Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/ksyxmkCrf7A-eqxZmQy3trm7sLM.roa
File: ksyxmkCrf7A-eqxZmQy3trm7sLM.roa (raw, json)
Hash identifier: 6/V3wIua4oerREHtxJ93cqHXKCXGaJBotU9pYRKVNog=
Subject key identifier: 92:CC:B1:9A:40:AB:7F:B0:3E:7A:AC:59:99:0C:B7:B6:B9:BB:B0:B3
Certificate issuer: /CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Certificate serial: 019D2AAE94C09E71B4299EA27A52AEE995BB
Authority key identifier: 97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/ksyxmkCrf7A-eqxZmQy3trm7sLM.roa
Signing time: Thu 26 Mar 2026 15:06:17 +0000
ROA not before: Thu 26 Mar 2026 15:06:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212286
IP address blocks: 45.87.128.0/23 maxlen: 23
45.91.73.0/24 maxlen: 24
45.128.80.0/22 maxlen: 22
45.129.72.0/24 maxlen: 24
45.131.216.0/22 maxlen: 22
45.132.164.0/22 maxlen: 22
45.138.248.0/22 maxlen: 22
45.145.136.0/22 maxlen: 22
45.153.36.0/22 maxlen: 22
45.154.148.0/22 maxlen: 22
81.85.32.0/20 maxlen: 20
152.114.202.0/23 maxlen: 23
152.114.204.0/23 maxlen: 23
158.94.188.0/22 maxlen: 22
158.94.217.0/24 maxlen: 24
185.121.236.0/22 maxlen: 22
193.17.224.0/24 maxlen: 24
193.17.231.0/24 maxlen: 24
193.17.253.0/24 maxlen: 24
193.17.255.0/24 maxlen: 24
212.97.80.0/21 maxlen: 21
212.102.124.0/24 maxlen: 24
213.184.68.0/22 maxlen: 22
217.179.80.0/22 maxlen: 22
217.180.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:ae:94:c0:9e:71:b4:29:9e:a2:7a:52:ae:e9:95:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Validity
Not Before: Mar 26 15:06:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=92ccb19a40ab7fb03e7aac59990cb7b6b9bbb0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:e4:b6:37:a3:fa:0d:e1:88:9b:4d:ea:39:
eb:c2:b8:d0:98:8b:dd:9b:9d:60:a6:22:9e:04:35:
b9:47:32:10:9d:14:43:d2:b4:96:40:0c:38:d7:b7:
32:27:f6:ab:89:28:19:79:0d:88:0b:51:a7:82:52:
4f:0d:27:6a:12:a2:6a:0b:65:2b:57:2a:1b:ac:17:
c3:00:49:f2:44:8e:44:c6:ed:26:b3:a9:13:a3:e0:
a5:3a:3c:52:1b:4b:ed:8e:4d:93:a2:1b:e1:07:7a:
a5:46:b4:a3:e7:aa:34:02:e2:f5:2c:14:4c:f8:04:
ea:c1:74:3f:13:2a:f5:f7:86:7e:fb:8e:35:56:f1:
71:b3:58:9b:84:95:36:4c:d3:a0:d0:16:c6:36:63:
76:ae:ed:fe:09:14:40:70:03:63:0c:95:0f:ef:08:
eb:a9:a4:5f:14:01:eb:b7:94:36:8a:68:24:99:88:
74:d8:8b:ef:70:de:8d:fa:98:25:62:1d:e4:60:4b:
70:a3:1b:4b:84:e9:6d:56:ec:c7:b0:eb:5f:b1:fe:
2a:35:a2:90:2a:fa:83:da:82:fe:cc:8a:5f:67:66:
19:7e:02:c9:b0:f0:ae:4a:2c:0d:36:bb:76:dc:39:
93:35:49:3a:0d:56:b8:3a:a9:96:e6:e5:25:16:02:
63:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CC:B1:9A:40:AB:7F:B0:3E:7A:AC:59:99:0C:B7:B6:B9:BB:B0:B3
X509v3 Authority Key Identifier:
keyid:97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/ksyxmkCrf7A-eqxZmQy3trm7sLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.128.0/23
45.91.73.0/24
45.128.80.0/22
45.129.72.0/24
45.131.216.0/22
45.132.164.0/22
45.138.248.0/22
45.145.136.0/22
45.153.36.0/22
45.154.148.0/22
81.85.32.0/20
152.114.202.0-152.114.205.255
158.94.188.0/22
158.94.217.0/24
185.121.236.0/22
193.17.224.0/24
193.17.231.0/24
193.17.253.0/24
193.17.255.0/24
212.97.80.0/21
212.102.124.0/24
213.184.68.0/22
217.179.80.0/22
217.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:fb:e2:11:86:5d:a3:d7:ec:8d:07:39:a8:84:5c:64:08:6c:
21:8a:c1:94:87:99:a8:9f:e1:4a:0a:3c:d0:62:1a:ed:fb:cb:
5f:8b:91:ee:55:90:6b:b4:2d:30:bc:64:d0:8b:f5:7d:e1:ba:
76:45:e7:7e:ef:2c:38:18:76:77:2f:42:0a:ad:8f:5f:ec:ac:
22:39:6f:48:20:85:32:09:64:cc:5e:86:12:c5:85:f4:b6:9b:
06:14:01:f7:6d:40:a1:5e:a8:ef:d0:d5:52:6b:71:b8:77:71:
64:39:77:12:2a:8f:bc:ac:0f:a5:ab:6c:5c:16:72:bc:a4:85:
ab:56:56:27:76:e4:3a:e1:a6:36:8a:cc:bf:8e:56:c4:fb:c1:
45:62:67:aa:82:d3:75:f3:8a:b2:9e:e5:58:ae:07:14:93:8d:
a4:97:16:ce:9c:75:72:be:d2:95:d8:a7:94:49:cf:31:49:06:
e8:08:ad:fc:ab:1d:8c:51:96:8d:af:15:17:20:b0:cd:55:5b:
36:f1:65:f0:d3:98:98:68:40:d6:72:41:68:df:67:fa:d0:a9:
a8:66:21:9a:62:65:2d:69:10:b1:43:8a:c3:17:f6:03:02:cc:
b7:df:49:eb:5b:0b:95:12:0c:da:ce:80:38:6b:4b:30:69:7c:
25:1b:09:30
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZ0qrpTAnnG0KZ6ielKu6ZW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODhkZTFiNzU3ZWFhYWI1ZTc2YjE5NmUxNzhiNjBiNWU2
YzI0MGMwHhcNMjYwMzI2MTUwNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNjYjE5YTQwYWI3ZmIwM2U3YWFjNTk5OTBjYjdiNmI5YmJiMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ3ktjej+g3hiJtN6jnrwrjQmIvd
m51gpiKeBDW5RzIQnRRD0rSWQAw417cyJ/ariSgZeQ2IC1GnglJPDSdqEqJqC2Ur
VyobrBfDAEnyRI5Exu0ms6kTo+ClOjxSG0vtjk2TohvhB3qlRrSj56o0AuL1LBRM
+ATqwXQ/Eyr194Z++441VvFxs1ibhJU2TNOg0BbGNmN2ru3+CRRAcANjDJUP7wjr
qaRfFAHrt5Q2imgkmYh02IvvcN6N+pglYh3kYEtwoxtLhOltVuzHsOtfsf4qNaKQ
KvqD2oL+zIpfZ2YZfgLJsPCuSiwNNrt23DmTNUk6DVa4OqmW5uUlFgJj8wIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJLMsZpAq3+wPnqsWZkMt7a5u7CzMB8GA1UdIwQY
MBaAFJeI3ht1fqqrXnaxluF4tgtebCQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEt
ODE3OTBmNjFlNzk0LzEva3N5eG1rQ3JmN0EtZXF4Wm1ReTN0cm03c0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEtODE3OTBmNjFlNzk0
LzEvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAEt
V4ADBAAtW0kDBAItgFADBAAtgUgDBAItg9gDBAIthKQDBAItivgDBAItkYgDBAIt
mSQDBAItmpQDBARRVSAwDAMEAZhyygMEAZhyzAMEAp5evAMEAJ5e2QMEArl57AME
AMER4AMEAMER5wMEAMER/QMEAMER/wMEA9RhUAMEANRmfAMEAtW4RAMEAtmzUAME
Atm0LDANBgkqhkiG9w0BAQsFAAOCAQEAH/viEYZdo9fsjQc5qIRcZAhsIYrBlIeZ
qJ/hSgo80GIa7fvLX4uR7lWQa7QtMLxk0Iv1feG6dkXnfu8sOBh2dy9CCq2PX+ys
IjlvSCCFMglkzF6GEsWF9LabBhQB921AoV6o79DVUmtxuHdxZDl3EiqPvKwPpats
XBZyvKSFq1ZWJ3bkOuGmNorMv45WxPvBRWJnqoLTdfOKsp7lWK4HFJONpJcWzpx1
cr7SldinlEnPMUkG6Ait/KsdjFGWja8VFyCwzVVbNvFl8NOYmGhA1nJBaN9n+tCp
qGYhmmJlLWkQsUOKwxf2AwLMt99J61sLlRIM2s6AOGtLMGl8JRsJMA==
-----END CERTIFICATE-----
Generated at Fri Mar 27 01:48:20 2026 by rpki-client