Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ObCy0YecDlq7eANnkijdoH-F60A.roa
File: ObCy0YecDlq7eANnkijdoH-F60A.roa (raw, json)
Hash identifier: 9pdGO03vh00Gvmxtjx5RrBz/umTtzGlgkYyyAF/oPOo=
Subject key identifier: 39:B0:B2:D1:87:9C:0E:5A:BB:78:03:67:92:28:DD:A0:7F:85:EB:40
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019CAF519DF35B0F4B2F73B9DE2E0ECC8E17
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ObCy0YecDlq7eANnkijdoH-F60A.roa
Signing time: Mon 02 Mar 2026 16:11:27 +0000
ROA not before: Mon 02 Mar 2026 16:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 2.56.122.0/24 maxlen: 24
45.15.153.0/24 maxlen: 24
45.83.150.0/24 maxlen: 24
45.83.151.0/24 maxlen: 24
45.128.55.0/24 maxlen: 24
45.128.56.0/24 maxlen: 24
45.128.73.0/24 maxlen: 24
45.128.74.0/24 maxlen: 24
45.128.75.0/24 maxlen: 24
139.28.235.0/24 maxlen: 24
141.98.160.0/24 maxlen: 24
185.203.4.0/24 maxlen: 24
185.203.5.0/24 maxlen: 24
185.203.6.0/24 maxlen: 24
185.203.7.0/24 maxlen: 24
194.76.136.0/24 maxlen: 24
194.76.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:51:9d:f3:5b:0f:4b:2f:73:b9:de:2e:0e:cc:8e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 2 16:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39b0b2d1879c0e5abb7803679228dda07f85eb40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:bf:ac:c9:83:a5:24:8b:fb:d1:0c:cc:88:
a5:2b:96:de:64:1c:5d:2c:52:c4:9e:ae:ff:6f:91:
cd:86:0d:0b:5d:f3:27:01:0f:a7:9d:97:a4:ea:60:
be:cc:82:46:98:c4:4e:88:6f:bc:a8:5c:3f:21:17:
3c:9a:fb:1c:f2:18:88:8b:c0:14:6a:2f:d8:30:10:
03:9f:c2:3d:0e:99:71:7e:d9:e8:fe:82:c4:f8:3b:
91:30:39:58:74:b9:3c:76:af:de:38:e2:18:a2:8d:
47:20:05:22:1b:90:ee:56:3f:61:77:dd:78:05:64:
3e:cc:57:ef:cc:8c:3e:8f:94:c9:83:67:4d:55:e6:
54:8d:80:bb:37:97:cb:c1:2d:c0:22:9e:bf:6b:bb:
b7:ab:2e:b0:3b:12:d8:ee:2b:96:fd:7e:ca:ae:0a:
8b:8c:e9:95:9a:4d:a5:86:0e:81:b3:cd:12:4b:bd:
2f:8a:27:59:d1:b3:89:a9:39:5c:87:60:03:73:f3:
22:0f:2f:90:9e:2b:91:1f:0b:f2:03:2d:83:7b:25:
32:1e:a8:61:96:56:94:0a:de:2b:0c:81:20:ff:41:
06:24:2a:3c:8b:b9:86:ec:a3:64:0c:2b:ad:a4:a1:
51:0b:c3:85:52:6a:e8:f6:5d:86:46:70:e0:5d:92:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B0:B2:D1:87:9C:0E:5A:BB:78:03:67:92:28:DD:A0:7F:85:EB:40
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ObCy0YecDlq7eANnkijdoH-F60A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.122.0/24
45.15.153.0/24
45.83.150.0/23
45.128.55.0-45.128.56.255
45.128.73.0-45.128.75.255
139.28.235.0/24
141.98.160.0/24
185.203.4.0/22
194.76.136.0/24
194.76.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:72:a8:03:7f:da:96:85:20:15:dc:e5:db:21:4d:fa:72:65:
bb:eb:46:3c:bd:04:4c:fa:60:93:b3:78:fb:80:60:94:fd:60:
9b:84:9b:87:cb:aa:40:32:1b:bf:7b:fd:24:25:ac:51:65:6d:
9f:8e:38:d1:7b:99:f9:af:59:d2:55:ba:23:83:66:14:31:0b:
86:97:8e:ba:f1:d6:83:9d:de:b2:13:bd:a2:db:0d:59:ad:56:
c7:40:eb:9e:b2:ff:b5:2a:0c:ba:9c:ed:9a:d9:fb:e4:d3:bc:
14:a5:f0:c1:eb:52:cc:8a:c4:3c:1c:19:58:ee:0e:2d:f5:26:
84:8b:78:eb:7c:39:f7:fe:54:3d:13:83:cd:18:75:a7:e2:15:
1f:30:30:14:a6:0d:18:ff:43:ee:ec:10:b3:18:26:d1:af:77:
23:5e:cc:43:36:02:44:8c:90:c9:b4:1e:63:b4:f2:cc:7e:15:
da:95:06:36:cc:a0:bd:d9:c1:64:1c:bb:67:8e:59:4f:10:c0:
14:6e:c2:e5:e7:31:a5:05:5d:12:9c:d3:b9:e6:d4:bc:72:14:
73:23:2d:ab:cf:b2:8b:88:1d:76:db:60:e1:02:a3:ce:df:95:
b0:7d:e5:75:fe:45:86:41:61:aa:fe:0e:b3:ca:28:5a:41:06:
3f:90:fb:b6
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZyvUZ3zWw9LL3O53i4OzI4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMzAyMTYxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIwYjJkMTg3OWMwZTVhYmI3ODAzNjc5MjI4ZGRhMDdmODVlYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwu/rMmDpSSL+9EMzIilK5beZBxd
LFLEnq7/b5HNhg0LXfMnAQ+nnZek6mC+zIJGmMROiG+8qFw/IRc8mvsc8hiIi8AU
ai/YMBADn8I9Dplxftno/oLE+DuRMDlYdLk8dq/eOOIYoo1HIAUiG5DuVj9hd914
BWQ+zFfvzIw+j5TJg2dNVeZUjYC7N5fLwS3AIp6/a7u3qy6wOxLY7iuW/X7KrgqL
jOmVmk2lhg6Bs80SS70viidZ0bOJqTlch2ADc/MiDy+QniuRHwvyAy2DeyUyHqhh
llaUCt4rDIEg/0EGJCo8i7mG7KNkDCutpKFRC8OFUmro9l2GRnDgXZIt3QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDmwstGHnA5au3gDZ5Io3aB/hetAMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvT2JDeTBZZWNEbHE3ZUFObmtpamRvSC1GNjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAAjh6AwQA
LQ+ZAwQBLVOWMAwDBAAtgDcDBAAtgDgwDAMEAC2ASQMEAi2ASAMEAIsc6wMEAI1i
oAMEArnLBAMEAMJMiAMEAMJMijANBgkqhkiG9w0BAQsFAAOCAQEAX3KoA3/aloUg
Fdzl2yFN+nJlu+tGPL0ETPpgk7N4+4BglP1gm4Sbh8uqQDIbv3v9JCWsUWVtn444
0XuZ+a9Z0lW6I4NmFDELhpeOuvHWg53eshO9otsNWa1Wx0DrnrL/tSoMupztmtn7
5NO8FKXwwetSzIrEPBwZWO4OLfUmhIt463w59/5UPRODzRh1p+IVHzAwFKYNGP9D
7uwQsxgm0a93I17MQzYCRIyQybQeY7TyzH4V2pUGNsygvdnBZBy7Z45ZTxDAFG7C
5ecxpQVdEpzTuebUvHIUcyMtq8+yi4gddttg4QKjzt+VsH3ldf5FhkFhqv4Os8oo
WkEGP5D7tg==
-----END CERTIFICATE-----
Generated at Thu Mar 12 13:39:28 2026 by rpki-client