Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OGy-yxhGvPOHVpqAvkTOEAYf3Hc.roa
File: OGy-yxhGvPOHVpqAvkTOEAYf3Hc.roa (raw, json)
Hash identifier: MO74xsVhfJOdRWQEMviSmWs8/l26gxa6X1SGqzjvYMQ=
Subject key identifier: 38:6C:BE:CB:18:46:BC:F3:87:56:9A:80:BE:44:CE:10:06:1F:DC:77
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D06FA26A9F1DBC1E1B10BE51AD2D9B326
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OGy-yxhGvPOHVpqAvkTOEAYf3Hc.roa
Signing time: Thu 19 Mar 2026 16:42:30 +0000
ROA not before: Thu 19 Mar 2026 16:42:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 77.93.140.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
217.144.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:fa:26:a9:f1:db:c1:e1:b1:0b:e5:1a:d2:d9:b3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 19 16:42:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=386cbecb1846bcf387569a80be44ce10061fdc77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:f7:2c:dd:bf:51:3a:96:6b:f9:b9:b9:91:
24:0d:e9:21:14:64:0d:ad:ab:b5:db:47:04:59:15:
04:77:2b:ca:41:1b:bf:22:7f:3e:55:07:b6:33:7f:
ad:49:1a:37:3b:f3:d3:7d:cf:1c:a9:cf:01:81:8f:
84:29:b3:e2:81:23:1c:be:ea:3c:33:d9:f5:ca:70:
80:f5:f1:3d:c5:4d:f9:94:24:46:45:52:59:13:5e:
22:b3:9c:82:47:65:02:9f:07:9a:bc:13:77:cd:e9:
6e:2f:a0:46:99:03:de:16:48:1f:9e:2f:16:85:bd:
19:3b:95:cb:51:3b:7c:87:40:eb:b9:d8:c8:40:9c:
2c:99:f5:8c:c2:e0:74:da:1f:8a:07:f4:4a:f1:85:
d4:76:35:60:89:d8:a4:22:00:20:fe:c6:33:39:84:
99:0b:26:d0:91:70:9d:11:27:76:88:d6:a0:4e:ea:
1c:6a:37:65:2e:cd:a1:e0:49:d4:2e:d1:16:b5:99:
d6:a6:81:ff:61:02:21:6d:7d:35:e5:29:d0:51:4a:
d7:90:c3:08:2c:be:81:f9:3b:fc:f7:6b:ca:9d:3f:
4a:d4:ec:38:b2:13:a2:5b:f0:02:a0:70:09:a9:66:
ef:b0:10:42:b2:b9:ac:a1:2c:e9:0b:24:c5:f4:51:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6C:BE:CB:18:46:BC:F3:87:56:9A:80:BE:44:CE:10:06:1F:DC:77
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OGy-yxhGvPOHVpqAvkTOEAYf3Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.140.0/24
82.163.0.0/24
185.49.124.0/23
217.144.153.0/24
Signature Algorithm: sha256WithRSAEncryption
43:dc:19:f7:a2:af:90:e2:df:c3:1a:87:54:b7:a1:a4:9c:c0:
1d:8c:38:b1:95:df:0b:1f:74:d5:b2:74:8e:8d:5f:4f:fa:ae:
5b:8a:81:df:f0:6e:c7:49:cc:2c:96:41:6a:49:95:d3:16:33:
d4:8b:76:6c:b4:c9:2d:23:73:c6:e8:7e:e4:16:05:3d:2a:98:
ba:14:ba:7a:0a:80:b0:f3:e2:54:af:e3:bf:c6:f5:24:8d:d5:
58:8d:12:5b:79:fd:58:1d:0e:2c:ee:87:3e:8e:ac:fd:bd:24:
0c:59:10:20:7b:00:9c:a4:13:85:21:c3:ce:46:8d:7a:3f:a9:
6e:20:df:3e:83:93:26:10:4c:79:30:b9:ca:ff:9c:2c:c6:3b:
b8:eb:3a:7e:d3:5c:be:43:d2:32:df:d5:e8:75:01:d3:37:7c:
77:8a:9d:d3:68:fa:0f:38:39:99:da:9a:43:96:f8:ff:ee:53:
19:50:e8:2a:7b:1e:24:f5:2d:aa:f9:22:db:0c:07:9c:31:e7:
3c:90:b1:03:32:a2:87:0b:b3:6c:14:b2:f8:64:94:e0:61:e2:
a3:3f:ab:a1:bf:a8:62:3f:f7:d4:81:32:be:a9:ac:01:40:78:
73:ed:e7:24:d5:42:73:25:4a:26:c9:ea:79:f5:58:4b:96:2f:
53:08:c0:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0G+iap8dvB4bEL5RrS2bMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzE5MTY0MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZjYmVjYjE4NDZiY2YzODc1NjlhODBiZTQ0Y2UxMDA2MWZkYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oz3LN2/UTqWa/m5uZEkDekhFGQN
rau120cEWRUEdyvKQRu/In8+VQe2M3+tSRo3O/PTfc8cqc8BgY+EKbPigSMcvuo8
M9n1ynCA9fE9xU35lCRGRVJZE14is5yCR2UCnweavBN3zeluL6BGmQPeFkgfni8W
hb0ZO5XLUTt8h0DrudjIQJwsmfWMwuB02h+KB/RK8YXUdjVgidikIgAg/sYzOYSZ
CybQkXCdESd2iNagTuocajdlLs2h4EnULtEWtZnWpoH/YQIhbX015SnQUUrXkMMI
LL6B+Tv892vKnT9K1Ow4shOiW/ACoHAJqWbvsBBCsrmsoSzpCyTF9FEh/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDhsvssYRrzzh1aagL5EzhAGH9x3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT0d5LXl4aEd2UE9IVnBxQXZrVE9FQVlmM0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2MAwQA
UqMAAwQBuTF8AwQA2ZCZMA0GCSqGSIb3DQEBCwUAA4IBAQBD3Bn3oq+Q4t/DGodU
t6GknMAdjDixld8LH3TVsnSOjV9P+q5bioHf8G7HScwslkFqSZXTFjPUi3ZstMkt
I3PG6H7kFgU9Kpi6FLp6CoCw8+JUr+O/xvUkjdVYjRJbef1YHQ4s7oc+jqz9vSQM
WRAgewCcpBOFIcPORo16P6luIN8+g5MmEEx5MLnK/5wsxju46zp+01y+Q9Iy39Xo
dQHTN3x3ip3TaPoPODmZ2ppDlvj/7lMZUOgqex4k9S2q+SLbDAecMec8kLEDMqKH
C7NsFLL4ZJTgYeKjP6uhv6hiP/fUgTK+qawBQHhz7eck1UJzJUomyep59VhLli9T
CMAI
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:32 2026 by rpki-client