Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/OPe7lv08wkeFNGsC5xI0Ye-tyS4.roa
File: OPe7lv08wkeFNGsC5xI0Ye-tyS4.roa (raw, json)
Hash identifier: 9PRV/BDVo/xjAGp+LIYowfzpqr3ir5eopm9m/HkpD54=
Subject key identifier: 38:F7:BB:96:FD:3C:C2:47:85:34:6B:02:E7:12:34:61:EF:AD:C9:2E
Certificate issuer: /CN=f6090b4db06a4d65935141bac98098127a8b8f5a
Certificate serial: 019DF32A9BEC940D09D433886625A1782984
Authority key identifier: F6:09:0B:4D:B0:6A:4D:65:93:51:41:BA:C9:80:98:12:7A:8B:8F:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9gkLTbBqTWWTUUG6yYCYEnqLj1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/OPe7lv08wkeFNGsC5xI0Ye-tyS4.roa
Signing time: Mon 04 May 2026 13:25:49 +0000
ROA not before: Mon 04 May 2026 13:25:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200514
IP address blocks: 77.81.120.0/24 maxlen: 24
77.81.121.0/24 maxlen: 24
91.208.113.0/24 maxlen: 24
185.66.140.0/24 maxlen: 24
185.66.141.0/24 maxlen: 24
185.66.142.0/24 maxlen: 24
185.66.143.0/24 maxlen: 24
185.192.125.0/24 maxlen: 24
185.192.126.0/24 maxlen: 24
185.192.127.0/24 maxlen: 24
194.145.208.0/24 maxlen: 24
194.145.209.0/24 maxlen: 24
213.109.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/9gkLTbBqTWWTUUG6yYCYEnqLj1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/9gkLTbBqTWWTUUG6yYCYEnqLj1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/9gkLTbBqTWWTUUG6yYCYEnqLj1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:2a:9b:ec:94:0d:09:d4:33:88:66:25:a1:78:29:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6090b4db06a4d65935141bac98098127a8b8f5a
Validity
Not Before: May 4 13:25:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38f7bb96fd3cc24785346b02e7123461efadc92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5d:5f:14:db:be:eb:3f:79:8a:55:25:e3:51:
45:be:af:43:e5:7a:39:b1:a6:7d:de:44:e8:76:cf:
76:3f:e5:ca:d7:bb:40:d2:e4:a5:8c:ce:45:e8:54:
1b:ad:f8:a4:0d:71:4f:91:b1:b5:e9:ac:f2:d5:44:
95:92:3c:ec:78:59:93:f7:b4:a3:5b:e3:33:83:13:
0c:a6:2c:91:3f:08:df:03:35:ce:5d:60:bb:09:89:
8f:32:3d:f3:f7:6b:ce:7c:9e:f9:6b:79:c8:32:e8:
03:59:d9:5c:e9:cc:c9:08:58:67:67:58:00:1e:1d:
f5:ba:27:63:9d:21:c7:00:a9:55:ad:19:56:f3:ea:
55:e3:68:c3:f5:4d:f2:ac:a4:5e:d5:0e:cc:c3:3b:
d4:89:9c:f5:a9:44:e2:68:67:c5:3b:38:af:8f:96:
8b:70:b7:ad:7f:b2:3b:2c:9c:4e:90:60:65:f4:f3:
c3:14:67:34:92:c5:da:67:77:2d:25:19:d3:1a:8a:
ad:27:fe:e1:39:8c:59:15:c2:45:2a:ff:af:46:bd:
e0:34:28:1c:df:20:70:85:6a:10:a5:80:14:f4:83:
49:fb:50:77:bc:0c:75:71:02:6e:bd:b3:be:56:fc:
b1:71:22:02:11:20:e4:4f:cc:21:8a:59:fb:96:be:
bd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F7:BB:96:FD:3C:C2:47:85:34:6B:02:E7:12:34:61:EF:AD:C9:2E
X509v3 Authority Key Identifier:
keyid:F6:09:0B:4D:B0:6A:4D:65:93:51:41:BA:C9:80:98:12:7A:8B:8F:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9gkLTbBqTWWTUUG6yYCYEnqLj1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/OPe7lv08wkeFNGsC5xI0Ye-tyS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2dc7af-2c8c-457b-aeb0-4e1dc1505260/1/9gkLTbBqTWWTUUG6yYCYEnqLj1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.120.0/23
91.208.113.0/24
185.66.140.0/22
185.192.125.0-185.192.127.255
194.145.208.0/23
213.109.207.0/24
Signature Algorithm: sha256WithRSAEncryption
77:07:51:ef:a5:54:82:b2:4b:79:49:aa:1a:2d:66:88:d9:67:
67:dc:43:04:11:76:2d:be:64:9f:01:1d:8e:61:bd:36:d1:2d:
b5:1e:b5:da:73:71:d2:ba:aa:3f:57:c5:6a:9d:98:d4:66:ea:
a6:34:4f:00:c3:93:51:66:96:de:e8:b7:02:33:8e:da:cc:6c:
0d:6f:41:5c:f0:b5:04:43:5b:88:79:89:a7:07:03:73:96:73:
dc:93:d8:f2:31:6a:53:39:62:b1:f3:f9:56:68:47:f7:4e:30:
94:fc:2a:3b:9a:d3:76:a0:0c:7b:92:00:58:60:12:80:02:44:
25:e6:05:3d:5f:11:7a:92:7b:48:d2:67:20:01:c3:1a:e7:36:
62:2b:dc:13:b4:8d:78:7a:46:9a:73:d7:4d:3b:5f:61:9b:4a:
99:fa:cd:58:64:47:68:93:e8:17:15:a0:7e:55:c5:70:74:f1:
d1:a5:eb:53:21:d8:36:0b:36:c4:ff:11:02:c2:cb:5b:52:33:
bd:04:cb:53:fa:dd:c2:f1:37:f4:db:05:76:1c:28:4a:c9:d5:
ff:df:d0:16:14:97:9a:82:58:b2:b7:27:a1:5e:b9:a3:5a:e5:
ce:d7:cc:2c:a5:53:ac:9b:16:dd:97:99:c6:9e:2d:58:36:47:
10:e5:b4:23
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ3zKpvslA0J1DOIZiWheCmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDkwYjRkYjA2YTRkNjU5MzUxNDFiYWM5ODA5ODEyN2E4
YjhmNWEwHhcNMjYwNTA0MTMyNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGY3YmI5NmZkM2NjMjQ3ODUzNDZiMDJlNzEyMzQ2MWVmYWRjOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2F1fFNu+6z95ilUl41FFvq9D5Xo5
saZ93kTods92P+XK17tA0uSljM5F6FQbrfikDXFPkbG16azy1USVkjzseFmT97Sj
W+MzgxMMpiyRPwjfAzXOXWC7CYmPMj3z92vOfJ75a3nIMugDWdlc6czJCFhnZ1gA
Hh31uidjnSHHAKlVrRlW8+pV42jD9U3yrKRe1Q7MwzvUiZz1qUTiaGfFOzivj5aL
cLetf7I7LJxOkGBl9PPDFGc0ksXaZ3ctJRnTGoqtJ/7hOYxZFcJFKv+vRr3gNCgc
3yBwhWoQpYAU9INJ+1B3vAx1cQJuvbO+VvyxcSICESDkT8whiln7lr69EQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDj3u5b9PMJHhTRrAucSNGHvrckuMB8GA1UdIwQY
MBaAFPYJC02wak1lk1FBusmAmBJ6i49aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdrTFRiQnFUV1dUVVVHNnlZQ1lFbnFMajFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZGM3YWYtMmM4Yy00NTdiLWFlYjAt
NGUxZGMxNTA1MjYwLzEvT1BlN2x2MDh3a2VGTkdzQzV4STBZZS10eVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZGM3YWYtMmM4Yy00NTdiLWFlYjAtNGUxZGMxNTA1MjYw
LzEvOWdrTFRiQnFUV1dUVVVHNnlZQ1lFbnFMajFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBTVF4AwQA
W9BxAwQCuUKMMAwDBAC5wH0DBAe5wAADBAHCkdADBADVbc8wDQYJKoZIhvcNAQEL
BQADggEBAHcHUe+lVIKyS3lJqhotZojZZ2fcQwQRdi2+ZJ8BHY5hvTbRLbUetdpz
cdK6qj9XxWqdmNRm6qY0TwDDk1Fmlt7otwIzjtrMbA1vQVzwtQRDW4h5iacHA3OW
c9yT2PIxalM5YrHz+VZoR/dOMJT8Kjua03agDHuSAFhgEoACRCXmBT1fEXqSe0jS
ZyABwxrnNmIr3BO0jXh6Rppz1007X2GbSpn6zVhkR2iT6BcVoH5VxXB08dGl61Mh
2DYLNsT/EQLCy1tSM70Ey1P63cLxN/TbBXYcKErJ1f/f0BYUl5qCWLK3J6FeuaNa
5c7XzCylU6ybFt2XmcaeLVg2RxDltCM=
-----END CERTIFICATE-----
Generated at Wed May 13 01:42:19 2026 by rpki-client