Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0oCwLTn_fpDovX5Ee5lerZQP6rc.roa
File: 0oCwLTn_fpDovX5Ee5lerZQP6rc.roa (raw, json)
Hash identifier: z3/aqffUTtj4BMsDojGQtI+kf4ZBNlcD3msxeaERcWM=
Subject key identifier: D2:80:B0:2D:39:FF:7E:90:E8:BD:7E:44:7B:99:5E:AD:94:0F:EA:B7
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019D1B7F94DE35D9F7E988F091362532A645
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0oCwLTn_fpDovX5Ee5lerZQP6rc.roa
Signing time: Mon 23 Mar 2026 16:20:39 +0000
ROA not before: Mon 23 Mar 2026 16:20:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39838
IP address blocks: 89.42.112.0/23 maxlen: 23
141.136.56.0/21 maxlen: 21
201.77.54.0/24 maxlen: 24
217.26.188.0/22 maxlen: 22
217.76.247.0/24 maxlen: 24
2a0a:e9c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:7f:94:de:35:d9:f7:e9:88:f0:91:36:25:32:a6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 23 16:20:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d280b02d39ff7e90e8bd7e447b995ead940feab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:b8:6a:4f:a3:d7:1e:63:d0:5a:e8:e9:cf:
d9:0f:fe:1f:88:6c:88:31:08:ee:61:42:7c:20:dd:
36:08:fc:0d:b2:08:ef:30:e7:75:b3:69:e8:cb:62:
53:dd:b7:65:ea:2b:03:48:11:96:dd:0e:0f:8a:62:
80:e1:55:d6:fb:8a:61:c9:ba:73:cd:ad:a0:c1:13:
ed:e7:7c:19:55:c7:c4:e7:8c:cc:49:f7:25:c0:c6:
cc:cf:63:b1:09:8a:10:1d:0e:62:92:dc:10:ca:4c:
b7:cf:89:6c:a3:ff:a0:d8:14:e2:48:9a:62:79:46:
a1:11:da:8e:ee:d3:bc:43:3c:43:26:2a:c2:b5:8e:
37:06:8d:ab:b8:3b:c0:b3:ca:fe:00:9f:5c:9a:87:
b7:76:e2:98:af:7a:0e:c1:e8:e0:14:25:17:18:11:
1a:c7:94:d6:c8:20:23:8d:00:ec:e3:e4:d2:82:a5:
77:cc:ac:53:0d:37:5d:24:9e:44:63:36:bc:3e:66:
c5:cb:f8:50:e5:7c:0f:b7:da:cd:87:3f:f8:89:86:
fa:b7:64:b3:78:75:2b:03:5f:ef:8e:89:ff:73:f8:
40:e9:5a:80:8a:80:03:8f:2d:a2:35:10:47:ae:1c:
9c:6e:8b:e7:99:2d:c3:77:6d:75:5c:ac:11:88:e7:
00:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:80:B0:2D:39:FF:7E:90:E8:BD:7E:44:7B:99:5E:AD:94:0F:EA:B7
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0oCwLTn_fpDovX5Ee5lerZQP6rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.112.0/23
141.136.56.0/21
201.77.54.0/24
217.26.188.0/22
217.76.247.0/24
IPv6:
2a0a:e9c3::/32
Signature Algorithm: sha256WithRSAEncryption
9d:20:a1:dc:41:59:8e:5e:b3:26:20:a7:00:b0:03:e6:2f:da:
7c:37:ad:e7:74:72:a7:76:73:16:25:01:ab:df:04:b5:2d:0f:
10:38:3e:ff:b5:b1:e3:13:8b:b9:eb:d5:8b:57:b1:3e:33:78:
f2:86:41:a7:37:06:59:0e:86:4d:65:80:36:88:59:0c:98:12:
79:26:d7:0a:fe:f9:9d:8f:0a:6e:a1:a9:46:91:61:90:d0:8e:
d8:fa:7b:ab:9f:7a:dc:1f:bb:e4:47:ed:9a:bf:ce:a0:e6:a6:
22:26:ad:91:16:cc:38:fb:ae:9e:16:45:d9:df:74:94:eb:24:
84:b2:6d:47:f0:94:3a:94:89:64:93:d7:9d:28:ef:4e:b8:2a:
7a:c4:5e:49:ca:3c:5b:1d:68:62:b5:7b:8f:e7:a7:17:70:70:
61:50:7f:9e:ba:3d:df:6c:b5:59:89:37:8c:c7:de:99:f8:d0:
68:4a:f0:16:c7:7b:76:e3:34:b9:ed:be:25:28:d4:58:9a:81:
eb:42:72:8f:ea:4b:0f:47:86:ee:b3:c5:7e:4b:b9:27:59:8d:
83:0b:40:19:43:fc:e9:65:1c:e1:df:50:93:ad:57:1a:48:18:
59:e8:84:56:3f:38:59:18:67:95:1d:77:b1:97:86:b1:20:2a:
2e:fe:9c:b6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ0bf5TeNdn36YjwkTYlMqZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzIzMTYyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjgwYjAyZDM5ZmY3ZTkwZThiZDdlNDQ3Yjk5NWVhZDk0MGZlYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3i4ak+j1x5j0Fro6c/ZD/4fiGyI
MQjuYUJ8IN02CPwNsgjvMOd1s2noy2JT3bdl6isDSBGW3Q4PimKA4VXW+4phybpz
za2gwRPt53wZVcfE54zMSfclwMbMz2OxCYoQHQ5iktwQyky3z4lso/+g2BTiSJpi
eUahEdqO7tO8QzxDJirCtY43Bo2ruDvAs8r+AJ9cmoe3duKYr3oOwejgFCUXGBEa
x5TWyCAjjQDs4+TSgqV3zKxTDTddJJ5EYza8PmbFy/hQ5XwPt9rNhz/4iYb6t2Sz
eHUrA1/vjon/c/hA6VqAioADjy2iNRBHrhycbovnmS3Dd211XKwRiOcAVwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNKAsC05/36Q6L1+RHuZXq2UD+q3MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMG9Dd0xUbl9mcERvdlg1RWU1bGVyWlFQNnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBWSpwAwQD
jYg4AwQAyU02AwQC2Rq8AwQA2Uz3MA0EAgACMAcDBQAqCunDMA0GCSqGSIb3DQEB
CwUAA4IBAQCdIKHcQVmOXrMmIKcAsAPmL9p8N63ndHKndnMWJQGr3wS1LQ8QOD7/
tbHjE4u569WLV7E+M3jyhkGnNwZZDoZNZYA2iFkMmBJ5JtcK/vmdjwpuoalGkWGQ
0I7Y+nurn3rcH7vkR+2av86g5qYiJq2RFsw4+66eFkXZ33SU6ySEsm1H8JQ6lIlk
k9edKO9OuCp6xF5JyjxbHWhitXuP56cXcHBhUH+euj3fbLVZiTeMx96Z+NBoSvAW
x3t24zS57b4lKNRYmoHrQnKP6ksPR4bus8V+S7knWY2DC0AZQ/zpZRzh31CTrVca
SBhZ6IRWPzhZGGeVHXexl4axICou/py2
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:10 2026 by rpki-client