Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/oDHRY2p4X6qIRWZRDGncYz0E4F0.roa
File: oDHRY2p4X6qIRWZRDGncYz0E4F0.roa (raw, json)
Hash identifier: DS/v77bYi2U6NujVd5gI6DZQbrS7LjtyuAFDzI6STCc=
Subject key identifier: A0:31:D1:63:6A:78:5F:AA:88:45:66:51:0C:69:DC:63:3D:04:E0:5D
Certificate issuer: /CN=f03a913774dbc9e605dc17ab23a05a1680398de5
Certificate serial: 019CD34A83D88D67ACF7B3430EB900024AD8
Authority key identifier: F0:3A:91:37:74:DB:C9:E6:05:DC:17:AB:23:A0:5A:16:80:39:8D:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DqRN3TbyeYF3BerI6BaFoA5jeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/oDHRY2p4X6qIRWZRDGncYz0E4F0.roa
Signing time: Mon 09 Mar 2026 15:50:01 +0000
ROA not before: Mon 09 Mar 2026 15:50:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211283
IP address blocks: 37.44.213.0/24 maxlen: 24
87.120.162.0/23 maxlen: 23
92.243.89.0/24 maxlen: 24
185.88.202.0/24 maxlen: 24
185.242.28.0/23 maxlen: 23
185.242.30.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/8DqRN3TbyeYF3BerI6BaFoA5jeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/8DqRN3TbyeYF3BerI6BaFoA5jeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DqRN3TbyeYF3BerI6BaFoA5jeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:4a:83:d8:8d:67:ac:f7:b3:43:0e:b9:00:02:4a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f03a913774dbc9e605dc17ab23a05a1680398de5
Validity
Not Before: Mar 9 15:50:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a031d1636a785faa884566510c69dc633d04e05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:d4:7f:2c:55:09:5d:45:c9:2e:90:38:c9:
34:e1:fc:c9:e6:8e:9c:cc:15:6a:87:ce:e5:f2:25:
d4:f7:26:66:c3:07:26:38:46:5e:a0:f1:65:3e:14:
9e:29:25:76:13:b6:d4:8e:2c:c9:c3:02:f0:ae:39:
61:26:9e:e6:28:65:cf:19:3d:07:9c:6a:cc:c6:9f:
97:09:b7:b7:e0:4a:82:ab:3c:77:bb:42:20:3a:a9:
14:46:d3:fe:66:2c:ba:0a:6b:3e:c4:a4:5c:0f:f2:
81:16:ce:23:38:88:00:61:5f:34:ef:45:14:ca:03:
56:68:4e:ef:46:16:4b:53:2c:cb:af:d5:62:d3:af:
3a:f3:3d:5d:bf:b6:1c:ab:c5:af:41:f2:1d:5b:61:
80:ac:6d:91:ad:23:39:6d:08:d9:43:81:71:fe:0f:
ec:83:a7:1b:77:79:0e:33:45:c3:4a:ba:b5:e5:07:
24:f7:7e:8e:5a:b6:9a:94:a5:42:65:2f:f1:6c:29:
3a:00:d3:99:2d:93:dd:c8:52:b2:3e:dc:5c:c9:de:
a2:35:28:48:37:3c:40:2e:24:f8:29:62:da:46:39:
dd:80:0c:c8:80:59:d9:b4:4b:5c:89:01:21:5c:61:
3b:36:24:73:f1:4b:88:d8:35:25:e6:a9:e4:c3:67:
6c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:31:D1:63:6A:78:5F:AA:88:45:66:51:0C:69:DC:63:3D:04:E0:5D
X509v3 Authority Key Identifier:
keyid:F0:3A:91:37:74:DB:C9:E6:05:DC:17:AB:23:A0:5A:16:80:39:8D:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DqRN3TbyeYF3BerI6BaFoA5jeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/oDHRY2p4X6qIRWZRDGncYz0E4F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f82426-7eb0-4765-8de9-e0063269e469/1/8DqRN3TbyeYF3BerI6BaFoA5jeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.213.0/24
87.120.162.0/23
92.243.89.0/24
185.88.202.0/24
185.242.28.0/22
Signature Algorithm: sha256WithRSAEncryption
71:a8:99:36:eb:b3:cb:8c:60:aa:51:e6:7f:95:ce:a6:a2:51:
4b:39:43:5f:e3:60:07:18:e1:f2:dc:b3:12:85:9e:81:fa:a5:
30:d6:49:dc:86:10:f8:cc:9c:d5:37:d9:41:45:b8:c3:b2:ed:
54:f9:3e:28:bd:80:3d:2c:60:5f:02:75:d5:5e:9c:bc:77:a5:
bc:ef:1a:98:3d:ca:5b:90:4f:57:26:1f:5f:68:e5:3a:c1:57:
a5:f2:5b:47:23:ff:09:bd:fb:11:8d:7f:cd:bf:f5:21:8d:32:
8c:0a:19:ab:2e:cd:d4:ec:d8:69:28:eb:b3:cd:26:23:88:0a:
06:b6:38:22:f2:98:a9:26:3f:32:af:33:d2:cc:6d:75:5e:60:
64:9a:6f:06:b2:6f:3c:4a:53:4c:ec:c1:e1:5e:15:e8:d8:b9:
45:d2:a9:72:8d:2f:b2:82:a9:fe:37:3e:e7:5e:08:a4:60:2b:
71:13:0c:04:be:88:ef:af:d5:96:a4:fa:49:b4:56:44:0b:76:
5b:63:2c:2b:4f:76:1f:fe:ab:0b:7c:63:61:da:11:22:3d:6a:
3d:ba:55:8c:93:ab:13:9c:54:b1:4a:ba:01:43:c1:35:51:5f:
d1:e3:ed:3d:d7:c4:28:fa:fe:35:60:26:54:32:63:2c:92:ff:
b3:33:7a:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZzTSoPYjWes97NDDrkAAkrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwM2E5MTM3NzRkYmM5ZTYwNWRjMTdhYjIzYTA1YTE2ODAz
OThkZTUwHhcNMjYwMzA5MTU1MDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMxZDE2MzZhNzg1ZmFhODg0NTY2NTEwYzY5ZGM2MzNkMDRlMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfXUfyxVCV1FyS6QOMk04fzJ5o6c
zBVqh87l8iXU9yZmwwcmOEZeoPFlPhSeKSV2E7bUjizJwwLwrjlhJp7mKGXPGT0H
nGrMxp+XCbe34EqCqzx3u0IgOqkURtP+Ziy6Cms+xKRcD/KBFs4jOIgAYV8070UU
ygNWaE7vRhZLUyzLr9Vi06868z1dv7Ycq8WvQfIdW2GArG2RrSM5bQjZQ4Fx/g/s
g6cbd3kOM0XDSrq15Qck936OWraalKVCZS/xbCk6ANOZLZPdyFKyPtxcyd6iNShI
NzxALiT4KWLaRjndgAzIgFnZtEtciQEhXGE7NiRz8UuI2DUl5qnkw2dskQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKAx0WNqeF+qiEVmUQxp3GM9BOBdMB8GA1UdIwQY
MBaAFPA6kTd028nmBdwXqyOgWhaAOY3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERxUk4zVGJ5ZVlGM0Jlckk2QmFGb0E1amVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mODI0MjYtN2ViMC00NzY1LThkZTkt
ZTAwNjMyNjllNDY5LzEvb0RIUlkycDRYNnFJUldaUkRHbmNZejBFNEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mODI0MjYtN2ViMC00NzY1LThkZTktZTAwNjMyNjllNDY5
LzEvOERxUk4zVGJ5ZVlGM0Jlckk2QmFGb0E1amVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJSzVAwQB
V3iiAwQAXPNZAwQAuVjKAwQCufIcMA0GCSqGSIb3DQEBCwUAA4IBAQBxqJk267PL
jGCqUeZ/lc6molFLOUNf42AHGOHy3LMShZ6B+qUw1knchhD4zJzVN9lBRbjDsu1U
+T4ovYA9LGBfAnXVXpy8d6W87xqYPcpbkE9XJh9faOU6wVel8ltHI/8JvfsRjX/N
v/UhjTKMChmrLs3U7NhpKOuzzSYjiAoGtjgi8pipJj8yrzPSzG11XmBkmm8Gsm88
SlNM7MHhXhXo2LlF0qlyjS+ygqn+Nz7nXgikYCtxEwwEvojvr9WWpPpJtFZEC3Zb
YywrT3Yf/qsLfGNh2hEiPWo9ulWMk6sTnFSxSroBQ8E1UV/R4+0918Qo+v41YCZU
MmMskv+zM3qe
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:52:20 2026 by rpki-client