Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/POWTzDb5vbFnUn5Fl5f5-cox9EM.roa
File: POWTzDb5vbFnUn5Fl5f5-cox9EM.roa (raw, json)
Hash identifier: nKIMIMVb/A7D3CfUoC/Ae+gbK8Xpv8cUPXw+9arfeFY=
Subject key identifier: 3C:E5:93:CC:36:F9:BD:B1:67:52:7E:45:97:97:F9:F9:CA:31:F4:43
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E1B8D7AE160B05DDDED736896844A923D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/POWTzDb5vbFnUn5Fl5f5-cox9EM.roa
Signing time: Tue 12 May 2026 09:38:37 +0000
ROA not before: Tue 12 May 2026 09:38:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:8d:7a:e1:60:b0:5d:dd:ed:73:68:96:84:4a:92:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 12 09:38:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ce593cc36f9bdb167527e459797f9f9ca31f443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:23:b1:be:34:55:e8:2f:b4:a8:7e:4a:ea:d4:
4b:19:b8:2d:5d:85:4b:d5:04:b0:f7:85:e7:45:2a:
b8:33:8d:6d:91:dd:74:32:40:cd:d9:52:bd:10:63:
93:f2:90:7a:0e:6b:04:bb:d3:13:dd:1c:a5:6e:80:
9b:0d:54:08:3d:43:61:7b:96:2b:18:2d:58:0b:42:
35:1e:4c:0c:22:74:90:4e:8c:cf:f0:01:49:e3:0b:
41:28:9d:73:ec:0f:43:b4:b2:99:99:39:76:13:2f:
94:d1:c5:86:e6:96:98:80:52:2e:36:b4:41:8d:30:
45:3b:c4:5a:e6:b9:71:34:71:ea:e7:70:98:96:a6:
85:12:b1:80:b7:f1:b7:07:5f:3c:6b:04:d8:db:dc:
af:c5:0e:64:dc:55:51:b7:ff:3c:f0:1f:ad:f5:c0:
7c:9b:fe:96:31:88:06:b7:1c:cc:72:1d:41:e7:f6:
5b:0a:5e:49:b1:af:63:77:28:c2:a2:71:0d:97:36:
a2:18:99:53:b8:4f:8d:2d:4c:9e:2f:bc:72:4c:b2:
b6:5e:23:f5:e3:0c:ee:0d:aa:9f:ca:98:0e:48:64:
0b:c8:d2:02:d3:51:14:b8:23:b7:cc:4e:61:db:9c:
be:c3:d0:3d:d3:42:2c:d9:9f:1c:df:ed:0f:dc:a8:
28:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E5:93:CC:36:F9:BD:B1:67:52:7E:45:97:97:F9:F9:CA:31:F4:43
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/POWTzDb5vbFnUn5Fl5f5-cox9EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.218.22.0/24
185.239.140.0/24
185.246.115.0/24
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
97:3b:16:46:6b:5f:cc:88:30:45:b1:e8:9b:e8:d3:33:35:37:
ab:38:88:19:13:98:51:35:b8:25:88:ec:2d:85:f3:28:d6:6c:
f0:33:3e:69:37:8a:02:6e:93:cb:82:ec:f1:75:7b:88:6c:2e:
4b:54:e9:81:63:74:d6:92:3e:bf:20:2a:83:91:b3:96:54:08:
9b:c0:7a:9e:65:e9:fb:c1:67:f0:b0:92:71:aa:c8:67:4c:06:
1e:bf:95:d7:d3:f9:eb:eb:98:2f:ce:0b:42:89:10:5f:58:ed:
75:83:8d:f1:06:c9:f2:bb:29:47:c5:2d:ed:00:b6:07:8e:c4:
3c:5e:9f:18:9e:b7:5a:20:4b:ca:26:28:60:89:3a:6b:23:61:
6a:76:a2:ce:db:2b:52:11:83:26:04:7d:ec:fa:56:5f:77:e9:
a5:86:88:4b:6b:3d:64:2c:fc:88:ac:1d:52:ba:21:24:46:56:
36:5b:f7:5f:62:62:db:2b:62:61:e5:a9:eb:ec:0c:3f:a2:06:
a0:0b:6c:c2:98:f8:e6:4d:c4:c5:93:4b:a0:4a:ff:bb:3d:fb:
d3:0f:7f:91:83:df:94:e4:da:6e:ab:ca:d0:5b:a1:8a:55:9e:
b5:f0:c9:ff:d8:e1:23:fa:46:9d:3a:eb:4b:c0:14:92:63:06:
d4:ac:ad:f2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4bjXrhYLBd3e1zaJaESpI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTEyMDkzODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U1OTNjYzM2ZjliZGIxNjc1MjdlNDU5Nzk3ZjlmOWNhMzFmNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCOxvjRV6C+0qH5K6tRLGbgtXYVL
1QSw94XnRSq4M41tkd10MkDN2VK9EGOT8pB6DmsEu9MT3RylboCbDVQIPUNhe5Yr
GC1YC0I1HkwMInSQTozP8AFJ4wtBKJ1z7A9DtLKZmTl2Ey+U0cWG5paYgFIuNrRB
jTBFO8Ra5rlxNHHq53CYlqaFErGAt/G3B188awTY29yvxQ5k3FVRt/888B+t9cB8
m/6WMYgGtxzMch1B5/ZbCl5Jsa9jdyjConENlzaiGJlTuE+NLUyeL7xyTLK2XiP1
4wzuDaqfypgOSGQLyNIC01EUuCO3zE5h25y+w9A900Is2Z8c3+0P3KgokwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDzlk8w2+b2xZ1J+RZeX+fnKMfRDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUE9XVHpEYjV2YkZuVW41Rmw1ZjUtY294OUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVoTAwQA
uSTMAwQAuc74AwQAudoWAwQAue+MAwQAufZzAwQAwTqQMA0GCSqGSIb3DQEBCwUA
A4IBAQCXOxZGa1/MiDBFseib6NMzNTerOIgZE5hRNbgliOwthfMo1mzwMz5pN4oC
bpPLguzxdXuIbC5LVOmBY3TWkj6/ICqDkbOWVAibwHqeZen7wWfwsJJxqshnTAYe
v5XX0/nr65gvzgtCiRBfWO11g43xBsnyuylHxS3tALYHjsQ8Xp8YnrdaIEvKJihg
iTprI2FqdqLO2ytSEYMmBH3s+lZfd+mlhohLaz1kLPyIrB1SuiEkRlY2W/dfYmLb
K2Jh5anr7Aw/ogagC2zCmPjmTcTFk0ugSv+7PfvTD3+Rg9+U5Npuq8rQW6GKVZ61
8Mn/2OEj+kadOutLwBSSYwbUrK3y
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:19 2026 by rpki-client