Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/5ota0RfhjZz2hNNE6eZISPQx9aY.roa
File: 5ota0RfhjZz2hNNE6eZISPQx9aY.roa (raw, json)
Hash identifier: 2LChLKKq1XMWPsCrL3MehZ/KDhh1BEtuZKbswEOScV8=
Subject key identifier: E6:8B:5A:D1:17:E1:8D:9C:F6:84:D3:44:E9:E6:48:48:F4:31:F5:A6
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 019D29855B96821604DD26DD1996D00EE850
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/5ota0RfhjZz2hNNE6eZISPQx9aY.roa
Signing time: Thu 26 Mar 2026 09:41:38 +0000
ROA not before: Thu 26 Mar 2026 09:41:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17497
IP address blocks: 185.63.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:85:5b:96:82:16:04:dd:26:dd:19:96:d0:0e:e8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Mar 26 09:41:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e68b5ad117e18d9cf684d344e9e64848f431f5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:23:4d:15:d0:d0:f4:f0:86:aa:b6:3e:3b:
01:d9:e6:be:5a:33:6c:8b:f1:b3:d6:b4:0b:f9:84:
fb:03:25:27:31:2c:d4:e3:cd:3f:8c:94:24:93:dc:
c0:c7:47:4f:8e:d2:71:b5:40:4f:c7:b4:f1:cc:76:
3c:80:bd:b1:c2:83:d8:29:7c:51:c8:d4:ee:3c:47:
fd:2d:d5:b7:ea:16:78:59:35:86:d6:03:ee:f3:20:
d5:8b:b5:e2:fa:07:f3:82:38:b3:65:d8:7f:77:0a:
bb:60:48:b3:fd:9b:29:dd:74:4c:b6:a2:01:2e:d8:
f0:bd:99:0f:65:fe:43:9e:5a:08:79:7d:bb:8f:d9:
99:8d:3d:44:cb:22:e2:99:dc:28:9d:e4:68:39:a4:
a5:39:24:d8:3d:31:bd:ae:d8:84:e9:7a:30:02:0a:
86:c9:5b:cc:0b:8e:53:2b:ea:4f:0c:ad:b7:1c:6d:
f4:d7:2e:c0:95:f3:dd:e1:2f:a8:a4:57:1e:98:f4:
1c:bd:43:6a:6c:06:3a:58:c8:bd:12:59:de:30:80:
98:4b:22:89:00:4a:6d:c9:61:4b:a6:e8:6d:7a:ba:
aa:2d:0e:14:95:6c:b2:9d:bd:9c:d1:bf:51:d7:46:
95:a5:da:8f:db:13:f9:08:6e:57:f2:7e:f8:77:64:
87:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8B:5A:D1:17:E1:8D:9C:F6:84:D3:44:E9:E6:48:48:F4:31:F5:A6
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/5ota0RfhjZz2hNNE6eZISPQx9aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.35.0/24
Signature Algorithm: sha256WithRSAEncryption
45:a5:a5:4b:ab:e3:94:50:09:da:42:a8:9a:d3:c7:73:12:6e:
9d:26:ca:04:53:be:ce:35:0a:12:55:46:e9:d3:7e:6c:61:6b:
f1:14:b1:5d:d9:47:29:27:da:be:e5:95:23:c5:da:9e:4d:d2:
b8:5c:fa:83:88:c6:76:50:1c:e1:09:5e:fc:ab:2f:fb:93:71:
ab:a7:c0:1a:ac:53:74:d9:44:f1:a9:58:14:85:69:b3:3c:eb:
28:be:93:47:ad:1b:2d:92:3c:be:ca:13:62:27:f7:64:94:38:
66:99:7e:fa:f5:fa:e9:07:6e:43:8f:a6:9c:6b:47:06:c7:34:
13:8d:09:bf:65:84:e9:64:83:36:05:41:1f:2a:5f:60:f8:29:
88:2f:83:73:3b:25:f2:9d:79:41:d7:f9:63:5d:26:3b:d0:d4:
59:bd:55:d8:16:fb:7c:49:25:1f:f5:05:5f:2f:05:f7:55:8d:
de:aa:d2:03:27:3a:5b:39:bd:50:4e:21:2d:d4:18:46:f6:8b:
b8:08:3a:e1:15:84:1e:17:d6:84:69:f3:b9:07:9f:fc:ca:93:
b0:37:54:3c:6f:48:f6:d3:74:68:57:54:14:70:cc:7d:11:61:
75:e9:2d:ca:3c:e4:1e:7d:9d:05:2c:15:69:17:e5:d1:72:e3:
5e:e1:80:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0phVuWghYE3SbdGZbQDuhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjYwMzI2MDk0MTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhiNWFkMTE3ZTE4ZDljZjY4NGQzNDRlOWU2NDg0OGY0MzFmNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX0jTRXQ0PTwhqq2PjsB2ea+WjNs
i/Gz1rQL+YT7AyUnMSzU480/jJQkk9zAx0dPjtJxtUBPx7TxzHY8gL2xwoPYKXxR
yNTuPEf9LdW36hZ4WTWG1gPu8yDVi7Xi+gfzgjizZdh/dwq7YEiz/Zsp3XRMtqIB
LtjwvZkPZf5DnloIeX27j9mZjT1EyyLimdwoneRoOaSlOSTYPTG9rtiE6XowAgqG
yVvMC45TK+pPDK23HG301y7AlfPd4S+opFcemPQcvUNqbAY6WMi9ElneMICYSyKJ
AEptyWFLpuhterqqLQ4UlWyynb2c0b9R10aVpdqP2xP5CG5X8n74d2SHrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaLWtEX4Y2c9oTTROnmSEj0MfWmMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvNW90YTBSZmhqWnoyaE5ORTZlWklTUFF4OWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8jMA0G
CSqGSIb3DQEBCwUAA4IBAQBFpaVLq+OUUAnaQqia08dzEm6dJsoEU77ONQoSVUbp
035sYWvxFLFd2UcpJ9q+5ZUjxdqeTdK4XPqDiMZ2UBzhCV78qy/7k3Grp8AarFN0
2UTxqVgUhWmzPOsovpNHrRstkjy+yhNiJ/dklDhmmX769frpB25Dj6aca0cGxzQT
jQm/ZYTpZIM2BUEfKl9g+CmIL4NzOyXynXlB1/ljXSY70NRZvVXYFvt8SSUf9QVf
LwX3VY3eqtIDJzpbOb1QTiEt1BhG9ou4CDrhFYQeF9aEafO5B5/8ypOwN1Q8b0j2
03RoV1QUcMx9EWF16S3KPOQefZ0FLBVpF+XRcuNe4YDY
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:20:39 2026 by rpki-client