Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/nKY7wkxqr552tFA6FDOkz_QoAvw.roa
File: nKY7wkxqr552tFA6FDOkz_QoAvw.roa (raw, json)
Hash identifier: fJ0VHAnJRXOGfnfiS67MPLPgf5X/K6jwriRMCPSDxNo=
Subject key identifier: 9C:A6:3B:C2:4C:6A:AF:9E:76:B4:50:3A:14:33:A4:CF:F4:28:02:FC
Certificate issuer: /CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Certificate serial: 019DD0ACED2249AED6910F7BE7E6163C2B04
Authority key identifier: B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/nKY7wkxqr552tFA6FDOkz_QoAvw.roa
Signing time: Mon 27 Apr 2026 20:41:26 +0000
ROA not before: Mon 27 Apr 2026 20:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51341
IP address blocks: 46.255.25.0/24 maxlen: 24
91.218.84.0/22 maxlen: 22
91.218.84.0/24 maxlen: 24
91.218.85.0/24 maxlen: 24
91.218.86.0/24 maxlen: 24
91.218.87.0/24 maxlen: 24
91.236.140.0/22 maxlen: 22
91.236.140.0/24 maxlen: 24
91.236.141.0/24 maxlen: 24
91.236.142.0/24 maxlen: 24
91.236.143.0/24 maxlen: 24
213.109.201.0/24 maxlen: 24
2a13:af80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d0:ac:ed:22:49:ae:d6:91:0f:7b:e7:e6:16:3c:2b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Validity
Not Before: Apr 27 20:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9ca63bc24c6aaf9e76b4503a1433a4cff42802fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ce:43:5a:af:c3:b0:5c:b2:37:e3:e8:db:0f:
f4:e6:b8:b0:4b:db:a0:a8:90:86:92:9d:4a:57:ce:
68:53:4c:e1:84:6d:df:fb:93:67:4c:e9:16:38:dd:
e5:5e:dd:a2:67:0c:73:a5:b2:43:95:c4:48:8f:0e:
9c:7b:3b:47:39:d6:d3:e1:b2:27:ca:2b:ae:9d:42:
b6:f0:b7:1f:8d:a0:bf:fc:ee:26:01:c3:16:7e:57:
a8:59:e6:a4:a3:7b:4a:5c:00:bb:05:92:b4:11:03:
47:11:e7:b7:9a:b3:5b:fb:d5:f2:9f:e7:30:80:eb:
d5:d6:c7:af:4e:ac:db:b4:61:af:56:37:d0:23:0a:
7b:bb:1a:e6:47:c9:a0:81:a6:34:23:12:7a:75:a4:
cf:98:d5:bb:8c:a1:17:3f:14:17:f9:9a:78:28:8b:
d9:87:c6:d0:28:fa:ef:e4:78:3a:eb:a1:e5:d9:c2:
b8:37:17:3c:f7:ab:2b:97:62:26:09:55:41:37:25:
60:2d:f2:93:c2:fc:dd:d5:21:af:12:a8:5e:9b:80:
78:8a:ab:92:e6:87:4f:0f:6c:bc:88:e8:41:21:c5:
b1:79:1f:07:f9:d6:f1:d9:2a:d8:87:c5:dc:b2:7b:
e7:35:2c:4c:dd:32:8f:a4:84:4f:15:2c:cb:c0:9a:
d1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A6:3B:C2:4C:6A:AF:9E:76:B4:50:3A:14:33:A4:CF:F4:28:02:FC
X509v3 Authority Key Identifier:
keyid:B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/nKY7wkxqr552tFA6FDOkz_QoAvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.25.0/24
91.218.84.0/22
91.236.140.0/22
213.109.201.0/24
IPv6:
2a13:af80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:ea:9b:3b:b9:28:c7:e1:6e:d1:67:be:dc:b7:4d:35:af:ef:
b0:41:b8:d3:6b:28:fa:8e:b8:0a:17:80:cf:cb:7c:ac:50:2e:
84:a8:9c:e2:a6:0f:ec:57:7a:63:88:b0:15:3d:93:71:9b:92:
ce:5a:44:e4:32:84:64:98:32:e4:a4:23:60:96:3f:86:d1:bf:
59:5a:8b:43:1e:84:b2:2f:ba:e6:3c:5e:b7:c4:b0:79:22:da:
7b:d1:1e:a6:93:95:65:0f:eb:2f:86:20:06:c9:6d:a0:c1:67:
e2:74:fd:62:29:4d:e1:4d:7c:4e:de:de:92:b1:cf:14:42:31:
44:cb:e7:69:04:92:c3:36:07:05:63:a5:df:d4:f7:e3:73:b7:
0e:91:3b:bf:ba:72:96:12:bb:b6:7f:2b:e5:79:93:b8:51:f5:
ed:03:66:53:b4:9d:44:37:d5:fa:f7:3e:24:4a:ae:bd:25:b4:
e4:40:91:ea:f7:08:9e:31:63:4b:be:a5:e2:3b:f7:6d:1f:e6:
c3:52:91:c9:42:08:f2:6f:3a:59:1e:1d:65:80:a4:1c:48:05:
6b:43:10:07:16:bc:59:97:4b:00:10:d6:2b:df:8f:f9:98:cd:
66:7d:bd:18:cd:ca:b3:2e:05:29:69:3e:df:ff:ce:3b:4e:bb:
e6:47:01:87
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ3QrO0iSa7WkQ975+YWPCsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjJhYzcwMWMxNGQzNGJiMmU0NDc1ZWM1MTE1MmE0MGM5
ZDNkM2MwHhcNMjYwNDI3MjA0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E2M2JjMjRjNmFhZjllNzZiNDUwM2ExNDMzYTRjZmY0MjgwMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns5DWq/DsFyyN+Po2w/05riwS9ug
qJCGkp1KV85oU0zhhG3f+5NnTOkWON3lXt2iZwxzpbJDlcRIjw6ceztHOdbT4bIn
yiuunUK28LcfjaC//O4mAcMWfleoWeako3tKXAC7BZK0EQNHEee3mrNb+9Xyn+cw
gOvV1sevTqzbtGGvVjfQIwp7uxrmR8mggaY0IxJ6daTPmNW7jKEXPxQX+Zp4KIvZ
h8bQKPrv5Hg666Hl2cK4Nxc896srl2ImCVVBNyVgLfKTwvzd1SGvEqhem4B4iquS
5odPD2y8iOhBIcWxeR8H+dbx2SrYh8XcsnvnNSxM3TKPpIRPFSzLwJrR4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJymO8JMaq+edrRQOhQzpM/0KAL8MB8GA1UdIwQY
MBaAFLVirHAcFNNLsuRHXsURUqQMnT08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTIt
MDk3MzI0ZGQ5ZWM4LzEvbktZN3dreHFyNTUydEZBNkZET2t6X1FvQXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTItMDk3MzI0ZGQ5ZWM4
LzEvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALv8ZAwQC
W9pUAwQCW+yMAwQA1W3JMA0EAgACMAcDBQMqE6+AMA0GCSqGSIb3DQEBCwUAA4IB
AQC46ps7uSjH4W7RZ77ct001r++wQbjTayj6jrgKF4DPy3ysUC6EqJzipg/sV3pj
iLAVPZNxm5LOWkTkMoRkmDLkpCNglj+G0b9ZWotDHoSyL7rmPF63xLB5Itp70R6m
k5VlD+svhiAGyW2gwWfidP1iKU3hTXxO3t6Ssc8UQjFEy+dpBJLDNgcFY6Xf1Pfj
c7cOkTu/unKWEru2fyvleZO4UfXtA2ZTtJ1EN9X69z4kSq69JbTkQJHq9wieMWNL
vqXiO/dtH+bDUpHJQgjybzpZHh1lgKQcSAVrQxAHFrxZl0sAENYr34/5mM1mfb0Y
zcqzLgUpaT7f/847TrvmRwGH
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:08 2026 by rpki-client