Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/TglFPGNOO08n6CcIWPtZA1IiMQ4.roa
File: TglFPGNOO08n6CcIWPtZA1IiMQ4.roa (raw, json)
Hash identifier: /q1UZrCdKL66jU2/r5RlUBwTKqwDKZiHeHHzwJ0UJjU=
Subject key identifier: 4E:09:45:3C:63:4E:3B:4F:27:E8:27:08:58:FB:59:03:52:22:31:0E
Certificate issuer: /CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Certificate serial: 019DD7B8DA39A32C9642BDE3C788E25F92D7
Authority key identifier: E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/TglFPGNOO08n6CcIWPtZA1IiMQ4.roa
Signing time: Wed 29 Apr 2026 05:31:49 +0000
ROA not before: Wed 29 Apr 2026 05:31:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42514
IP address blocks: 46.22.240.0/20 maxlen: 20
89.232.180.0/22 maxlen: 22
94.102.16.0/20 maxlen: 20
95.141.176.0/20 maxlen: 20
128.204.160.0/19 maxlen: 19
153.80.172.0/22 maxlen: 22
178.17.128.0/20 maxlen: 20
185.12.84.0/22 maxlen: 22
213.166.76.0/22 maxlen: 22
2a02:2648::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:b8:da:39:a3:2c:96:42:bd:e3:c7:88:e2:5f:92:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Validity
Not Before: Apr 29 05:31:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e09453c634e3b4f27e8270858fb59035222310e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3c:cc:fe:49:d7:fc:7e:ae:1d:a2:17:55:2a:
ec:ad:c0:05:c0:34:18:c2:49:86:f8:9a:4e:16:ae:
f2:49:38:a0:07:e0:b2:3c:b1:cc:10:78:51:53:40:
99:3d:fa:43:be:19:18:9d:19:2a:e9:9b:33:fe:43:
6f:4e:f4:72:79:64:af:5b:ab:fd:ca:6e:2d:17:e2:
25:37:c4:87:4f:78:a6:e3:b6:ff:52:19:b6:68:1d:
7f:19:50:fb:a9:bf:c1:53:4a:47:20:3e:1a:64:8f:
c3:9b:6c:98:e8:c5:de:76:45:72:07:2d:c2:95:82:
1e:e2:d7:d6:c9:77:a4:7f:38:da:55:0d:4f:81:2f:
1c:8f:4a:f2:8a:64:44:13:72:fd:ea:ef:37:04:25:
b8:5c:ce:73:4a:f3:c0:06:4f:88:80:38:49:27:6f:
56:9c:1c:be:63:6a:3a:d3:01:48:7e:f3:1b:d1:5d:
86:31:57:08:95:f9:c7:8e:ea:59:db:9b:90:f3:f2:
cf:4b:c1:71:27:24:67:ca:f0:60:ed:ac:40:3b:98:
87:48:1b:fe:e0:45:64:d4:39:e6:d7:20:06:2e:f6:
af:a2:6e:cf:73:d7:cd:79:a8:ef:0c:2a:e4:7c:a0:
43:da:ff:27:49:b0:53:23:50:fe:72:29:06:95:c5:
3a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:09:45:3C:63:4E:3B:4F:27:E8:27:08:58:FB:59:03:52:22:31:0E
X509v3 Authority Key Identifier:
keyid:E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/TglFPGNOO08n6CcIWPtZA1IiMQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.240.0/20
89.232.180.0/22
94.102.16.0/20
95.141.176.0/20
128.204.160.0/19
153.80.172.0/22
178.17.128.0/20
185.12.84.0/22
213.166.76.0/22
IPv6:
2a02:2648::/29
Signature Algorithm: sha256WithRSAEncryption
37:f0:4d:9f:aa:b0:4e:6b:d0:b7:00:ff:4d:50:27:3e:6a:1b:
e2:a8:d5:e2:ca:44:fd:21:f2:d9:84:ba:7e:8b:6e:19:13:64:
9b:5d:35:c2:55:33:5c:a3:95:f6:6c:81:69:db:25:d8:e7:21:
69:b9:10:fc:6e:24:32:41:c6:94:93:d7:c7:1b:63:d7:68:8a:
be:a2:54:cd:8e:5a:98:7e:58:fe:6a:95:79:5f:c4:79:5f:d1:
c6:dd:55:09:d3:96:e7:80:e3:f7:19:3d:35:fa:06:cd:6e:63:
c8:33:26:1c:76:98:cc:dd:d4:78:d4:df:6d:0f:ea:9b:7f:d4:
69:09:4f:aa:b0:79:00:55:f3:f5:c8:a5:a3:71:d0:09:a2:88:
61:84:78:f3:24:1c:05:e0:9c:05:11:6e:b0:3e:da:c6:21:c0:
c7:08:7b:5a:41:71:00:e0:8b:6b:39:81:83:c5:51:f9:3d:75:
a2:05:89:21:42:73:66:0f:35:b5:2b:be:f4:91:ce:e8:cc:19:
37:69:a8:3d:84:4d:d5:2b:0c:5e:a9:0e:d7:ed:c4:08:dc:53:
5f:19:b9:24:57:7d:5c:94:bb:4f:9f:41:c6:c0:66:b4:24:61:
8f:9f:b6:59:ac:76:b6:60:62:e2:2e:ca:0e:79:b6:d0:47:7f:
39:8c:79:7d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ3XuNo5oyyWQr3jx4jiX5LXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTZjNDMzNjQwMDNlYzNmN2Y3YzZlYTgxNTdiOGE1MGY0
NDBlY2MwHhcNMjYwNDI5MDUzMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTA5NDUzYzYzNGUzYjRmMjdlODI3MDg1OGZiNTkwMzUyMjIzMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TzM/knX/H6uHaIXVSrsrcAFwDQY
wkmG+JpOFq7ySTigB+CyPLHMEHhRU0CZPfpDvhkYnRkq6Zsz/kNvTvRyeWSvW6v9
ym4tF+IlN8SHT3im47b/Uhm2aB1/GVD7qb/BU0pHID4aZI/Dm2yY6MXedkVyBy3C
lYIe4tfWyXekfzjaVQ1PgS8cj0ryimREE3L96u83BCW4XM5zSvPABk+IgDhJJ29W
nBy+Y2o60wFIfvMb0V2GMVcIlfnHjupZ25uQ8/LPS8FxJyRnyvBg7axAO5iHSBv+
4EVk1Dnm1yAGLvavom7Pc9fNeajvDCrkfKBD2v8nSbBTI1D+cikGlcU68wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFE4JRTxjTjtPJ+gnCFj7WQNSIjEOMB8GA1UdIwQY
MBaAFOCWxDNkAD7D9/fG6oFXuKUPRA7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2Ut
M2E4NWVlNGM4OWJjLzEvVGdsRlBHTk9PMDhuNkNjSVdQdFpBMUlpTVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2UtM2E4NWVlNGM4OWJj
LzEvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQELhbwAwQC
Wei0AwQEXmYQAwQEX42wAwQFgMygAwQCmVCsAwQEshGAAwQCuQxUAwQC1aZMMA0E
AgACMAcDBQMqAiZIMA0GCSqGSIb3DQEBCwUAA4IBAQA38E2fqrBOa9C3AP9NUCc+
ahviqNXiykT9IfLZhLp+i24ZE2SbXTXCVTNco5X2bIFp2yXY5yFpuRD8biQyQcaU
k9fHG2PXaIq+olTNjlqYflj+apV5X8R5X9HG3VUJ05bngOP3GT01+gbNbmPIMyYc
dpjM3dR41N9tD+qbf9RpCU+qsHkAVfP1yKWjcdAJoohhhHjzJBwF4JwFEW6wPtrG
IcDHCHtaQXEA4ItrOYGDxVH5PXWiBYkhQnNmDzW1K770kc7ozBk3aag9hE3VKwxe
qQ7X7cQI3FNfGbkkV31clLtPn0HGwGa0JGGPn7ZZrHa2YGLiLsoOebbQR385jHl9
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:50 2026 by rpki-client