Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/OLzTLKZWnHaNaZZXNLTfX_9MFKk.roa
File: OLzTLKZWnHaNaZZXNLTfX_9MFKk.roa (raw, json)
Hash identifier: JRtB2SbXcPB1CPRDQRS38H4AmEHg2R09GikXd7+2l5U=
Subject key identifier: 38:BC:D3:2C:A6:56:9C:76:8D:69:96:57:34:B4:DF:5F:FF:4C:14:A9
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 019EFEE3B4A9C079AE8DD2178CA57C10BBDC
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/OLzTLKZWnHaNaZZXNLTfX_9MFKk.roa
Signing time: Thu 25 Jun 2026 13:06:36 +0000
ROA not before: Thu 25 Jun 2026 13:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35432
IP address blocks: 46.251.96.0/19 maxlen: 24
64.59.208.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
66.205.64.0/19 maxlen: 24
69.6.0.0/19 maxlen: 24
69.94.112.0/20 maxlen: 24
77.83.248.0/22 maxlen: 24
80.244.16.0/20 maxlen: 24
81.18.0.0/20 maxlen: 24
85.132.224.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
109.110.224.0/19 maxlen: 24
139.138.192.0/19 maxlen: 24
164.215.0.0/19 maxlen: 24
185.7.156.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
185.162.16.0/22 maxlen: 24
194.64.144.0/22 maxlen: 24
194.233.16.0/22 maxlen: 24
194.233.24.0/22 maxlen: 24
194.233.60.0/22 maxlen: 24
195.179.96.0/20 maxlen: 24
212.32.16.0/21 maxlen: 24
212.32.56.0/21 maxlen: 24
212.50.96.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
213.140.192.0/19 maxlen: 24
216.241.128.0/19 maxlen: 24
2a02:540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fe:e3:b4:a9:c0:79:ae:8d:d2:17:8c:a5:7c:10:bb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jun 25 13:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38bcd32ca6569c768d69965734b4df5fff4c14a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:80:12:d7:41:34:8f:ee:25:aa:5d:be:a6:
45:96:1f:6b:7c:ff:ee:bc:c8:61:2c:62:89:73:c2:
dc:8d:a5:3e:d6:be:f5:09:01:bb:9d:1f:34:24:75:
b2:b1:b2:e0:ca:70:25:53:75:2f:ca:ea:95:99:aa:
83:55:7a:56:ab:2f:28:a1:03:dd:40:f5:6a:77:2d:
de:4e:d4:8c:a0:4d:ec:11:0e:c3:8f:97:57:47:cd:
cc:cb:25:a8:ee:00:59:8f:15:8c:75:1e:cf:b9:47:
23:7f:20:58:97:b0:7c:b4:1c:62:38:8c:32:90:13:
06:c2:b4:15:47:14:cc:24:3c:29:87:d1:f8:bd:4a:
a4:31:fa:b0:be:f3:ee:0b:87:86:a2:b5:f8:b7:0b:
eb:2f:75:52:52:07:f9:37:8a:96:7c:56:68:96:85:
3e:59:c6:14:c4:1e:ba:51:18:75:e2:e0:9c:44:2a:
e2:85:b6:24:85:a1:d6:4c:24:e5:5b:85:c0:f0:98:
a9:a9:4b:57:24:3e:27:db:91:09:f0:c4:27:42:ba:
d2:c6:4a:ab:f2:5f:1d:80:c1:0a:8d:8e:3a:bb:42:
13:9c:ad:89:44:d3:c0:c8:ed:32:de:a3:19:25:9e:
92:a9:46:5e:59:e6:7f:d1:54:c8:d2:dc:a7:ec:8b:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BC:D3:2C:A6:56:9C:76:8D:69:96:57:34:B4:DF:5F:FF:4C:14:A9
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/OLzTLKZWnHaNaZZXNLTfX_9MFKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
81.18.0.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.32.16.0/21
212.32.56.0/21
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
50:eb:00:b5:a7:02:be:a7:74:7d:8a:39:c1:2d:cc:49:05:40:
de:cd:77:d1:f6:f5:a5:c0:36:e3:23:b6:4c:e9:98:3b:ef:30:
de:da:a9:78:d5:b4:0a:48:5c:c4:82:37:ce:7a:fd:aa:4f:99:
b6:cd:e3:76:ff:e1:be:2e:57:17:45:11:d9:3c:b5:97:94:c2:
87:36:e4:c6:03:3d:9f:72:56:d0:f0:28:02:53:c1:68:2c:2a:
b0:c0:b0:9a:c8:a1:50:54:74:77:27:99:53:77:42:f3:19:26:
24:59:7a:ef:2f:15:4a:8b:0f:66:c6:a7:62:5d:d9:c2:72:5b:
e8:47:2d:7d:7d:32:a8:90:75:96:86:93:b6:f3:6a:21:09:02:
fc:23:a8:ad:75:06:ae:c3:96:1c:72:08:6e:ef:d5:33:75:01:
89:75:02:c7:16:10:8e:d2:22:53:4e:d0:c1:98:80:d5:d9:e1:
98:08:18:1b:6f:1f:54:e6:e1:d3:a7:42:c9:bb:ad:62:3c:1e:
fc:a2:d1:ad:90:35:9a:53:db:b0:b5:4d:cd:06:58:b8:d4:55:
13:a7:ea:9b:3f:06:ea:5b:80:c3:c0:ca:46:9e:49:d1:52:9e:
cc:eb:9e:f7:46:7c:ca:bb:07:e4:e2:fb:68:fb:a1:98:67:0f:
da:70:6e:64
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZ7+47SpwHmujdIXjKV8ELvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5YTM2ZmMwY2NhMmUwYThkMDQ1ZjAyMmRmYzgzMWE1
MTczMDgwHhcNMjYwNjI1MTMwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJjZDMyY2E2NTY5Yzc2OGQ2OTk2NTczNGI0ZGY1ZmZmNGMxNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSCAEtdBNI/uJapdvqZFlh9rfP/u
vMhhLGKJc8LcjaU+1r71CQG7nR80JHWysbLgynAlU3UvyuqVmaqDVXpWqy8ooQPd
QPVqdy3eTtSMoE3sEQ7Dj5dXR83MyyWo7gBZjxWMdR7PuUcjfyBYl7B8tBxiOIwy
kBMGwrQVRxTMJDwph9H4vUqkMfqwvvPuC4eGorX4twvrL3VSUgf5N4qWfFZoloU+
WcYUxB66URh14uCcRCrihbYkhaHWTCTlW4XA8JipqUtXJD4n25EJ8MQnQrrSxkqr
8l8dgMEKjY46u0ITnK2JRNPAyO0y3qMZJZ6SqUZeWeZ/0VTI0tyn7Iu+0wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFDi80yymVpx2jWmWVzS031//TBSpMB8GA1UdIwQY
MBaAFCcCmjb8DMouCo0EXwIt/IMaUXMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTct
NTBkMGE1MzIzNjQxLzEvT0x6VExLWlduSGFOYVpaWE5MVGZYXzlNRktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTctNTBkMGE1MzIzNjQx
LzEvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagDBAUu
+2ADBARAO9ADBARBEtADBAVCzUADBAVFBgADBARFXnADBAJNU/gDBARQ9BADBARR
EgADBAVVhOADBAVbuMADBAVtbuADBAWLisADBAWk1wADBAK5B5wDBAK5KiADBAK5
ohADBALCQJADBALC6RADBALC6RgDBALC6TwDBATDs2ADBAPUIBADBAPUIDgDBAXU
MmADBATVhVADBAXVjMADBAXY8YAwDQQCAAIwBwMFACoCBUAwDQYJKoZIhvcNAQEL
BQADggEBAFDrALWnAr6ndH2KOcEtzEkFQN7Nd9H29aXANuMjtkzpmDvvMN7aqXjV
tApIXMSCN856/apPmbbN43b/4b4uVxdFEdk8tZeUwoc25MYDPZ9yVtDwKAJTwWgs
KrDAsJrIoVBUdHcnmVN3QvMZJiRZeu8vFUqLD2bGp2Jd2cJyW+hHLX19MqiQdZaG
k7bzaiEJAvwjqK11Bq7DlhxyCG7v1TN1AYl1AscWEI7SIlNO0MGYgNXZ4ZgIGBtv
H1Tm4dOnQsm7rWI8Hvyi0a2QNZpT27C1Tc0GWLjUVROn6ps/BupbgMPAykaeSdFS
nszrnvdGfMq7B+Ti+2j7oZhnD9pwbmQ=
-----END CERTIFICATE-----
Generated at Mon Jun 29 00:21:20 2026 by rpki-client