Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oEyBEkIbQpkQUuLUgrIn8YnAsPE.roa
File: oEyBEkIbQpkQUuLUgrIn8YnAsPE.roa (raw, json)
Hash identifier: EK+qYb8LD8TW/t30F1ivP87EislvNxVpK28l9R2fgMk=
Subject key identifier: A0:4C:81:12:42:1B:42:99:10:52:E2:D4:82:B2:27:F1:89:C0:B0:F1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E7337FACABDE2B79E6AD1902AA069F7FC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oEyBEkIbQpkQUuLUgrIn8YnAsPE.roa
Signing time: Fri 29 May 2026 10:11:48 +0000
ROA not before: Fri 29 May 2026 10:11:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201814
IP address blocks: 193.8.187.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 May 2026 13:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:37:fa:ca:bd:e2:b7:9e:6a:d1:90:2a:a0:69:f7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 29 10:11:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a04c8112421b42991052e2d482b227f189c0b0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:71:f0:fb:1c:d7:c0:4a:9a:a1:df:d3:b8:24:
bf:50:bb:13:ad:7d:a1:f5:55:92:84:7a:ff:91:e8:
b1:8c:da:d0:6f:21:04:c7:20:82:93:ec:f5:66:52:
69:42:23:2f:fe:c8:77:a2:70:00:db:59:df:3a:36:
52:cb:6a:ce:70:af:d4:01:d2:5c:ab:55:cb:5e:49:
5a:66:01:36:93:80:4a:df:e9:02:72:85:f5:3c:c3:
ce:6c:d4:27:f7:b7:29:c6:fc:3c:d9:3f:e0:44:78:
c7:15:cc:33:98:ff:6d:f1:2e:11:7d:01:35:07:1f:
09:56:fc:ce:bc:0f:d5:96:1a:c6:db:0a:fe:2b:3b:
54:e5:1a:df:44:97:a6:e5:e7:e4:ec:c4:bf:4b:ff:
5e:75:fb:56:d5:cd:f2:2b:7b:db:a5:02:c4:c6:a6:
bb:de:5a:ec:87:78:c3:19:40:ed:34:2a:75:fa:02:
00:6c:73:cf:c2:44:fc:c8:f9:38:ff:43:c0:5c:ab:
ca:af:87:91:95:68:d4:c6:2e:35:7a:23:fe:c6:41:
14:78:f1:9b:d8:30:0c:64:1a:b0:8c:38:28:b0:9f:
07:75:f1:6c:21:5a:24:90:d9:eb:aa:3a:29:6d:f9:
18:4e:d8:43:2a:6d:28:0d:14:2a:6f:3f:d3:5c:de:
c9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4C:81:12:42:1B:42:99:10:52:E2:D4:82:B2:27:F1:89:C0:B0:F1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oEyBEkIbQpkQUuLUgrIn8YnAsPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.187.0/24
194.180.48.0/23
Signature Algorithm: sha256WithRSAEncryption
56:0a:47:16:24:fa:8e:e5:90:b5:14:9b:01:0e:2e:d4:47:34:
57:f3:53:6b:fd:fc:f0:7e:80:10:83:5c:2f:61:98:8a:90:8a:
a0:cf:53:5c:18:9c:db:a3:6f:28:e3:b2:95:5c:7e:e2:6c:d1:
3c:4e:bd:3c:30:eb:53:3a:34:87:de:41:0c:14:f2:c3:83:b5:
ce:bd:72:28:17:cc:e7:b3:5b:00:3e:d2:f8:c9:2e:9d:de:3c:
61:43:8b:4a:dd:83:34:d9:26:7b:0e:0e:3b:9e:ff:f7:20:ee:
dd:8c:0f:d8:42:f3:00:a2:29:6e:f3:99:24:df:ca:19:9c:2c:
75:b5:0d:98:bc:ba:dd:80:25:a5:93:7a:a7:a4:f4:cc:8f:b1:
b0:38:78:7f:79:c0:1a:ac:97:e1:3a:88:ee:dc:28:70:51:39:
79:f6:3f:4a:d6:36:00:80:84:d4:e4:49:79:16:92:b9:62:e1:
1b:67:89:7f:93:09:1b:ef:37:6e:72:dd:0c:8b:25:90:09:ff:
ae:12:dc:5c:f9:b2:e9:a4:2e:d4:20:aa:8b:6a:9b:fa:8b:e5:
d1:9b:02:12:1d:eb:08:4d:f4:65:53:0a:ed:c3:96:b9:f0:aa:
64:1c:b0:23:46:6f:e5:e1:8e:bc:49:59:8c:ee:b5:57:97:79:
b6:11:1c:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5zN/rKveK3nmrRkCqgaff8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTI5MTAxMTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRjODExMjQyMWI0Mjk5MTA1MmUyZDQ4MmIyMjdmMTg5YzBiMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHHw+xzXwEqaod/TuCS/ULsTrX2h
9VWShHr/keixjNrQbyEExyCCk+z1ZlJpQiMv/sh3onAA21nfOjZSy2rOcK/UAdJc
q1XLXklaZgE2k4BK3+kCcoX1PMPObNQn97cpxvw82T/gRHjHFcwzmP9t8S4RfQE1
Bx8JVvzOvA/VlhrG2wr+KztU5RrfRJem5efk7MS/S/9edftW1c3yK3vbpQLExqa7
3lrsh3jDGUDtNCp1+gIAbHPPwkT8yPk4/0PAXKvKr4eRlWjUxi41eiP+xkEUePGb
2DAMZBqwjDgosJ8HdfFsIVokkNnrqjopbfkYTthDKm0oDRQqbz/TXN7JSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKBMgRJCG0KZEFLi1IKyJ/GJwLDxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb0V5QkVrSWJRcGtRVXVMVWdySW44WW5Bc1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwQi7AwQB
wrQwMA0GCSqGSIb3DQEBCwUAA4IBAQBWCkcWJPqO5ZC1FJsBDi7URzRX81Nr/fzw
foAQg1wvYZiKkIqgz1NcGJzbo28o47KVXH7ibNE8Tr08MOtTOjSH3kEMFPLDg7XO
vXIoF8zns1sAPtL4yS6d3jxhQ4tK3YM02SZ7Dg47nv/3IO7djA/YQvMAoilu85kk
38oZnCx1tQ2YvLrdgCWlk3qnpPTMj7GwOHh/ecAarJfhOoju3ChwUTl59j9K1jYA
gITU5El5FpK5YuEbZ4l/kwkb7zduct0MiyWQCf+uEtxc+bLppC7UIKqLapv6i+XR
mwISHesITfRlUwrtw5a58KpkHLAjRm/l4Y68SVmM7rVXl3m2ERzb
-----END CERTIFICATE-----
Generated at Fri May 29 17:33:49 2026 by rpki-client