Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Owp7cvm8NDNBtb60T9My_H2PMFM.roa
File: Owp7cvm8NDNBtb60T9My_H2PMFM.roa (raw, json)
Hash identifier: sBd3E4HJTZypTon5hRj/aFTgjl8M5RDWaPXG9heQFls=
Subject key identifier: 3B:0A:7B:72:F9:BC:34:33:41:B5:BE:B4:4F:D3:32:FC:7D:8F:30:53
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019DE347D6F77D260F91B1F258D3B116928B
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Owp7cvm8NDNBtb60T9My_H2PMFM.roa
Signing time: Fri 01 May 2026 11:23:49 +0000
ROA not before: Fri 01 May 2026 11:23:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51306
IP address blocks: 85.118.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 May 2026 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e3:47:d6:f7:7d:26:0f:91:b1:f2:58:d3:b1:16:92:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: May 1 11:23:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b0a7b72f9bc343341b5beb44fd332fc7d8f3053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:59:71:5d:6b:1e:7a:64:6e:f6:58:20:3b:
f3:79:9d:a7:0c:d6:ca:0a:5e:5b:c3:36:4e:25:24:
6e:55:e7:70:79:78:57:56:00:90:ba:51:1f:78:7f:
15:d3:49:1e:44:77:d5:52:1b:ff:2f:90:00:42:72:
31:1b:94:e5:76:e0:89:ef:91:48:94:f3:8c:ea:4e:
a1:d1:d6:dd:cb:75:5e:cf:6a:8c:c0:c5:32:db:d4:
c6:26:51:19:2e:41:30:f7:cf:09:b4:5d:0c:5f:03:
57:20:b6:99:47:70:83:18:17:ac:61:a9:d1:43:29:
3d:87:50:02:c5:6d:d5:3a:76:34:a6:fc:da:bc:fc:
87:dc:f8:b2:6b:67:f0:1b:62:5e:60:12:93:3d:b3:
79:97:4a:b2:0f:cb:82:69:ca:9b:f1:61:e0:f3:c5:
14:d4:66:bf:86:0c:50:09:83:b2:ce:37:1f:15:47:
94:76:52:5a:2e:1b:f8:af:87:a3:63:72:7c:a5:8e:
86:57:0b:74:37:b7:85:0d:88:f0:b2:17:f4:27:39:
73:51:af:c9:1b:ce:b5:24:bf:b9:98:90:40:ea:ef:
20:56:84:95:da:24:5a:24:54:f7:36:be:16:88:ca:
03:5c:9a:dd:65:47:d4:5d:1c:4f:8b:c4:ca:47:0a:
e7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0A:7B:72:F9:BC:34:33:41:B5:BE:B4:4F:D3:32:FC:7D:8F:30:53
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Owp7cvm8NDNBtb60T9My_H2PMFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.36.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:29:3c:ba:43:3f:06:fb:d5:d4:21:d9:50:76:74:b6:90:55:
25:3c:69:60:d6:70:7f:10:5d:0b:0f:45:96:23:d0:0d:be:26:
da:53:89:41:d8:23:63:d2:1d:c7:d0:cd:57:65:8f:da:08:01:
16:40:89:59:8f:07:fe:02:d3:fd:1c:8f:a2:f2:7f:17:3d:7d:
4c:15:8a:93:01:ba:cc:36:9e:a6:68:50:5b:93:de:66:5f:b9:
ea:a2:36:27:c1:67:8a:8b:61:1b:ac:02:91:93:3e:be:c4:31:
1c:d4:37:9e:df:cd:cb:35:59:aa:1f:18:00:d8:fc:4e:e0:33:
3f:0b:84:19:1f:86:58:a9:ac:0e:2a:e7:ff:79:a3:7a:08:f0:
ae:70:fb:7f:1f:61:24:12:a7:9f:4a:d7:fe:37:88:8d:d6:c6:
97:69:b8:e1:dd:31:37:67:9c:74:8a:8e:1e:80:e6:4f:89:64:
d0:f0:07:f0:c5:19:13:aa:9c:29:6c:46:cf:fa:d7:ad:34:d6:
6c:eb:26:7f:10:22:2e:ae:1c:a1:4a:b1:7f:3f:82:25:12:36:
b7:10:ea:57:e8:22:9a:25:4c:34:ce:4a:24:de:8c:89:34:d7:
74:97:be:83:6b:63:66:52:88:1b:6b:ef:a7:63:12:8d:9b:a1:
5e:1a:14:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3jR9b3fSYPkbHyWNOxFpKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjYwNTAxMTEyMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBhN2I3MmY5YmMzNDMzNDFiNWJlYjQ0ZmQzMzJmYzdkOGYzMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjVZcV1rHnpkbvZYIDvzeZ2nDNbK
Cl5bwzZOJSRuVedweXhXVgCQulEfeH8V00keRHfVUhv/L5AAQnIxG5TlduCJ75FI
lPOM6k6h0dbdy3Vez2qMwMUy29TGJlEZLkEw988JtF0MXwNXILaZR3CDGBesYanR
Qyk9h1ACxW3VOnY0pvzavPyH3Piya2fwG2JeYBKTPbN5l0qyD8uCacqb8WHg88UU
1Ga/hgxQCYOyzjcfFUeUdlJaLhv4r4ejY3J8pY6GVwt0N7eFDYjwshf0JzlzUa/J
G861JL+5mJBA6u8gVoSV2iRaJFT3Nr4WiMoDXJrdZUfUXRxPi8TKRwrnzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsKe3L5vDQzQbW+tE/TMvx9jzBTMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvT3dwN2N2bThORE5CdGI2MFQ5TXlfSDJQTUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXYkMA0G
CSqGSIb3DQEBCwUAA4IBAQBPKTy6Qz8G+9XUIdlQdnS2kFUlPGlg1nB/EF0LD0WW
I9ANvibaU4lB2CNj0h3H0M1XZY/aCAEWQIlZjwf+AtP9HI+i8n8XPX1MFYqTAbrM
Np6maFBbk95mX7nqojYnwWeKi2EbrAKRkz6+xDEc1Dee383LNVmqHxgA2PxO4DM/
C4QZH4ZYqawOKuf/eaN6CPCucPt/H2EkEqefStf+N4iN1saXabjh3TE3Z5x0io4e
gOZPiWTQ8AfwxRkTqpwpbEbP+tetNNZs6yZ/ECIurhyhSrF/P4IlEja3EOpX6CKa
JUw0zkok3oyJNNd0l76Da2NmUogba++nYxKNm6FeGhQe
-----END CERTIFICATE-----
Generated at Mon May 4 14:20:13 2026 by rpki-client