Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Oi3Pez-kd8QpZYrSSf_oK7nkFLc.roa
File: Oi3Pez-kd8QpZYrSSf_oK7nkFLc.roa (raw, json)
Hash identifier: TDHxDRSQ7J4iDLgr7WQ1NxaG/H0fqD9gsWSEKjJMtKQ=
Subject key identifier: 3A:2D:CF:7B:3F:A4:77:C4:29:65:8A:D2:49:FF:E8:2B:B9:E4:14:B7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CB2C42E85319FD81EBFDF999B5B8E4D70
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Oi3Pez-kd8QpZYrSSf_oK7nkFLc.roa
Signing time: Tue 03 Mar 2026 08:15:27 +0000
ROA not before: Tue 03 Mar 2026 08:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 45.87.243.0/24 maxlen: 24
45.146.128.0/24 maxlen: 24
2a09:17c0:1000::/48 maxlen: 48
2a0a:2d07:24::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0f:e6c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 10:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:c4:2e:85:31:9f:d8:1e:bf:df:99:9b:5b:8e:4d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 3 08:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a2dcf7b3fa477c429658ad249ffe82bb9e414b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c7:f8:56:4f:e6:f1:db:84:ef:41:1e:13:5d:
cb:18:2c:4d:f1:62:e5:94:4b:80:fc:a3:16:1f:1a:
ed:41:c1:a9:ae:87:87:80:a9:db:f6:70:66:49:8a:
d7:97:bd:e8:3d:32:7e:f4:54:42:99:ca:6e:eb:1c:
c0:93:67:85:0c:1f:49:3d:b7:4b:08:6a:0a:a5:2e:
1f:5d:fc:fd:6e:48:cf:d9:67:30:12:ab:06:98:3d:
e5:7a:ba:9b:6a:8c:06:9f:99:58:32:af:10:d6:41:
3b:46:2a:1d:70:35:d4:a4:60:19:60:44:79:26:e3:
d1:f6:21:cc:03:f7:1f:2c:91:9b:ec:65:32:1f:4e:
63:4c:db:95:7f:7f:f1:8b:72:2e:44:ae:7f:3d:37:
dd:6b:3d:e5:9d:5d:c2:b2:47:8c:29:e9:b4:a8:91:
dd:14:31:16:fd:88:a7:e2:7f:19:21:b7:32:66:31:
f4:5b:b0:22:d1:1b:7b:01:8f:3e:5b:01:1f:ad:dd:
d5:06:6c:4a:b7:af:95:5a:2c:e0:b9:42:cd:8e:a0:
6a:21:67:66:07:cf:1e:56:fd:53:14:6a:99:d1:d8:
c5:52:d6:16:61:e9:ae:3f:c9:d9:ad:40:bf:c3:b1:
8d:37:e1:22:ae:2f:f0:e3:1a:1d:b0:8a:e3:39:e2:
07:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2D:CF:7B:3F:A4:77:C4:29:65:8A:D2:49:FF:E8:2B:B9:E4:14:B7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Oi3Pez-kd8QpZYrSSf_oK7nkFLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.243.0/24
45.146.128.0/24
IPv6:
2a09:17c0:1000::/48
2a0a:2d07:24::/48
2a0e:c785:1::/48
2a0f:e6c7::/32
Signature Algorithm: sha256WithRSAEncryption
9f:ce:45:58:69:03:9a:c4:4b:75:e1:cb:07:38:13:fe:21:46:
10:6a:cc:9b:69:37:e5:f4:91:94:72:7f:3f:c5:99:15:d7:f7:
11:b3:1b:24:8e:75:70:a7:69:0f:bc:52:f8:21:c3:a3:35:01:
59:a9:f2:36:05:61:e4:01:be:d1:11:2b:39:dd:be:88:f6:b5:
3e:ea:cb:ab:2c:0c:e9:0f:c9:85:5f:8d:66:51:92:30:a6:a7:
01:9c:7c:9d:8f:70:73:fd:ac:52:e5:35:a0:17:84:57:9c:62:
13:b2:bf:c0:c8:7d:9b:a1:ec:f1:5e:f7:d6:4f:43:06:d3:ad:
46:6c:b2:bb:66:7e:69:9b:b6:50:b5:94:52:69:71:b4:22:43:
dc:31:89:ed:23:37:6e:ad:bf:37:69:cb:47:17:ae:ee:79:14:
38:8d:fa:1f:4b:83:cd:c3:d8:38:1f:9c:c0:04:08:1b:03:5a:
60:b2:ee:ca:c2:86:2d:9e:ed:a4:57:43:4f:c9:80:5e:bf:a3:
35:0b:6e:a2:0d:fb:3e:92:ed:63:e7:23:42:6a:0f:44:06:8e:
9c:09:38:3d:2b:7f:e7:d8:47:22:27:8d:0e:ef:cd:06:26:c6:
d2:36:4d:e5:6d:45:7f:b5:87:3b:30:10:b0:56:5c:c5:83:93:
b3:06:50:3d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZyyxC6FMZ/YHr/fmZtbjk1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzAzMDgxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJkY2Y3YjNmYTQ3N2M0Mjk2NThhZDI0OWZmZTgyYmI5ZTQxNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sf4Vk/m8duE70EeE13LGCxN8WLl
lEuA/KMWHxrtQcGproeHgKnb9nBmSYrXl73oPTJ+9FRCmcpu6xzAk2eFDB9JPbdL
CGoKpS4fXfz9bkjP2WcwEqsGmD3lerqbaowGn5lYMq8Q1kE7RiodcDXUpGAZYER5
JuPR9iHMA/cfLJGb7GUyH05jTNuVf3/xi3IuRK5/PTfdaz3lnV3CskeMKem0qJHd
FDEW/Yin4n8ZIbcyZjH0W7Ai0Rt7AY8+WwEfrd3VBmxKt6+VWizguULNjqBqIWdm
B88eVv1TFGqZ0djFUtYWYemuP8nZrUC/w7GNN+Eiri/w4xodsIrjOeIHDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDotz3s/pHfEKWWK0kn/6Cu55BS3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT2kzUGV6LWtkOFFwWllyU1NmX29LN25rRkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjASBAIAATAMAwQALVfzAwQA
LZKAMCgEAgACMCIDBwAqCRfAEAADBwAqCi0HACQDBwAqDseFAAEDBQAqD+bHMA0G
CSqGSIb3DQEBCwUAA4IBAQCfzkVYaQOaxEt14csHOBP+IUYQasybaTfl9JGUcn8/
xZkV1/cRsxskjnVwp2kPvFL4IcOjNQFZqfI2BWHkAb7RESs53b6I9rU+6surLAzp
D8mFX41mUZIwpqcBnHydj3Bz/axS5TWgF4RXnGITsr/AyH2boezxXvfWT0MG061G
bLK7Zn5pm7ZQtZRSaXG0IkPcMYntIzdurb83actHF67ueRQ4jfofS4PNw9g4H5zA
BAgbA1pgsu7KwoYtnu2kV0NPyYBev6M1C26iDfs+ku1j5yNCag9EBo6cCTg9K3/n
2EciJ40O780GJsbSNk3lbUV/tYc7MBCwVlzFg5OzBlA9
-----END CERTIFICATE-----
Generated at Fri Mar 6 19:09:19 2026 by rpki-client