Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/OFa8deirJ8mX7gRn79xlLJ8oDFY.roa
File: OFa8deirJ8mX7gRn79xlLJ8oDFY.roa (raw, json)
Hash identifier: N+xsE/A93Q5FiilxuvU4PImtKOjqeD0giFP8OnmhGl0=
Subject key identifier: 38:56:BC:75:E8:AB:27:C9:97:EE:04:67:EF:DC:65:2C:9F:28:0C:56
Certificate issuer: /CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Certificate serial: 019D2AFDF49F00D25C9606ADE8A5AD7D0500
Authority key identifier: A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/OFa8deirJ8mX7gRn79xlLJ8oDFY.roa
Signing time: Thu 26 Mar 2026 16:32:59 +0000
ROA not before: Thu 26 Mar 2026 16:32:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43566
IP address blocks: 78.110.224.0/20 maxlen: 24
78.110.224.0/21 maxlen: 24
78.110.232.0/21 maxlen: 24
78.110.233.0/24 maxlen: 24
78.110.234.0/24 maxlen: 24
178.23.24.0/21 maxlen: 24
178.23.24.0/22 maxlen: 24
178.23.24.0/24 maxlen: 24
178.23.25.0/24 maxlen: 24
178.23.26.0/23 maxlen: 24
178.23.28.0/22 maxlen: 24
2a11:7f80::/32 maxlen: 36
2a11:7f80::/33 maxlen: 36
2a11:7f80:8000::/33 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/o860BZh6Oqi75ZnY70ZjySQqNLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/o860BZh6Oqi75ZnY70ZjySQqNLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:fd:f4:9f:00:d2:5c:96:06:ad:e8:a5:ad:7d:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Validity
Not Before: Mar 26 16:32:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3856bc75e8ab27c997ee0467efdc652c9f280c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0c:64:b0:e2:d7:78:54:6b:98:45:5c:a6:80:
f6:c5:b6:73:e9:af:8d:5a:73:30:55:3a:02:a3:59:
09:f4:3a:07:56:c4:99:b0:70:5a:8c:f3:99:07:6e:
d9:5d:a8:2b:f2:f5:9d:bd:90:13:72:68:a2:2f:bc:
18:86:76:9f:f8:ca:bf:4d:35:98:aa:b5:c4:5e:fe:
4e:e9:4b:27:36:68:6a:0f:3c:31:dd:9c:86:f6:d7:
68:26:45:8c:05:52:c5:f3:6a:c0:18:b1:33:28:4b:
05:37:d3:64:3b:8c:4b:f7:2b:85:d5:69:72:a8:7b:
a7:53:06:8d:a0:8e:4a:fe:f2:f5:f7:7b:4e:0d:15:
28:9d:4b:e2:8f:de:cb:43:5e:cd:18:f6:13:35:8c:
8e:3d:c7:8d:84:1b:73:76:c3:9f:11:79:e7:c0:19:
2a:5b:fb:77:ca:7c:cd:ee:c9:04:da:06:04:88:79:
c8:19:02:a9:28:39:14:54:13:2e:ae:86:b3:5b:ca:
7e:99:72:c2:25:a4:62:5b:74:e1:62:9e:e8:65:ad:
bf:26:c6:1c:62:26:4d:04:de:17:9c:a8:1b:f0:0e:
36:dd:2d:7d:38:35:f1:88:ff:6a:7e:a9:e0:ed:98:
e4:a4:68:c3:11:50:0d:ba:87:bd:40:aa:38:68:d0:
4e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:56:BC:75:E8:AB:27:C9:97:EE:04:67:EF:DC:65:2C:9F:28:0C:56
X509v3 Authority Key Identifier:
keyid:A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/OFa8deirJ8mX7gRn79xlLJ8oDFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/o860BZh6Oqi75ZnY70ZjySQqNLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.224.0/20
178.23.24.0/21
IPv6:
2a11:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
40:3a:14:a4:74:99:db:05:0a:db:2c:93:bf:62:95:72:83:0f:
76:5a:f5:ad:5e:5c:28:f9:8d:dd:31:bb:69:fe:e0:c5:d7:fc:
71:26:01:53:19:50:60:7b:06:5e:c3:af:09:ca:fa:95:42:c5:
42:c0:4e:e7:4f:cd:8e:ac:77:dc:40:4d:e6:8b:a5:0f:19:3b:
1b:f1:e1:eb:03:e9:39:31:f4:ed:a8:4d:5c:fa:8f:18:37:18:
79:4e:d2:19:33:16:aa:c5:92:4b:78:86:bc:94:1b:44:e8:d3:
1d:46:af:a7:bb:77:bc:42:48:fd:7c:52:db:08:47:36:4f:a6:
50:40:63:b9:57:13:78:57:49:9e:e6:e7:54:e0:ff:10:f0:44:
06:e3:5b:98:f1:4e:1b:9e:4f:ea:3b:a7:20:67:65:0e:8d:50:
a6:7d:54:d5:71:a6:27:20:6b:8b:5d:2d:a4:a3:ca:df:9c:ca:
d9:10:1a:d8:21:7d:47:89:fb:e3:a4:53:a1:85:f4:a5:57:cc:
09:b0:2f:d1:98:b4:43:a7:13:ec:7d:62:78:93:17:59:05:b4:
68:e9:e0:57:ae:25:b7:eb:35:12:00:31:7d:18:95:68:5c:a3:
bb:c8:ea:71:76:82:dd:93:a6:09:2c:76:14:ae:28:cd:cf:25:
1c:bb:58:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ0q/fSfANJclgat6KWtfQUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2ViNDA1OTg3YTNhYThiYmU1OTlkOGVmNDY2M2M5MjQy
YTM0YjgwHhcNMjYwMzI2MTYzMjU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU2YmM3NWU4YWIyN2M5OTdlZTA0NjdlZmRjNjUyYzlmMjgwYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAxksOLXeFRrmEVcpoD2xbZz6a+N
WnMwVToCo1kJ9DoHVsSZsHBajPOZB27ZXagr8vWdvZATcmiiL7wYhnaf+Mq/TTWY
qrXEXv5O6UsnNmhqDzwx3ZyG9tdoJkWMBVLF82rAGLEzKEsFN9NkO4xL9yuF1Wly
qHunUwaNoI5K/vL193tODRUonUvij97LQ17NGPYTNYyOPceNhBtzdsOfEXnnwBkq
W/t3ynzN7skE2gYEiHnIGQKpKDkUVBMuroazW8p+mXLCJaRiW3ThYp7oZa2/JsYc
YiZNBN4XnKgb8A423S19ODXxiP9qfqng7ZjkpGjDEVANuoe9QKo4aNBOzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDhWvHXoqyfJl+4EZ+/cZSyfKAxWMB8GA1UdIwQY
MBaAFKPOtAWYejqou+WZ2O9GY8kkKjS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUt
NWRiODUxZDZmMDg2LzEvT0ZhOGRlaXJKOG1YN2dSbjc5eGxMSjhvREZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUtNWRiODUxZDZmMDg2
LzEvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm7gAwQD
shcYMA0EAgACMAcDBQAqEX+AMA0GCSqGSIb3DQEBCwUAA4IBAQBAOhSkdJnbBQrb
LJO/YpVygw92WvWtXlwo+Y3dMbtp/uDF1/xxJgFTGVBgewZew68JyvqVQsVCwE7n
T82OrHfcQE3mi6UPGTsb8eHrA+k5MfTtqE1c+o8YNxh5TtIZMxaqxZJLeIa8lBtE
6NMdRq+nu3e8Qkj9fFLbCEc2T6ZQQGO5VxN4V0me5udU4P8Q8EQG41uY8U4bnk/q
O6cgZ2UOjVCmfVTVcaYnIGuLXS2ko8rfnMrZEBrYIX1HifvjpFOhhfSlV8wJsC/R
mLRDpxPsfWJ4kxdZBbRo6eBXriW36zUSADF9GJVoXKO7yOpxdoLdk6YJLHYUrijN
zyUcu1iz
-----END CERTIFICATE-----
Generated at Fri Mar 27 08:37:02 2026 by rpki-client