Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/R-APQP12CW3pOeqttqzgTwcLAV8.roa
File: R-APQP12CW3pOeqttqzgTwcLAV8.roa (raw, json)
Hash identifier: vRFhqSINrQiolsddF1f5Cpv/fz0FXcpiwczjaOz8Gbg=
Subject key identifier: 47:E0:0F:40:FD:76:09:6D:E9:39:EA:AD:B6:AC:E0:4F:07:0B:01:5F
Certificate issuer: /CN=05a97ff404808ad34f9aa8251767d1aec890601f
Certificate serial: 019E17B2884AC34ECC62FA1A17EB5856938A
Authority key identifier: 05:A9:7F:F4:04:80:8A:D3:4F:9A:A8:25:17:67:D1:AE:C8:90:60:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bal_9ASAitNPmqglF2fRrsiQYB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/R-APQP12CW3pOeqttqzgTwcLAV8.roa
Signing time: Mon 11 May 2026 15:40:36 +0000
ROA not before: Mon 11 May 2026 15:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208416
IP address blocks: 45.138.120.0/24 maxlen: 24
45.138.121.0/24 maxlen: 24
45.138.122.0/24 maxlen: 24
45.138.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/Bal_9ASAitNPmqglF2fRrsiQYB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/Bal_9ASAitNPmqglF2fRrsiQYB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bal_9ASAitNPmqglF2fRrsiQYB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:b2:88:4a:c3:4e:cc:62:fa:1a:17:eb:58:56:93:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05a97ff404808ad34f9aa8251767d1aec890601f
Validity
Not Before: May 11 15:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47e00f40fd76096de939eaadb6ace04f070b015f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:dd:e4:9f:26:5f:79:a5:1a:d9:56:dd:af:0d:
c8:66:00:fe:ad:fb:b4:eb:1d:94:eb:20:a1:30:eb:
21:46:6a:e3:89:37:36:7b:0c:71:fa:f5:cc:73:dc:
46:dc:ad:22:3e:7d:1b:fa:39:c7:6d:9f:99:c7:dd:
c7:e8:53:02:98:cf:09:49:c2:6e:01:4e:f9:3d:f7:
b2:0b:c7:70:aa:cf:ad:6d:4e:2b:c2:33:09:52:ec:
ed:ff:54:37:9e:c3:a1:2f:ba:a3:ae:f1:73:1c:28:
68:4b:03:88:af:42:e0:fd:ab:55:a5:5a:44:45:de:
b0:23:8f:88:d4:64:07:3e:33:7e:94:0e:70:49:28:
75:e1:d7:ec:14:89:67:40:b8:00:5c:e0:b8:95:0a:
f9:1f:6f:12:f2:45:d4:90:bf:13:3e:43:e6:57:09:
af:fd:f6:93:ee:f6:a1:f3:d3:5b:f2:a5:b1:e8:fd:
eb:df:89:28:ad:46:64:23:72:94:4f:1d:48:47:e8:
91:bd:d7:13:03:27:71:82:b9:e2:8e:cf:2d:92:67:
d6:63:20:61:f2:81:97:6b:e7:11:22:9d:25:52:26:
f7:e6:f7:e2:86:f6:25:82:2c:49:68:fb:58:c6:7f:
20:b0:9e:23:a1:59:29:d6:5e:0c:b8:d1:0d:74:35:
18:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E0:0F:40:FD:76:09:6D:E9:39:EA:AD:B6:AC:E0:4F:07:0B:01:5F
X509v3 Authority Key Identifier:
keyid:05:A9:7F:F4:04:80:8A:D3:4F:9A:A8:25:17:67:D1:AE:C8:90:60:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bal_9ASAitNPmqglF2fRrsiQYB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/R-APQP12CW3pOeqttqzgTwcLAV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/Bal_9ASAitNPmqglF2fRrsiQYB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.120.0/22
Signature Algorithm: sha256WithRSAEncryption
45:3b:8c:b4:db:24:21:12:4a:1c:95:33:df:77:6e:a8:33:02:
e3:8b:40:56:8b:c1:ef:25:c6:bf:89:d7:23:58:43:ff:8e:08:
03:d7:d1:aa:4f:2c:79:96:af:a2:40:af:94:2c:02:36:88:ea:
98:b4:14:c2:db:6c:35:1f:54:a5:f1:92:0b:7d:82:0a:1d:c7:
d9:a2:24:ff:ef:d5:0a:86:4f:d3:d4:dc:92:c6:00:eb:14:b1:
8e:9b:4e:85:ba:8a:b8:b6:ae:1f:ec:8a:28:6a:28:cc:07:06:
f6:ee:92:9c:6d:79:b1:27:82:5f:ef:11:7f:0f:ff:1e:26:a3:
04:25:40:56:7a:8c:ea:cb:9b:48:79:8a:8f:9d:9b:db:46:0e:
7e:25:e5:92:5f:47:76:1e:54:db:1f:09:a6:73:2f:ef:b7:3e:
52:e8:02:de:09:42:3f:f1:34:60:37:fd:d5:87:3e:de:20:28:
76:d6:e6:90:12:79:41:1c:e0:e9:70:34:a2:cd:6b:48:f2:41:
9a:a1:1e:d5:f1:6b:64:f5:1e:5e:df:41:9d:cc:b6:21:b2:52:
6c:c2:8b:18:86:4f:39:2d:5f:81:99:b5:53:33:16:06:5a:22:
1e:12:64:93:4b:10:3a:39:09:b5:02:fa:f1:49:28:c9:ed:70:
37:d4:f6:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4XsohKw07MYvoaF+tYVpOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTk3ZmY0MDQ4MDhhZDM0ZjlhYTgyNTE3NjdkMWFlYzg5
MDYwMWYwHhcNMjYwNTExMTU0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UwMGY0MGZkNzYwOTZkZTkzOWVhYWRiNmFjZTA0ZjA3MGIwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt3knyZfeaUa2Vbdrw3IZgD+rfu0
6x2U6yChMOshRmrjiTc2ewxx+vXMc9xG3K0iPn0b+jnHbZ+Zx93H6FMCmM8JScJu
AU75PfeyC8dwqs+tbU4rwjMJUuzt/1Q3nsOhL7qjrvFzHChoSwOIr0Lg/atVpVpE
Rd6wI4+I1GQHPjN+lA5wSSh14dfsFIlnQLgAXOC4lQr5H28S8kXUkL8TPkPmVwmv
/faT7vah89Nb8qWx6P3r34korUZkI3KUTx1IR+iRvdcTAydxgrnijs8tkmfWYyBh
8oGXa+cRIp0lUib35vfihvYlgixJaPtYxn8gsJ4joVkp1l4MuNENdDUYNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfgD0D9dglt6Tnqrbas4E8HCwFfMB8GA1UdIwQY
MBaAFAWpf/QEgIrTT5qoJRdn0a7IkGAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFsXzlBU0FpdE5QbXFnbEYyZlJyc2lRWUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82Yzk1M2ItMDc2My00YjZkLWJmMWEt
NmNlNDQ0ZWJlYWYwLzEvUi1BUFFQMTJDVzNwT2VxdHRxemdUd2NMQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82Yzk1M2ItMDc2My00YjZkLWJmMWEtNmNlNDQ0ZWJlYWYw
LzEvQmFsXzlBU0FpdE5QbXFnbEYyZlJyc2lRWUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYp4MA0G
CSqGSIb3DQEBCwUAA4IBAQBFO4y02yQhEkoclTPfd26oMwLji0BWi8HvJca/idcj
WEP/jggD19GqTyx5lq+iQK+ULAI2iOqYtBTC22w1H1Sl8ZILfYIKHcfZoiT/79UK
hk/T1NySxgDrFLGOm06Fuoq4tq4f7IooaijMBwb27pKcbXmxJ4Jf7xF/D/8eJqME
JUBWeozqy5tIeYqPnZvbRg5+JeWSX0d2HlTbHwmmcy/vtz5S6ALeCUI/8TRgN/3V
hz7eICh21uaQEnlBHODpcDSizWtI8kGaoR7V8Wtk9R5e30GdzLYhslJswosYhk85
LV+BmbVTMxYGWiIeEmSTSxA6OQm1AvrxSSjJ7XA31PZZ
-----END CERTIFICATE-----
Generated at Wed May 13 02:41:36 2026 by rpki-client