Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oYh49zFQM5rGcUDCTM842PRvyuU.roa
File: oYh49zFQM5rGcUDCTM842PRvyuU.roa (raw, json)
Hash identifier: NXQyWjsFX0nsCUV1M2QOmU33z/7V5whqqZ4cY8Liyps=
Subject key identifier: A1:88:78:F7:31:50:33:9A:C6:71:40:C2:4C:CF:38:D8:F4:6F:CA:E5
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019F0A8F13740A0CD3CE2741C0558249C3C9
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oYh49zFQM5rGcUDCTM842PRvyuU.roa
Signing time: Sat 27 Jun 2026 19:29:36 +0000
ROA not before: Sat 27 Jun 2026 19:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 81.18.48.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.227.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
212.69.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:0a:8f:13:74:0a:0c:d3:ce:27:41:c0:55:82:49:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 27 19:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a18878f73150339ac67140c24ccf38d8f46fcae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f0:66:00:fe:44:64:1b:19:5d:7f:2d:68:fa:
e8:3e:28:a4:18:f9:67:0c:93:ad:e3:ba:b8:99:b4:
d0:a5:f3:40:ea:61:46:fb:78:6f:93:d0:38:dd:d2:
87:da:58:ca:74:3e:3e:9f:d8:1e:cf:a5:ae:25:5d:
fb:c7:85:e1:18:9e:61:75:f6:78:f4:2c:f1:d5:07:
fe:3b:f1:46:50:79:be:5d:78:25:65:58:50:cf:5c:
d0:43:03:1e:30:7a:0b:cf:50:2e:d7:e2:7c:39:4f:
b1:36:43:ef:8d:97:2f:c3:e6:6c:2f:6b:98:92:92:
c2:2d:6f:e9:e0:73:4c:4b:b7:03:94:49:55:14:70:
6e:e8:98:76:e5:41:ba:c4:91:31:8b:64:7e:20:e7:
48:a7:95:91:ef:4c:2b:98:d8:80:13:7a:c3:4e:79:
c7:93:06:b4:59:a5:27:11:09:34:95:36:3f:68:18:
1f:d3:a0:ca:c5:00:7f:57:a4:fe:eb:1c:84:fd:51:
18:21:4f:3a:01:50:c2:85:6b:2e:d7:95:7c:63:f5:
1e:9e:3f:1c:b8:47:ee:47:fc:50:9d:d2:b5:4f:44:
f3:67:99:0d:98:af:1d:af:b7:bf:d3:7e:46:91:9d:
09:15:ec:a0:be:4f:91:8b:df:92:b9:a0:cc:73:cb:
48:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:88:78:F7:31:50:33:9A:C6:71:40:C2:4C:CF:38:D8:F4:6F:CA:E5
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oYh49zFQM5rGcUDCTM842PRvyuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
109.121.44.0/24
178.219.6.0/24
178.253.227.0/24
185.47.91.0/24
188.255.198.0/24
212.69.8.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:88:ee:0b:91:db:4b:a4:8f:a1:01:3a:83:30:e8:e0:0a:53:
f9:56:d2:be:97:64:c3:5f:c9:fc:3d:f2:10:2e:6f:d2:92:d7:
cd:17:36:66:2b:3d:22:b3:e0:3e:36:a0:a5:b1:4a:91:77:6c:
fb:08:86:4d:da:8a:0c:db:8b:6e:f3:c6:ca:44:cc:b9:3f:be:
41:fa:34:f6:8e:fe:96:2a:3a:ca:d6:2c:b6:0c:a8:ce:49:e0:
d7:f1:a8:af:c2:c2:8a:f8:87:36:8d:f0:fc:b0:7b:69:6c:e8:
b5:88:00:58:ff:d6:df:77:c4:10:23:31:b1:f3:8b:26:90:a2:
7f:73:5e:60:ca:46:92:96:a5:49:af:96:a1:8e:97:a0:f5:5c:
f1:8b:88:f7:b1:64:36:01:ae:30:14:d0:8e:88:56:10:73:67:
99:3d:06:b0:5d:16:fe:4d:e0:22:e2:72:4a:05:36:eb:cd:7f:
33:3e:b0:23:c4:57:fb:de:4a:61:c1:86:f2:c9:d9:17:5f:e4:
3e:fd:e4:ad:17:21:13:dc:c6:96:e4:44:bc:14:3d:a1:ca:64:
71:e2:c1:6a:7c:2c:0a:80:3e:e2:cd:1c:01:27:62:6d:4d:27:
49:13:4f:76:af:9e:78:eb:8d:50:d2:f6:83:f0:17:4f:3d:37:
69:15:49:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ8KjxN0CgzTzidBwFWCScPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNjI3MTkyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg4NzhmNzMxNTAzMzlhYzY3MTQwYzI0Y2NmMzhkOGY0NmZjYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fBmAP5EZBsZXX8taProPiikGPln
DJOt47q4mbTQpfNA6mFG+3hvk9A43dKH2ljKdD4+n9gez6WuJV37x4XhGJ5hdfZ4
9Czx1Qf+O/FGUHm+XXglZVhQz1zQQwMeMHoLz1Au1+J8OU+xNkPvjZcvw+ZsL2uY
kpLCLW/p4HNMS7cDlElVFHBu6Jh25UG6xJExi2R+IOdIp5WR70wrmNiAE3rDTnnH
kwa0WaUnEQk0lTY/aBgf06DKxQB/V6T+6xyE/VEYIU86AVDChWsu15V8Y/Uenj8c
uEfuR/xQndK1T0TzZ5kNmK8dr7e/035GkZ0JFeygvk+Ri9+SuaDMc8tIjwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKGIePcxUDOaxnFAwkzPONj0b8rlMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvb1loNDl6RlFNNXJHY1VEQ1RNODQyUFJ2eXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAURIwAwQA
bXksAwQAstsGAwQAsv3jAwQAuS9bAwQAvP/GAwQA1EUIMA0GCSqGSIb3DQEBCwUA
A4IBAQA/iO4LkdtLpI+hATqDMOjgClP5VtK+l2TDX8n8PfIQLm/SktfNFzZmKz0i
s+A+NqClsUqRd2z7CIZN2ooM24tu88bKRMy5P75B+jT2jv6WKjrK1iy2DKjOSeDX
8aivwsKK+Ic2jfD8sHtpbOi1iABY/9bfd8QQIzGx84smkKJ/c15gykaSlqVJr5ah
jpeg9Vzxi4j3sWQ2Aa4wFNCOiFYQc2eZPQawXRb+TeAi4nJKBTbrzX8zPrAjxFf7
3kphwYbyydkXX+Q+/eStFyET3MaW5ES8FD2hymRx4sFqfCwKgD7izRwBJ2JtTSdJ
E092r554641Q0vaD8BdPPTdpFUlg
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:57 2026 by rpki-client