Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OI8QWVv_chgdmwAWrY8TiiEHfx4.roa
File: OI8QWVv_chgdmwAWrY8TiiEHfx4.roa (raw, json)
Hash identifier: I5/vA6U+NqqViBqDeDmORphsSlyAGX+Zx8sUraJzHAA=
Subject key identifier: 38:8F:10:59:5B:FF:72:18:1D:9B:00:16:AD:8F:13:8A:21:07:7F:1E
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019D1A8788C8FD9845F71AD4491EA6AEEAB6
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OI8QWVv_chgdmwAWrY8TiiEHfx4.roa
Signing time: Mon 23 Mar 2026 11:49:43 +0000
ROA not before: Mon 23 Mar 2026 11:49:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210970
IP address blocks: 45.152.11.0/24 maxlen: 24
46.161.208.0/23 maxlen: 24
46.161.212.0/23 maxlen: 24
46.161.214.0/23 maxlen: 24
195.60.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:87:88:c8:fd:98:45:f7:1a:d4:49:1e:a6:ae:ea:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 23 11:49:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=388f10595bff72181d9b0016ad8f138a21077f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a7:3b:17:c7:58:65:a8:6f:68:93:eb:11:49:
d1:f1:92:a6:25:1d:5b:a5:87:b1:83:71:65:1a:09:
95:a0:c4:e3:8a:c8:c1:b3:3d:b1:e0:82:d3:dc:ca:
8e:96:7b:48:a8:4b:ed:53:1e:76:c4:5a:68:eb:3f:
af:c2:35:4a:ec:f7:58:26:fc:cd:6d:74:dc:05:9e:
f3:53:84:f4:21:52:11:5e:54:19:1c:21:41:2d:73:
ea:98:17:0d:75:41:e6:78:a3:d4:f7:39:b0:d3:ed:
84:2e:f3:80:88:54:15:d1:96:9a:65:ee:a6:bc:6d:
ec:f1:d8:90:10:39:c5:a6:99:9d:d0:09:bf:7f:a6:
d4:8a:00:41:6d:46:c5:c5:0b:f9:31:ab:e5:55:1c:
8b:8c:24:b1:b0:da:a1:7e:fd:cd:92:fc:31:52:d7:
e3:ba:1f:c7:9f:97:6e:1a:0f:db:91:58:16:92:e7:
41:92:f1:9f:b3:c9:0f:03:d4:bd:58:50:4d:53:6f:
13:c9:86:1e:5c:5e:e6:4d:36:63:97:94:09:04:6a:
9e:b0:f9:11:c7:74:9a:87:78:08:00:76:f9:e5:d6:
3e:60:93:1c:c9:ac:01:6e:09:d3:2e:ad:3e:26:36:
7e:e1:59:ac:3c:d8:7a:61:7d:87:54:71:ea:f2:bc:
48:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8F:10:59:5B:FF:72:18:1D:9B:00:16:AD:8F:13:8A:21:07:7F:1E
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OI8QWVv_chgdmwAWrY8TiiEHfx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.11.0/24
46.161.208.0/23
46.161.212.0/22
195.60.176.0/24
Signature Algorithm: sha256WithRSAEncryption
54:0a:f8:fc:07:fd:23:08:0b:47:1b:73:cb:ef:44:9b:0c:95:
8b:d0:e0:0b:cb:90:1d:00:ad:b6:b9:98:9a:d7:3b:2b:74:cd:
3d:57:7f:1e:71:61:43:14:f0:4a:cc:41:84:5e:3f:36:77:93:
d1:f7:b1:e5:3e:d9:6d:e2:06:ff:90:93:ae:e7:8b:db:1f:be:
fe:73:98:bf:10:f7:ec:cc:86:ef:e6:cb:1d:6e:2b:9d:70:b3:
e0:4c:cd:a1:08:ad:32:04:bd:87:2a:a3:72:9d:8e:c3:f8:6c:
68:66:92:a9:ac:c8:04:54:09:0d:03:c2:a0:df:e6:29:cb:01:
17:a9:31:65:7d:7d:6e:66:b7:04:e3:dd:42:e2:5a:ad:ec:24:
f1:72:86:3a:07:76:84:ec:51:b9:03:0d:1c:fb:fc:79:00:fe:
ae:ac:78:ef:59:e9:8c:9c:09:9b:a1:b2:c5:3b:5a:e1:10:31:
a4:a9:12:0e:29:0e:14:44:59:b6:1a:10:e2:74:79:b9:f2:5f:
4f:d9:ec:ee:8d:00:93:21:89:3f:1d:fe:70:8d:9c:45:4a:7a:
a4:16:30:62:dd:b1:ef:5c:18:55:a5:6e:cf:fd:40:16:6c:bc:
f9:26:bf:27:db:d7:21:85:7b:c9:fc:0f:f5:6d:5a:7a:c7:44:
98:1e:ec:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0ah4jI/ZhF9xrUSR6mruq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwMzIzMTE0OTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhmMTA1OTViZmY3MjE4MWQ5YjAwMTZhZDhmMTM4YTIxMDc3ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kc7F8dYZahvaJPrEUnR8ZKmJR1b
pYexg3FlGgmVoMTjisjBsz2x4ILT3MqOlntIqEvtUx52xFpo6z+vwjVK7PdYJvzN
bXTcBZ7zU4T0IVIRXlQZHCFBLXPqmBcNdUHmeKPU9zmw0+2ELvOAiFQV0ZaaZe6m
vG3s8diQEDnFppmd0Am/f6bUigBBbUbFxQv5MavlVRyLjCSxsNqhfv3NkvwxUtfj
uh/Hn5duGg/bkVgWkudBkvGfs8kPA9S9WFBNU28TyYYeXF7mTTZjl5QJBGqesPkR
x3Sah3gIAHb55dY+YJMcyawBbgnTLq0+JjZ+4VmsPNh6YX2HVHHq8rxIowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDiPEFlb/3IYHZsAFq2PE4ohB38eMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvT0k4UVdWdl9jaGdkbXdBV3JZOFRpaUVIZng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZgLAwQB
LqHQAwQCLqHUAwQAwzywMA0GCSqGSIb3DQEBCwUAA4IBAQBUCvj8B/0jCAtHG3PL
70SbDJWL0OALy5AdAK22uZia1zsrdM09V38ecWFDFPBKzEGEXj82d5PR97HlPtlt
4gb/kJOu54vbH77+c5i/EPfszIbv5ssdbiudcLPgTM2hCK0yBL2HKqNynY7D+Gxo
ZpKprMgEVAkNA8Kg3+YpywEXqTFlfX1uZrcE491C4lqt7CTxcoY6B3aE7FG5Aw0c
+/x5AP6urHjvWemMnAmbobLFO1rhEDGkqRIOKQ4URFm2GhDidHm58l9P2ezujQCT
IYk/Hf5wjZxFSnqkFjBi3bHvXBhVpW7P/UAWbLz5Jr8n29chhXvJ/A/1bVp6x0SY
HuxP
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:05:00 2026 by rpki-client