Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Ink4c0N-U1foPeR0DGobndHi4jk.roa
File: Ink4c0N-U1foPeR0DGobndHi4jk.roa (raw, json)
Hash identifier: Fao8n7Vq5GulHgDV/cHKG0qd+SUHOsAAqTUZlegQyRk=
Subject key identifier: 22:79:38:73:43:7E:53:57:E8:3D:E4:74:0C:6A:1B:9D:D1:E2:E2:39
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019CC3CF93E14233ECFC52679ACE336F6BDC
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Ink4c0N-U1foPeR0DGobndHi4jk.roa
Signing time: Fri 06 Mar 2026 15:41:26 +0000
ROA not before: Fri 06 Mar 2026 15:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43641
IP address blocks: 45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
85.137.48.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
176.97.120.0/23 maxlen: 23
176.97.125.0/24 maxlen: 24
176.97.126.0/23 maxlen: 23
176.97.126.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.196.0/23 maxlen: 23
194.42.198.0/24 maxlen: 24
194.42.199.0/24 maxlen: 24
194.42.206.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.212.0/24 maxlen: 24
195.66.213.0/24 maxlen: 24
195.160.220.0/22 maxlen: 24
212.86.120.0/23 maxlen: 23
212.86.125.0/24 maxlen: 24
212.86.126.0/23 maxlen: 23
2a09:2dc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:cf:93:e1:42:33:ec:fc:52:67:9a:ce:33:6f:6b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Mar 6 15:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22793873437e5357e83de4740c6a1b9dd1e2e239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0e:e6:88:e6:c1:b0:06:7d:37:4b:3f:0b:a1:
5f:e3:ab:a4:0d:7e:2c:ea:12:82:67:d1:a2:3b:26:
e3:5c:93:48:63:38:4f:65:0b:20:07:3e:f7:6e:03:
bc:90:ee:b8:70:c1:aa:c4:b5:f6:53:70:2d:86:d5:
5e:8e:6b:f5:bb:fb:a4:83:b5:81:ec:63:49:3f:c9:
7c:64:8d:07:a6:65:f2:c2:03:26:68:ef:02:f3:6e:
5c:1d:78:29:ff:cc:74:42:40:d4:9f:09:c3:86:bb:
07:02:3e:76:18:ec:98:72:56:bd:9e:2f:0c:d0:61:
94:ce:91:49:59:fa:b9:ca:99:0b:2c:93:83:b6:c6:
46:62:79:b5:f6:0b:88:a3:60:de:75:ce:8f:7a:60:
c9:91:fa:e5:73:2d:45:7d:ee:f5:73:6d:68:24:40:
eb:2e:70:0b:f0:2e:26:de:91:4f:eb:15:f5:c6:ac:
73:9a:be:0c:30:ed:d9:0b:8f:f1:e2:12:2f:bd:c2:
11:78:47:63:dc:28:b6:68:9d:1e:0f:b9:24:f9:ba:
88:e8:e4:ba:dd:13:99:27:72:c5:de:87:4c:57:79:
6b:55:93:d3:a7:ee:87:a8:71:e0:a1:48:d6:0d:39:
a4:38:a6:0f:ab:26:1a:c8:4a:c0:a1:c2:5a:97:5f:
08:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:79:38:73:43:7E:53:57:E8:3D:E4:74:0C:6A:1B:9D:D1:E2:E2:39
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Ink4c0N-U1foPeR0DGobndHi4jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
85.137.48.0/24
91.222.172.0/22
91.234.198.0/23
176.97.120.0/23
176.97.125.0-176.97.127.255
185.254.199.0/24
194.42.196.0/22
194.42.206.0/23
195.26.86.0/23
195.66.212.0/23
195.160.220.0/22
212.86.120.0/23
212.86.125.0-212.86.127.255
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
59:68:7d:7f:5d:2d:6b:93:fb:8b:ca:52:81:5e:dc:95:89:e2:
0f:66:d5:1f:5e:ca:ec:76:c8:6a:45:fb:cb:2c:66:82:32:83:
18:ee:aa:d2:9f:53:b1:b9:c7:cf:83:66:0b:06:3b:73:27:9b:
3c:f7:82:b9:f7:52:33:79:c9:40:a0:cf:98:83:40:e4:88:f9:
92:58:a7:5d:89:8b:a0:dd:c0:a4:26:69:90:96:62:40:23:47:
c5:17:b5:45:a7:40:28:a0:4d:47:b5:fb:29:ea:d8:ce:93:4b:
84:e0:17:85:c0:1e:8c:86:04:3d:8b:d1:cd:ab:ac:2d:f5:a2:
4f:46:22:79:f4:87:bb:18:69:02:8e:4c:41:45:2c:d8:cc:e7:
ea:b9:16:1c:11:12:b7:7b:cd:cf:05:50:56:bc:9b:04:7f:4b:
71:c4:53:52:d8:59:b8:5e:c8:b8:74:a6:d5:e4:c6:20:c5:a2:
0f:a8:65:8a:e5:01:4b:b2:02:9a:e4:31:ec:16:a2:d3:43:df:
cb:c7:83:fa:26:fd:6c:78:af:3d:18:0c:d0:20:b3:5f:35:00:
80:e4:3f:62:f1:76:8c:ff:fa:df:a0:82:bc:da:12:d5:01:43:
a5:19:56:06:8b:87:c9:e0:69:cc:14:57:13:aa:0e:c6:83:01:
b7:65:a9:e2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZzDz5PhQjPs/FJnms4zb2vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwMzA2MTU0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjc5Mzg3MzQzN2U1MzU3ZTgzZGU0NzQwYzZhMWI5ZGQxZTJlMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA7miObBsAZ9N0s/C6Ff46ukDX4s
6hKCZ9GiOybjXJNIYzhPZQsgBz73bgO8kO64cMGqxLX2U3AthtVejmv1u/ukg7WB
7GNJP8l8ZI0HpmXywgMmaO8C825cHXgp/8x0QkDUnwnDhrsHAj52GOyYcla9ni8M
0GGUzpFJWfq5ypkLLJODtsZGYnm19guIo2Dedc6PemDJkfrlcy1Ffe71c21oJEDr
LnAL8C4m3pFP6xX1xqxzmr4MMO3ZC4/x4hIvvcIReEdj3Ci2aJ0eD7kk+bqI6OS6
3ROZJ3LF3odMV3lrVZPTp+6HqHHgoUjWDTmkOKYPqyYayErAocJal18IoQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCJ5OHNDflNX6D3kdAxqG53R4uI5MB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvSW5rNGMwTi1VMWZvUGVSMERHb2JuZEhpNGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQALQs4
AwQALQs7AwQBLYauAwQAVYkwAwQCW96sAwQBW+rGAwQBsGF4MAwDBACwYX0DBAew
YQADBAC5/scDBALCKsQDBAHCKs4DBAHDGlYDBAHDQtQDBALDoNwDBAHUVngwDAME
ANRWfQMEB9RWADANBAIAAjAHAwUAKgktwTANBgkqhkiG9w0BAQsFAAOCAQEAWWh9
f10ta5P7i8pSgV7clYniD2bVH17K7HbIakX7yyxmgjKDGO6q0p9TsbnHz4NmCwY7
cyebPPeCufdSM3nJQKDPmINA5Ij5klinXYmLoN3ApCZpkJZiQCNHxRe1RadAKKBN
R7X7KerYzpNLhOAXhcAejIYEPYvRzausLfWiT0YiefSHuxhpAo5MQUUs2Mzn6rkW
HBESt3vNzwVQVrybBH9LccRTUthZuF7IuHSm1eTGIMWiD6hliuUBS7ICmuQx7Bai
00Pfy8eD+ib9bHivPRgM0CCzXzUAgOQ/YvF2jP/636CCvNoS1QFDpRlWBouHyeBp
zBRXE6oOxoMBt2Wp4g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:00:01 2026 by rpki-client