Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/Oc47hB2V6Cw8HP5aVnlKZA_fX5E.roa
File: Oc47hB2V6Cw8HP5aVnlKZA_fX5E.roa (raw, json)
Hash identifier: Pp00MhcImciNgzTEsbEKZbcegIMR6Roel0Kkv3+T7oc=
Subject key identifier: 39:CE:3B:84:1D:95:E8:2C:3C:1C:FE:5A:56:79:4A:64:0F:DF:5F:91
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019DD41D15CAD9A5470023372626AC4BC14F
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/Oc47hB2V6Cw8HP5aVnlKZA_fX5E.roa
Signing time: Tue 28 Apr 2026 12:42:49 +0000
ROA not before: Tue 28 Apr 2026 12:42:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.99.0/24 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
185.198.203.0/24 maxlen: 24
195.20.20.0/22 maxlen: 24
217.180.58.0/24 maxlen: 24
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:1000::/36 maxlen: 36
2a0a:8ec0:2000::/36 maxlen: 36
2a0a:8ec0:3000::/36 maxlen: 36
2a0a:8ec0:4000::/36 maxlen: 36
2a0a:8ec0:8003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:1d:15:ca:d9:a5:47:00:23:37:26:26:ac:4b:c1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Apr 28 12:42:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39ce3b841d95e82c3c1cfe5a56794a640fdf5f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:39:27:49:bf:9a:1d:95:ad:5e:10:54:75:b0:
c2:89:de:f8:8b:62:c7:8b:ca:04:5b:aa:79:4c:63:
be:f6:26:4f:05:89:7c:6b:75:5e:5a:ba:98:0f:5b:
08:2c:9f:82:b2:3c:7a:8b:4b:d4:e7:92:73:e9:ea:
cb:f4:3b:e8:1a:ed:03:b3:f3:f2:fc:bb:8f:3b:a1:
e9:b1:49:15:07:4f:17:76:56:96:29:cd:77:30:5a:
7d:2f:a6:10:0e:bf:aa:99:6d:23:a1:a9:77:79:fb:
c3:92:a9:74:a6:49:27:58:1b:35:a4:60:65:ed:30:
c4:3f:cb:ff:d4:3c:fb:f6:5b:7a:5c:27:b2:1e:3e:
40:02:4a:20:da:ce:31:11:c3:9c:78:58:c2:3b:29:
46:c3:f3:f6:a0:f8:2b:48:18:21:80:b2:69:5f:64:
fb:73:e3:5b:48:47:fa:be:8b:99:16:bc:c5:60:d9:
4d:53:6f:7b:92:cc:89:2a:91:79:a4:2f:c1:72:9f:
22:5e:5f:cd:f2:58:9e:42:c2:d8:85:ca:ad:0a:54:
05:ab:7d:17:a9:86:dc:e3:8e:43:e3:90:39:51:9c:
77:71:e9:50:ca:a2:6e:9b:1e:57:8d:10:21:72:69:
91:80:e7:ea:48:7b:36:10:0a:0e:09:b4:d6:3c:af:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CE:3B:84:1D:95:E8:2C:3C:1C:FE:5A:56:79:4A:64:0F:DF:5F:91
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/Oc47hB2V6Cw8HP5aVnlKZA_fX5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
217.180.58.0/24
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
35:f9:18:c2:6e:b4:c7:83:8e:86:42:8e:0c:2d:a8:41:b3:09:
fc:82:52:d4:79:6e:2f:7a:80:e0:d4:08:ea:2e:3a:ae:67:c8:
0d:c2:57:b7:a4:64:92:e5:ff:24:49:fb:af:34:30:dd:46:2e:
de:08:46:d8:2b:1a:f7:12:03:61:cb:f4:37:7f:d1:da:a5:bc:
48:4b:35:42:b5:75:1e:f7:ff:a2:cf:9b:91:5e:dd:50:2e:ad:
aa:1f:85:1b:67:bd:f1:55:47:65:c2:3f:dd:14:bc:cb:98:60:
87:61:a3:a7:a7:14:c2:b9:73:f4:47:8d:8b:96:68:fb:36:2c:
34:2f:04:a5:59:f0:d9:1e:4d:e3:72:46:f5:1a:d5:6c:c9:9d:
3e:62:5d:33:21:3c:ad:42:ff:26:8b:14:f4:14:0d:b8:e0:86:
06:16:2a:75:b5:38:b8:af:4f:e4:88:ae:30:59:95:12:50:57:
fe:d8:0f:4a:c6:de:12:02:35:b6:51:69:ce:f2:4d:33:ba:ac:
16:9c:c8:f3:2d:c7:10:ae:c1:0e:2e:ad:a9:cb:0c:be:87:d3:
77:b6:fa:85:b0:b2:b9:57:91:3b:8b:20:a6:ff:a5:69:b1:b1:
74:49:e5:55:49:1e:9a:65:16:4d:51:c1:6d:63:e2:b2:c7:7f:
d7:dd:ed:4e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ3UHRXK2aVHACM3JiasS8FPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjYwNDI4MTI0MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNlM2I4NDFkOTVlODJjM2MxY2ZlNWE1Njc5NGE2NDBmZGY1ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDknSb+aHZWtXhBUdbDCid74i2LH
i8oEW6p5TGO+9iZPBYl8a3VeWrqYD1sILJ+Csjx6i0vU55Jz6erL9DvoGu0Ds/Py
/LuPO6HpsUkVB08XdlaWKc13MFp9L6YQDr+qmW0joal3efvDkql0pkknWBs1pGBl
7TDEP8v/1Dz79lt6XCeyHj5AAkog2s4xEcOceFjCOylGw/P2oPgrSBghgLJpX2T7
c+NbSEf6vouZFrzFYNlNU297ksyJKpF5pC/Bcp8iXl/N8lieQsLYhcqtClQFq30X
qYbc445D45A5UZx3celQyqJumx5XjRAhcmmRgOfqSHs2EAoOCbTWPK89tQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDnOO4QdlegsPBz+WlZ5SmQP31+RMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvT2M0N2hCMlY2Q3c4SFA1YVZubEtaQV9mWDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZdcAwQE
UEJgAwQCucbIAwQCwxQUAwQA2bQ6MA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEB
CwUAA4IBAQA1+RjCbrTHg46GQo4MLahBswn8glLUeW4veoDg1AjqLjquZ8gNwle3
pGSS5f8kSfuvNDDdRi7eCEbYKxr3EgNhy/Q3f9HapbxISzVCtXUe9/+iz5uRXt1Q
Lq2qH4UbZ73xVUdlwj/dFLzLmGCHYaOnpxTCuXP0R42Llmj7Niw0LwSlWfDZHk3j
ckb1GtVsyZ0+Yl0zITytQv8mixT0FA244IYGFip1tTi4r0/kiK4wWZUSUFf+2A9K
xt4SAjW2UWnO8k0zuqwWnMjzLccQrsEOLq2pywy+h9N3tvqFsLK5V5E7iyCm/6Vp
sbF0SeVVSR6aZRZNUcFtY+Kyx3/X3e1O
-----END CERTIFICATE-----
Generated at Wed May 13 03:48:49 2026 by rpki-client