Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/OEE53oTdYF0pAbxJpAz57xdOPpY.roa
File: OEE53oTdYF0pAbxJpAz57xdOPpY.roa (raw, json)
Hash identifier: fphdgl361cpaAl5IGhNhzhRi2S+bAkuhBiyjk+1TDtM=
Subject key identifier: 38:41:39:DE:84:DD:60:5D:29:01:BC:49:A4:0C:F9:EF:17:4E:3E:96
Certificate issuer: /CN=958e6c4a5062f174ff3cd18bf8a41ba5738db076
Certificate serial: 019E6EFC93A5085197FA72F82E3B6FEBDC25
Authority key identifier: 95:8E:6C:4A:50:62:F1:74:FF:3C:D1:8B:F8:A4:1B:A5:73:8D:B0:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/OEE53oTdYF0pAbxJpAz57xdOPpY.roa
Signing time: Thu 28 May 2026 14:28:27 +0000
ROA not before: Thu 28 May 2026 14:28:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42969
IP address blocks: 158.94.187.0/24 maxlen: 24
158.94.218.0/24 maxlen: 24
194.187.179.0/24 maxlen: 24
2a0e:7b86:ffff::/48 maxlen: 48
2a0e:7b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 16:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:fc:93:a5:08:51:97:fa:72:f8:2e:3b:6f:eb:dc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=958e6c4a5062f174ff3cd18bf8a41ba5738db076
Validity
Not Before: May 28 14:28:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=384139de84dd605d2901bc49a40cf9ef174e3e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:16:75:81:4e:1d:ac:32:49:33:da:9d:08:dd:
3b:1a:d8:05:3d:ac:b3:81:6e:3f:1a:bd:a8:29:98:
84:02:c3:a3:72:62:65:4c:06:10:43:95:ea:52:e4:
ff:05:1c:af:2b:c5:f4:8a:2a:6b:c5:02:0b:f8:e8:
45:d6:1a:bc:95:31:a2:ab:a1:94:0c:49:f0:6b:17:
8e:23:1c:4f:84:5d:f7:86:d0:3f:32:0e:19:6d:ea:
6e:e5:32:26:d5:1c:97:38:fa:48:a9:b5:98:6a:6e:
6d:ae:8d:dd:9b:8d:9c:63:3e:9f:82:e2:7e:a4:45:
91:4c:dc:e8:d7:c3:3c:3d:ae:a9:a3:2d:b4:d0:51:
5b:49:b4:fe:39:cd:b5:bb:df:7b:b2:84:ce:c3:cc:
a2:f9:82:34:43:aa:02:14:80:e3:22:40:d3:d7:c1:
83:d2:ff:1d:80:c0:90:14:fd:6c:35:f9:79:f8:25:
44:56:2e:1c:76:44:13:a5:6d:ae:90:a9:d6:f4:43:
d6:93:9b:7c:96:e0:77:f0:e8:ef:67:7b:2a:11:35:
d4:f6:fe:34:d2:f2:2f:e0:3e:04:4b:a7:17:d7:c0:
94:fa:70:08:22:6b:22:2e:3c:db:e8:1b:82:c8:ea:
cc:52:c5:d2:57:67:3f:e5:3a:1b:0c:7f:a6:5a:da:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:41:39:DE:84:DD:60:5D:29:01:BC:49:A4:0C:F9:EF:17:4E:3E:96
X509v3 Authority Key Identifier:
keyid:95:8E:6C:4A:50:62:F1:74:FF:3C:D1:8B:F8:A4:1B:A5:73:8D:B0:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/OEE53oTdYF0pAbxJpAz57xdOPpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.94.187.0/24
158.94.218.0/24
194.187.179.0/24
IPv6:
2a0e:7b86:ffff::-2a0e:7b87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:60:f5:78:3a:3c:fb:be:d1:8f:55:17:89:dd:b3:96:24:86:
0a:74:83:f2:f3:92:15:57:3f:85:cf:60:73:4a:83:14:5f:af:
48:39:e2:2c:9c:ee:00:59:da:c9:a6:9e:36:6c:d1:3b:80:15:
31:8e:0d:32:de:dc:c4:71:6a:bf:18:25:c3:a0:ab:e8:e2:f6:
14:ce:13:82:34:d3:84:00:f1:5a:80:54:1b:24:94:02:16:2e:
a2:36:a7:6b:d9:f0:5e:2b:ab:56:97:6c:66:f8:6c:eb:98:04:
11:86:e3:0c:fe:f0:77:62:5d:69:c0:b3:87:82:48:b9:fb:8e:
49:d6:69:11:12:ba:9b:e1:b2:fd:da:f5:76:a2:77:d5:13:f7:
24:5b:3e:cd:b3:8b:66:70:46:8a:a6:6b:63:2b:09:21:36:69:
a3:74:81:d5:22:f1:f8:f6:c1:00:c9:d4:59:d4:76:31:c3:ec:
3b:d6:d1:50:45:f2:52:32:70:39:dc:2b:59:48:78:77:a9:01:
a8:7b:ea:bd:83:e7:1f:82:b3:1c:b1:39:88:61:33:cb:6e:4c:
44:7a:98:e3:8e:03:f0:18:6d:ac:93:cc:9c:47:a1:87:0a:1b:
4c:ab:bd:ec:37:80:ca:b7:3b:b1:f7:86:d8:39:a1:d7:e3:8b:
58:23:7f:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ5u/JOlCFGX+nL4Ljtv69wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OGU2YzRhNTA2MmYxNzRmZjNjZDE4YmY4YTQxYmE1NzM4
ZGIwNzYwHhcNMjYwNTI4MTQyODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQxMzlkZTg0ZGQ2MDVkMjkwMWJjNDlhNDBjZjllZjE3NGUzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxZ1gU4drDJJM9qdCN07GtgFPayz
gW4/Gr2oKZiEAsOjcmJlTAYQQ5XqUuT/BRyvK8X0iiprxQIL+OhF1hq8lTGiq6GU
DEnwaxeOIxxPhF33htA/Mg4Zbepu5TIm1RyXOPpIqbWYam5tro3dm42cYz6fguJ+
pEWRTNzo18M8Pa6poy200FFbSbT+Oc21u997soTOw8yi+YI0Q6oCFIDjIkDT18GD
0v8dgMCQFP1sNfl5+CVEVi4cdkQTpW2ukKnW9EPWk5t8luB38OjvZ3sqETXU9v40
0vIv4D4ES6cX18CU+nAIImsiLjzb6BuCyOrMUsXSV2c/5TobDH+mWto4swIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDhBOd6E3WBdKQG8SaQM+e8XTj6WMB8GA1UdIwQY
MBaAFJWObEpQYvF0/zzRi/ikG6VzjbB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFk1c1NsQmk4WFRfUE5HTC1LUWJwWE9Oc0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wYjE4ZDAtMDc3ZC00MjNlLWE5ZTAt
NTE1MjA4NjM2YWJiLzEvT0VFNTNvVGRZRjBwQWJ4SnBBejU3eGRPUHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wYjE4ZDAtMDc3ZC00MjNlLWE5ZTAtNTE1MjA4NjM2YWJi
LzEvbFk1c1NsQmk4WFRfUE5HTC1LUWJwWE9Oc0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAnl67AwQA
nl7aAwQAwruzMBgEAgACMBIwEAMHACoOe4b//wMFAyoOe4AwDQYJKoZIhvcNAQEL
BQADggEBAGpg9Xg6PPu+0Y9VF4nds5Ykhgp0g/LzkhVXP4XPYHNKgxRfr0g54iyc
7gBZ2smmnjZs0TuAFTGODTLe3MRxar8YJcOgq+ji9hTOE4I004QA8VqAVBsklAIW
LqI2p2vZ8F4rq1aXbGb4bOuYBBGG4wz+8HdiXWnAs4eCSLn7jknWaRESupvhsv3a
9Xaid9UT9yRbPs2zi2ZwRoqma2MrCSE2aaN0gdUi8fj2wQDJ1FnUdjHD7DvW0VBF
8lIycDncK1lIeHepAah76r2D5x+CsxyxOYhhM8tuTER6mOOOA/AYbayTzJxHoYcK
G0yrvew3gMq3O7H3htg5odfji1gjf8k=
-----END CERTIFICATE-----
Generated at Mon Jun 1 22:41:02 2026 by rpki-client