Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/nGgWCHlP5Rfk7nEXR5r0SwPGVhg.roa
File: nGgWCHlP5Rfk7nEXR5r0SwPGVhg.roa (raw, json)
Hash identifier: ub89EExosLdu9SpuUWFdEh7qASm/VbEptc/K/f13V3g=
Subject key identifier: 9C:68:16:08:79:4F:E5:17:E4:EE:71:17:47:9A:F4:4B:03:C6:56:18
Certificate issuer: /CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Certificate serial: 019DF3051300E8749828C0733DB4FC07B24F
Authority key identifier: 46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/nGgWCHlP5Rfk7nEXR5r0SwPGVhg.roa
Signing time: Mon 04 May 2026 12:44:49 +0000
ROA not before: Mon 04 May 2026 12:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215044
IP address blocks: 45.157.48.0/22 maxlen: 22
45.157.48.0/24 maxlen: 24
45.157.49.0/24 maxlen: 24
45.157.50.0/24 maxlen: 24
45.157.51.0/24 maxlen: 24
185.156.8.0/22 maxlen: 22
185.156.8.0/24 maxlen: 24
185.156.9.0/24 maxlen: 24
185.156.10.0/24 maxlen: 24
185.156.11.0/24 maxlen: 24
2a07:9840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:05:13:00:e8:74:98:28:c0:73:3d:b4:fc:07:b2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Validity
Not Before: May 4 12:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c681608794fe517e4ee7117479af44b03c65618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:02:7f:cb:a9:15:9f:08:1e:7c:ed:05:ac:36:
16:34:3f:7f:0b:64:05:49:99:37:f0:86:7e:a7:a7:
9a:db:25:07:6b:ad:e5:a4:0d:0b:fb:d1:68:ed:32:
fc:39:f8:23:1f:f6:ea:e9:bf:50:cf:f1:b5:c0:6d:
77:e2:a3:76:86:00:43:f3:10:eb:c7:bd:8f:eb:2a:
3e:c8:38:45:69:bb:f9:58:98:61:ae:bc:75:9c:a0:
01:d3:e3:d6:67:21:09:08:9d:5a:bc:ba:3e:50:f3:
ed:fe:0b:9f:02:17:20:a3:93:85:57:81:0e:71:42:
bd:bc:da:a5:74:f2:3a:c3:19:a6:97:7d:d7:0e:2b:
93:a9:45:7a:34:54:3f:6d:dd:53:0f:5d:69:6f:37:
01:25:ee:c7:a7:41:a8:9a:a3:46:79:a0:03:c0:89:
26:7a:e1:1b:9d:f1:d9:52:c6:09:76:45:91:7f:34:
29:35:76:3b:58:e7:3b:4b:ea:e5:1b:0f:88:00:ff:
1e:c5:dc:54:91:de:a1:cd:bb:66:79:96:32:da:9d:
e7:f9:12:12:46:81:34:36:ac:87:fb:c7:16:2d:0d:
5e:17:09:aa:cd:6c:7b:4c:eb:7d:e8:0c:b7:c2:74:
37:86:65:c6:d4:9a:47:f7:d8:c3:65:e3:20:c4:16:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:68:16:08:79:4F:E5:17:E4:EE:71:17:47:9A:F4:4B:03:C6:56:18
X509v3 Authority Key Identifier:
keyid:46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/nGgWCHlP5Rfk7nEXR5r0SwPGVhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.48.0/22
185.156.8.0/22
IPv6:
2a07:9840::/29
Signature Algorithm: sha256WithRSAEncryption
68:6a:20:f8:b8:db:ca:84:91:7f:84:70:be:34:7f:5c:5d:6c:
05:44:42:b9:07:9d:d0:d7:ba:c3:54:10:20:26:dc:09:a0:16:
bf:1c:51:e3:a1:d4:4e:96:54:a4:1a:ce:80:b6:21:2a:93:66:
7c:ad:58:cc:bc:82:3e:ac:ab:6b:c1:7f:6f:d8:72:9a:4e:79:
6e:48:d5:5e:a2:51:94:1b:ac:4a:55:78:88:4e:5b:8c:91:a9:
5a:09:e0:6b:68:25:41:51:6a:ba:7a:ff:3c:70:19:b1:88:81:
aa:bc:8f:dc:67:7b:fa:9d:f4:b0:1c:87:b9:d2:d2:5f:6c:f0:
ae:7f:3b:0d:da:36:09:bc:d9:0b:29:05:f4:e2:21:4d:67:d5:
d1:6c:97:6e:21:12:df:ce:28:fa:75:f2:26:58:ad:7f:ee:54:
36:ac:a2:6a:f0:ae:83:a3:86:04:e9:5e:f1:b2:8c:54:6d:04:
54:0f:5e:89:3e:9b:ba:d0:bf:1e:c7:21:82:38:f6:19:36:83:
3a:3b:4b:5d:da:9c:9b:fb:f0:cc:5c:c6:06:9f:3c:17:18:0d:
3b:90:90:d9:db:c6:ad:f1:82:66:98:58:3d:49:f8:14:85:e8:
00:5c:03:31:d5:b6:6d:8c:a0:ff:83:23:bb:c4:e2:10:85:8d:
53:1e:f5:c7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ3zBRMA6HSYKMBzPbT8B7JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MzhiZjY4YjY2NzVlMmE1YTNhNzkyMmY2NDc3ZDJhZmIz
NTdmYWMwHhcNMjYwNTA0MTI0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY4MTYwODc5NGZlNTE3ZTRlZTcxMTc0NzlhZjQ0YjAzYzY1NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgJ/y6kVnwgefO0FrDYWND9/C2QF
SZk38IZ+p6ea2yUHa63lpA0L+9Fo7TL8OfgjH/bq6b9Qz/G1wG134qN2hgBD8xDr
x72P6yo+yDhFabv5WJhhrrx1nKAB0+PWZyEJCJ1avLo+UPPt/gufAhcgo5OFV4EO
cUK9vNqldPI6wxmml33XDiuTqUV6NFQ/bd1TD11pbzcBJe7Hp0GomqNGeaADwIkm
euEbnfHZUsYJdkWRfzQpNXY7WOc7S+rlGw+IAP8exdxUkd6hzbtmeZYy2p3n+RIS
RoE0NqyH+8cWLQ1eFwmqzWx7TOt96Ay3wnQ3hmXG1JpH99jDZeMgxBZvmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJxoFgh5T+UX5O5xF0ea9EsDxlYYMB8GA1UdIwQY
MBaAFEY4v2i2Z14qWjp5IvZHfSr7NX+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMt
ODcwNzNmNDM0YjAzLzEvbkdnV0NIbFA1UmZrN25FWFI1cjBTd1BHVmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMtODcwNzNmNDM0YjAz
LzEvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZ0wAwQC
uZwIMA0EAgACMAcDBQMqB5hAMA0GCSqGSIb3DQEBCwUAA4IBAQBoaiD4uNvKhJF/
hHC+NH9cXWwFREK5B53Q17rDVBAgJtwJoBa/HFHjodROllSkGs6AtiEqk2Z8rVjM
vII+rKtrwX9v2HKaTnluSNVeolGUG6xKVXiITluMkalaCeBraCVBUWq6ev88cBmx
iIGqvI/cZ3v6nfSwHIe50tJfbPCufzsN2jYJvNkLKQX04iFNZ9XRbJduIRLfzij6
dfImWK1/7lQ2rKJq8K6Do4YE6V7xsoxUbQRUD16JPpu60L8exyGCOPYZNoM6O0td
2pyb+/DMXMYGnzwXGA07kJDZ28at8YJmmFg9SfgUhegAXAMx1bZtjKD/gyO7xOIQ
hY1THvXH
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:06 2026 by rpki-client