Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OhpEUrLaH2c5_vmmNBErSP6XCSo.roa
File: OhpEUrLaH2c5_vmmNBErSP6XCSo.roa (raw, json)
Hash identifier: DqsVpJSbyYu/07lb9uk+UO0byL8YBx1bUerNwf6WDkc=
Subject key identifier: 3A:1A:44:52:B2:DA:1F:67:39:FE:F9:A6:34:11:2B:48:FE:97:09:2A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CD285D5B3EC3D9648FF2B6EA8A65A30D6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OhpEUrLaH2c5_vmmNBErSP6XCSo.roa
Signing time: Mon 09 Mar 2026 12:15:12 +0000
ROA not before: Mon 09 Mar 2026 12:15:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.165.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 15:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:85:d5:b3:ec:3d:96:48:ff:2b:6e:a8:a6:5a:30:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 9 12:15:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a1a4452b2da1f6739fef9a634112b48fe97092a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:59:f2:e4:f8:60:b1:12:ad:2b:38:7c:01:
b4:0f:45:e4:fa:f6:94:cd:d6:e6:f7:85:d2:98:81:
f1:a2:07:f4:c8:84:a3:e4:62:76:32:24:6e:0a:58:
f2:8f:7d:ca:08:49:c9:eb:2b:d0:9d:c0:37:20:96:
ad:85:c9:b1:f5:83:3c:c2:d1:29:a2:1b:6c:3a:cd:
ae:b0:1f:82:80:c9:e2:3e:ca:e1:a9:eb:c8:1b:67:
7f:7f:b2:4e:42:10:b2:3c:e2:c2:a9:fd:37:8b:8e:
7d:f0:03:11:89:1b:ea:c5:7c:ec:4f:58:b5:4f:9b:
4e:82:39:0c:ee:ba:c7:a4:b8:b2:3a:d0:03:a1:6f:
64:19:0f:6f:e4:03:52:1f:6f:c2:93:c0:5e:2f:a2:
5f:24:38:d0:c2:76:1c:f4:6b:1d:5a:ac:91:ee:ac:
20:ca:32:bb:f3:02:bb:16:41:83:f8:bc:e1:29:02:
29:e4:17:aa:65:ab:03:c6:eb:d6:93:bb:94:2f:23:
65:0b:8c:ab:b3:84:9c:4d:41:9d:de:7e:ba:49:58:
36:7c:3c:3a:cc:0e:63:e1:6c:91:93:a9:66:99:4d:
25:85:4f:77:6d:ee:a0:78:ca:34:70:e0:35:f6:77:
62:3f:18:85:cc:87:1e:f0:e2:6f:16:b0:d8:d8:94:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1A:44:52:B2:DA:1F:67:39:FE:F9:A6:34:11:2B:48:FE:97:09:2A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OhpEUrLaH2c5_vmmNBErSP6XCSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.60.0/23
87.121.165.0/24
92.119.196.0/23
92.249.50.0/24
93.123.109.0/24
147.78.100.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
193.47.61.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
25:cb:49:1c:2e:ae:d0:46:bd:bd:43:b9:de:7e:5f:44:92:96:
15:81:62:a4:31:79:e3:dd:db:27:e0:b7:dd:16:81:e5:4f:a7:
8a:d1:8d:c9:af:7a:c2:6b:17:62:44:97:36:5c:03:73:be:d0:
05:f1:f1:21:2c:19:11:a2:ae:60:d8:f4:f3:4c:2e:c5:81:1c:
f2:fe:89:d1:7e:d6:fc:8c:ed:e2:9a:e8:b4:76:25:11:e1:66:
d9:af:82:c7:20:98:59:7a:57:2b:40:15:73:8f:80:a4:e0:5c:
1a:da:7b:22:f8:b0:a2:cc:66:5a:0c:fa:9c:06:2e:0e:a2:2b:
75:f9:92:ea:28:d3:9f:1f:de:cb:24:21:02:0a:e7:52:97:d7:
30:24:37:2c:24:91:61:a1:4c:41:01:c6:55:6f:0a:91:fe:d6:
69:52:53:e6:3c:d2:29:06:94:58:6c:0b:81:1c:09:69:78:96:
0b:6c:6e:0c:5f:02:a0:06:18:73:99:ae:6c:51:f0:5d:1c:de:
0b:26:c5:4e:74:12:d5:5e:82:b3:ae:9a:2f:31:0c:67:61:3b:
5f:05:b1:33:41:8e:c8:6f:1f:da:63:f4:d5:44:e6:7c:1f:6a:
67:52:70:34:1a:72:7a:2c:a2:86:28:9c:14:34:ab:b9:0c:d4:
eb:dc:41:c1
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZzShdWz7D2WSP8rbqimWjDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzA5MTIxNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFhNDQ1MmIyZGExZjY3MzlmZWY5YTYzNDExMmI0OGZlOTcwOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgBZ8uT4YLESrSs4fAG0D0Xk+vaU
zdbm94XSmIHxogf0yISj5GJ2MiRuCljyj33KCEnJ6yvQncA3IJathcmx9YM8wtEp
ohtsOs2usB+CgMniPsrhqevIG2d/f7JOQhCyPOLCqf03i4598AMRiRvqxXzsT1i1
T5tOgjkM7rrHpLiyOtADoW9kGQ9v5ANSH2/Ck8BeL6JfJDjQwnYc9GsdWqyR7qwg
yjK78wK7FkGD+LzhKQIp5BeqZasDxuvWk7uULyNlC4yrs4ScTUGd3n66SVg2fDw6
zA5j4WyRk6lmmU0lhU93be6geMo0cOA19ndiPxiFzIce8OJvFrDY2JSfLQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFDoaRFKy2h9nOf75pjQRK0j+lwkqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT2hwRVVyTGFIMmM1X3ZtbU5CRXJTUDZYQ1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC1C
5AMEAC1C5wMEAC1Z9wMEAC2NngMEAFGh7gMEAVXZggMEAFd4VwMEAFd4fgMEAFd4
pgMEAVd5PAMEAFd5pQMEAVx3xAMEAFz5MgMEAF17bQMEAJNOZAMEArnaVAMEALne
oAMEAMEZ2AMEAMEvPQMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEAJctJ
HC6u0Ea9vUO53n5fRJKWFYFipDF5493bJ+C33RaB5U+nitGNya96wmsXYkSXNlwD
c77QBfHxISwZEaKuYNj080wuxYEc8v6J0X7W/Izt4protHYlEeFm2a+CxyCYWXpX
K0AVc4+ApOBcGtp7IviwosxmWgz6nAYuDqIrdfmS6ijTnx/eyyQhAgrnUpfXMCQ3
LCSRYaFMQQHGVW8Kkf7WaVJT5jzSKQaUWGwLgRwJaXiWC2xuDF8CoAYYc5mubFHw
XRzeCybFTnQS1V6Cs66aLzEMZ2E7XwWxM0GOyG8f2mP01UTmfB9qZ1JwNBpyeiyi
hiicFDSruQzU69xBwQ==
-----END CERTIFICATE-----
Generated at Tue Mar 10 19:59:42 2026 by rpki-client