Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oYih9ouQxLvwi8w2svQweMRWKho.roa
File: oYih9ouQxLvwi8w2svQweMRWKho.roa (raw, json)
Hash identifier: m84Bh74w3sf+ycua9MgymUUc4IIKAbg9R+gePJIBYc0=
Subject key identifier: A1:88:A1:F6:8B:90:C4:BB:F0:8B:CC:36:B2:F4:30:78:C4:56:2A:1A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019E549D9A36DDAF8436560C5817159C6517
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oYih9ouQxLvwi8w2svQweMRWKho.roa
Signing time: Sat 23 May 2026 11:34:35 +0000
ROA not before: Sat 23 May 2026 11:34:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.154.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:9d:9a:36:dd:af:84:36:56:0c:58:17:15:9c:65:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 23 11:34:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a188a1f68b90c4bbf08bcc36b2f43078c4562a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:03:77:fa:66:9f:01:ff:e6:ce:4e:d5:db:34:
69:c1:09:b5:a1:bd:c5:9f:6f:dd:77:31:6c:ff:1c:
b7:a6:94:ec:a9:25:f0:1e:90:b7:41:7e:10:35:5a:
91:aa:58:f3:35:a7:71:f6:06:56:54:d5:98:b0:e5:
50:fa:7b:26:36:3e:e6:bc:83:87:31:2f:7a:00:18:
60:92:80:69:54:33:c2:52:70:e6:62:e7:f9:d1:6e:
c7:c5:be:a3:ce:e7:53:23:79:6b:26:0b:5b:4f:03:
57:aa:0f:3b:a8:b6:92:be:6c:c7:66:ec:71:98:77:
44:99:c1:60:3d:99:06:54:5f:31:a4:df:45:74:4d:
79:79:ad:d9:2d:c8:9e:b4:f7:e9:69:e4:5a:04:09:
3e:79:e3:c6:ba:a7:45:35:7c:59:4f:9f:46:f5:98:
83:a5:dd:5c:a6:5a:61:f6:86:43:01:51:c1:3e:e2:
1e:11:46:7f:69:dc:f1:42:38:35:22:c3:25:88:92:
02:48:75:a8:6b:88:65:1d:4e:6e:a2:99:e3:f4:e3:
e7:8e:d9:af:d1:5d:bd:e3:d8:f5:77:83:d4:21:8e:
c4:cb:46:2f:0b:e4:33:e3:3a:25:8d:3a:81:7b:07:
d1:73:d3:6a:ed:bd:e0:bc:93:d8:ed:16:b0:8a:b4:
64:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:88:A1:F6:8B:90:C4:BB:F0:8B:CC:36:B2:F4:30:78:C4:56:2A:1A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oYih9ouQxLvwi8w2svQweMRWKho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0/24
77.242.148.0/24
77.242.151.0/24
77.242.154.0/24
88.151.61.0-88.151.63.255
88.209.196.0/24
88.209.208.0-88.209.210.255
88.209.212.0/22
88.209.219.0/24
92.52.208.0/21
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:e3:6a:01:4b:f8:b0:57:8e:8a:a3:b9:88:f3:b3:2e:a9:58:
c6:93:5e:3c:c9:19:e0:7b:da:d7:e3:01:3b:87:b4:ad:f2:ae:
23:96:fe:9d:e4:3f:9c:78:07:ae:55:6f:f8:f3:2f:f0:c0:2e:
e2:f2:59:a7:2d:63:c1:51:b0:77:07:3d:a1:d7:2d:6a:8a:b2:
b6:8e:8e:98:e9:a6:47:19:3f:4c:02:89:e6:32:65:10:28:c3:
86:65:ea:3f:81:a5:5f:71:37:b6:f6:44:e2:87:4f:67:57:4d:
e1:a6:e1:71:8a:91:7c:08:16:91:b9:a3:a5:c5:4b:06:2a:4d:
55:b7:ad:bf:d4:b6:72:de:2f:92:1d:a6:e2:69:01:d3:c1:ca:
d8:20:d4:78:40:c9:df:a5:29:93:76:e0:0c:1b:a6:a2:74:e5:
c3:d1:2e:4f:f2:2d:2c:1f:e0:b5:44:e3:f4:4f:e9:b7:2e:a5:
18:7c:78:8e:c2:02:63:7b:49:79:fd:76:36:1f:e8:88:44:22:
99:a9:40:25:33:87:1e:5f:c2:f3:60:28:b6:1b:06:b2:f1:ca:
62:52:14:6f:14:02:fc:04:00:c9:f4:9f:e0:8c:3a:64:46:fa:
8a:29:49:84:28:d1:e5:b7:65:9c:f9:ce:58:eb:a1:37:cf:d8:
7c:25:f2:05
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZ5UnZo23a+ENlYMWBcVnGUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNTIzMTEzNDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg4YTFmNjhiOTBjNGJiZjA4YmNjMzZiMmY0MzA3OGM0NTYyYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAN3+mafAf/mzk7V2zRpwQm1ob3F
n2/ddzFs/xy3ppTsqSXwHpC3QX4QNVqRqljzNadx9gZWVNWYsOVQ+nsmNj7mvIOH
MS96ABhgkoBpVDPCUnDmYuf50W7Hxb6jzudTI3lrJgtbTwNXqg87qLaSvmzHZuxx
mHdEmcFgPZkGVF8xpN9FdE15ea3ZLcietPfpaeRaBAk+eePGuqdFNXxZT59G9ZiD
pd1cplph9oZDAVHBPuIeEUZ/adzxQjg1IsMliJICSHWoa4hlHU5uopnj9OPnjtmv
0V2949j1d4PUIY7Ey0YvC+Qz4zoljTqBewfRc9Nq7b3gvJPY7RawirRk3wIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFKGIofaLkMS78IvMNrL0MHjEVioaMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvb1lpaDlvdVF4THZ3aTh3MnN2UXdlTVJXS2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0DBABN8pADBABN8pQDBABN8pcDBABN8powDAME
AFiXPQMEBliXAAMEAFjRxDAMAwQEWNHQAwQAWNHSAwQCWNHUAwQAWNHbAwQDXDTQ
AwQDsvjIAwQAwYp9MBsEAgACMBUDBQMqAB9AAwUDKgX1wAMFAyoM8cAwDQYJKoZI
hvcNAQELBQADggEBADfjagFL+LBXjoqjuYjzsy6pWMaTXjzJGeB72tfjATuHtK3y
riOW/p3kP5x4B65Vb/jzL/DALuLyWactY8FRsHcHPaHXLWqKsraOjpjppkcZP0wC
ieYyZRAow4Zl6j+BpV9xN7b2ROKHT2dXTeGm4XGKkXwIFpG5o6XFSwYqTVW3rb/U
tnLeL5IdpuJpAdPBytgg1HhAyd+lKZN24AwbpqJ05cPRLk/yLSwf4LVE4/RP6bcu
pRh8eI7CAmN7SXn9djYf6IhEIpmpQCUzhx5fwvNgKLYbBrLxymJSFG8UAvwEAMn0
n+CMOmRG+oopSYQo0eW3ZZz5zljroTfP2Hwl8gU=
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:32 2026 by rpki-client