Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/oSGKhwEc_oyA4GgI1H0hJOveCVI.roa
File: oSGKhwEc_oyA4GgI1H0hJOveCVI.roa (raw, json)
Hash identifier: 1SINNHx3FHxT/JXf8IpEHqdou86CS2g7FnWo+nB+dSQ=
Subject key identifier: A1:21:8A:87:01:1C:FE:8C:80:E0:68:08:D4:7D:21:24:EB:DE:09:52
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019CF659DAD336F6DE1C1B12B60D8CAAD78C
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/oSGKhwEc_oyA4GgI1H0hJOveCVI.roa
Signing time: Mon 16 Mar 2026 11:13:29 +0000
ROA not before: Mon 16 Mar 2026 11:13:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48918
IP address blocks: 80.66.96.0/20 maxlen: 20
80.66.96.0/23 maxlen: 23
80.66.98.0/24 maxlen: 24
80.66.101.0/24 maxlen: 24
80.66.102.0/24 maxlen: 24
80.66.104.0/23 maxlen: 23
80.66.107.0/24 maxlen: 24
80.66.110.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 29
2a0a:8ec0:2001::/48 maxlen: 48
2a0a:8ec0:2002::/48 maxlen: 48
2a0a:8ec0:8002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:59:da:d3:36:f6:de:1c:1b:12:b6:0d:8c:aa:d7:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Mar 16 11:13:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1218a87011cfe8c80e06808d47d2124ebde0952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:d0:b6:f9:f9:b6:df:98:41:8e:b0:3e:aa:
43:56:7d:95:1b:ce:24:a9:9f:6a:73:30:19:77:52:
42:7e:0c:d0:53:9b:64:a9:a6:03:21:96:bc:b2:d6:
b0:ae:91:6f:9b:8c:42:05:53:5b:32:ea:4f:03:20:
e9:e4:f5:ba:c9:bf:40:85:c1:07:ba:11:58:02:e9:
08:59:24:cb:cd:de:5b:4f:fc:c6:fc:44:dd:31:c4:
5e:c9:5b:7b:5e:df:84:d1:2e:6c:51:b8:4e:a4:70:
cf:72:9c:6a:ab:a6:0e:4d:f7:59:46:0a:46:b3:6f:
74:4a:f5:55:38:0b:2d:6f:6c:0b:2e:70:6c:9c:61:
1a:e2:bb:1e:eb:f5:58:99:b3:c0:e0:37:80:48:8c:
7f:9b:9e:34:85:14:87:c9:8d:ee:c0:76:08:87:c8:
98:89:b7:40:f0:2f:67:00:74:3c:b7:58:a2:10:bc:
01:2b:0e:57:a2:60:d5:0c:a4:e1:a2:a4:79:32:0d:
a5:bd:65:b1:72:aa:80:ab:7f:50:b9:34:37:63:52:
ae:fe:f7:61:86:31:52:08:f4:c0:dd:e9:4e:4c:68:
b6:6c:b9:49:2d:bc:6b:7b:fc:15:68:c4:56:ce:bb:
e3:6f:b9:ec:6e:47:65:5c:2d:a5:fd:c9:1a:32:f7:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:21:8A:87:01:1C:FE:8C:80:E0:68:08:D4:7D:21:24:EB:DE:09:52
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/oSGKhwEc_oyA4GgI1H0hJOveCVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
30:b8:43:9c:ce:d4:28:1b:27:b1:7f:76:32:fe:90:44:66:72:
ba:f0:b4:bb:b5:7c:c7:66:04:06:cb:c4:d8:01:9e:39:30:bc:
28:e0:ee:09:96:6c:36:c8:e2:d6:13:00:7c:d5:41:80:ae:21:
b2:d6:0a:8c:b6:96:7f:93:d9:c3:d3:ed:5a:1c:7b:f0:fc:f3:
95:8d:e4:4c:c2:c5:4e:5e:b2:4b:38:3f:e3:6b:b2:4f:ae:b7:
c2:8a:ec:a4:cc:37:35:77:81:6b:da:fc:2a:4f:87:7a:88:98:
ff:9a:77:16:3a:76:a3:5e:d8:5d:95:77:8b:23:02:c6:90:38:
0a:cc:05:7b:81:56:39:ff:96:4b:c3:01:39:5f:32:fd:7f:30:
48:3b:2f:7e:2c:0d:e7:aa:9d:c7:0e:69:de:31:7b:13:0f:42:
30:82:65:db:9a:fd:22:33:2e:36:17:9d:fc:e8:1e:8d:f5:5f:
f1:9b:55:4f:10:0f:8e:83:f0:e3:e0:a5:44:59:18:f6:b5:ad:
9e:f6:e4:d8:49:94:47:dc:8a:9b:59:d7:32:bf:5f:a0:42:4c:
d7:4a:98:dd:91:07:c3:6c:3b:9e:86:94:0e:da:a5:a4:e3:ce:
02:52:e8:23:2c:39:5e:c7:da:b2:cb:f1:c4:aa:0a:bb:1d:5f:
a0:cb:ec:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZz2WdrTNvbeHBsStg2MqteMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjYwMzE2MTExMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIxOGE4NzAxMWNmZThjODBlMDY4MDhkNDdkMjEyNGViZGUwOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn93Qtvn5tt+YQY6wPqpDVn2VG84k
qZ9qczAZd1JCfgzQU5tkqaYDIZa8stawrpFvm4xCBVNbMupPAyDp5PW6yb9AhcEH
uhFYAukIWSTLzd5bT/zG/ETdMcReyVt7Xt+E0S5sUbhOpHDPcpxqq6YOTfdZRgpG
s290SvVVOAstb2wLLnBsnGEa4rse6/VYmbPA4DeASIx/m540hRSHyY3uwHYIh8iY
ibdA8C9nAHQ8t1iiELwBKw5XomDVDKThoqR5Mg2lvWWxcqqAq39QuTQ3Y1Ku/vdh
hjFSCPTA3elOTGi2bLlJLbxre/wVaMRWzrvjb7nsbkdlXC2l/ckaMveyXQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKEhiocBHP6MgOBoCNR9ISTr3glSMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvb1NHS2h3RWNfb3lBNEdnSTFIMGhKT3ZlQ1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUEJgAwQC
ucbIAwQCwxQUMA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEBCwUAA4IBAQAwuEOc
ztQoGyexf3Yy/pBEZnK68LS7tXzHZgQGy8TYAZ45MLwo4O4Jlmw2yOLWEwB81UGA
riGy1gqMtpZ/k9nD0+1aHHvw/POVjeRMwsVOXrJLOD/ja7JPrrfCiuykzDc1d4Fr
2vwqT4d6iJj/mncWOnajXthdlXeLIwLGkDgKzAV7gVY5/5ZLwwE5XzL9fzBIOy9+
LA3nqp3HDmneMXsTD0IwgmXbmv0iMy42F5386B6N9V/xm1VPEA+Og/Dj4KVEWRj2
ta2e9uTYSZRH3IqbWdcyv1+gQkzXSpjdkQfDbDuehpQO2qWk484CUugjLDlex9qy
y/HEqgq7HV+gy+wG
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:07:42 2026 by rpki-client