Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/oTR56cyeKnrqB4eLr9IFRqGiB88.roa
File: oTR56cyeKnrqB4eLr9IFRqGiB88.roa (raw, json)
Hash identifier: snlvASDIyvudTtl4HEkxIFNnIhgqIkS7EP587pwAfiQ=
Subject key identifier: A1:34:79:E9:CC:9E:2A:7A:EA:07:87:8B:AF:D2:05:46:A1:A2:07:CF
Certificate issuer: /CN=54adbbcf9260432abee2013033d4eb95f3bdabd6
Certificate serial: 019D0D951E7814A2B470F254B67AB8433A86
Authority key identifier: 54:AD:BB:CF:92:60:43:2A:BE:E2:01:30:33:D4:EB:95:F3:BD:AB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VK27z5JgQyq-4gEwM9TrlfO9q9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/oTR56cyeKnrqB4eLr9IFRqGiB88.roa
Signing time: Fri 20 Mar 2026 23:29:29 +0000
ROA not before: Fri 20 Mar 2026 23:29:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31898
IP address blocks: 158.178.128.0/22 maxlen: 24
158.178.136.0/21 maxlen: 24
158.178.144.0/20 maxlen: 24
158.178.192.0/20 maxlen: 24
158.178.208.0/21 maxlen: 24
158.178.216.0/22 maxlen: 24
158.178.220.0/22 maxlen: 24
158.178.224.0/20 maxlen: 24
158.178.240.0/21 maxlen: 24
158.178.248.0/22 maxlen: 24
158.179.4.0/22 maxlen: 24
158.179.8.0/22 maxlen: 24
158.179.12.0/22 maxlen: 24
158.179.16.0/20 maxlen: 24
158.179.160.0/20 maxlen: 24
158.179.176.0/20 maxlen: 24
158.179.192.0/22 maxlen: 24
158.179.196.0/24 maxlen: 24
158.179.198.0/23 maxlen: 24
158.179.200.0/21 maxlen: 24
158.179.208.0/20 maxlen: 24
158.180.0.0/22 maxlen: 24
158.180.4.0/22 maxlen: 24
158.180.8.0/21 maxlen: 24
158.180.16.0/20 maxlen: 24
158.180.32.0/19 maxlen: 24
158.180.64.0/19 maxlen: 24
158.180.226.0/23 maxlen: 24
158.180.228.0/22 maxlen: 24
158.180.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/VK27z5JgQyq-4gEwM9TrlfO9q9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/VK27z5JgQyq-4gEwM9TrlfO9q9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/VK27z5JgQyq-4gEwM9TrlfO9q9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0d:95:1e:78:14:a2:b4:70:f2:54:b6:7a:b8:43:3a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54adbbcf9260432abee2013033d4eb95f3bdabd6
Validity
Not Before: Mar 20 23:29:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a13479e9cc9e2a7aea07878bafd20546a1a207cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d9:e6:1e:fc:6f:4a:e4:70:db:77:73:cf:b9:
1f:78:55:39:2c:04:1a:15:c8:04:e8:5c:e0:51:33:
9e:21:7e:21:2f:b1:d2:b8:5f:10:37:46:fe:8c:d4:
69:c9:31:d3:58:f2:c7:c1:fa:51:44:5c:8b:89:a0:
fe:f1:93:3f:9a:1e:04:13:98:c2:80:79:ab:11:b8:
de:b1:68:81:af:3f:53:15:18:32:e9:f4:be:cf:19:
38:8a:e5:3f:79:db:14:50:da:8f:be:b6:6a:f1:4c:
25:4e:3b:00:f2:63:ab:40:89:93:82:81:53:0c:96:
36:49:8a:07:4e:4e:9d:53:b1:05:8a:78:3a:2e:a3:
d5:99:44:cc:e0:86:0b:60:1c:83:33:80:ca:f2:61:
31:98:e4:f7:5b:7c:53:ac:e9:d6:3a:d5:c1:be:8f:
20:05:72:04:ee:f7:c8:ea:18:71:50:bb:b7:ef:95:
ab:05:a2:c3:31:55:ae:27:8c:33:98:6c:eb:e3:26:
89:07:1f:20:7b:f8:b0:c4:94:6b:f9:38:1e:c7:98:
00:f3:62:47:d6:ca:b9:87:7b:13:9c:a8:8b:c0:ad:
2f:72:93:07:b6:97:90:3e:32:48:d6:99:87:2c:2e:
51:e5:92:91:d5:8b:00:30:26:3b:cb:db:4f:af:9e:
28:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:34:79:E9:CC:9E:2A:7A:EA:07:87:8B:AF:D2:05:46:A1:A2:07:CF
X509v3 Authority Key Identifier:
keyid:54:AD:BB:CF:92:60:43:2A:BE:E2:01:30:33:D4:EB:95:F3:BD:AB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VK27z5JgQyq-4gEwM9TrlfO9q9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/oTR56cyeKnrqB4eLr9IFRqGiB88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/340e56-6492-47e2-99dc-142537de948e/1/VK27z5JgQyq-4gEwM9TrlfO9q9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.178.128.0/22
158.178.136.0-158.178.159.255
158.178.192.0-158.178.251.255
158.179.4.0-158.179.31.255
158.179.160.0-158.179.196.255
158.179.198.0-158.179.223.255
158.180.0.0-158.180.95.255
158.180.226.0-158.180.239.255
Signature Algorithm: sha256WithRSAEncryption
cd:33:f3:7f:59:ff:e3:aa:52:f5:9f:58:96:45:d7:f2:d0:28:
5a:6d:37:36:5a:fb:60:24:c7:40:5d:8d:f5:a6:cb:bb:61:db:
64:02:3c:dd:dc:2e:a0:66:e6:d3:e8:75:dd:76:5a:b2:a0:bb:
f4:86:82:39:68:bd:2c:b2:5e:2f:ac:8d:8d:a2:61:4c:12:ee:
00:45:7b:cd:44:35:ac:01:62:33:9f:b3:d8:a8:c5:83:c5:92:
d5:58:c5:04:5f:5e:dc:e7:56:00:04:fb:00:95:78:f0:93:1c:
c2:5b:7a:96:d1:03:e6:5b:76:45:b2:a1:bd:ea:e2:6c:bf:9c:
8c:fd:61:af:7d:59:51:0d:11:9b:90:07:fb:b4:3d:7d:1e:65:
6c:f1:22:96:fc:c7:c7:27:ad:e3:a2:a7:66:de:2c:e0:11:03:
b2:3d:a4:86:04:4b:f1:9c:c2:7c:a7:a2:02:d9:d4:21:5a:0d:
f9:4e:af:92:9c:7c:3b:89:2d:db:97:4f:c4:95:f3:1d:1a:99:
b8:1c:c2:bb:f1:9d:b3:c6:fc:5f:12:3f:5f:45:19:e6:d7:65:
00:e9:7d:55:3a:0b:da:69:09:0f:e1:36:e8:15:b5:e5:1a:08:
56:fb:bc:45:6d:50:64:d1:f8:8b:19:b5:f7:0f:11:1a:87:86:
74:a5:c4:d0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZ0NlR54FKK0cPJUtnq4QzqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YWRiYmNmOTI2MDQzMmFiZWUyMDEzMDMzZDRlYjk1ZjNi
ZGFiZDYwHhcNMjYwMzIwMjMyOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM0NzllOWNjOWUyYTdhZWEwNzg3OGJhZmQyMDU0NmExYTIwN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NnmHvxvSuRw23dzz7kfeFU5LAQa
FcgE6FzgUTOeIX4hL7HSuF8QN0b+jNRpyTHTWPLHwfpRRFyLiaD+8ZM/mh4EE5jC
gHmrEbjesWiBrz9TFRgy6fS+zxk4iuU/edsUUNqPvrZq8UwlTjsA8mOrQImTgoFT
DJY2SYoHTk6dU7EFing6LqPVmUTM4IYLYByDM4DK8mExmOT3W3xTrOnWOtXBvo8g
BXIE7vfI6hhxULu375WrBaLDMVWuJ4wzmGzr4yaJBx8ge/iwxJRr+Tgex5gA82JH
1sq5h3sTnKiLwK0vcpMHtpeQPjJI1pmHLC5R5ZKR1YsAMCY7y9tPr54o8wIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFKE0eenMnip66geHi6/SBUahogfPMB8GA1UdIwQY
MBaAFFStu8+SYEMqvuIBMDPU65XzvavWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVksyN3o1SmdReXEtNGdFd005VHJsZk85cTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zNDBlNTYtNjQ5Mi00N2UyLTk5ZGMt
MTQyNTM3ZGU5NDhlLzEvb1RSNTZjeWVLbnJxQjRlTHI5SUZScUdpQjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zNDBlNTYtNjQ5Mi00N2UyLTk5ZGMtMTQyNTM3ZGU5NDhl
LzEvVksyN3o1SmdReXEtNGdFd005VHJsZk85cTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMEAp6ygDAM
AwQDnrKIAwQFnrKAMAwDBAaessADBAKesvgwDAMEAp6zBAMEBZ6zADAMAwQFnrOg
AwQAnrPEMAwDBAGes8YDBAWes8AwCwMDAp60AwQFnrRAMAwDBAGetOIDBASetOAw
DQYJKoZIhvcNAQELBQADggEBAM0z839Z/+OqUvWfWJZF1/LQKFptNzZa+2Akx0Bd
jfWmy7th22QCPN3cLqBm5tPodd12WrKgu/SGgjlovSyyXi+sjY2iYUwS7gBFe81E
NawBYjOfs9ioxYPFktVYxQRfXtznVgAE+wCVePCTHMJbepbRA+ZbdkWyob3q4my/
nIz9Ya99WVENEZuQB/u0PX0eZWzxIpb8x8cnreOip2beLOARA7I9pIYES/Gcwnyn
ogLZ1CFaDflOr5KcfDuJLduXT8SV8x0ambgcwrvxnbPG/F8SP19FGebXZQDpfVU6
C9ppCQ/hNugVteUaCFb7vEVtUGTR+IsZtfcPERqHhnSlxNA=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:06 2026 by rpki-client