Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pOZHVjX8onM9oBBZ12RCzAbquBs.roa
File: pOZHVjX8onM9oBBZ12RCzAbquBs.roa (raw, json)
Hash identifier: pOOINsyyZRyr8GyLY4+525uladm5E7MLq4xyYrftyKY=
Subject key identifier: A4:E6:47:56:35:FC:A2:73:3D:A0:10:59:D7:64:42:CC:06:EA:B8:1B
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019DDA51D602BD340F0EE0E502E78C08D622
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pOZHVjX8onM9oBBZ12RCzAbquBs.roa
Signing time: Wed 29 Apr 2026 17:38:09 +0000
ROA not before: Wed 29 Apr 2026 17:38:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 87.236.38.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:da:51:d6:02:bd:34:0f:0e:e0:e5:02:e7:8c:08:d6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 29 17:38:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4e6475635fca2733da01059d76442cc06eab81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ac:cb:31:8c:07:60:65:0d:08:bd:58:e1:e2:
3d:23:cb:2e:d9:e4:70:c9:57:94:d4:38:65:75:42:
b0:2e:12:e2:ff:f9:31:00:fa:ad:ca:e7:a8:6e:7a:
7f:20:eb:06:6c:2a:e9:6b:e1:c4:55:9e:4a:44:d3:
11:54:51:bc:59:53:cf:95:73:87:02:5f:db:73:39:
4c:57:d5:7b:7d:5f:65:f7:25:28:45:30:a6:7a:b2:
ae:0d:f2:e8:1a:61:fa:6f:92:c8:91:10:68:c6:48:
ae:9a:d7:71:0f:e9:c6:60:1c:09:43:6d:96:12:05:
b9:db:02:62:74:17:35:24:d9:cb:c8:49:ca:82:ba:
97:b7:19:f9:5a:36:f7:dc:4e:dd:a1:14:8c:4f:05:
65:b1:9a:08:ae:56:59:59:38:09:d1:10:88:e3:8e:
e4:b0:ce:a9:c2:8c:10:9e:c6:83:6c:18:94:84:97:
f4:1b:42:69:b4:d2:ef:03:6d:cb:4c:79:96:5c:8a:
40:3d:1f:d5:70:6e:8c:96:29:bc:5a:8d:db:f9:38:
2f:ca:b2:fa:c0:d4:77:e1:b2:17:01:41:df:88:11:
69:1a:b0:bf:21:ac:0e:7d:45:17:ed:20:4c:24:01:
50:85:62:47:db:c6:9a:91:11:03:c3:b0:c3:c4:64:
22:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E6:47:56:35:FC:A2:73:3D:A0:10:59:D7:64:42:CC:06:EA:B8:1B
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pOZHVjX8onM9oBBZ12RCzAbquBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.38.0/24
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:75:a4:7b:d6:b5:af:f2:5f:f9:dd:e4:3d:32:8c:c8:cb:10:
98:21:20:e5:b5:10:86:a7:cb:4d:7c:35:53:6c:3d:5c:be:7f:
4c:db:11:33:18:2f:34:31:f6:42:db:4a:6c:0b:96:c9:68:37:
78:34:a8:a2:a7:d1:7b:b6:4d:fe:42:a0:16:33:b3:17:33:1a:
8c:a3:b1:f6:99:f1:1f:d0:c5:e7:21:3e:05:cb:c0:28:b4:8d:
17:fd:e3:03:94:87:33:d7:81:15:e3:96:21:74:ef:32:7e:a7:
6f:de:3d:87:53:89:6e:e0:d8:ea:6c:6a:07:64:82:ec:bb:d0:
4b:58:3e:d9:71:a9:84:b8:92:4d:5d:b5:ad:5f:ea:9f:03:3f:
0b:6b:67:5c:e1:4e:73:bc:0d:00:4c:25:20:b2:49:b4:60:70:
79:f2:cf:f5:d2:7e:4e:a1:67:49:74:11:68:b9:3c:37:14:53:
13:60:49:c5:b7:61:7c:b5:06:bd:0d:74:7d:d7:7f:e9:0b:e6:
4a:79:c5:ab:4b:69:8d:75:eb:fb:be:e9:4d:4e:da:a1:2a:fd:
f0:c0:11:4e:bd:d2:96:c9:18:dc:38:36:46:d9:1b:3d:32:00:
07:72:51:8a:76:ba:d5:75:01:b4:a7:03:28:04:ed:93:ef:06:
9b:8d:95:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3aUdYCvTQPDuDlAueMCNYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDI5MTczODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU2NDc1NjM1ZmNhMjczM2RhMDEwNTlkNzY0NDJjYzA2ZWFiODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56zLMYwHYGUNCL1Y4eI9I8su2eRw
yVeU1DhldUKwLhLi//kxAPqtyueobnp/IOsGbCrpa+HEVZ5KRNMRVFG8WVPPlXOH
Al/bczlMV9V7fV9l9yUoRTCmerKuDfLoGmH6b5LIkRBoxkiumtdxD+nGYBwJQ22W
EgW52wJidBc1JNnLyEnKgrqXtxn5Wjb33E7doRSMTwVlsZoIrlZZWTgJ0RCI447k
sM6pwowQnsaDbBiUhJf0G0JptNLvA23LTHmWXIpAPR/VcG6Mlim8Wo3b+TgvyrL6
wNR34bIXAUHfiBFpGrC/IawOfUUX7SBMJAFQhWJH28aakREDw7DDxGQinQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTmR1Y1/KJzPaAQWddkQswG6rgbMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvcE9aSFZqWDhvbk05b0JCWjEyUkN6QWJxdUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+wmAwQA
w76QMA0GCSqGSIb3DQEBCwUAA4IBAQA+daR71rWv8l/53eQ9MozIyxCYISDltRCG
p8tNfDVTbD1cvn9M2xEzGC80MfZC20psC5bJaDd4NKiip9F7tk3+QqAWM7MXMxqM
o7H2mfEf0MXnIT4Fy8AotI0X/eMDlIcz14EV45YhdO8yfqdv3j2HU4lu4NjqbGoH
ZILsu9BLWD7ZcamEuJJNXbWtX+qfAz8La2dc4U5zvA0ATCUgskm0YHB58s/10n5O
oWdJdBFouTw3FFMTYEnFt2F8tQa9DXR913/pC+ZKecWrS2mNdev7vulNTtqhKv3w
wBFOvdKWyRjcODZG2Rs9MgAHclGKdrrVdQG0pwMoBO2T7wabjZWf
-----END CERTIFICATE-----
Generated at Sat May 2 01:25:38 2026 by rpki-client