Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/O1wzsxelzeF9YcdBxdssZTf68Qw.roa
File: O1wzsxelzeF9YcdBxdssZTf68Qw.roa (raw, json)
Hash identifier: CbqbGfA5VzZsYqz9C5xLS5HV2SY71GRAWY4v5jyV9d4=
Subject key identifier: 3B:5C:33:B3:17:A5:CD:E1:7D:61:C7:41:C5:DB:2C:65:37:FA:F1:0C
Certificate issuer: /CN=01335442514d5249b5143cfdf821216bb5c52940
Certificate serial: 019E8DCF3EF61B1D75BDE1E127E4F6CDA8B4
Authority key identifier: 01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/O1wzsxelzeF9YcdBxdssZTf68Qw.roa
Signing time: Wed 03 Jun 2026 14:07:09 +0000
ROA not before: Wed 03 Jun 2026 14:07:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50340
IP address blocks: 88.212.192.0/20 maxlen: 24
88.212.192.0/24 maxlen: 24
88.212.196.0/24 maxlen: 24
88.212.204.0/24 maxlen: 24
88.212.208.0/22 maxlen: 24
88.212.220.0/22 maxlen: 24
88.212.224.0/22 maxlen: 24
88.212.228.0/22 maxlen: 24
88.212.229.0/24 maxlen: 24
88.212.230.0/23 maxlen: 24
185.206.100.0/22 maxlen: 24
185.206.100.0/24 maxlen: 24
2a02:2100::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:cf:3e:f6:1b:1d:75:bd:e1:e1:27:e4:f6:cd:a8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01335442514d5249b5143cfdf821216bb5c52940
Validity
Not Before: Jun 3 14:07:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b5c33b317a5cde17d61c741c5db2c6537faf10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:36:96:74:db:c0:b1:83:25:02:66:2a:c9:
b4:44:e2:ff:ad:83:e7:1d:69:7b:d3:99:11:d7:ee:
97:67:1b:4e:8d:ba:0f:c6:1a:54:f0:31:87:98:76:
16:ff:60:62:e7:81:93:4b:85:c5:41:c6:da:86:2c:
03:e7:14:fd:5b:6d:1e:95:ed:4a:b5:ed:66:2c:3a:
1e:ad:7e:b2:4d:84:f8:4b:d0:5f:ba:4b:ab:f6:12:
9c:a8:c7:41:e5:8b:1a:e6:62:ba:85:e5:29:37:5a:
39:94:79:e1:60:42:9e:ea:69:cf:2d:15:33:f3:d2:
99:3a:3d:40:42:3b:90:e6:c0:c1:cf:ac:2c:a0:64:
25:55:bc:f2:da:5d:ea:37:4c:e9:4e:c1:e7:aa:df:
fe:31:0c:92:29:b4:6b:e1:61:2c:98:1e:b7:63:08:
94:0c:4d:e5:e0:ea:38:9f:db:e9:7a:e9:e1:b7:f4:
91:57:82:ea:7a:15:8e:b5:39:98:27:f9:a3:86:0f:
75:45:c9:4a:64:6e:75:35:4a:a1:79:5c:fb:d3:12:
1d:89:f4:57:89:7a:f4:1d:f9:b4:5a:cf:b5:75:e1:
93:08:3b:81:b8:d4:eb:0c:cf:96:05:0a:00:f7:89:
6f:bd:fc:1a:8c:03:1d:63:fe:91:80:7f:ea:5f:7b:
6f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5C:33:B3:17:A5:CD:E1:7D:61:C7:41:C5:DB:2C:65:37:FA:F1:0C
X509v3 Authority Key Identifier:
keyid:01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/O1wzsxelzeF9YcdBxdssZTf68Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.212.192.0-88.212.211.255
88.212.220.0-88.212.231.255
185.206.100.0/22
IPv6:
2a02:2100::/32
Signature Algorithm: sha256WithRSAEncryption
08:b9:84:50:b1:91:f0:ed:d8:82:14:3a:a1:00:7b:d4:7a:72:
1f:50:c1:14:c7:ed:ff:cf:dd:92:6c:25:b4:52:8d:46:12:89:
6b:48:40:5b:b8:b9:db:25:cb:bb:9d:a1:6d:82:19:56:ca:3f:
f7:47:c5:08:08:d2:23:ff:85:ea:09:31:a8:67:f1:14:fa:4c:
68:31:44:8d:bd:e0:88:9c:2c:53:d1:a7:4f:ba:65:93:90:a4:
d5:07:9f:05:4e:32:12:df:d3:02:d8:c2:55:eb:00:54:c4:a8:
da:0f:74:f4:14:4a:c2:dc:7f:ab:71:ed:46:c0:81:f2:b2:3c:
2d:49:36:c3:07:20:cd:4d:1e:67:47:f0:55:ac:51:5d:ae:51:
7b:c1:98:36:2f:23:d3:b7:dc:90:a6:63:b3:0c:09:ba:b3:b5:
a3:4d:cf:89:48:ef:82:81:4d:a9:db:a4:3e:19:cd:98:a7:1a:
db:04:22:b2:db:15:25:19:9f:e6:00:14:f1:7c:6d:11:15:ec:
e7:c0:c6:43:35:66:2f:5f:7c:76:68:de:0a:e5:6c:6b:a3:b5:
72:c8:7c:38:cc:c1:e7:58:59:49:1f:db:44:9a:29:03:59:6c:
ec:0c:79:81:ac:8d:6f:60:e8:3e:90:4f:61:98:65:60:6c:97:
c8:42:d0:8b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ6Nzz72Gx11veHhJ+T2zai0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMzM1NDQyNTE0ZDUyNDliNTE0M2NmZGY4MjEyMTZiYjVj
NTI5NDAwHhcNMjYwNjAzMTQwNzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVjMzNiMzE3YTVjZGUxN2Q2MWM3NDFjNWRiMmM2NTM3ZmFmMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbc2lnTbwLGDJQJmKsm0ROL/rYPn
HWl705kR1+6XZxtOjboPxhpU8DGHmHYW/2Bi54GTS4XFQcbahiwD5xT9W20ele1K
te1mLDoerX6yTYT4S9Bfukur9hKcqMdB5Ysa5mK6heUpN1o5lHnhYEKe6mnPLRUz
89KZOj1AQjuQ5sDBz6wsoGQlVbzy2l3qN0zpTsHnqt/+MQySKbRr4WEsmB63YwiU
DE3l4Oo4n9vpeunht/SRV4LqehWOtTmYJ/mjhg91RclKZG51NUqheVz70xIdifRX
iXr0Hfm0Ws+1deGTCDuBuNTrDM+WBQoA94lvvfwajAMdY/6RgH/qX3tv5QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDtcM7MXpc3hfWHHQcXbLGU3+vEMMB8GA1UdIwQY
MBaAFAEzVEJRTVJJtRQ8/fghIWu1xSlAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVROVVFsRk5Va20xRkR6OS1DRWhhN1hGS1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jN2E2OGYtN2JmOC00ZjgwLWE5YTIt
ODE1ZDJjMDI2NjQ2LzEvTzF3enN4ZWx6ZUY5WWNkQnhkc3NaVGY2OFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jN2E2OGYtN2JmOC00ZjgwLWE5YTItODE1ZDJjMDI2NjQ2
LzEvQVROVVFsRk5Va20xRkR6OS1DRWhhN1hGS1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAZY1MAD
BAJY1NAwDAMEAljU3AMEA1jU4AMEArnOZDANBAIAAjAHAwUAKgIhADANBgkqhkiG
9w0BAQsFAAOCAQEACLmEULGR8O3YghQ6oQB71HpyH1DBFMft/8/dkmwltFKNRhKJ
a0hAW7i52yXLu52hbYIZVso/90fFCAjSI/+F6gkxqGfxFPpMaDFEjb3giJwsU9Gn
T7plk5Ck1QefBU4yEt/TAtjCVesAVMSo2g909BRKwtx/q3HtRsCB8rI8LUk2wwcg
zU0eZ0fwVaxRXa5Re8GYNi8j07fckKZjswwJurO1o03PiUjvgoFNqdukPhnNmKca
2wQistsVJRmf5gAU8XxtERXs58DGQzVmL198dmjeCuVsa6O1csh8OMzB51hZSR/b
RJopA1ls7Ax5gayNb2DoPpBPYZhlYGyXyELQiw==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:41 2026 by rpki-client