Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/OSAPeBxLXL8WEMcfNPbvB1u1I9U.roa
File: OSAPeBxLXL8WEMcfNPbvB1u1I9U.roa (raw, json)
Hash identifier: gjD3OrTjJ9JSR5cEEkMdNVWzLp3Vm7jH9g2fpLz34KI=
Subject key identifier: 39:20:0F:78:1C:4B:5C:BF:16:10:C7:1F:34:F6:EF:07:5B:B5:23:D5
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019E6B3B46DA0B3516C249E8E3F180F7A92D
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/OSAPeBxLXL8WEMcfNPbvB1u1I9U.roa
Signing time: Wed 27 May 2026 20:58:27 +0000
ROA not before: Wed 27 May 2026 20:58:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 201.51.16.0/24 maxlen: 32
201.51.17.0/24 maxlen: 32
201.51.18.0/24 maxlen: 32
201.51.19.0/24 maxlen: 32
201.51.20.0/24 maxlen: 32
201.51.21.0/24 maxlen: 32
201.51.22.0/24 maxlen: 32
201.51.23.0/24 maxlen: 32
201.51.24.0/24 maxlen: 32
201.51.25.0/24 maxlen: 32
201.51.26.0/24 maxlen: 32
201.51.27.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6b:3b:46:da:0b:35:16:c2:49:e8:e3:f1:80:f7:a9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: May 27 20:58:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39200f781c4b5cbf1610c71f34f6ef075bb523d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:45:0e:c4:49:65:4b:1f:5b:1f:50:49:95:72:
e7:d7:a3:30:6c:97:33:74:2d:d6:e6:c9:5c:c7:3f:
9a:16:81:f2:02:ca:47:23:e2:d8:9d:82:44:21:bb:
9b:2b:13:1c:df:79:fe:ff:71:2c:fa:f5:92:78:0f:
56:92:99:5d:7f:12:5a:94:91:8a:5e:29:5f:be:2e:
2b:40:6c:92:30:e2:20:c4:2b:d8:ec:0b:04:5d:7d:
b0:10:fc:a5:63:39:c1:bf:bf:60:46:18:a3:9c:23:
1d:40:eb:bb:70:4f:26:93:53:c2:9e:f3:05:43:7c:
70:49:1b:f1:30:37:08:ad:d0:a0:df:ac:21:80:29:
fb:72:73:94:f8:39:07:20:4d:53:4e:ca:5a:6c:53:
5c:14:74:b3:37:80:b7:7d:95:b7:fb:e6:ba:6c:a8:
f1:74:7d:29:6e:b0:d4:6c:11:58:58:35:16:b2:0c:
48:9d:aa:76:67:5d:57:2a:e6:fa:87:d4:22:f0:81:
ee:00:94:87:32:57:3e:c8:bf:fb:3b:f5:79:82:fe:
c0:99:52:b3:4c:fa:ec:9d:7d:20:ce:0a:81:88:92:
49:8e:6c:fc:33:6a:24:e8:ea:a2:85:31:70:b6:ed:
53:48:4f:73:b1:db:61:81:7f:7f:53:40:1d:31:e8:
ef:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:20:0F:78:1C:4B:5C:BF:16:10:C7:1F:34:F6:EF:07:5B:B5:23:D5
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/OSAPeBxLXL8WEMcfNPbvB1u1I9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.51.16.0-201.51.27.255
Signature Algorithm: sha256WithRSAEncryption
2d:0d:84:e8:89:a9:3b:e5:86:c0:1a:19:f7:55:5c:aa:c6:e8:
04:51:d9:e9:8b:d8:5d:ee:25:b0:13:66:56:0c:96:5e:8e:e5:
12:93:4a:19:a0:c0:e9:8d:c5:6f:be:e0:0b:45:7c:8c:b5:26:
dc:b3:c7:58:3d:23:65:2a:98:9f:b0:3d:86:75:31:0c:fd:78:
f5:95:a3:0a:c2:50:d7:d4:2d:9f:d8:65:eb:df:a2:fa:37:ec:
96:46:2a:a2:48:d7:28:4d:9e:72:d7:2b:c5:92:16:e6:b0:4f:
0f:6b:62:b1:72:bf:b0:ed:59:2e:81:ba:47:b0:33:ca:4e:5e:
d8:10:b1:46:de:de:b9:3b:c0:a4:9b:23:d9:0c:8c:f4:ba:54:
cc:42:a4:ba:5d:b3:22:2d:ab:81:79:4e:a9:14:3d:1b:49:0b:
10:5c:4e:f5:81:58:93:77:dd:e1:55:5a:70:70:d9:6d:71:2d:
0a:82:eb:0f:f0:c6:f7:de:d8:9a:80:3f:29:86:59:55:82:d7:
5c:3c:93:e6:24:f6:44:c2:bf:85:63:10:6e:6a:c5:ad:29:48:
94:c1:ec:6b:a0:af:68:d5:60:d3:5a:1f:a4:2e:08:cf:39:36:
1d:7b:b5:7d:50:8b:46:ce:b1:6a:1e:6a:ec:e4:6a:dc:c1:b3:
c3:31:b4:25
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ5rO0baCzUWwkno4/GA96ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNTI3MjA1ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIwMGY3ODFjNGI1Y2JmMTYxMGM3MWYzNGY2ZWYwNzViYjUyM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEUOxEllSx9bH1BJlXLn16MwbJcz
dC3W5slcxz+aFoHyAspHI+LYnYJEIbubKxMc33n+/3Es+vWSeA9WkpldfxJalJGK
Xilfvi4rQGySMOIgxCvY7AsEXX2wEPylYznBv79gRhijnCMdQOu7cE8mk1PCnvMF
Q3xwSRvxMDcIrdCg36whgCn7cnOU+DkHIE1TTspabFNcFHSzN4C3fZW3++a6bKjx
dH0pbrDUbBFYWDUWsgxInap2Z11XKub6h9Qi8IHuAJSHMlc+yL/7O/V5gv7AmVKz
TPrsnX0gzgqBiJJJjmz8M2ok6OqihTFwtu1TSE9zsdthgX9/U0AdMejvYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDkgD3gcS1y/FhDHHzT27wdbtSPVMB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvT1NBUGVCeExYTDhXRU1jZk5QYnZCMXUxSTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATJMxAD
BALJMxgwDQYJKoZIhvcNAQELBQADggEBAC0NhOiJqTvlhsAaGfdVXKrG6ARR2emL
2F3uJbATZlYMll6O5RKTShmgwOmNxW++4AtFfIy1Jtyzx1g9I2UqmJ+wPYZ1MQz9
ePWVowrCUNfULZ/YZevfovo37JZGKqJI1yhNnnLXK8WSFuawTw9rYrFyv7DtWS6B
ukewM8pOXtgQsUbe3rk7wKSbI9kMjPS6VMxCpLpdsyItq4F5TqkUPRtJCxBcTvWB
WJN33eFVWnBw2W1xLQqC6w/wxvfe2JqAPymGWVWC11w8k+Yk9kTCv4VjEG5qxa0p
SJTB7Gugr2jVYNNaH6QuCM85Nh17tX1Qi0bOsWoeauzkatzBs8MxtCU=
-----END CERTIFICATE-----
Generated at Thu Jun 4 08:55:33 2026 by rpki-client