Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/oQkTgmqlbgv3fOLC_Lsa6jIcCqg.roa
File: oQkTgmqlbgv3fOLC_Lsa6jIcCqg.roa (raw, json)
Hash identifier: i8A3HhyaMbSyPiv5cD1eGMdTziL2WVoHeY0qTdrX25s=
Subject key identifier: A1:09:13:82:6A:A5:6E:0B:F7:7C:E2:C2:FC:BB:1A:EA:32:1C:0A:A8
Certificate issuer: /CN=e69e45a4481456148e2e00349d87aa57c56b24a0
Certificate serial: 019DAE8B2042EC35214BD5C19EA1AEF074C4
Authority key identifier: E6:9E:45:A4:48:14:56:14:8E:2E:00:34:9D:87:AA:57:C5:6B:24:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5p5FpEgUVhSOLgA0nYeqV8VrJKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/oQkTgmqlbgv3fOLC_Lsa6jIcCqg.roa
Signing time: Tue 21 Apr 2026 05:37:26 +0000
ROA not before: Tue 21 Apr 2026 05:37:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44894
IP address blocks: 89.21.76.0/24 maxlen: 24
89.21.77.0/24 maxlen: 24
91.193.128.0/22 maxlen: 22
91.193.128.0/23 maxlen: 23
91.193.128.0/24 maxlen: 24
91.193.129.0/24 maxlen: 24
91.193.130.0/23 maxlen: 23
91.193.130.0/24 maxlen: 24
91.193.131.0/24 maxlen: 24
91.203.60.0/22 maxlen: 22
91.203.60.0/23 maxlen: 23
91.203.60.0/24 maxlen: 24
91.203.61.0/24 maxlen: 24
91.203.62.0/23 maxlen: 23
91.203.62.0/24 maxlen: 24
91.203.63.0/24 maxlen: 24
91.247.76.0/24 maxlen: 24
193.150.49.0/24 maxlen: 24
194.107.230.0/23 maxlen: 23
194.107.230.0/24 maxlen: 24
194.107.231.0/24 maxlen: 24
194.110.2.0/23 maxlen: 23
194.110.2.0/24 maxlen: 24
194.110.3.0/24 maxlen: 24
194.150.104.0/23 maxlen: 23
194.150.104.0/24 maxlen: 24
194.150.105.0/24 maxlen: 24
194.150.106.0/24 maxlen: 24
2001:67c:2f2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/5p5FpEgUVhSOLgA0nYeqV8VrJKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/5p5FpEgUVhSOLgA0nYeqV8VrJKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5p5FpEgUVhSOLgA0nYeqV8VrJKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ae:8b:20:42:ec:35:21:4b:d5:c1:9e:a1:ae:f0:74:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e69e45a4481456148e2e00349d87aa57c56b24a0
Validity
Not Before: Apr 21 05:37:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a10913826aa56e0bf77ce2c2fcbb1aea321c0aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bb:04:4b:d8:e0:98:bd:cd:49:a8:9d:5b:37:
71:eb:e0:ff:49:8f:bd:f3:0f:71:93:78:96:d1:74:
04:d6:0a:09:2e:24:c0:12:ce:91:2a:86:52:24:e1:
4a:1d:8a:73:a7:05:14:dc:f1:09:1c:bb:91:66:da:
8b:d2:32:fc:cd:35:17:74:e4:66:38:b8:5b:ae:31:
11:71:b6:00:9b:fd:73:82:2f:bd:3d:f9:39:ec:fe:
e9:ca:2e:dd:3c:ff:3c:6a:d3:3b:e9:43:5b:53:9f:
07:27:ee:60:c0:83:9b:e0:ca:fe:3d:b4:46:58:d0:
3b:ab:c2:fc:f0:0a:c4:50:e8:b8:9e:8a:0d:30:09:
76:e3:8f:5f:aa:98:09:46:c3:cc:bf:b6:30:71:a7:
8d:1e:65:f5:5d:68:d9:08:58:ae:90:94:e6:f8:e8:
2e:64:8c:6f:6d:42:a5:8b:e4:6b:f0:4f:32:72:56:
3e:ef:82:9f:d0:e7:55:08:43:f3:c9:a1:2d:4a:64:
5f:23:0e:b0:1d:34:ba:5f:73:ca:2d:32:b4:98:0e:
13:dd:b0:62:d2:c5:e0:97:04:cd:bc:8d:e6:b5:82:
13:8c:cd:f2:5b:bd:20:c7:95:dd:d3:3c:22:04:4b:
e8:b2:25:ee:9a:7a:0a:f7:9f:8c:31:47:07:5a:ed:
a2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:09:13:82:6A:A5:6E:0B:F7:7C:E2:C2:FC:BB:1A:EA:32:1C:0A:A8
X509v3 Authority Key Identifier:
keyid:E6:9E:45:A4:48:14:56:14:8E:2E:00:34:9D:87:AA:57:C5:6B:24:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5p5FpEgUVhSOLgA0nYeqV8VrJKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/oQkTgmqlbgv3fOLC_Lsa6jIcCqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/5p5FpEgUVhSOLgA0nYeqV8VrJKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.76.0/23
91.193.128.0/22
91.203.60.0/22
91.247.76.0/24
193.150.49.0/24
194.107.230.0/23
194.110.2.0/23
194.150.104.0-194.150.106.255
IPv6:
2001:67c:2f2c::/48
Signature Algorithm: sha256WithRSAEncryption
50:43:54:04:42:13:7a:17:6f:00:91:2a:3e:e5:f0:56:f4:7b:
f2:c6:65:a3:bc:30:8b:20:04:06:79:22:60:57:f4:2e:a0:e0:
6b:e5:d5:b9:46:53:e1:cb:8e:95:9c:b3:e3:0e:87:3b:77:99:
24:39:da:44:5b:14:ac:a4:00:82:ae:f8:4f:fb:03:b1:c0:4c:
1d:03:22:df:3e:28:c3:e3:e0:01:89:97:3b:2a:f9:da:b0:54:
69:e3:33:34:fb:c2:8b:57:2e:90:07:99:ea:41:70:9f:14:ab:
89:69:e0:4f:61:3b:f3:b7:70:a9:f5:db:45:a0:01:99:69:7b:
11:5e:1a:a0:24:58:ce:5d:be:c3:ac:0a:a4:2a:1e:85:9d:3a:
d4:97:bf:c1:6f:c6:8b:b4:73:9b:ba:34:8c:48:36:bb:9b:ca:
0f:27:cd:06:36:bd:e9:48:6d:16:97:6f:70:d3:15:56:bf:ce:
ca:6b:47:f9:48:19:75:5f:a7:f3:ab:92:90:b2:24:a2:7f:f1:
3a:0e:8c:dc:65:bb:0e:ab:f2:e0:38:41:32:82:ff:c9:bf:b4:
e8:d0:e1:2c:3e:9c:59:27:37:57:3e:3f:cb:ad:a5:c3:68:3c:
3f:bf:25:76:84:d4:41:67:92:58:1f:cb:56:49:f2:b2:55:16:
ab:9e:fe:15
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZ2uiyBC7DUhS9XBnqGu8HTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OWU0NWE0NDgxNDU2MTQ4ZTJlMDAzNDlkODdhYTU3YzU2
YjI0YTAwHhcNMjYwNDIxMDUzNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA5MTM4MjZhYTU2ZTBiZjc3Y2UyYzJmY2JiMWFlYTMyMWMwYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47sES9jgmL3NSaidWzdx6+D/SY+9
8w9xk3iW0XQE1goJLiTAEs6RKoZSJOFKHYpzpwUU3PEJHLuRZtqL0jL8zTUXdORm
OLhbrjERcbYAm/1zgi+9Pfk57P7pyi7dPP88atM76UNbU58HJ+5gwIOb4Mr+PbRG
WNA7q8L88ArEUOi4nooNMAl2449fqpgJRsPMv7YwcaeNHmX1XWjZCFiukJTm+Ogu
ZIxvbUKli+Rr8E8yclY+74Kf0OdVCEPzyaEtSmRfIw6wHTS6X3PKLTK0mA4T3bBi
0sXglwTNvI3mtYITjM3yW70gx5Xd0zwiBEvosiXumnoK95+MMUcHWu2i0QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFKEJE4JqpW4L93ziwvy7GuoyHAqoMB8GA1UdIwQY
MBaAFOaeRaRIFFYUji4ANJ2HqlfFaySgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXA1RnBFZ1VWaFNPTGdBMG5ZZXFWOFZySktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi80NGQ1OWUtZGM3Yi00ZDJjLWJhNDUt
NGE5MWZhYmQ4YThlLzEvb1FrVGdtcWxiZ3YzZk9MQ19Mc2E2akljQ3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi80NGQ1OWUtZGM3Yi00ZDJjLWJhNDUtNGE5MWZhYmQ4YThl
LzEvNXA1RnBFZ1VWaFNPTGdBMG5ZZXFWOFZySktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQBWRVMAwQC
W8GAAwQCW8s8AwQAW/dMAwQAwZYxAwQBwmvmAwQBwm4CMAwDBAPClmgDBADClmow
DwQCAAIwCQMHACABBnwvLDANBgkqhkiG9w0BAQsFAAOCAQEAUENUBEITehdvAJEq
PuXwVvR78sZlo7wwiyAEBnkiYFf0LqDga+XVuUZT4cuOlZyz4w6HO3eZJDnaRFsU
rKQAgq74T/sDscBMHQMi3z4ow+PgAYmXOyr52rBUaeMzNPvCi1cukAeZ6kFwnxSr
iWngT2E787dwqfXbRaABmWl7EV4aoCRYzl2+w6wKpCoehZ061Je/wW/Gi7Rzm7o0
jEg2u5vKDyfNBja96UhtFpdvcNMVVr/OymtH+UgZdV+n86uSkLIkon/xOg6M3GW7
Dqvy4DhBMoL/yb+06NDhLD6cWSc3Vz4/y62lw2g8P78ldoTUQWeSWB/LVknyslUW
q57+FQ==
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:34 2026 by rpki-client