Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/CHwEEgIG46KrfCZubP2sgaYyQKQ.roa
File: CHwEEgIG46KrfCZubP2sgaYyQKQ.roa (raw, json)
Hash identifier: 1VYNsORWI1Jnmpu8/KvoEN63QsZYW/dgbty42oD0bdY=
Subject key identifier: 08:7C:04:12:02:06:E3:A2:AB:7C:26:6E:6C:FD:AC:81:A6:32:40:A4
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 019CE6CCDAC3CC61A75F53524ADE68846D4F
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/CHwEEgIG46KrfCZubP2sgaYyQKQ.roa
Signing time: Fri 13 Mar 2026 10:45:10 +0000
ROA not before: Fri 13 Mar 2026 10:45:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25255
IP address blocks: 46.220.0.0/16 maxlen: 16
77.116.0.0/14 maxlen: 14
77.116.0.0/17 maxlen: 17
77.116.128.0/17 maxlen: 17
77.117.0.0/17 maxlen: 17
77.119.16.0/20 maxlen: 20
77.119.128.0/20 maxlen: 20
77.119.128.0/22 maxlen: 22
77.119.160.0/20 maxlen: 20
77.119.176.0/20 maxlen: 20
77.119.192.0/19 maxlen: 19
77.119.224.0/19 maxlen: 19
81.3.192.0/18 maxlen: 18
81.3.192.0/24 maxlen: 24
81.3.201.0/24 maxlen: 24
81.3.204.0/23 maxlen: 23
81.3.206.0/23 maxlen: 23
81.3.210.0/24 maxlen: 24
81.3.211.0/24 maxlen: 24
91.141.0.0/17 maxlen: 17
91.141.0.0/20 maxlen: 20
91.141.0.0/22 maxlen: 22
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
91.141.96.0/20 maxlen: 20
91.141.112.0/20 maxlen: 20
94.245.192.0/18 maxlen: 18
94.245.192.0/24 maxlen: 24
109.126.64.0/18 maxlen: 18
178.112.0.0/14 maxlen: 14
178.112.0.0/17 maxlen: 17
178.112.128.0/17 maxlen: 17
178.113.0.0/17 maxlen: 17
178.115.32.0/19 maxlen: 19
178.115.64.0/20 maxlen: 20
178.115.80.0/20 maxlen: 20
178.115.128.0/20 maxlen: 20
178.115.128.0/22 maxlen: 22
178.115.144.0/20 maxlen: 20
178.115.224.0/19 maxlen: 19
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
178.165.128.0/22 maxlen: 22
178.165.160.0/19 maxlen: 19
178.165.192.0/20 maxlen: 20
178.165.224.0/20 maxlen: 20
178.165.240.0/20 maxlen: 20
194.24.128.0/19 maxlen: 19
194.24.158.0/24 maxlen: 24
194.24.159.0/24 maxlen: 24
213.94.64.0/18 maxlen: 18
213.94.64.0/21 maxlen: 21
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
213.94.78.0/24 maxlen: 24
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
213.94.95.0/24 maxlen: 24
213.94.96.0/21 maxlen: 21
2a02:2861::/32 maxlen: 32
2a02:2861:d::/48 maxlen: 48
2a02:2861:e::/48 maxlen: 48
2a02:2864::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:cc:da:c3:cc:61:a7:5f:53:52:4a:de:68:84:6d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Mar 13 10:45:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=087c04120206e3a2ab7c266e6cfdac81a63240a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:ea:c6:2e:da:bf:3e:d5:6a:5e:33:5d:a6:
10:08:8e:b0:a4:84:9b:ed:28:a8:0c:6f:24:f6:68:
9a:16:f5:b1:6e:11:0b:9d:22:1e:a5:a5:bf:f0:01:
48:54:f0:99:25:53:65:1c:56:43:e5:38:fa:f9:28:
5c:67:38:4b:6a:8a:12:d4:ee:7e:4c:ba:f1:b5:5c:
42:ab:b2:6b:a7:9a:e5:42:d1:d4:f8:05:41:ca:e9:
d0:14:08:92:16:96:bb:49:fa:72:8b:a2:e4:ef:bd:
f1:6d:a0:86:eb:f5:10:8e:86:ec:e8:13:47:4b:b8:
d2:3c:27:1a:a4:7a:31:91:b0:38:86:a5:2f:c4:0b:
dc:af:91:aa:99:cc:40:b0:f1:42:2c:ff:eb:a2:5f:
e9:53:b7:2b:df:83:5d:36:23:95:52:22:ff:60:9d:
06:9a:74:d5:85:8f:d1:4d:b8:79:0f:cf:c4:35:a0:
33:10:72:3b:d8:75:f1:57:18:a2:f0:26:94:4d:d3:
41:2a:ca:66:49:44:47:54:8b:e1:e6:19:58:93:47:
0c:7c:5e:a4:b4:25:79:d5:6c:00:1d:72:fa:26:8b:
f2:eb:d2:90:81:0c:f3:f7:7f:b2:0e:09:f1:76:1f:
81:c4:ca:f5:fc:7c:fa:9f:8e:4c:f3:3f:5b:1c:d9:
c9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7C:04:12:02:06:E3:A2:AB:7C:26:6E:6C:FD:AC:81:A6:32:40:A4
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/CHwEEgIG46KrfCZubP2sgaYyQKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
8b:4e:d9:46:6b:03:e1:05:9f:a0:b0:ab:85:5a:43:50:1d:1d:
ce:84:db:7e:78:bd:b0:a1:d9:f9:1d:08:03:67:64:b8:b1:7a:
de:b5:71:87:74:14:15:1a:df:ed:a0:33:44:0b:2b:09:df:ce:
8f:b6:c8:3c:0d:7f:16:55:36:21:83:44:22:91:53:ff:bf:35:
6a:b4:46:10:49:21:32:02:d1:a5:c0:75:55:90:d9:d7:5b:7e:
b3:fc:fc:0a:9e:17:de:90:3f:77:2f:3d:d3:62:83:9a:86:20:
98:79:e4:8c:4e:30:aa:33:17:7b:a1:c5:f0:41:70:8b:34:1f:
74:30:a4:6d:30:a5:e7:85:e2:9d:8c:3f:f8:30:6a:68:96:83:
c4:b1:1e:de:5e:69:ca:8c:32:64:f7:a2:e9:d8:60:99:ed:92:
ec:d5:58:58:c3:9c:c8:a2:ac:8d:50:68:96:6a:2e:10:d4:f4:
01:d6:5f:81:2e:39:a3:24:52:30:4f:31:4f:b5:04:e3:bf:e8:
f7:2f:6a:bc:f6:b0:68:77:84:f4:f5:88:3d:aa:a7:a9:3e:af:
0a:93:25:67:36:29:fa:86:f4:7f:de:44:75:09:f1:5a:b6:85:
86:08:38:1b:38:02:ef:68:e1:14:47:69:b1:a6:56:f2:bb:56:
47:50:26:fa
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZzmzNrDzGGnX1NSSt5ohG1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjYwMzEzMTA0NTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdjMDQxMjAyMDZlM2EyYWI3YzI2NmU2Y2ZkYWM4MWE2MzI0MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGPqxi7avz7Val4zXaYQCI6wpISb
7SioDG8k9miaFvWxbhELnSIepaW/8AFIVPCZJVNlHFZD5Tj6+ShcZzhLaooS1O5+
TLrxtVxCq7Jrp5rlQtHU+AVByunQFAiSFpa7Sfpyi6Lk773xbaCG6/UQjobs6BNH
S7jSPCcapHoxkbA4hqUvxAvcr5GqmcxAsPFCLP/rol/pU7cr34NdNiOVUiL/YJ0G
mnTVhY/RTbh5D8/ENaAzEHI72HXxVxii8CaUTdNBKspmSURHVIvh5hlYk0cMfF6k
tCV51WwAHXL6Jovy69KQgQzz93+yDgnxdh+BxMr1/Hz6n45M8z9bHNnJdQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFAh8BBICBuOiq3wmbmz9rIGmMkCkMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvQ0h3RUVnSUc0NktyZkNadWJQMnNnYVl5UUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEAi07ZRmsD
4QWfoLCrhVpDUB0dzoTbfni9sKHZ+R0IA2dkuLF63rVxh3QUFRrf7aAzRAsrCd/O
j7bIPA1/FlU2IYNEIpFT/781arRGEEkhMgLRpcB1VZDZ11t+s/z8Cp4X3pA/dy89
02KDmoYgmHnkjE4wqjMXe6HF8EFwizQfdDCkbTCl54XinYw/+DBqaJaDxLEe3l5p
yowyZPei6dhgme2S7NVYWMOcyKKsjVBolmouENT0AdZfgS45oyRSME8xT7UE47/o
9y9qvPawaHeE9PWIPaqnqT6vCpMlZzYp+ob0f95EdQnxWraFhgg4GzgC72jhFEdp
saZW8rtWR1Am+g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:16:04 2026 by rpki-client