Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OesQy9aEL8p2UFTLZxx8Zk9Gadg.roa
File: OesQy9aEL8p2UFTLZxx8Zk9Gadg.roa (raw, json)
Hash identifier: 1f24HgSSyEFNGji++FvGENwcHhNaHbHayQ4RK6KofSQ=
Subject key identifier: 39:EB:10:CB:D6:84:2F:CA:76:50:54:CB:67:1C:7C:66:4F:46:69:D8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D4E95B1B767BC1741779EC7CB7CAEC740
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OesQy9aEL8p2UFTLZxx8Zk9Gadg.roa
Signing time: Thu 02 Apr 2026 14:25:26 +0000
ROA not before: Thu 02 Apr 2026 14:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.218.17.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
194.48.143.0/24 maxlen: 24
194.124.210.0/24 maxlen: 24
194.124.211.0/24 maxlen: 24
194.146.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 Apr 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4e:95:b1:b7:67:bc:17:41:77:9e:c7:cb:7c:ae:c7:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 2 14:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39eb10cbd6842fca765054cb671c7c664f4669d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:fe:9c:df:93:ee:84:66:e7:14:d7:d9:cb:
c3:e3:79:9a:d6:71:a2:a6:36:8b:4d:a3:c7:d6:0c:
a4:19:35:4d:4a:fd:c1:58:c6:9d:52:05:9e:25:53:
75:4a:15:82:1d:3d:f6:ff:53:57:84:2e:ac:48:55:
d3:5e:95:7a:00:3b:c0:af:87:93:b8:c5:4d:db:7f:
01:f1:21:16:28:d5:6a:74:fa:b0:2a:62:04:27:a6:
ff:39:02:f8:6a:9c:7f:ee:83:d1:46:d6:d2:cc:7b:
a8:9f:51:34:8f:ee:05:21:e2:0d:e7:c4:b3:58:32:
87:1f:f5:8d:c8:d5:db:db:b9:47:d7:2f:27:51:51:
ba:bb:c7:aa:53:05:a9:72:3f:a3:93:1f:6f:fa:33:
92:5d:4a:7d:7a:66:cd:39:8b:aa:d1:83:c7:f9:ca:
4b:03:c5:39:dd:ac:35:b2:53:94:9e:66:4d:72:48:
e3:0e:d3:6e:3d:15:47:80:9d:28:54:a2:19:54:c5:
57:51:89:86:ab:43:7d:06:d0:24:56:43:b7:d0:57:
a7:3e:b8:b6:47:12:09:63:df:cb:b4:6b:a5:93:53:
c7:83:7d:3c:92:5d:e1:09:ec:1d:de:e2:72:a3:94:
70:3e:af:81:c3:c4:1b:a0:48:2d:e4:b6:8c:a5:ae:
8d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EB:10:CB:D6:84:2F:CA:76:50:54:CB:67:1C:7C:66:4F:46:69:D8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OesQy9aEL8p2UFTLZxx8Zk9Gadg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
45.131.135.0/24
185.121.13.0-185.121.14.255
185.196.41.0/24
185.199.158.0/24
185.202.207.0/24
185.218.17.0/24
185.218.19.0/24
185.227.144.0/24
185.230.67.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
194.48.143.0/24
194.124.210.0/23
194.146.223.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:8f:b6:5b:86:b4:4f:54:d2:a8:ae:85:0a:a0:4c:cc:f0:ab:
91:64:75:eb:04:0f:fb:bc:44:dc:e5:9c:94:73:20:d6:09:8e:
9b:9c:e6:5b:54:6d:3c:2a:7b:ba:45:11:54:3a:15:b9:c4:95:
f4:aa:1a:d5:19:2a:9c:a2:26:0b:db:6d:ec:e8:8f:76:57:03:
53:19:c7:56:c3:fd:5b:8e:6a:8d:91:ec:16:7b:88:88:3a:99:
0a:c9:a9:88:86:64:38:f9:00:6f:5a:ed:3b:28:9b:37:0e:b8:
d8:83:96:74:93:16:1d:e3:66:69:7d:04:0a:5b:74:41:2e:7b:
a6:83:19:d5:03:81:06:1a:aa:63:59:a5:96:21:46:bd:bf:ea:
de:f4:9d:a9:47:91:bc:29:9d:07:52:6c:3d:d6:f1:a9:94:54:
22:a9:f9:98:77:80:21:e2:63:ce:08:b2:dc:23:cc:e9:b1:62:
e0:ab:99:b5:3a:8a:b8:31:21:ac:79:3c:99:c1:01:af:22:77:
1d:1c:43:c0:42:4f:bc:ab:14:74:f2:9d:0e:4f:a8:a1:06:d6:
ce:7e:7d:c0:52:59:0b:9f:ae:89:fb:88:34:41:cf:c1:57:55:
bc:a2:54:94:de:74:4e:b8:bc:b9:b4:cf:58:c6:1a:ec:cf:03:
53:e7:c2:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ1OlbG3Z7wXQXeex8t8rsdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNDAyMTQyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWViMTBjYmQ2ODQyZmNhNzY1MDU0Y2I2NzFjN2M2NjRmNDY2OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/H+nN+T7oRm5xTX2cvD43ma1nGi
pjaLTaPH1gykGTVNSv3BWMadUgWeJVN1ShWCHT32/1NXhC6sSFXTXpV6ADvAr4eT
uMVN238B8SEWKNVqdPqwKmIEJ6b/OQL4apx/7oPRRtbSzHuon1E0j+4FIeIN58Sz
WDKHH/WNyNXb27lH1y8nUVG6u8eqUwWpcj+jkx9v+jOSXUp9embNOYuq0YPH+cpL
A8U53aw1slOUnmZNckjjDtNuPRVHgJ0oVKIZVMVXUYmGq0N9BtAkVkO30FenPri2
RxIJY9/LtGulk1PHg308kl3hCewd3uJyo5RwPq+Bw8QboEgt5LaMpa6NSQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDnrEMvWhC/KdlBUy2ccfGZPRmnYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT2VzUXk5YUVMOHAyVUZUTFp4eDhaazlHYWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
WuwDBAAtg4cwDAMEALl5DQMEALl5DgMEALnEKQMEALnHngMEALnKzwMEALnaEQME
ALnaEwMEALnjkAMEALnmQwMEALnozAMEALnsGDAMAwQAue+NAwQAue+OAwQAufq1
AwQAuf6eAwQAwRG2AwQBwjCMAwQAwjCPAwQBwnzSAwQAwpLfMA0GCSqGSIb3DQEB
CwUAA4IBAQCzj7ZbhrRPVNKoroUKoEzM8KuRZHXrBA/7vETc5ZyUcyDWCY6bnOZb
VG08Knu6RRFUOhW5xJX0qhrVGSqcoiYL223s6I92VwNTGcdWw/1bjmqNkewWe4iI
OpkKyamIhmQ4+QBvWu07KJs3DrjYg5Z0kxYd42ZpfQQKW3RBLnumgxnVA4EGGqpj
WaWWIUa9v+re9J2pR5G8KZ0HUmw91vGplFQiqfmYd4Ah4mPOCLLcI8zpsWLgq5m1
Ooq4MSGseTyZwQGvIncdHEPAQk+8qxR08p0OT6ihBtbOfn3AUlkLn66J+4g0Qc/B
V1W8olSU3nROuLy5tM9YxhrszwNT58Jq
-----END CERTIFICATE-----
Generated at Fri Apr 3 05:12:28 2026 by rpki-client