Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/4BHAHtAhc28ZrQwUD5OHuec1Ir8.roa
File: 4BHAHtAhc28ZrQwUD5OHuec1Ir8.roa (raw, json)
Hash identifier: 0iGZlpXjvTxGNf9N3a9R/JttWSb6ffwtMSks1EBv2mQ=
Subject key identifier: E0:11:C0:1E:D0:21:73:6F:19:AD:0C:14:0F:93:87:B9:E7:35:22:BF
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 019CE6304CE74B103CE697B5B90B903A1C46
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/4BHAHtAhc28ZrQwUD5OHuec1Ir8.roa
Signing time: Fri 13 Mar 2026 07:54:10 +0000
ROA not before: Fri 13 Mar 2026 07:54:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57073
IP address blocks: 85.198.76.0/22 maxlen: 24
90.156.247.0/24 maxlen: 24
91.230.107.0/24 maxlen: 24
94.141.112.0/22 maxlen: 24
176.101.88.0/21 maxlen: 24
185.62.200.0/23 maxlen: 24
185.62.202.0/24 maxlen: 24
185.138.252.0/22 maxlen: 24
185.138.252.0/24 maxlen: 24
185.138.253.0/24 maxlen: 24
185.138.254.0/24 maxlen: 24
185.138.255.0/24 maxlen: 24
194.1.214.0/24 maxlen: 24
213.184.154.0/23 maxlen: 24
213.184.154.0/24 maxlen: 24
213.184.156.0/22 maxlen: 24
2a03:720::/32 maxlen: 48
2a03:720:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 10:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:30:4c:e7:4b:10:3c:e6:97:b5:b9:0b:90:3a:1c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: Mar 13 07:54:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e011c01ed021736f19ad0c140f9387b9e73522bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:c3:28:b0:07:3b:96:e0:53:58:2e:7d:4d:
4c:b1:a1:bd:d9:8e:f5:71:4b:55:44:c2:9d:c5:3b:
09:dc:58:c4:7b:e3:3e:f1:f2:d5:74:c2:44:c2:b9:
51:80:95:2b:fe:98:7c:63:eb:94:90:3e:c4:86:c7:
63:3f:ce:7c:9a:2e:15:90:ec:60:0c:4b:0d:2a:f4:
20:1a:6e:f7:26:20:34:29:d8:5c:95:c8:dc:fa:73:
96:23:0f:8c:bf:2b:5e:54:b5:f2:ae:5b:d3:be:83:
93:9b:ba:cf:ac:0a:8e:16:be:b3:45:7c:3c:33:91:
08:6d:41:e8:27:36:96:07:42:22:42:de:a0:6c:52:
8e:0d:9b:83:2a:76:76:c0:e9:1b:61:b3:2b:e2:e1:
e2:5a:d6:a4:3b:29:0f:9a:fb:69:b4:cd:fd:de:77:
70:82:06:f9:50:b9:59:32:11:18:20:5d:0b:c3:50:
10:a3:a7:00:8d:20:9e:e1:6f:70:54:15:53:34:c4:
09:c3:09:f1:2a:44:11:c1:dc:19:69:38:c4:36:e1:
73:8c:2a:31:5b:64:68:6c:d1:ea:90:d7:68:ce:ae:
bc:7e:ac:4e:e7:6a:55:19:86:95:52:9b:2b:85:19:
16:af:89:76:4d:48:11:4c:88:4b:14:de:3f:22:c7:
81:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:11:C0:1E:D0:21:73:6F:19:AD:0C:14:0F:93:87:B9:E7:35:22:BF
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/4BHAHtAhc28ZrQwUD5OHuec1Ir8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.76.0/22
90.156.247.0/24
91.230.107.0/24
94.141.112.0/22
176.101.88.0/21
185.62.200.0-185.62.202.255
185.138.252.0/22
194.1.214.0/24
213.184.154.0-213.184.159.255
IPv6:
2a03:720::/32
Signature Algorithm: sha256WithRSAEncryption
1d:26:df:c8:b1:7a:50:8e:6c:78:8f:7e:13:5c:9a:67:18:83:
d5:22:c3:99:ed:9c:68:fd:8b:f0:db:fe:5b:78:1a:ea:d5:bf:
89:ce:19:7b:0a:f7:11:c5:74:28:18:87:4b:59:32:b0:34:30:
ec:98:22:64:92:3a:a6:28:4d:a9:3f:09:7d:e5:8b:b6:fd:66:
b9:c1:91:12:f9:5c:37:a8:29:58:26:82:66:0e:c5:30:b1:07:
03:2e:d8:bc:29:73:1e:3a:5b:4f:84:0c:79:31:61:be:a0:09:
0e:51:4e:11:73:5f:38:be:79:78:df:07:c6:b5:7a:4c:ab:20:
62:96:34:cd:e2:70:a4:d5:f5:2f:e4:c5:52:f7:37:da:a4:bf:
76:46:18:7c:c2:67:bf:51:7a:12:20:d1:7a:e6:78:28:ec:99:
a1:cd:83:b9:86:da:25:17:81:4c:fe:44:49:8f:7c:b0:c0:d7:
02:b5:d9:43:6c:81:42:4a:8b:54:e9:af:10:21:1a:79:f8:ce:
83:de:1f:1a:24:62:5f:24:f3:22:c6:5e:2d:c5:52:ad:40:c9:
cd:f4:f2:1e:98:83:cc:38:c4:48:1a:fd:74:8a:c9:28:23:a9:
26:28:f5:01:cc:2d:5f:ff:59:a1:5e:2c:b5:1c:6f:a6:06:12:
f2:8c:5c:77
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZzmMEznSxA85pe1uQuQOhxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5
MDBhNzYwHhcNMjYwMzEzMDc1NDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDExYzAxZWQwMjE3MzZmMTlhZDBjMTQwZjkzODdiOWU3MzUyMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CbDKLAHO5bgU1gufU1MsaG92Y71
cUtVRMKdxTsJ3FjEe+M+8fLVdMJEwrlRgJUr/ph8Y+uUkD7EhsdjP858mi4VkOxg
DEsNKvQgGm73JiA0Kdhclcjc+nOWIw+MvyteVLXyrlvTvoOTm7rPrAqOFr6zRXw8
M5EIbUHoJzaWB0IiQt6gbFKODZuDKnZ2wOkbYbMr4uHiWtakOykPmvtptM393ndw
ggb5ULlZMhEYIF0Lw1AQo6cAjSCe4W9wVBVTNMQJwwnxKkQRwdwZaTjENuFzjCox
W2RobNHqkNdozq68fqxO52pVGYaVUpsrhRkWr4l2TUgRTIhLFN4/IseBawIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOARwB7QIXNvGa0MFA+Th7nnNSK/MB8GA1UdIwQY
MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt
ODlhY2UzODIyMGZiLzEvNEJIQUh0QWhjMjhaclF3VUQ1T0h1ZWMxSXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi
LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQCVcZMAwQA
Wpz3AwQAW+ZrAwQCXo1wAwQDsGVYMAwDBAO5PsgDBAC5PsoDBAK5ivwDBADCAdYw
DAMEAdW4mgMEBdW4gDANBAIAAjAHAwUAKgMHIDANBgkqhkiG9w0BAQsFAAOCAQEA
HSbfyLF6UI5seI9+E1yaZxiD1SLDme2caP2L8Nv+W3ga6tW/ic4Zewr3EcV0KBiH
S1kysDQw7JgiZJI6pihNqT8JfeWLtv1mucGREvlcN6gpWCaCZg7FMLEHAy7YvClz
HjpbT4QMeTFhvqAJDlFOEXNfOL55eN8HxrV6TKsgYpY0zeJwpNX1L+TFUvc32qS/
dkYYfMJnv1F6EiDReuZ4KOyZoc2DuYbaJReBTP5ESY98sMDXArXZQ2yBQkqLVOmv
ECEaefjOg94fGiRiXyTzIsZeLcVSrUDJzfTyHpiDzDjESBr9dIrJKCOpJij1Acwt
X/9ZoV4stRxvpgYS8oxcdw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:06:48 2026 by rpki-client