Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/OMoauMYmdUPv4MfaS6_rGPMYiPQ.roa
File: OMoauMYmdUPv4MfaS6_rGPMYiPQ.roa (raw, json)
Hash identifier: sv6eEb0L6s4qUQ99CeDeWuSS0qFClHgYFCpdMQQpOy4=
Subject key identifier: 38:CA:1A:B8:C6:26:75:43:EF:E0:C7:DA:4B:AF:EB:18:F3:18:88:F4
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 019E920C2614F9ACCB40AEB4F10D57C57B99
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/OMoauMYmdUPv4MfaS6_rGPMYiPQ.roa
Signing time: Thu 04 Jun 2026 09:52:09 +0000
ROA not before: Thu 04 Jun 2026 09:52:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47952
IP address blocks: 45.136.106.0/24 maxlen: 24
45.139.220.0/24 maxlen: 24
45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
45.145.22.0/24 maxlen: 24
45.145.23.0/24 maxlen: 24
81.200.140.0/24 maxlen: 24
81.200.141.0/24 maxlen: 24
81.200.142.0/24 maxlen: 24
81.200.143.0/24 maxlen: 24
91.106.216.0/24 maxlen: 24
91.106.217.0/24 maxlen: 24
91.106.218.0/24 maxlen: 24
91.106.219.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
153.56.138.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
193.35.204.0/24 maxlen: 24
193.35.205.0/24 maxlen: 24
193.35.206.0/24 maxlen: 24
193.35.207.0/24 maxlen: 24
193.138.172.0/24 maxlen: 24
193.138.173.0/24 maxlen: 24
193.138.174.0/24 maxlen: 24
193.138.175.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.118.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0:2::/48 maxlen: 48
2a0a:c4c0:3::/48 maxlen: 48
2a0a:c4c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:0c:26:14:f9:ac:cb:40:ae:b4:f1:0d:57:c5:7b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Jun 4 09:52:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38ca1ab8c6267543efe0c7da4bafeb18f31888f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:72:c0:dc:3d:57:b6:3f:20:c9:e4:c0:c1:
15:67:cc:23:d8:0a:bc:ff:89:b0:b9:eb:d7:a6:1a:
6d:b2:95:46:e9:0c:d0:d5:89:2c:57:a6:e6:ed:35:
2c:cf:5b:94:6e:70:40:74:43:a6:1b:df:31:b6:39:
a2:e0:40:3b:48:fd:95:3f:1f:a7:91:b0:24:1a:4e:
38:89:ec:38:7d:0d:df:fe:c4:30:7d:7c:f2:ca:89:
2e:00:5b:a5:a5:d1:f0:61:9c:85:f0:13:81:08:11:
b5:d9:57:99:cb:ca:40:9a:78:2e:d3:d9:e4:92:29:
03:fb:73:dd:75:42:d2:2d:94:7e:6e:b0:60:da:28:
d4:be:45:d8:08:bc:05:c7:91:bd:c0:2f:8d:6c:bf:
14:a5:2e:7b:d6:6d:6d:01:ef:2c:9c:b1:71:c8:61:
ce:38:ef:bd:6d:6a:45:f3:f7:55:96:73:18:82:93:
c6:44:24:fa:66:22:8d:f5:c0:94:d0:1c:e4:7f:55:
a5:6e:af:8e:ed:65:12:ab:1b:c2:03:a8:78:d1:3a:
25:04:c2:e2:80:55:ac:70:32:d3:88:7c:5a:04:8a:
ad:ec:e4:6c:61:78:d2:49:5d:84:6d:42:5d:47:20:
60:30:68:48:18:f9:54:f4:65:97:1d:ad:e3:57:5d:
e4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CA:1A:B8:C6:26:75:43:EF:E0:C7:DA:4B:AF:EB:18:F3:18:88:F4
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/OMoauMYmdUPv4MfaS6_rGPMYiPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.106.0/24
45.139.220.0/23
45.139.223.0/24
45.145.21.0-45.145.23.255
81.200.140.0/22
91.106.216.0/22
91.194.52.0/24
91.194.54.0/24
153.56.138.0/24
185.82.220.0/22
185.126.177.0-185.126.179.255
185.201.212.0/22
193.35.204.0/22
193.138.172.0/22
194.127.116.0/22
IPv6:
2a0a:c4c0::/46
2a0a:c4c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
17:4d:d7:12:c7:5d:30:83:30:01:bf:52:e9:30:cd:03:95:1e:
f3:40:04:1b:f3:2f:fe:65:88:de:8e:14:39:35:25:4d:e1:d1:
38:bc:5d:4c:d1:2e:88:be:ca:4d:38:24:ac:3e:d1:89:47:69:
8f:5b:49:d2:55:47:8c:e3:0c:94:26:48:75:69:fe:9f:0f:30:
0a:48:76:05:16:52:aa:74:c2:ec:1d:8f:06:dc:6d:8d:c7:3c:
6c:df:01:41:e4:41:5a:b9:e5:f8:99:ed:63:1d:ea:e9:b8:f4:
f5:ef:d6:c0:e1:e3:8a:17:96:9d:52:ac:5b:c2:98:68:be:e9:
ed:3e:15:22:62:37:f7:c5:9b:7d:46:bf:9a:02:ad:e2:35:14:
4e:6d:fa:f4:9b:5d:da:35:28:67:5a:93:6e:e7:78:e4:5c:92:
93:33:a5:99:c6:72:9d:59:9f:29:c4:51:0b:a3:87:66:28:1e:
b9:79:32:ce:3a:e1:7d:79:0d:00:66:46:c7:83:42:97:ab:e3:
1d:ff:15:15:3f:8b:74:0c:18:15:a9:2a:2d:ab:4c:be:05:99:
1e:87:07:2d:1a:fb:71:89:64:34:92:e1:40:0f:12:e5:f1:c7:
1a:78:36:d0:8a:d5:0f:3a:3f:36:85:f6:4f:c9:4b:b1:9c:db:
64:80:6d:bb
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZ6SDCYU+azLQK608Q1XxXuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjYwNjA0MDk1MjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNhMWFiOGM2MjY3NTQzZWZlMGM3ZGE0YmFmZWIxOGYzMTg4OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvZywNw9V7Y/IMnkwMEVZ8wj2Aq8
/4mwuevXphptspVG6QzQ1YksV6bm7TUsz1uUbnBAdEOmG98xtjmi4EA7SP2VPx+n
kbAkGk44iew4fQ3f/sQwfXzyyokuAFulpdHwYZyF8BOBCBG12VeZy8pAmngu09nk
kikD+3PddULSLZR+brBg2ijUvkXYCLwFx5G9wC+NbL8UpS571m1tAe8snLFxyGHO
OO+9bWpF8/dVlnMYgpPGRCT6ZiKN9cCU0Bzkf1Wlbq+O7WUSqxvCA6h40TolBMLi
gFWscDLTiHxaBIqt7ORsYXjSSV2EbUJdRyBgMGhIGPlU9GWXHa3jV13klQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFDjKGrjGJnVD7+DH2kuv6xjzGIj0MB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvT01vYXVNWW1kVVB2NE1mYVM2X3JHUE1ZaVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBwBAIAATBqAwQALYhq
AwQBLYvcAwQALYvfMAwDBAAtkRUDBAMtkRADBAJRyIwDBAJbatgDBABbwjQDBABb
wjYDBACZOIoDBAK5UtwwDAMEALl+sQMEArl+sAMEArnJ1AMEAsEjzAMEAsGKrAME
AsJ/dDAYBAIAAjASAwcCKgrEwAAAAwcAKgrEwAEAMA0GCSqGSIb3DQEBCwUAA4IB
AQAXTdcSx10wgzABv1LpMM0DlR7zQAQb8y/+ZYjejhQ5NSVN4dE4vF1M0S6IvspN
OCSsPtGJR2mPW0nSVUeM4wyUJkh1af6fDzAKSHYFFlKqdMLsHY8G3G2Nxzxs3wFB
5EFaueX4me1jHerpuPT179bA4eOKF5adUqxbwphovuntPhUiYjf3xZt9Rr+aAq3i
NRRObfr0m13aNShnWpNu53jkXJKTM6WZxnKdWZ8pxFELo4dmKB65eTLOOuF9eQ0A
ZkbHg0KXq+Md/xUVP4t0DBgVqSotq0y+BZkehwctGvtxiWQ0kuFADxLl8ccaeDbQ
itUPOj82hfZPyUuxnNtkgG27
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:46:02 2026 by rpki-client