Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OK0tBLA4-Zp2LE4g7MYt6fF3XkA.roa
File: OK0tBLA4-Zp2LE4g7MYt6fF3XkA.roa (raw, json)
Hash identifier: GFM4OAYrKlcNRG2RS0+VNwcdh+w4DVuSw6kYhv6VE5w=
Subject key identifier: 38:AD:2D:04:B0:38:F9:9A:76:2C:4E:20:EC:C6:2D:E9:F1:77:5E:40
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D061BAC5EE5A5E39D903AA15712B8BE6F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OK0tBLA4-Zp2LE4g7MYt6fF3XkA.roa
Signing time: Thu 19 Mar 2026 12:39:30 +0000
ROA not before: Thu 19 Mar 2026 12:39:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200823
IP address blocks: 45.12.62.0/24 maxlen: 24
45.131.214.0/24 maxlen: 24
45.151.106.0/24 maxlen: 24
103.227.84.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:1b:ac:5e:e5:a5:e3:9d:90:3a:a1:57:12:b8:be:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 19 12:39:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38ad2d04b038f99a762c4e20ecc62de9f1775e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f1:1a:d4:81:a4:0f:74:c8:a5:d7:93:8b:b2:
06:bc:b0:8a:97:5a:e4:8a:32:e4:98:fb:f5:07:27:
89:b4:fa:c2:47:69:f5:c7:b1:a9:89:5a:e5:82:5d:
e9:b1:e1:9d:44:95:0c:b4:ef:8f:00:31:2b:64:42:
34:2e:90:73:80:32:c4:4d:32:0f:60:e9:5c:2f:50:
37:75:b3:fc:16:3b:8c:07:c1:b8:0b:34:26:9f:d3:
f5:fe:46:4a:44:eb:87:93:45:f0:e3:1a:72:70:dd:
21:01:5d:07:b8:37:87:9d:dc:10:79:d8:af:d7:ef:
8d:0e:6f:b2:51:a3:68:3d:9c:0d:1f:af:42:23:03:
ff:ef:5f:ec:0b:4b:57:36:3d:9d:6c:98:d0:81:25:
c1:03:72:4e:24:08:bb:2e:07:b7:e1:c0:dd:c8:00:
03:d6:3e:b5:c8:30:e6:57:41:a7:0d:a0:ae:cc:e0:
d6:27:95:6c:0f:80:4a:74:3c:b3:26:74:f5:f1:5d:
d7:32:07:81:e4:53:0e:4a:14:c3:99:8e:ad:11:32:
7a:3e:d6:e3:85:a4:9f:f3:96:51:05:df:24:67:5d:
d7:ab:a9:cb:17:52:13:77:a1:69:45:e5:fb:4e:91:
4c:f6:b5:12:40:19:73:2c:ec:38:34:bd:69:e4:35:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AD:2D:04:B0:38:F9:9A:76:2C:4E:20:EC:C6:2D:E9:F1:77:5E:40
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OK0tBLA4-Zp2LE4g7MYt6fF3XkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.62.0/24
45.131.214.0/24
45.151.106.0/24
103.227.84.0/24
194.33.61.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:1c:33:e9:38:03:b7:e3:7c:f5:d0:32:79:08:df:a4:80:89:
b8:f2:d9:18:ca:7b:3b:bb:20:bb:1d:2c:76:dc:fc:b5:2e:2a:
1b:5e:ff:67:55:b9:89:9a:d4:a9:f2:ad:b4:20:a9:e0:f1:74:
20:5b:6d:2f:f3:00:a2:b6:8c:88:c2:c6:28:ec:85:fe:30:ef:
55:c8:2e:17:91:5f:b9:4f:55:6b:91:34:f8:c1:e8:d3:d3:a8:
54:e5:2f:8d:3a:63:32:06:93:9f:0e:2f:8a:2a:b8:43:60:30:
1c:4a:45:31:4a:89:b3:4b:80:db:d6:82:f4:cb:17:fc:b8:4e:
1a:7b:1e:fd:9c:fe:d7:51:05:05:44:3b:75:1d:75:d4:b9:dd:
1c:8f:db:d2:a4:dd:7a:9e:03:69:99:6a:43:0a:58:d5:d6:86:
80:27:49:d3:f8:72:e2:b8:d6:2e:cc:0a:85:2f:e2:ff:56:77:
ef:6e:c3:2c:e5:67:89:9f:0b:bd:db:77:30:4b:66:f2:ff:2c:
da:1a:24:f4:0c:83:84:b9:38:be:ca:c6:a0:db:23:07:60:5c:
45:7e:c1:fa:e4:8f:ce:6b:50:9f:b1:eb:5e:ed:c9:13:92:b4:
e1:f6:d5:61:fb:94:09:dc:f7:1e:06:3e:35:cb:67:bb:88:1e:
bd:67:5c:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0GG6xe5aXjnZA6oVcSuL5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzE5MTIzOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFkMmQwNGIwMzhmOTlhNzYyYzRlMjBlY2M2MmRlOWYxNzc1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvEa1IGkD3TIpdeTi7IGvLCKl1rk
ijLkmPv1ByeJtPrCR2n1x7GpiVrlgl3pseGdRJUMtO+PADErZEI0LpBzgDLETTIP
YOlcL1A3dbP8FjuMB8G4CzQmn9P1/kZKROuHk0Xw4xpycN0hAV0HuDeHndwQediv
1++NDm+yUaNoPZwNH69CIwP/71/sC0tXNj2dbJjQgSXBA3JOJAi7Lge34cDdyAAD
1j61yDDmV0GnDaCuzODWJ5VsD4BKdDyzJnT18V3XMgeB5FMOShTDmY6tETJ6Ptbj
haSf85ZRBd8kZ13Xq6nLF1ITd6FpReX7TpFM9rUSQBlzLOw4NL1p5DXzAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDitLQSwOPmadixOIOzGLenxd15AMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT0swdEJMQTQtWnAyTEU0ZzdNWXQ2ZkYzWGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQw+AwQA
LYPWAwQALZdqAwQAZ+NUAwQAwiE9MA0GCSqGSIb3DQEBCwUAA4IBAQCkHDPpOAO3
43z10DJ5CN+kgIm48tkYyns7uyC7HSx23Py1LiobXv9nVbmJmtSp8q20IKng8XQg
W20v8wCitoyIwsYo7IX+MO9VyC4XkV+5T1VrkTT4wejT06hU5S+NOmMyBpOfDi+K
KrhDYDAcSkUxSomzS4Db1oL0yxf8uE4aex79nP7XUQUFRDt1HXXUud0cj9vSpN16
ngNpmWpDCljV1oaAJ0nT+HLiuNYuzAqFL+L/VnfvbsMs5WeJnwu923cwS2by/yza
GiT0DIOEuTi+ysag2yMHYFxFfsH65I/Oa1Cfsete7ckTkrTh9tVh+5QJ3PceBj41
y2e7iB69Z1xN
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:47:47 2026 by rpki-client