Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/oPGWWYaAX9Sd9i7DrFXYN9EHrLY.roa
File: oPGWWYaAX9Sd9i7DrFXYN9EHrLY.roa (raw, json)
Hash identifier: gWn6/oluANX78L0hnctxoTZX7zawfsnjM4XEj/gL06s=
Subject key identifier: A0:F1:96:59:86:80:5F:D4:9D:F6:2E:C3:AC:55:D8:37:D1:07:AC:B6
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 019D0709B3DF124168AF07D2B0648C5E9505
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/oPGWWYaAX9Sd9i7DrFXYN9EHrLY.roa
Signing time: Thu 19 Mar 2026 16:59:29 +0000
ROA not before: Thu 19 Mar 2026 16:59:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.64.0/24 maxlen: 24
45.157.65.0/24 maxlen: 24
45.157.66.0/24 maxlen: 24
45.157.67.0/24 maxlen: 24
94.124.64.0/24 maxlen: 24
94.124.65.0/24 maxlen: 24
94.124.66.0/24 maxlen: 24
94.124.67.0/24 maxlen: 24
94.124.68.0/24 maxlen: 24
94.124.69.0/24 maxlen: 24
94.124.70.0/24 maxlen: 24
94.124.71.0/24 maxlen: 24
178.248.48.0/24 maxlen: 24
178.248.49.0/24 maxlen: 24
178.248.50.0/24 maxlen: 24
178.248.51.0/24 maxlen: 24
178.248.52.0/24 maxlen: 24
178.248.53.0/24 maxlen: 24
178.248.54.0/24 maxlen: 24
178.248.55.0/24 maxlen: 24
185.45.208.0/24 maxlen: 24
185.45.209.0/24 maxlen: 24
185.45.210.0/24 maxlen: 24
185.45.211.0/24 maxlen: 24
185.187.156.0/24 maxlen: 24
185.187.157.0/24 maxlen: 24
185.187.158.0/24 maxlen: 24
185.187.159.0/24 maxlen: 24
2a02:2890::/48 maxlen: 48
2a02:2890:efff::/48 maxlen: 48
2a02:2890:ffff::/48 maxlen: 48
2a02:2891::/48 maxlen: 48
2a02:2891:1::/48 maxlen: 48
2a02:2891:2::/48 maxlen: 48
2a02:2891:4::/48 maxlen: 48
2a02:2891:9::/48 maxlen: 48
2a02:2891:10::/48 maxlen: 48
2a02:2891:11::/48 maxlen: 48
2a02:2891:12::/48 maxlen: 48
2a02:2891:13::/48 maxlen: 48
2a02:2891:15::/48 maxlen: 48
2a02:2891:16::/48 maxlen: 48
2a02:2891:18::/48 maxlen: 48
2a02:2891:19::/48 maxlen: 48
2a02:2891:29::/48 maxlen: 48
2a02:2891:ff::/48 maxlen: 48
2a02:2891:157::/48 maxlen: 48
2a02:2891:160::/48 maxlen: 48
2a02:2892:32::/48 maxlen: 48
2a02:2892:40::/48 maxlen: 48
2a02:2892:53::/48 maxlen: 48
2a02:2893:158::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:07:09:b3:df:12:41:68:af:07:d2:b0:64:8c:5e:95:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: Mar 19 16:59:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a0f1965986805fd49df62ec3ac55d837d107acb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:71:bc:0e:e6:09:ca:1f:db:dd:10:a9:69:
9f:f3:0e:70:73:be:e6:f1:5e:e3:0f:42:24:c2:bf:
1c:c7:36:08:52:16:8e:88:db:d0:bc:8a:df:6a:38:
80:77:3c:5f:db:77:6e:18:0d:88:70:94:71:13:ce:
f0:78:d3:7a:64:5f:d4:d3:a1:fd:ab:de:3f:16:c4:
e6:a9:a3:06:22:94:98:a0:e8:a5:7f:fe:fa:d6:bf:
b2:aa:ef:d9:29:75:91:a7:e6:b5:1f:cc:45:fc:85:
e2:cb:1e:01:f4:6a:d1:a2:a5:18:78:ed:91:70:eb:
01:3f:91:bf:4b:5c:34:6e:09:97:3f:53:84:e1:9a:
73:6d:d4:ac:6a:f8:e8:fb:a5:06:25:1e:1c:d2:20:
73:8a:4d:1d:4a:d1:c5:3d:80:cf:e1:a0:d1:d1:65:
de:e5:a9:b3:71:b5:1c:54:6d:1b:2c:ed:43:de:2d:
6e:fa:fa:87:ca:2f:24:aa:0d:e2:68:df:6b:ca:32:
49:68:27:d0:85:65:34:ac:a9:60:80:2e:45:a0:33:
fb:18:11:86:b8:a8:53:7b:1d:41:f9:32:e9:c1:04:
5a:df:b1:28:98:82:5e:17:eb:00:3b:8a:78:1b:4c:
c3:34:7a:0b:7f:eb:76:16:e6:70:56:e4:84:c3:b4:
ab:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:96:59:86:80:5F:D4:9D:F6:2E:C3:AC:55:D8:37:D1:07:AC:B6
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/oPGWWYaAX9Sd9i7DrFXYN9EHrLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
94.124.64.0/21
178.248.48.0/21
185.45.208.0/22
185.187.156.0/22
IPv6:
2a02:2890::/48
2a02:2890:efff::/48
2a02:2890:ffff::-2a02:2891:2:ffff:ffff:ffff:ffff:ffff
2a02:2891:4::/48
2a02:2891:9::/48
2a02:2891:10::/46
2a02:2891:15::-2a02:2891:16:ffff:ffff:ffff:ffff:ffff
2a02:2891:18::/47
2a02:2891:29::/48
2a02:2891:ff::/48
2a02:2891:157::/48
2a02:2891:160::/48
2a02:2892:32::/48
2a02:2892:40::/48
2a02:2892:53::/48
2a02:2893:158::/48
Signature Algorithm: sha256WithRSAEncryption
13:ab:3f:4d:f2:ea:aa:b0:2e:8b:8c:2f:1a:e6:0d:c3:fc:bb:
0e:e9:ea:a9:19:f2:ad:82:39:37:31:7d:27:95:41:b0:69:b6:
02:e3:27:f9:c9:02:38:a9:4a:ab:29:a4:83:f2:1f:71:6a:86:
2b:c2:42:0a:13:c1:d5:fe:ba:90:65:70:d4:1c:6f:b8:83:ad:
be:49:0b:36:bc:0c:97:8a:8d:e1:84:3a:b9:8a:c0:02:85:14:
05:68:3f:f7:b7:42:ce:a5:fc:b1:8a:93:09:0d:0f:38:1e:69:
4e:4e:09:30:44:ed:a3:11:e1:1d:1a:cd:79:94:50:c2:41:f0:
28:8d:27:d9:af:75:90:d6:f8:b2:94:33:07:00:ca:98:47:dd:
16:ec:c9:bb:f4:f3:5e:29:f8:7b:42:af:80:61:4b:97:85:2d:
40:52:35:87:90:10:3d:59:aa:5f:7e:59:70:f9:d8:c9:e4:e0:
fe:c3:9e:a9:1d:90:67:0a:5a:9e:48:6f:d2:5c:54:00:d2:f6:
7a:90:24:ed:4f:d0:df:63:1d:53:0b:64:a7:cc:e5:e8:2c:e2:
fc:b7:89:ca:a3:21:55:3e:10:4a:bf:d5:02:0c:75:7a:c0:3a:
f6:b3:84:d0:0f:47:91:8d:a6:39:03:23:73:8d:6c:fa:40:fb:
3e:57:c5:ae
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZ0HCbPfEkForwfSsGSMXpUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjYwMzE5MTY1OTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYxOTY1OTg2ODA1ZmQ0OWRmNjJlYzNhYzU1ZDgzN2QxMDdhY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRFxvA7mCcof290QqWmf8w5wc77m
8V7jD0Ikwr8cxzYIUhaOiNvQvIrfajiAdzxf23duGA2IcJRxE87weNN6ZF/U06H9
q94/FsTmqaMGIpSYoOilf/761r+yqu/ZKXWRp+a1H8xF/IXiyx4B9GrRoqUYeO2R
cOsBP5G/S1w0bgmXP1OE4ZpzbdSsavjo+6UGJR4c0iBzik0dStHFPYDP4aDR0WXe
5amzcbUcVG0bLO1D3i1u+vqHyi8kqg3iaN9ryjJJaCfQhWU0rKlggC5FoDP7GBGG
uKhTex1B+TLpwQRa37EomIJeF+sAO4p4G0zDNHoLf+t2FuZwVuSEw7SrqwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFKDxllmGgF/UnfYuw6xV2DfRB6y2MB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvb1BHV1dZYUFYOVNkOWk3RHJGWFlOOUVIckxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jAkBAIAATAeAwQCLZ1A
AwQDXnxAAwQDsvgwAwQCuS3QAwQCubucMIGtBAIAAjCBpgMHACoCKJAAAAMHACoC
KJDv/zASAwcAKgIokP//AwcAKgIokQACAwcAKgIokQAEAwcAKgIokQAJAwcCKgIo
kQAQMBIDBwAqAiiRABUDBwAqAiiRABYDBwEqAiiRABgDBwAqAiiRACkDBwAqAiiR
AP8DBwAqAiiRAVcDBwAqAiiRAWADBwAqAiiSADIDBwAqAiiSAEADBwAqAiiSAFMD
BwAqAiiTAVgwDQYJKoZIhvcNAQELBQADggEBABOrP03y6qqwLouMLxrmDcP8uw7p
6qkZ8q2COTcxfSeVQbBptgLjJ/nJAjipSqsppIPyH3FqhivCQgoTwdX+upBlcNQc
b7iDrb5JCza8DJeKjeGEOrmKwAKFFAVoP/e3Qs6l/LGKkwkNDzgeaU5OCTBE7aMR
4R0azXmUUMJB8CiNJ9mvdZDW+LKUMwcAyphH3Rbsybv0814p+HtCr4BhS5eFLUBS
NYeQED1Zql9+WXD52Mnk4P7DnqkdkGcKWp5Ib9JcVADS9nqQJO1P0N9jHVMLZKfM
5egs4vy3icqjIVU+EEq/1QIMdXrAOvazhNAPR5GNpjkDI3ONbPpA+z5Xxa4=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:25:31 2026 by rpki-client