Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/sOAijZZYpwie6wu7M4Wlx6kerB4.roa
File: sOAijZZYpwie6wu7M4Wlx6kerB4.roa (raw, json)
Hash identifier: H5sz+pWO9A1d2Sg5RORtCUGJSuWJhTFvhX/iRzLdtRM=
Subject key identifier: B0:E0:22:8D:96:58:A7:08:9E:EB:0B:BB:33:85:A5:C7:A9:1E:AC:1E
Certificate issuer: /CN=dceb394aae0836d34341f7ad319494765ab56b07
Certificate serial: 019E17C796D9C2205EA058982FEED5B0164D
Authority key identifier: DC:EB:39:4A:AE:08:36:D3:43:41:F7:AD:31:94:94:76:5A:B5:6B:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Os5Sq4INtNDQfetMZSUdlq1awc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/sOAijZZYpwie6wu7M4Wlx6kerB4.roa
Signing time: Mon 11 May 2026 16:03:36 +0000
ROA not before: Mon 11 May 2026 16:03:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 79.171.222.0/23 maxlen: 24
152.89.164.0/22 maxlen: 24
2a0c:ab40::/29 maxlen: 29
2a0c:ab40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/3Os5Sq4INtNDQfetMZSUdlq1awc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/3Os5Sq4INtNDQfetMZSUdlq1awc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Os5Sq4INtNDQfetMZSUdlq1awc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:c7:96:d9:c2:20:5e:a0:58:98:2f:ee:d5:b0:16:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dceb394aae0836d34341f7ad319494765ab56b07
Validity
Not Before: May 11 16:03:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0e0228d9658a7089eeb0bbb3385a5c7a91eac1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:72:64:b8:e4:00:cb:7b:f7:21:88:c5:b4:b6:
64:45:04:67:17:06:fd:db:67:0f:34:8a:a8:e6:92:
53:b5:61:82:f3:c3:e0:64:b8:f0:13:95:d8:af:30:
2f:09:de:2d:52:d6:c3:bf:dd:f2:29:52:69:4d:5c:
9e:e9:ef:26:31:8d:03:f0:28:9d:b6:1a:19:b5:01:
36:23:12:1e:29:36:f3:7f:68:2c:69:08:d2:15:24:
95:69:1d:fc:c5:af:a1:9c:31:77:17:08:dd:e9:26:
3a:84:db:61:cd:bc:a9:60:44:2e:bc:00:26:37:2a:
3b:2d:73:e3:2b:04:03:9f:4e:e2:b4:be:08:40:e2:
84:4f:3e:2c:79:ec:fc:30:2f:95:02:0d:39:df:34:
5d:7a:a3:43:5a:57:c4:3e:75:4c:69:87:d9:50:ff:
43:44:3a:6d:7e:4b:03:a0:a2:36:69:06:4e:6a:42:
73:8d:a7:c0:b4:f6:f4:5b:4e:70:25:21:cd:3d:28:
e5:2a:24:60:a2:a4:62:11:79:d1:bf:33:dd:5b:6e:
07:ff:8d:6a:53:3d:56:27:58:6f:4a:49:ba:c1:02:
dc:ff:67:b0:ba:17:5b:b8:83:de:2f:5e:36:41:85:
21:98:34:a8:8a:8e:97:2e:49:82:2c:6d:6d:43:b7:
a0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E0:22:8D:96:58:A7:08:9E:EB:0B:BB:33:85:A5:C7:A9:1E:AC:1E
X509v3 Authority Key Identifier:
keyid:DC:EB:39:4A:AE:08:36:D3:43:41:F7:AD:31:94:94:76:5A:B5:6B:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Os5Sq4INtNDQfetMZSUdlq1awc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/sOAijZZYpwie6wu7M4Wlx6kerB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b064f-b01a-4371-a44a-40c86b32eb22/1/3Os5Sq4INtNDQfetMZSUdlq1awc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.222.0/23
152.89.164.0/22
IPv6:
2a0c:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
47:bb:b4:60:00:22:1e:83:24:07:17:b8:2a:77:15:c3:da:c1:
fa:43:ae:7a:75:cd:b6:aa:9e:bd:e4:19:07:c8:28:43:15:8e:
c0:1c:c6:f9:a5:a2:d6:f3:61:4a:75:b7:32:1a:6f:38:d5:10:
bc:98:2a:67:ba:c7:a9:00:d6:2e:3e:92:cc:06:c3:a9:1b:d3:
4c:7e:f6:ef:18:6f:0f:0a:06:ec:94:e2:4d:97:5c:8e:ef:02:
96:58:b6:f1:9d:f1:ef:69:49:61:2b:3d:48:0b:b6:cc:9e:b3:
a8:9f:0b:b2:cf:99:40:d0:c7:09:53:07:d4:59:30:14:8f:28:
5c:f6:f6:b7:ce:60:9e:d1:06:81:44:06:78:eb:e9:89:42:77:
2b:16:4a:f2:13:ac:63:7a:5c:58:24:49:05:79:4c:af:6f:a1:
4a:79:4d:79:05:4d:4b:16:75:2b:1f:07:58:49:36:e1:0c:28:
78:52:65:4d:a8:4c:f6:4a:cb:d9:d4:82:6c:3c:a1:88:66:e1:
09:99:80:7f:3e:78:4a:b6:6a:63:72:a5:a0:64:d6:7b:ce:19:
22:07:e5:5e:57:fb:08:fb:36:dd:0e:fa:b9:bd:8f:44:e5:aa:
31:10:78:fa:4a:02:ce:14:8f:41:b4:84:1d:b4:6e:ec:b7:b4:
ce:0a:26:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ4Xx5bZwiBeoFiYL+7VsBZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWIzOTRhYWUwODM2ZDM0MzQxZjdhZDMxOTQ5NDc2NWFi
NTZiMDcwHhcNMjYwNTExMTYwMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUwMjI4ZDk2NThhNzA4OWVlYjBiYmIzMzg1YTVjN2E5MWVhYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XJkuOQAy3v3IYjFtLZkRQRnFwb9
22cPNIqo5pJTtWGC88PgZLjwE5XYrzAvCd4tUtbDv93yKVJpTVye6e8mMY0D8Cid
thoZtQE2IxIeKTbzf2gsaQjSFSSVaR38xa+hnDF3Fwjd6SY6hNthzbypYEQuvAAm
Nyo7LXPjKwQDn07itL4IQOKETz4seez8MC+VAg053zRdeqNDWlfEPnVMaYfZUP9D
RDptfksDoKI2aQZOakJzjafAtPb0W05wJSHNPSjlKiRgoqRiEXnRvzPdW24H/41q
Uz1WJ1hvSkm6wQLc/2ewuhdbuIPeL142QYUhmDSoio6XLkmCLG1tQ7eg7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLDgIo2WWKcInusLuzOFpcepHqweMB8GA1UdIwQY
MBaAFNzrOUquCDbTQ0H3rTGUlHZatWsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM09zNVNxNElOdE5EUWZldE1aU1VkbHExYXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjA2NGYtYjAxYS00MzcxLWE0NGEt
NDBjODZiMzJlYjIyLzEvc09BaWpaWllwd2llNnd1N000V2x4NmtlckI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjA2NGYtYjAxYS00MzcxLWE0NGEtNDBjODZiMzJlYjIy
LzEvM09zNVNxNElOdE5EUWZldE1aU1VkbHExYXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBT6veAwQC
mFmkMA0EAgACMAcDBQMqDKtAMA0GCSqGSIb3DQEBCwUAA4IBAQBHu7RgACIegyQH
F7gqdxXD2sH6Q656dc22qp695BkHyChDFY7AHMb5paLW82FKdbcyGm841RC8mCpn
usepANYuPpLMBsOpG9NMfvbvGG8PCgbslOJNl1yO7wKWWLbxnfHvaUlhKz1IC7bM
nrOonwuyz5lA0McJUwfUWTAUjyhc9va3zmCe0QaBRAZ46+mJQncrFkryE6xjelxY
JEkFeUyvb6FKeU15BU1LFnUrHwdYSTbhDCh4UmVNqEz2SsvZ1IJsPKGIZuEJmYB/
PnhKtmpjcqWgZNZ7zhkiB+VeV/sI+zbdDvq5vY9E5aoxEHj6SgLOFI9BtIQdtG7s
t7TOCib8
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:25 2026 by rpki-client