Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/oHjh2F9_CD1EuhFTlwlWXYhkMNU.roa
File: oHjh2F9_CD1EuhFTlwlWXYhkMNU.roa (raw, json)
Hash identifier: +qX9lhbxCgvCFuwAzaJtsyjRd7qbWRJj3dirTH/UFUU=
Subject key identifier: A0:78:E1:D8:5F:7F:08:3D:44:BA:11:53:97:09:56:5D:88:64:30:D5
Certificate issuer: /CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Certificate serial: 019EAB1048E99803A0F6C569F0B0CACE8A53
Authority key identifier: 08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/oHjh2F9_CD1EuhFTlwlWXYhkMNU.roa
Signing time: Tue 09 Jun 2026 06:27:11 +0000
ROA not before: Tue 09 Jun 2026 06:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 138997
IP address blocks: 64.118.128.0/19 maxlen: 24
191.40.0.0/18 maxlen: 24
191.40.0.0/21 maxlen: 21
191.40.2.0/23 maxlen: 23
216.195.192.0/19 maxlen: 24
216.195.221.0/24 maxlen: 24
216.236.0.0/18 maxlen: 24
216.236.3.0/24 maxlen: 24
216.236.28.0/22 maxlen: 22
216.236.28.0/24 maxlen: 24
216.236.29.0/24 maxlen: 24
216.236.30.0/24 maxlen: 24
216.236.31.0/24 maxlen: 24
2a01:4240::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 06:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:10:48:e9:98:03:a0:f6:c5:69:f0:b0:ca:ce:8a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Validity
Not Before: Jun 9 06:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a078e1d85f7f083d44ba11539709565d886430d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:07:10:b7:54:67:17:f9:e2:b3:f2:cf:53:ef:
9c:31:9c:95:b8:e0:27:7d:3f:ec:f8:67:c8:7b:96:
eb:7b:b9:98:59:b5:3f:74:ee:bf:e8:02:fd:34:f0:
71:d2:05:26:9f:72:54:21:c4:ae:90:05:67:2f:47:
e2:2c:9f:a1:bb:2e:90:e0:c0:f7:3b:c4:5c:d8:dd:
27:00:f1:91:4f:43:26:81:4a:58:0a:f7:af:d4:ae:
b6:6c:2b:4e:33:8d:4f:db:c8:17:6f:fc:9b:6d:5e:
15:8b:74:a3:5b:be:95:09:87:01:14:fd:1b:e6:70:
81:8e:94:3d:49:4b:3b:37:64:49:cc:d6:39:ed:4c:
7c:0e:03:e8:79:41:95:02:30:3e:53:14:ab:0a:6c:
f1:0f:2f:9b:b0:47:99:d6:e4:0c:6e:8e:5e:50:ea:
29:f3:29:e6:f5:c4:1a:6f:2a:2e:61:3f:47:98:98:
11:6c:b9:55:07:c6:e9:98:86:03:fa:6e:7d:9f:f1:
ec:46:bb:bb:1f:28:82:84:98:5c:51:80:d4:95:27:
9d:6a:5d:83:fb:57:a3:b7:16:e5:1d:cd:5c:2e:f3:
da:8c:98:03:06:83:d7:5e:3a:37:de:ab:32:6f:bf:
0d:d5:ea:1c:a7:a9:1e:f7:9c:dc:ec:87:3c:06:79:
76:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:78:E1:D8:5F:7F:08:3D:44:BA:11:53:97:09:56:5D:88:64:30:D5
X509v3 Authority Key Identifier:
keyid:08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/oHjh2F9_CD1EuhFTlwlWXYhkMNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.118.128.0/19
191.40.0.0/18
216.195.192.0/19
216.236.0.0/18
IPv6:
2a01:4240::/30
Signature Algorithm: sha256WithRSAEncryption
43:aa:3e:3e:78:b2:b8:e3:cb:0a:75:cb:70:6e:12:8e:65:76:
87:9e:81:35:44:b3:66:d3:b0:51:34:8f:7f:d0:0d:85:80:5a:
a0:18:82:d4:64:cc:ab:bc:73:cd:9c:b6:b3:bf:b9:33:f8:ad:
66:26:7b:59:b8:0b:ca:87:de:e2:40:12:3b:7d:62:9b:53:ac:
bd:82:67:25:1f:34:31:a2:b0:ab:08:49:0a:08:8e:c4:68:45:
3f:2a:84:ed:da:aa:d9:bb:7d:ce:dd:65:68:fc:68:0f:33:3f:
f4:57:15:fa:38:f0:59:ee:26:75:1e:ca:bf:a4:52:71:a6:f2:
75:2b:45:ca:fc:10:4d:a4:46:19:24:cd:df:e6:a4:84:8c:ac:
ab:2b:62:3b:d4:41:6b:75:d3:c9:e1:20:33:e2:27:33:0c:18:
f4:e6:b3:50:b8:ca:69:4a:20:0c:e5:23:04:e0:bc:0f:d3:09:
a5:86:77:90:24:c9:a1:6a:99:94:1a:b7:81:5d:a3:7d:ea:67:
aa:ce:f9:a3:ac:e4:c0:29:d2:91:50:4e:5e:75:51:1f:af:52:
95:be:e4:44:c4:c4:4d:7a:dd:91:15:a0:0b:82:7e:10:09:35:
ac:9b:d2:ec:49:c8:ce:20:90:dd:41:8d:85:80:90:9b:1e:e1:
41:cb:11:de
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ6rEEjpmAOg9sVp8LDKzopTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzdjOTliMmE0YzA2MmQ1YzIwNjc4ZjlkY2YzMjA3YWVm
ZDVlNzgwHhcNMjYwNjA5MDYyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDc4ZTFkODVmN2YwODNkNDRiYTExNTM5NzA5NTY1ZDg4NjQzMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QcQt1RnF/nis/LPU++cMZyVuOAn
fT/s+GfIe5bre7mYWbU/dO6/6AL9NPBx0gUmn3JUIcSukAVnL0fiLJ+huy6Q4MD3
O8Rc2N0nAPGRT0MmgUpYCvev1K62bCtOM41P28gXb/ybbV4Vi3SjW76VCYcBFP0b
5nCBjpQ9SUs7N2RJzNY57Ux8DgPoeUGVAjA+UxSrCmzxDy+bsEeZ1uQMbo5eUOop
8ynm9cQabyouYT9HmJgRbLlVB8bpmIYD+m59n/HsRru7HyiChJhcUYDUlSedal2D
+1ejtxblHc1cLvPajJgDBoPXXjo33qsyb78N1eocp6ke95zc7Ic8Bnl2WwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKB44dhffwg9RLoRU5cJVl2IZDDVMB8GA1UdIwQY
MBaAFAg3yZsqTAYtXCBnj53PMgeu/V54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEt
ZjEyMzdmNGM1Y2Y2LzEvb0hqaDJGOV9DRDFFdWhGVGx3bFdYWWhrTU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEtZjEyMzdmNGM1Y2Y2
LzEvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFQHaAAwQG
vygAAwQF2MPAAwQG2OwAMA0EAgACMAcDBQIqAUJAMA0GCSqGSIb3DQEBCwUAA4IB
AQBDqj4+eLK448sKdctwbhKOZXaHnoE1RLNm07BRNI9/0A2FgFqgGILUZMyrvHPN
nLazv7kz+K1mJntZuAvKh97iQBI7fWKbU6y9gmclHzQxorCrCEkKCI7EaEU/KoTt
2qrZu33O3WVo/GgPMz/0VxX6OPBZ7iZ1Hsq/pFJxpvJ1K0XK/BBNpEYZJM3f5qSE
jKyrK2I71EFrddPJ4SAz4iczDBj05rNQuMppSiAM5SME4LwP0wmlhneQJMmhapmU
GreBXaN96meqzvmjrOTAKdKRUE5edVEfr1KVvuRExMRNet2RFaALgn4QCTWsm9Ls
ScjOIJDdQY2FgJCbHuFByxHe
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:00:10 2026 by rpki-client