOTAzZjhiMWM4ZmU2ZGRkZWIwMTAyMWY0Y2NmZGFkYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12AYoaWamlvYLXdhgIEG8VLdse9i
Bd2wKaRCY2djVhEpuwB0+wNfNoLPBj3+ABjZhgnI5JheyHPVBgShV3+gnHtTTR8/
Ffp3bP+huWHpY6y9YQ9Zdgp1353y8HXB8boz1ytkmm/SUqrX+I7gookwlFwjPBXH
gdhacKY3b8IN7xxBoukToxrIKz+0NFxJzJytNdhCHiiR06SCfhR2ZHm2tHuTiTWx
namJqpvk9vNG2ZoKNxtVXDVzF14/uVjOYV5gAMDRaZl9I9LQ5ckQlj6TCZ0rvQ/A
juhjCqXMjQmvWuHoHXNn7oOXYu6kWj/4TUcptYXYxR/1oR4tJwvZt4+gnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbY0TkD+LHI/m3d6wECH0zP2tydMB8GA1UdIwQY
MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt
MWE4MGRhZmZkNzk2LzEvTnRqUk9RUDRzY2otYmQzckFRSWZUTV9hM0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2
LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVTCAwQC
LZlsMA0GCSqGSIb3DQEBCwUAA4IBAQAb6SzQlcOTXbYHs3HCEfAsb5you1nwWp4Q
QIshTENWE2nO08OHnz8kJQzAE0KTnpIoG1o48JzcQSeLytaB/LGJz9Tm8P1S1dT3
e51B2/WpLrQL1YmYMGL2/4eZqKSAmc/Dk0QJnhqOOdh6QgX9Xjwct4AFVu7WM7At
NMMPA/Ztz/WILzd1wW9ji+nDwfyXnUCk2T/gq3w85AwMfsnoBT0WcFsmMxDAFIxK
aEkoszbpV954gjKAzdK3+g8VbX5bbUgWlteBxEEBfi1jpMKovBapKTp/TXx2xKNo
sHyIlDM45f8LJVs/ezkqZU/YJSNpnIDrICl/zs4vT0NkbU0vlX4d
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:13:20 2026 by rpki-client