Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/QYyxtB2PmyOn0NrQwruSiXWY3WQ.roa
File: QYyxtB2PmyOn0NrQwruSiXWY3WQ.roa (raw, json)
Hash identifier: WxI1lAPb8s6AODfuXDg9DwAKuWIY1E38qqjjwfvJyEA=
Subject key identifier: 41:8C:B1:B4:1D:8F:9B:23:A7:D0:DA:D0:C2:BB:92:89:75:98:DD:64
Certificate issuer: /CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Certificate serial: 019DB8F7E4CE9307F442F8217033BECD5F08
Authority key identifier: 24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/QYyxtB2PmyOn0NrQwruSiXWY3WQ.roa
Signing time: Thu 23 Apr 2026 06:12:26 +0000
ROA not before: Thu 23 Apr 2026 06:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29386
IP address blocks: 46.213.0.0/21 maxlen: 21
46.213.8.0/21 maxlen: 21
46.213.16.0/21 maxlen: 21
46.213.24.0/21 maxlen: 21
46.213.32.0/21 maxlen: 21
46.213.40.0/21 maxlen: 21
46.213.48.0/21 maxlen: 21
46.213.56.0/21 maxlen: 21
46.213.64.0/21 maxlen: 21
46.213.72.0/21 maxlen: 21
46.213.80.0/21 maxlen: 21
46.213.88.0/21 maxlen: 21
46.213.96.0/21 maxlen: 21
46.213.104.0/21 maxlen: 21
46.213.112.0/21 maxlen: 21
46.213.120.0/21 maxlen: 21
46.213.128.0/21 maxlen: 21
46.213.136.0/21 maxlen: 21
46.213.144.0/21 maxlen: 21
46.213.152.0/21 maxlen: 21
46.213.160.0/21 maxlen: 21
46.213.168.0/21 maxlen: 21
46.213.176.0/21 maxlen: 21
46.213.184.0/21 maxlen: 21
46.213.192.0/21 maxlen: 21
46.213.200.0/21 maxlen: 21
46.213.208.0/21 maxlen: 21
46.213.216.0/21 maxlen: 21
46.213.224.0/21 maxlen: 21
46.213.232.0/21 maxlen: 21
46.213.240.0/21 maxlen: 21
46.213.248.0/21 maxlen: 21
94.252.183.0/24 maxlen: 24
94.252.192.0/21 maxlen: 21
94.252.200.0/21 maxlen: 21
94.252.208.0/21 maxlen: 21
94.252.216.0/21 maxlen: 21
94.252.224.0/21 maxlen: 21
94.252.232.0/21 maxlen: 21
94.252.240.0/21 maxlen: 21
185.136.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b8:f7:e4:ce:93:07:f4:42:f8:21:70:33:be:cd:5f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Validity
Not Before: Apr 23 06:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=418cb1b41d8f9b23a7d0dad0c2bb92897598dd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:d7:73:d5:dc:ef:6b:9b:fb:d7:0c:78:a0:
1e:4d:5e:18:57:c4:8d:de:6a:2d:15:a8:c6:18:e5:
2b:0b:ac:7c:f4:b9:24:53:08:13:f1:0c:0f:af:e7:
99:b7:c4:01:4d:9a:b1:87:31:f3:28:67:2a:7f:3d:
64:c5:9b:e5:95:37:f7:fe:ea:60:5c:8b:3a:c2:13:
b7:b1:48:15:5a:ec:54:08:20:8e:2d:47:11:17:e4:
09:b8:26:a1:ec:42:d0:4f:dd:fd:1e:27:17:99:f0:
0b:c7:fa:28:2e:c1:6e:b3:78:6f:85:1c:9a:87:ee:
b0:12:4b:df:2c:28:29:fc:7b:06:a3:03:8f:ec:ee:
2d:57:19:5d:51:fe:de:ae:23:c3:07:1c:8f:f0:68:
8f:c5:05:1e:1b:2c:91:5d:4f:19:f6:26:d3:eb:ba:
b3:96:61:2e:31:24:62:c7:91:f2:e4:d9:d7:45:12:
da:82:8c:85:2c:35:cd:bf:e9:6f:02:22:77:01:84:
74:26:7d:13:ce:db:4f:e1:44:73:9d:31:54:02:5c:
39:75:a5:e7:99:fd:c6:52:dd:73:2c:e5:5d:9a:7c:
b3:a4:f3:0b:5a:2d:ab:5d:3d:dc:c9:25:25:f9:1d:
bc:e8:0c:58:be:36:aa:4c:58:3b:0b:90:ac:46:94:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8C:B1:B4:1D:8F:9B:23:A7:D0:DA:D0:C2:BB:92:89:75:98:DD:64
X509v3 Authority Key Identifier:
keyid:24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/QYyxtB2PmyOn0NrQwruSiXWY3WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.213.0.0/16
94.252.183.0/24
94.252.192.0-94.252.247.255
185.136.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:bc:f5:e5:09:30:cb:87:a6:17:d1:fa:79:0b:07:a6:0d:cb:
57:60:70:ad:8d:a4:5f:cd:b7:03:94:ad:fe:d8:ba:d4:34:bb:
92:d3:ca:ab:30:62:04:38:5b:a9:d7:50:2e:f3:b3:25:3c:af:
60:c0:1d:9c:3c:dc:99:52:b7:80:20:bd:e6:88:18:bb:ca:70:
17:a4:fa:d1:c9:8d:d9:33:bc:d1:31:6a:31:b1:46:73:0b:52:
56:65:14:32:82:40:50:df:95:96:d5:92:f7:80:14:01:30:c3:
e4:ca:6f:1d:39:9c:84:25:54:d3:a6:ee:a4:94:f0:47:81:ec:
2b:41:13:32:b2:9d:d3:a7:0b:8d:c0:81:71:94:bb:f2:4c:61:
85:e0:8f:4c:a8:9d:aa:56:12:db:39:10:18:bc:a3:15:e8:31:
63:7c:2a:c9:4b:5a:c8:20:9b:08:6c:7e:9e:f7:ca:8d:28:bc:
d7:85:03:ce:86:5c:16:bf:84:59:56:e7:2e:04:8c:19:25:58:
d2:81:e9:e7:cc:58:8e:da:66:6c:93:95:1b:9b:b8:ab:b1:c5:
67:35:18:9b:7e:b0:37:59:5c:ab:89:83:fe:d2:d5:dc:7e:ee:
91:25:d6:c9:1d:94:29:cb:bd:70:08:97:7c:76:86:cf:9f:95:
07:07:df:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ249+TOkwf0QvghcDO+zV8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDlkYTRmZmIxYmI2ZDI3M2RlMWJhZDVkYmJmMGQxZmY0
N2YwY2YwHhcNMjYwNDIzMDYxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThjYjFiNDFkOGY5YjIzYTdkMGRhZDBjMmJiOTI4OTc1OThkZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCDXc9Xc72ub+9cMeKAeTV4YV8SN
3motFajGGOUrC6x89LkkUwgT8QwPr+eZt8QBTZqxhzHzKGcqfz1kxZvllTf3/upg
XIs6whO3sUgVWuxUCCCOLUcRF+QJuCah7ELQT939HicXmfALx/ooLsFus3hvhRya
h+6wEkvfLCgp/HsGowOP7O4tVxldUf7eriPDBxyP8GiPxQUeGyyRXU8Z9ibT67qz
lmEuMSRix5Hy5NnXRRLagoyFLDXNv+lvAiJ3AYR0Jn0TzttP4URznTFUAlw5daXn
mf3GUt1zLOVdmnyzpPMLWi2rXT3cySUl+R286AxYvjaqTFg7C5CsRpTKxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGMsbQdj5sjp9Da0MK7kol1mN1kMB8GA1UdIwQY
MBaAFCTZ2k/7G7bSc94brV278NH/R/DPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2Yt
OGEwM2E3YzFmZTliLzEvUVl5eHRCMlBteU9uME5yUXdydVNpWFdZM1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2YtOGEwM2E3YzFmZTli
LzEvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwMALtUDBABe
/LcwDAMEBl78wAMEA1788AMEArmIkDANBgkqhkiG9w0BAQsFAAOCAQEAXrz15Qkw
y4emF9H6eQsHpg3LV2BwrY2kX823A5St/ti61DS7ktPKqzBiBDhbqddQLvOzJTyv
YMAdnDzcmVK3gCC95ogYu8pwF6T60cmN2TO80TFqMbFGcwtSVmUUMoJAUN+VltWS
94AUATDD5MpvHTmchCVU06bupJTwR4HsK0ETMrKd06cLjcCBcZS78kxhheCPTKid
qlYS2zkQGLyjFegxY3wqyUtayCCbCGx+nvfKjSi814UDzoZcFr+EWVbnLgSMGSVY
0oHp58xYjtpmbJOVG5u4q7HFZzUYm36wN1lcq4mD/tLV3H7ukSXWyR2UKcu9cAiX
fHaGz5+VBwff5A==
-----END CERTIFICATE-----
Generated at Wed May 13 10:07:19 2026 by rpki-client