Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/O8l2FsliXv1Rt07mKFb8gXBf5SQ.roa
File: O8l2FsliXv1Rt07mKFb8gXBf5SQ.roa (raw, json)
Hash identifier: MM4mzQqn5j/X193Nt3FLDDEa4n/7BPWwgGDb9eRg210=
Subject key identifier: 3B:C9:76:16:C9:62:5E:FD:51:B7:4E:E6:28:56:FC:81:70:5F:E5:24
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019E563A88902B23603127683D5F29B71DC3
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/O8l2FsliXv1Rt07mKFb8gXBf5SQ.roa
Signing time: Sat 23 May 2026 19:05:36 +0000
ROA not before: Sat 23 May 2026 19:05:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33993
IP address blocks: 2.56.178.0/24 maxlen: 24
45.9.12.0/24 maxlen: 24
45.9.13.0/24 maxlen: 24
45.9.14.0/24 maxlen: 24
45.9.15.0/24 maxlen: 24
45.9.16.0/24 maxlen: 24
45.12.114.0/24 maxlen: 24
45.12.115.0/24 maxlen: 24
45.15.130.0/24 maxlen: 24
45.15.147.0/24 maxlen: 24
45.128.49.0/24 maxlen: 24
45.128.53.0/24 maxlen: 24
45.136.114.0/24 maxlen: 24
141.98.188.0/24 maxlen: 24
141.98.189.0/24 maxlen: 24
141.98.190.0/24 maxlen: 24
141.98.191.0/24 maxlen: 24
171.22.119.0/24 maxlen: 24
171.22.133.0/24 maxlen: 24
171.22.134.0/24 maxlen: 24
171.22.135.0/24 maxlen: 24
171.22.136.0/24 maxlen: 24
171.22.137.0/24 maxlen: 24
171.22.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:56:3a:88:90:2b:23:60:31:27:68:3d:5f:29:b7:1d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 23 19:05:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3bc97616c9625efd51b74ee62856fc81705fe524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:db:26:93:cf:3f:eb:b0:a7:3f:d6:1d:00:82:
0f:fc:d9:9c:17:9c:7c:2e:1f:d2:65:25:21:f1:7a:
e2:64:c4:16:d5:0b:44:86:25:58:46:77:98:87:cb:
9b:bb:7a:36:c7:5b:cc:c8:ea:ea:81:28:83:f1:58:
d0:86:7a:89:31:45:bf:9c:06:3a:2a:72:1a:4f:3f:
5d:e3:74:db:55:c7:01:15:8d:74:14:fe:8a:12:d7:
ba:3a:94:61:b2:69:80:9b:ad:44:41:06:20:3b:ea:
78:c4:2b:58:52:7a:7c:03:96:35:77:84:32:62:f2:
99:68:e4:2f:c9:c9:4d:f9:68:25:60:bf:4b:74:2d:
a0:4a:c6:5b:51:be:b6:f7:46:0d:03:a3:90:e7:55:
4f:c6:15:1d:ad:cf:f0:ee:5e:7c:66:4c:91:6e:7b:
a0:27:e7:a7:f9:1e:75:aa:e9:61:fd:dc:34:62:2c:
79:b0:b4:a5:be:28:57:df:af:31:08:de:05:8d:62:
e8:de:49:3a:a7:34:3e:12:6b:80:2f:5a:c4:6d:49:
e5:68:56:49:a9:34:9e:4e:b2:16:c6:76:e8:db:65:
40:8e:8b:29:01:9f:8d:de:ad:eb:bd:ed:8e:a2:63:
2a:67:8f:04:db:5d:74:a2:d5:d8:57:8e:3d:da:2e:
0a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C9:76:16:C9:62:5E:FD:51:B7:4E:E6:28:56:FC:81:70:5F:E5:24
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/O8l2FsliXv1Rt07mKFb8gXBf5SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.178.0/24
45.9.12.0-45.9.16.255
45.12.114.0/23
45.15.130.0/24
45.15.147.0/24
45.128.49.0/24
45.128.53.0/24
45.136.114.0/24
141.98.188.0/22
171.22.119.0/24
171.22.133.0-171.22.138.255
Signature Algorithm: sha256WithRSAEncryption
15:0f:ce:5c:63:7f:5b:6f:5f:ac:55:ce:e0:5e:d4:71:7b:d4:
f8:f8:72:e2:00:6a:88:ba:55:3d:af:08:db:90:f1:fc:c4:a5:
26:43:70:04:a6:e4:c0:ec:45:0c:d0:b5:9e:49:cc:2e:bc:19:
88:16:34:0e:74:45:75:29:8c:1c:01:d7:ca:fc:b8:60:db:b4:
40:dc:f7:2a:ca:6f:22:bc:35:79:5d:10:ab:b1:0f:bf:a1:f3:
5b:d0:5b:c9:ba:ee:b7:e2:51:cd:28:4a:c2:40:4c:89:0c:55:
d9:24:53:02:8a:10:0d:25:6c:c7:2a:9a:26:75:e0:10:ae:b3:
f2:d9:c8:10:ad:34:ec:66:3c:69:d1:07:b8:31:a9:61:2b:a0:
d7:0a:7e:00:c9:8c:7e:05:5b:32:02:3c:26:1f:36:a5:e8:16:
a7:06:4d:6a:ef:1e:92:90:a9:26:c3:9a:0f:db:de:e2:81:d5:
bc:79:47:a9:83:21:fb:27:2d:f6:3d:e6:b2:58:8e:dd:6a:c5:
01:99:04:8d:38:86:e5:c6:4b:a7:ea:88:ef:8b:6e:6d:46:9a:
8b:cf:54:53:d3:9a:52:58:c2:cf:86:4f:95:f0:b5:aa:86:91:
5b:78:be:89:ad:59:13:34:28:a7:78:51:0a:0f:c4:16:8f:db:
7d:34:d1:57
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ5WOoiQKyNgMSdoPV8ptx3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNTIzMTkwNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM5NzYxNmM5NjI1ZWZkNTFiNzRlZTYyODU2ZmM4MTcwNWZlNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Nsmk88/67CnP9YdAIIP/NmcF5x8
Lh/SZSUh8XriZMQW1QtEhiVYRneYh8ubu3o2x1vMyOrqgSiD8VjQhnqJMUW/nAY6
KnIaTz9d43TbVccBFY10FP6KEte6OpRhsmmAm61EQQYgO+p4xCtYUnp8A5Y1d4Qy
YvKZaOQvyclN+WglYL9LdC2gSsZbUb6290YNA6OQ51VPxhUdrc/w7l58ZkyRbnug
J+en+R51qulh/dw0Yix5sLSlvihX368xCN4FjWLo3kk6pzQ+EmuAL1rEbUnlaFZJ
qTSeTrIWxnbo22VAjospAZ+N3q3rve2OomMqZ48E2110otXYV4492i4KLwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDvJdhbJYl79UbdO5ihW/IFwX+UkMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTzhsMkZzbGlYdjFSdDA3bUtGYjhnWEJmNVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAAjiyMAwD
BAItCQwDBAAtCRADBAEtDHIDBAAtD4IDBAAtD5MDBAAtgDEDBAAtgDUDBAAtiHID
BAKNYrwDBACrFncwDAMEAKsWhQMEAKsWijANBgkqhkiG9w0BAQsFAAOCAQEAFQ/O
XGN/W29frFXO4F7UcXvU+Phy4gBqiLpVPa8I25Dx/MSlJkNwBKbkwOxFDNC1nknM
LrwZiBY0DnRFdSmMHAHXyvy4YNu0QNz3KspvIrw1eV0Qq7EPv6HzW9Bbybrut+JR
zShKwkBMiQxV2SRTAooQDSVsxyqaJnXgEK6z8tnIEK007GY8adEHuDGpYSug1wp+
AMmMfgVbMgI8Jh82pegWpwZNau8ekpCpJsOaD9ve4oHVvHlHqYMh+yct9j3msliO
3WrFAZkEjTiG5cZLp+qI74tubUaai89UU9OaUljCz4ZPlfC1qoaRW3i+ia1ZEzQo
p3hRCg/EFo/bfTTRVw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 12:11:10 2026 by rpki-client