Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OG9V497FCoHNGnPc_DbNqTEvF0Q.roa
File: OG9V497FCoHNGnPc_DbNqTEvF0Q.roa (raw, json)
Hash identifier: KoQeTtNBbhDRzvLnCdWBbN4ahOwIByARYlxscPU0UV4=
Subject key identifier: 38:6F:55:E3:DE:C5:0A:81:CD:1A:73:DC:FC:36:CD:A9:31:2F:17:44
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 019CD2DF891381B3DEBABA5278E8297CB1E1
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OG9V497FCoHNGnPc_DbNqTEvF0Q.roa
Signing time: Mon 09 Mar 2026 13:53:10 +0000
ROA not before: Mon 09 Mar 2026 13:53:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 91.213.4.0/24 maxlen: 24
91.214.168.0/24 maxlen: 24
91.214.170.0/24 maxlen: 24
91.214.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:df:89:13:81:b3:de:ba:ba:52:78:e8:29:7c:b1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Mar 9 13:53:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=386f55e3dec50a81cd1a73dcfc36cda9312f1744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:11:00:a5:56:00:b6:8b:5a:54:c1:cd:07:a1:
78:16:96:29:0c:ec:9b:f6:bd:8e:2b:49:51:72:cb:
e5:92:03:de:64:f5:16:66:60:a7:9f:93:81:cb:cf:
cb:40:c4:bd:57:53:fc:f9:86:19:ca:f7:ea:7e:a3:
ae:e9:c2:3c:53:74:e5:06:73:da:39:78:a5:30:6d:
6d:2a:b8:cf:f6:e0:cb:2f:a1:ab:e0:41:13:7e:ab:
0c:18:a4:a8:1c:f8:e9:fa:d3:e9:b7:43:66:49:d4:
fb:54:ab:10:09:7c:54:72:72:34:37:c2:d0:25:44:
7a:ab:74:f4:b3:8f:ee:0b:84:bd:0b:28:51:8f:fb:
fb:fc:a6:8c:c6:56:f1:bf:45:5f:5c:49:c7:39:4e:
e2:de:c5:80:eb:60:c3:e1:b4:c4:ca:d4:fa:8e:58:
2a:50:5f:e8:af:5a:8a:7b:14:ef:34:ff:5b:de:28:
5e:02:ca:d2:e3:8f:db:37:84:8e:84:81:82:b8:e5:
4a:1e:8f:16:7c:92:41:d2:e9:dd:10:fe:9e:8f:a3:
2d:50:de:d6:77:16:83:d4:c8:62:ba:7b:83:ea:6c:
9b:d3:94:8e:80:2b:02:3d:f6:1c:0f:ec:71:8c:4f:
97:35:0b:4e:41:93:25:d5:3d:22:d4:99:ab:ef:7a:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6F:55:E3:DE:C5:0A:81:CD:1A:73:DC:FC:36:CD:A9:31:2F:17:44
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OG9V497FCoHNGnPc_DbNqTEvF0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/24
91.214.170.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:ba:2a:54:3e:99:99:21:d3:6a:42:fb:a8:0c:7f:f5:84:15:
8d:c1:61:2b:f8:4d:a9:a7:3a:fa:bc:96:94:ab:9b:dc:e6:59:
b1:37:b6:32:d0:ee:27:ee:7e:9f:4c:14:c9:b5:b4:1d:8d:1a:
97:f2:0d:e1:7f:88:bd:89:2c:21:ac:77:52:79:00:c4:dd:1b:
29:0d:de:9e:ed:82:8e:7d:be:c3:50:03:5d:85:1a:48:4a:10:
23:87:03:b0:da:8a:34:ae:06:83:67:92:54:f9:e4:19:36:57:
a0:6d:7d:87:a3:35:26:8a:1e:fc:07:d3:94:e4:23:bd:d7:a1:
f8:94:08:cb:99:35:65:3f:56:70:65:c8:39:27:04:42:a3:70:
a0:3f:77:6e:cd:bb:3f:28:1d:25:2e:53:6b:5d:e6:17:98:ad:
83:02:7e:53:fa:85:1b:fc:1d:e1:9a:4d:85:0d:e4:ac:55:e3:
f6:59:31:5f:88:a2:7f:01:da:f2:4f:04:d4:60:bf:e1:c2:e3:
11:55:c2:d4:f0:9f:47:36:25:58:63:22:d4:21:1f:a1:de:1c:
97:a0:d9:7a:cc:b4:05:2c:59:6c:8c:76:fd:ed:96:8b:9b:b2:
47:b7:5e:71:b3:7e:71:9a:51:d6:c8:00:c5:e5:f6:ad:93:03:
7a:cd:2e:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZzS34kTgbPeurpSeOgpfLHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjYwMzA5MTM1MzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZmNTVlM2RlYzUwYTgxY2QxYTczZGNmYzM2Y2RhOTMxMmYxNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBEApVYAtotaVMHNB6F4FpYpDOyb
9r2OK0lRcsvlkgPeZPUWZmCnn5OBy8/LQMS9V1P8+YYZyvfqfqOu6cI8U3TlBnPa
OXilMG1tKrjP9uDLL6Gr4EETfqsMGKSoHPjp+tPpt0NmSdT7VKsQCXxUcnI0N8LQ
JUR6q3T0s4/uC4S9CyhRj/v7/KaMxlbxv0VfXEnHOU7i3sWA62DD4bTEytT6jlgq
UF/or1qKexTvNP9b3iheAsrS44/bN4SOhIGCuOVKHo8WfJJB0undEP6ej6MtUN7W
dxaD1MhiunuD6myb05SOgCsCPfYcD+xxjE+XNQtOQZMl1T0i1Jmr73qmZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDhvVePexQqBzRpz3Pw2zakxLxdEMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvT0c5VjQ5N0ZDb0hOR25QY19EYk5xVEV2RjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9UEAwQA
W9aoAwQBW9aqMA0GCSqGSIb3DQEBCwUAA4IBAQBquipUPpmZIdNqQvuoDH/1hBWN
wWEr+E2ppzr6vJaUq5vc5lmxN7Yy0O4n7n6fTBTJtbQdjRqX8g3hf4i9iSwhrHdS
eQDE3RspDd6e7YKOfb7DUANdhRpIShAjhwOw2oo0rgaDZ5JU+eQZNlegbX2HozUm
ih78B9OU5CO916H4lAjLmTVlP1ZwZcg5JwRCo3CgP3duzbs/KB0lLlNrXeYXmK2D
An5T+oUb/B3hmk2FDeSsVeP2WTFfiKJ/AdryTwTUYL/hwuMRVcLU8J9HNiVYYyLU
IR+h3hyXoNl6zLQFLFlsjHb97ZaLm7JHt15xs35xmlHWyADF5fatkwN6zS7E
-----END CERTIFICATE-----
Generated at Sat Mar 21 06:43:15 2026 by rpki-client