Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pHRMdTz_oP_UNNLFDLwNOxKWRFE.roa
File: pHRMdTz_oP_UNNLFDLwNOxKWRFE.roa (raw, json)
Hash identifier: f1sFVo35yYFuPv6VbkQzcXjBYRaqkt3Dn1O2lvvvniU=
Subject key identifier: A4:74:4C:75:3C:FF:A0:FF:D4:34:D2:C5:0C:BC:0D:3B:12:96:44:51
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019D00EA547835D8EC92D84BE165E51D5995
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pHRMdTz_oP_UNNLFDLwNOxKWRFE.roa
Signing time: Wed 18 Mar 2026 12:27:30 +0000
ROA not before: Wed 18 Mar 2026 12:27:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.41.0/24 maxlen: 32
45.123.42.0/23 maxlen: 32
45.141.200.0/23 maxlen: 32
45.141.202.0/24 maxlen: 32
45.141.203.0/24 maxlen: 32
89.47.89.0/24 maxlen: 32
91.190.100.0/24 maxlen: 32
92.114.107.0/24 maxlen: 32
185.9.55.0/24 maxlen: 32
185.35.136.0/23 maxlen: 32
185.35.138.0/24 maxlen: 32
185.35.139.0/24 maxlen: 32
188.212.133.0/24 maxlen: 32
188.241.214.0/24 maxlen: 32
2a0b:64c0::/32 maxlen: 128
2a10:6c02::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:ea:54:78:35:d8:ec:92:d8:4b:e1:65:e5:1d:59:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 18 12:27:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4744c753cffa0ffd434d2c50cbc0d3b12964451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:f0:91:5d:84:a4:cd:f7:00:cb:c3:ca:0f:
63:85:c1:c7:56:8e:b8:07:d6:a5:cd:32:2a:a3:22:
e0:fc:96:28:4c:4a:89:71:e4:93:0e:69:8c:af:b1:
21:07:79:60:c4:25:c0:04:5c:a7:6c:e1:3b:d7:66:
c8:3f:8c:2c:6a:bb:79:9e:31:ac:bd:8b:50:86:d5:
89:e8:88:1d:37:f6:60:c4:c2:78:73:67:a8:42:51:
64:87:48:ea:f7:0a:b9:00:37:b4:d0:da:73:ad:07:
81:dd:27:bd:66:f4:ea:6b:ca:74:8f:b7:2c:38:e3:
44:24:36:2f:9f:95:a0:4f:e4:41:b5:e5:9c:71:d7:
e6:72:41:3c:f4:7e:96:a5:4d:91:73:80:1e:04:75:
a4:2c:aa:b0:b0:92:e6:fd:ea:9f:92:a2:8b:b3:b7:
f7:f9:ca:c5:4b:d0:43:e5:58:ec:a3:df:48:b9:17:
53:ce:cd:65:e0:7e:0f:91:eb:22:90:99:96:0c:54:
7f:3c:db:02:78:ab:37:de:e3:d8:b0:12:1a:da:b0:
da:9d:f2:09:1c:c2:f2:8d:f5:86:18:37:7c:0c:cb:
bf:3d:21:fc:bf:74:e0:35:9a:17:3e:f0:bd:f1:26:
eb:7b:bb:03:f5:0b:6f:b9:df:0a:a0:c4:b4:46:be:
b1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:74:4C:75:3C:FF:A0:FF:D4:34:D2:C5:0C:BC:0D:3B:12:96:44:51
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pHRMdTz_oP_UNNLFDLwNOxKWRFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.41.0-45.123.43.255
45.141.200.0/22
89.47.89.0/24
91.190.100.0/24
92.114.107.0/24
185.9.55.0/24
185.35.136.0/22
188.212.133.0/24
188.241.214.0/24
IPv6:
2a0b:64c0::/32
2a10:6c02::/32
Signature Algorithm: sha256WithRSAEncryption
4d:31:5b:59:8b:19:4e:3e:b0:40:35:ac:f7:7b:fb:31:9e:c2:
31:7b:2b:96:54:a7:f9:7a:9a:7f:24:22:c8:93:79:60:08:fb:
db:70:0e:9f:0b:89:3a:e9:7b:62:d9:76:10:d3:02:23:b5:d9:
3b:a4:13:58:da:4a:fa:60:07:f9:25:1f:8d:c4:c7:b9:33:3e:
b7:8c:75:43:52:d5:8f:f3:62:cb:a3:12:ea:9e:2b:b9:30:8c:
9f:cc:26:86:32:5e:7b:e3:1b:53:a6:2b:be:45:6c:ad:60:13:
c2:3c:2d:38:0a:f8:2b:9b:82:18:8e:1a:95:31:50:51:e5:17:
96:f0:22:2a:e1:cd:f6:b8:77:1f:11:db:28:6d:f8:17:83:cc:
3e:6b:bb:2b:33:a5:a5:92:f9:f0:ac:78:0f:71:52:05:72:79:
f7:4a:5c:8e:f7:5b:6a:4b:cc:64:b7:13:96:8a:eb:4f:9d:1d:
fc:11:9d:23:51:59:f2:a9:2e:92:88:59:23:56:09:fd:e7:a2:
23:e5:23:61:71:2c:a2:8e:26:25:12:0e:5a:63:96:a5:6f:1d:
c4:ef:16:4f:ab:a9:4f:8f:b0:28:30:3a:04:6c:91:6f:99:56:
f0:af:f8:51:e0:7e:08:36:eb:df:1b:36:88:e1:5a:65:8f:4b:
f3:ed:fa:4d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ0A6lR4NdjskthL4WXlHVmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMzE4MTIyNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc0NGM3NTNjZmZhMGZmZDQzNGQyYzUwY2JjMGQzYjEyOTY0NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc/wkV2EpM33AMvDyg9jhcHHVo64
B9alzTIqoyLg/JYoTEqJceSTDmmMr7EhB3lgxCXABFynbOE712bIP4wsart5njGs
vYtQhtWJ6IgdN/ZgxMJ4c2eoQlFkh0jq9wq5ADe00NpzrQeB3Se9ZvTqa8p0j7cs
OONEJDYvn5WgT+RBteWccdfmckE89H6WpU2Rc4AeBHWkLKqwsJLm/eqfkqKLs7f3
+crFS9BD5Vjso99IuRdTzs1l4H4PkesikJmWDFR/PNsCeKs33uPYsBIa2rDanfIJ
HMLyjfWGGDd8DMu/PSH8v3TgNZoXPvC98Sbre7sD9Qtvud8KoMS0Rr6xjQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKR0THU8/6D/1DTSxQy8DTsSlkRRMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcEhSTWRUel9vUF9VTk5MRkRMd05PeEtXUkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+MAwDBAAteykD
BAIteygDBAItjcgDBABZL1kDBABbvmQDBABccmsDBAC5CTcDBAK5I4gDBAC81IUD
BAC88dYwFAQCAAIwDgMFACoLZMADBQAqEGwCMA0GCSqGSIb3DQEBCwUAA4IBAQBN
MVtZixlOPrBANaz3e/sxnsIxeyuWVKf5epp/JCLIk3lgCPvbcA6fC4k66Xti2XYQ
0wIjtdk7pBNY2kr6YAf5JR+NxMe5Mz63jHVDUtWP82LLoxLqniu5MIyfzCaGMl57
4xtTpiu+RWytYBPCPC04Cvgrm4IYjhqVMVBR5ReW8CIq4c32uHcfEdsobfgXg8w+
a7srM6WlkvnwrHgPcVIFcnn3SlyO91tqS8xktxOWiutPnR38EZ0jUVnyqS6SiFkj
Vgn956Ij5SNhcSyijiYlEg5aY5albx3E7xZPq6lPj7AoMDoEbJFvmVbwr/hR4H4I
NuvfGzaI4Vplj0vz7fpN
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:39:42 2026 by rpki-client