Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/oqTmfsc1D4MnyBsZee6BcgL9gJo.roa
File: oqTmfsc1D4MnyBsZee6BcgL9gJo.roa (raw, json)
Hash identifier: OWbz1TN8yFNhIWGhpwvJQESVbEDOFQPGS/pO8lsLego=
Subject key identifier: A2:A4:E6:7E:C7:35:0F:83:27:C8:1B:19:79:EE:81:72:02:FD:80:9A
Certificate issuer: /CN=1394ee52c365ad1d3abc0e30e40d110599261790
Certificate serial: 019DD3E8E64E809128383A71CCD8CD593129
Authority key identifier: 13:94:EE:52:C3:65:AD:1D:3A:BC:0E:30:E4:0D:11:05:99:26:17:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/oqTmfsc1D4MnyBsZee6BcgL9gJo.roa
Signing time: Tue 28 Apr 2026 11:45:49 +0000
ROA not before: Tue 28 Apr 2026 11:45:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 62.122.126.0/24 maxlen: 24
91.224.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 11:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:e8:e6:4e:80:91:28:38:3a:71:cc:d8:cd:59:31:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1394ee52c365ad1d3abc0e30e40d110599261790
Validity
Not Before: Apr 28 11:45:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a2a4e67ec7350f8327c81b1979ee817202fd809a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2d:a6:ec:69:85:b8:85:9a:59:b5:30:ef:aa:
63:e2:ba:4b:af:7a:3c:55:dc:d2:64:7b:6e:38:3c:
f1:54:22:4b:db:5f:99:9c:ec:af:f8:cd:68:27:59:
47:21:88:b2:2b:f2:01:33:34:16:50:55:bb:bd:b6:
bc:ec:d5:62:b8:7f:b9:42:ec:8a:9a:aa:49:03:4c:
65:cf:f8:7f:32:9d:b3:a2:75:10:66:b6:9a:b6:ab:
c7:89:96:87:ee:58:a8:b8:9a:31:e7:22:8c:e6:de:
24:f5:25:a8:73:d2:58:61:cf:a3:10:ee:2b:dc:ab:
4f:c5:fc:ce:9b:b6:e7:44:d1:06:39:18:19:c9:89:
dd:ff:9e:25:b9:ab:d9:1e:b2:bb:ba:c0:e0:38:ff:
7f:d3:64:3d:ed:f9:c7:d0:5e:33:1c:93:08:4b:50:
5e:c5:c3:33:19:04:f9:ce:13:7a:42:7e:e7:2a:66:
22:ca:7f:42:01:2b:22:fa:26:75:96:df:bf:e9:7c:
e4:3f:41:e6:fe:7d:5a:92:17:48:32:28:9a:1d:29:
2d:52:63:e6:c2:f5:8b:05:7d:22:60:e5:91:48:2c:
41:45:b3:32:d0:7a:6a:61:04:5a:8f:a3:c1:68:04:
76:fd:b0:88:c3:c6:30:98:f1:61:a7:3a:33:5d:3c:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A4:E6:7E:C7:35:0F:83:27:C8:1B:19:79:EE:81:72:02:FD:80:9A
X509v3 Authority Key Identifier:
keyid:13:94:EE:52:C3:65:AD:1D:3A:BC:0E:30:E4:0D:11:05:99:26:17:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/oqTmfsc1D4MnyBsZee6BcgL9gJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.126.0/24
91.224.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d5:36:e7:c7:39:be:91:90:2e:9b:ed:bf:b6:d1:01:0e:ef:
8f:da:a6:95:86:92:48:3e:9e:5d:2d:80:7c:1e:b3:c0:e5:ee:
ad:a9:03:30:34:03:ae:c5:a4:3c:93:5e:ad:45:7f:fc:87:c2:
7c:36:3f:a5:0f:b1:35:c3:36:d6:1c:4f:09:d0:cd:cc:2e:62:
9c:ac:3d:e9:5b:86:a8:73:fb:d4:4d:20:c1:e8:b0:c1:40:67:
5b:ea:99:a9:69:a1:87:fd:74:42:cc:8f:c9:b8:d9:09:f7:f6:
28:a0:12:4e:34:ce:31:62:52:59:4f:b8:0d:8b:1e:f6:8d:94:
42:5b:82:c9:90:3c:7d:6e:b7:ef:eb:01:73:ba:dd:86:2f:37:
c9:c2:28:cc:2d:2b:de:ed:82:21:2b:12:04:51:3d:f4:85:25:
5b:3c:e6:51:7d:c2:88:17:ea:0c:d0:ec:df:1c:89:cf:1e:79:
36:04:78:8f:f6:4e:3e:50:a4:74:94:df:79:d2:fd:56:9b:5f:
ed:e0:f9:2e:04:29:90:b2:bf:30:e8:3f:46:20:19:e9:38:f3:
5c:de:3d:fe:fe:5a:b2:87:c1:46:c5:25:0a:36:65:d8:08:67:
91:e3:53:ff:e4:48:9e:b7:fc:8a:de:69:bf:5b:84:f8:6b:ce:
25:29:e3:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3T6OZOgJEoODpxzNjNWTEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTRlZTUyYzM2NWFkMWQzYWJjMGUzMGU0MGQxMTA1OTky
NjE3OTAwHhcNMjYwNDI4MTE0NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE0ZTY3ZWM3MzUwZjgzMjdjODFiMTk3OWVlODE3MjAyZmQ4MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC2m7GmFuIWaWbUw76pj4rpLr3o8
VdzSZHtuODzxVCJL21+ZnOyv+M1oJ1lHIYiyK/IBMzQWUFW7vba87NViuH+5QuyK
mqpJA0xlz/h/Mp2zonUQZraatqvHiZaH7liouJox5yKM5t4k9SWoc9JYYc+jEO4r
3KtPxfzOm7bnRNEGORgZyYnd/54luavZHrK7usDgOP9/02Q97fnH0F4zHJMIS1Be
xcMzGQT5zhN6Qn7nKmYiyn9CASsi+iZ1lt+/6XzkP0Hm/n1akhdIMiiaHSktUmPm
wvWLBX0iYOWRSCxBRbMy0HpqYQRaj6PBaAR2/bCIw8YwmPFhpzozXTwfJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKKk5n7HNQ+DJ8gbGXnugXIC/YCaMB8GA1UdIwQY
MBaAFBOU7lLDZa0dOrwOMOQNEQWZJheQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVUdVVzTmxyUjA2dkE0dzVBMFJCWmttRjVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82MTdlOWEtMGQzYS00N2Y4LTk4NTYt
MWRhMDU1ZThiNGYzLzEvb3FUbWZzYzFENE1ueUJzWmVlNkJjZ0w5Z0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82MTdlOWEtMGQzYS00N2Y4LTk4NTYtMWRhMDU1ZThiNGYz
LzEvRTVUdVVzTmxyUjA2dkE0dzVBMFJCWmttRjVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPnp+AwQA
W+B1MA0GCSqGSIb3DQEBCwUAA4IBAQBO1Tbnxzm+kZAum+2/ttEBDu+P2qaVhpJI
Pp5dLYB8HrPA5e6tqQMwNAOuxaQ8k16tRX/8h8J8Nj+lD7E1wzbWHE8J0M3MLmKc
rD3pW4aoc/vUTSDB6LDBQGdb6pmpaaGH/XRCzI/JuNkJ9/YooBJONM4xYlJZT7gN
ix72jZRCW4LJkDx9brfv6wFzut2GLzfJwijMLSve7YIhKxIEUT30hSVbPOZRfcKI
F+oM0OzfHInPHnk2BHiP9k4+UKR0lN950v1Wm1/t4PkuBCmQsr8w6D9GIBnpOPNc
3j3+/lqyh8FGxSUKNmXYCGeR41P/5Eiet/yK3mm/W4T4a84lKeOR
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:26:22 2026 by rpki-client