Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/oyTo08KWYqEf8lV71zt18bZl5ow.roa
File: oyTo08KWYqEf8lV71zt18bZl5ow.roa (raw, json)
Hash identifier: xhup0SobxwErF5ofC7EOIpLrzzOxwF+wSlAfxajK56Y=
Subject key identifier: A3:24:E8:D3:C2:96:62:A1:1F:F2:55:7B:D7:3B:75:F1:B6:65:E6:8C
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 019D03143711BB12AB18EBC7815652919618
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/oyTo08KWYqEf8lV71zt18bZl5ow.roa
Signing time: Wed 18 Mar 2026 22:32:29 +0000
ROA not before: Wed 18 Mar 2026 22:32:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8648
IP address blocks: 80.74.144.0/20 maxlen: 24
81.173.82.0/24 maxlen: 24
81.173.88.0/21 maxlen: 24
192.162.28.0/22 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:14:37:11:bb:12:ab:18:eb:c7:81:56:52:91:96:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Mar 18 22:32:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a324e8d3c29662a11ff2557bd73b75f1b665e68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:69:4f:5c:86:e5:45:54:3a:ba:86:8f:40:f7:
55:19:15:09:5d:fe:1a:46:59:60:f2:01:7e:3a:7e:
d3:49:96:6c:d5:89:18:54:be:6f:01:3c:57:5f:6d:
fc:0f:95:ab:05:f4:53:92:45:a0:ed:e6:0c:a9:39:
61:2d:e8:f1:ca:22:f7:b1:7a:5e:2c:ed:27:07:fb:
e5:50:8b:b6:02:0a:88:b3:48:1f:58:3f:2a:77:09:
aa:d6:20:86:7e:8f:b2:ea:ac:e5:c5:4f:a6:96:26:
6b:81:00:82:16:2b:b3:65:55:f1:48:ed:88:45:c3:
be:c2:0b:cc:0b:28:86:e4:6a:a7:d5:89:9f:4d:f6:
f6:16:b1:9a:cd:af:a2:cb:b6:7b:e3:94:d2:67:5a:
58:a7:da:e2:17:7b:0d:e4:c0:9f:52:d2:76:35:13:
81:bb:ce:ba:0a:1f:cd:28:82:25:83:38:c6:02:57:
b4:ef:ac:20:33:8b:65:b3:38:fd:9a:aa:c7:36:69:
8c:f5:4f:5d:2c:a2:ca:60:01:50:72:04:8b:7f:5e:
7b:38:d0:21:94:dc:fb:68:e8:43:0d:d7:77:0e:7e:
a6:3e:37:2c:90:dc:ff:7f:62:34:d2:ef:0e:c7:e8:
07:bb:94:1b:a3:ac:41:7c:13:0d:42:83:6a:1c:4b:
6b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:24:E8:D3:C2:96:62:A1:1F:F2:55:7B:D7:3B:75:F1:B6:65:E6:8C
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/oyTo08KWYqEf8lV71zt18bZl5ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.144.0/20
81.173.82.0/24
81.173.88.0/21
192.162.28.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
5e:a8:29:14:b6:1d:57:bb:cc:9d:4a:17:7e:f5:64:99:7c:ce:
01:20:87:a6:50:e0:50:e6:2f:9a:37:01:f5:f4:a1:9e:be:a5:
55:ce:21:bd:93:27:e8:4a:00:3e:13:5e:e3:ee:14:1f:3e:1a:
33:c5:cb:d4:8a:f5:b5:66:9b:b1:f8:83:c4:00:e1:60:ce:41:
2f:c9:9d:8d:91:ba:e4:47:1c:0e:a6:4e:e7:ab:36:9a:f0:16:
f1:3f:82:04:1c:9e:b5:29:b1:e3:ad:fb:ba:ba:99:39:d8:48:
6c:66:37:2d:ca:91:5b:7b:5b:ef:a5:4a:b9:f0:8a:19:be:e8:
b6:6e:39:d4:27:10:99:5c:52:3b:f8:61:a7:12:78:4f:07:61:
c5:1a:ff:41:60:9e:91:d4:19:05:de:40:38:9e:3b:25:05:2c:
e5:5c:52:9b:df:1f:8b:c0:43:e2:7a:8f:38:64:bd:fd:22:ec:
0e:2d:24:35:3f:ce:01:22:55:2e:18:59:3c:42:ba:c6:07:00:
5b:7f:fd:74:a4:f8:76:9a:21:00:cf:be:19:6c:fd:8e:0b:ff:
01:1a:07:7a:8e:b6:7d:a5:7a:5d:39:a3:e7:0c:68:76:22:13:
f3:83:32:3e:2b:27:d5:df:59:0a:ad:a9:ef:fa:2d:9c:51:c4:
d8:a7:20:aa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ0DFDcRuxKrGOvHgVZSkZYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjYwMzE4MjIzMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzI0ZThkM2MyOTY2MmExMWZmMjU1N2JkNzNiNzVmMWI2NjVlNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GlPXIblRVQ6uoaPQPdVGRUJXf4a
Rllg8gF+On7TSZZs1YkYVL5vATxXX238D5WrBfRTkkWg7eYMqTlhLejxyiL3sXpe
LO0nB/vlUIu2AgqIs0gfWD8qdwmq1iCGfo+y6qzlxU+mliZrgQCCFiuzZVXxSO2I
RcO+wgvMCyiG5Gqn1YmfTfb2FrGaza+iy7Z745TSZ1pYp9riF3sN5MCfUtJ2NROB
u866Ch/NKIIlgzjGAle076wgM4tlszj9mqrHNmmM9U9dLKLKYAFQcgSLf157ONAh
lNz7aOhDDdd3Dn6mPjcskNz/f2I00u8Ox+gHu5Qbo6xBfBMNQoNqHEtrXQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKMk6NPClmKhH/JVe9c7dfG2ZeaMMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvb3lUbzA4S1dZcUVmOGxWNzF6dDE4YlpsNW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEqQAwQA
Ua1SAwQDUa1YAwQCwKIcMA0EAgACMAcDBQAqABEoMA0GCSqGSIb3DQEBCwUAA4IB
AQBeqCkUth1Xu8ydShd+9WSZfM4BIIemUOBQ5i+aNwH19KGevqVVziG9kyfoSgA+
E17j7hQfPhozxcvUivW1Zpux+IPEAOFgzkEvyZ2NkbrkRxwOpk7nqzaa8BbxP4IE
HJ61KbHjrfu6upk52EhsZjctypFbe1vvpUq58IoZvui2bjnUJxCZXFI7+GGnEnhP
B2HFGv9BYJ6R1BkF3kA4njslBSzlXFKb3x+LwEPieo84ZL39IuwOLSQ1P84BIlUu
GFk8QrrGBwBbf/10pPh2miEAz74ZbP2OC/8BGgd6jrZ9pXpdOaPnDGh2IhPzgzI+
KyfV31kKranv+i2cUcTYpyCq
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:14:26 2026 by rpki-client