Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ome9ENxACar5A0KfusHg2G4ceEs.roa
File: Ome9ENxACar5A0KfusHg2G4ceEs.roa (raw, json)
Hash identifier: ju0f6TO5w7H9J6wWZNtPT22aH6qT8/ZzoqZeJJPkQhI=
Subject key identifier: 3A:67:BD:10:DC:40:09:AA:F9:03:42:9F:BA:C1:E0:D8:6E:1C:78:4B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C054AC3A855A89F13DC2D8FFB4ACCEB24
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ome9ENxACar5A0KfusHg2G4ceEs.roa
Signing time: Wed 28 Jan 2026 15:48:31 +0000
ROA not before: Wed 28 Jan 2026 15:48:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 77.93.142.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:05:4a:c3:a8:55:a8:9f:13:dc:2d:8f:fb:4a:cc:eb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 28 15:48:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a67bd10dc4009aaf903429fbac1e0d86e1c784b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:6e:bf:df:8b:23:b5:9c:a7:6a:1d:65:c9:
32:c5:ce:60:15:13:47:c6:85:88:0d:bd:a5:ff:30:
09:3c:57:2f:75:04:00:ed:db:3b:59:15:78:f7:63:
9f:95:92:95:61:e6:d1:98:0e:c0:97:68:7b:2c:6f:
63:d6:7c:a5:e5:74:c5:14:99:4a:3c:40:1d:5b:2d:
72:cb:9c:e8:ff:f5:4d:c1:d4:84:ac:b1:8b:08:03:
73:15:0c:60:5f:08:b4:c4:9a:1c:31:42:4b:ea:d5:
a8:b5:bc:d4:bc:b3:e8:8f:5a:af:b6:51:76:01:88:
2e:4c:75:48:21:ca:0d:e1:83:87:10:58:df:89:c1:
8b:ce:c3:41:a3:d5:5c:7e:f1:f4:ca:6a:08:77:a5:
db:d4:d3:e4:61:f6:2d:cd:db:29:a1:80:71:5d:f9:
f2:e5:b5:f0:00:db:59:40:8a:6d:53:12:cf:5d:91:
68:5c:50:95:2f:8b:2f:bd:b0:52:dc:c6:f5:21:e3:
c3:e2:a8:75:ed:a1:21:f5:bd:94:34:86:13:82:a7:
b5:00:80:9c:47:8e:cc:05:0b:00:30:19:07:df:b3:
c7:54:e2:d4:3a:ac:d0:ac:1e:28:22:57:bf:73:b5:
8f:05:af:ea:57:bd:c0:96:dd:55:5b:67:69:1e:aa:
49:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:67:BD:10:DC:40:09:AA:F9:03:42:9F:BA:C1:E0:D8:6E:1C:78:4B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ome9ENxACar5A0KfusHg2G4ceEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.142.0/24
89.213.229.0/24
89.213.249.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b3:bd:b8:f4:46:51:96:99:06:d1:52:d5:c8:f0:e3:52:e9:
74:72:30:95:98:80:00:8a:11:b4:f2:9b:a9:a6:77:52:e9:b7:
3d:cd:92:75:21:c4:aa:b7:85:77:b2:16:d6:14:2f:19:9e:be:
7f:2d:26:25:24:12:d3:fa:64:01:d5:54:9c:8c:ae:14:0e:07:
ad:a6:d9:46:f9:9b:49:87:a8:2b:b3:30:56:42:9c:39:fb:f7:
11:b1:cf:bf:27:3f:6e:ff:da:d5:92:ae:ec:bc:3d:dd:20:9c:
75:74:01:9e:67:da:0d:ed:fe:d1:97:c2:75:a9:a2:6e:5c:eb:
2d:cd:82:2e:6c:e2:f3:d5:e8:79:f5:fc:cc:79:05:0b:52:15:
d5:ff:4d:94:32:b4:2c:8c:79:6d:9c:23:d0:26:5a:11:8a:1a:
33:fb:06:17:18:06:00:77:90:89:97:99:df:a0:16:75:3e:9b:
a5:16:64:31:fc:4f:41:fd:4d:34:b9:a8:ea:88:fc:3b:03:7f:
20:d2:80:f9:c5:6b:3d:c2:bc:60:40:99:da:82:66:e8:ef:4c:
65:b5:9b:cc:ed:f8:e8:5a:f4:f2:c3:fa:a4:a4:08:4e:77:db:
25:35:c0:95:f2:de:eb:48:74:dd:e7:59:81:e4:c2:46:d8:19:
d5:8f:41:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZwFSsOoVaifE9wtj/tKzOskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMTI4MTU0ODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY3YmQxMGRjNDAwOWFhZjkwMzQyOWZiYWMxZTBkODZlMWM3ODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl9uv9+LI7Wcp2odZckyxc5gFRNH
xoWIDb2l/zAJPFcvdQQA7ds7WRV492OflZKVYebRmA7Al2h7LG9j1nyl5XTFFJlK
PEAdWy1yy5zo//VNwdSErLGLCANzFQxgXwi0xJocMUJL6tWotbzUvLPoj1qvtlF2
AYguTHVIIcoN4YOHEFjficGLzsNBo9VcfvH0ymoId6Xb1NPkYfYtzdspoYBxXfny
5bXwANtZQIptUxLPXZFoXFCVL4svvbBS3Mb1IePD4qh17aEh9b2UNIYTgqe1AICc
R47MBQsAMBkH37PHVOLUOqzQrB4oIle/c7WPBa/qV73Alt1VW2dpHqpJ7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpnvRDcQAmq+QNCn7rB4NhuHHhLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT21lOUVOeEFDYXI1QTBLZnVzSGcyRzRjZUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2OAwQA
WdXlAwQAWdX5AwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQBqs7249EZRlpkG0VLV
yPDjUul0cjCVmIAAihG08puppndS6bc9zZJ1IcSqt4V3shbWFC8Znr5/LSYlJBLT
+mQB1VScjK4UDgetptlG+ZtJh6grszBWQpw5+/cRsc+/Jz9u/9rVkq7svD3dIJx1
dAGeZ9oN7f7Rl8J1qaJuXOstzYIubOLz1eh59fzMeQULUhXV/02UMrQsjHltnCPQ
JloRihoz+wYXGAYAd5CJl5nfoBZ1PpulFmQx/E9B/U00uajqiPw7A38g0oD5xWs9
wrxgQJnagmbo70xltZvM7fjoWvTyw/qkpAhOd9slNcCV8t7rSHTd51mB5MJG2BnV
j0Gg
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:05:27 2026 by rpki-client