Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oiFnJz8OW03WCWtsMHubcwWCEnU.roa
File: oiFnJz8OW03WCWtsMHubcwWCEnU.roa (raw, json)
Hash identifier: NGNeywVT/9a30EqHXW3cwLcQm7wpXQ63rm74pTj5fag=
Subject key identifier: A2:21:67:27:3F:0E:5B:4D:D6:09:6B:6C:30:7B:9B:73:05:82:12:75
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019D19AD02D9744FBF6C1313A56BE4E622A6
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oiFnJz8OW03WCWtsMHubcwWCEnU.roa
Signing time: Mon 23 Mar 2026 07:51:02 +0000
ROA not before: Mon 23 Mar 2026 07:51:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207043
IP address blocks: 91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:ad:02:d9:74:4f:bf:6c:13:13:a5:6b:e4:e6:22:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 23 07:51:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a22167273f0e5b4dd6096b6c307b9b7305821275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:35:a0:d1:f7:f2:c4:94:04:79:75:f4:cb:9e:
1c:bf:0b:4e:7a:01:f5:bb:11:28:cb:53:1d:6d:6b:
42:10:3f:21:a9:55:97:7c:2f:f7:f2:e9:47:fd:0a:
73:3c:05:d0:bf:fe:d1:82:ee:20:0b:81:10:16:2e:
30:45:69:23:36:bf:e8:55:24:e8:af:ec:1e:2d:b9:
05:75:da:ed:44:cf:cc:af:cb:62:92:0f:26:c1:bb:
97:c0:69:ed:71:77:34:ca:52:00:b3:a6:7b:a0:eb:
8b:67:1d:87:94:50:6c:61:b1:69:4c:00:53:b9:d9:
0e:01:f9:57:5d:48:f0:a3:56:f2:bc:fa:50:4e:dd:
38:8d:6b:8c:db:b6:61:9a:fd:11:39:49:d8:70:45:
0c:f6:b6:26:b1:a3:45:93:a8:1e:dc:63:f3:c3:59:
2b:17:e3:55:e2:0f:e1:1a:c8:cc:ab:22:72:39:0e:
18:eb:df:a6:5d:b7:cc:31:0f:ba:fa:91:1e:3a:e5:
48:de:30:6e:c0:a5:ad:89:d0:6d:51:70:73:e3:7a:
db:8b:9a:ec:b6:dc:66:2c:f8:d0:27:9f:9c:35:a6:
2c:99:79:20:54:54:78:10:6c:d7:ea:73:da:62:25:
5e:1d:24:b4:01:3d:de:97:2c:31:47:04:eb:02:51:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:21:67:27:3F:0E:5B:4D:D6:09:6B:6C:30:7B:9B:73:05:82:12:75
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oiFnJz8OW03WCWtsMHubcwWCEnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.33.0-91.92.34.255
91.92.43.0/24
93.152.224.0/24
94.26.90.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:72:8b:ad:81:0f:f7:14:5e:4c:41:a4:d7:0e:79:bb:70:91:
7b:28:73:b0:33:01:51:64:8a:3a:d9:02:0e:6f:16:0c:86:46:
b6:48:81:da:dd:8b:6e:60:f0:1c:2a:b7:13:34:78:be:9b:87:
8f:6a:85:fb:ef:39:e9:b3:b9:54:17:c9:4b:af:b8:61:ed:08:
2b:c0:0a:c9:24:e8:82:a5:a2:5c:88:9c:f3:95:db:9f:da:43:
a8:b6:50:71:eb:2e:4e:0a:d4:40:69:47:7f:49:1c:5d:40:a2:
d2:13:92:31:35:64:a7:6b:52:b5:4b:96:76:87:a4:c3:f2:54:
b1:40:fb:12:f0:be:fe:bb:41:5c:12:62:c7:09:05:60:46:eb:
e5:d8:9f:9c:00:e4:2f:a7:80:fe:0c:9b:96:5b:e4:64:3f:5b:
71:86:15:98:49:ae:2f:1d:55:c6:0c:71:d3:29:e3:ce:18:20:
4e:43:e6:6c:7d:0f:eb:4f:1b:81:cd:39:3a:06:cc:46:6b:9e:
43:5c:5d:9b:b3:0e:ec:70:d1:4f:77:43:1a:9d:63:9b:cd:b6:
33:73:74:de:0b:f2:47:d8:72:88:0f:a1:d6:6b:0a:1d:70:53:
41:70:3d:99:05:f9:44:82:b6:59:33:14:b9:da:84:e0:99:a3:
79:2a:46:2f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0ZrQLZdE+/bBMTpWvk5iKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwMzIzMDc1MTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIxNjcyNzNmMGU1YjRkZDYwOTZiNmMzMDdiOWI3MzA1ODIxMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TWg0ffyxJQEeXX0y54cvwtOegH1
uxEoy1MdbWtCED8hqVWXfC/38ulH/QpzPAXQv/7Rgu4gC4EQFi4wRWkjNr/oVSTo
r+weLbkFddrtRM/Mr8tikg8mwbuXwGntcXc0ylIAs6Z7oOuLZx2HlFBsYbFpTABT
udkOAflXXUjwo1byvPpQTt04jWuM27Zhmv0ROUnYcEUM9rYmsaNFk6ge3GPzw1kr
F+NV4g/hGsjMqyJyOQ4Y69+mXbfMMQ+6+pEeOuVI3jBuwKWtidBtUXBz43rbi5rs
ttxmLPjQJ5+cNaYsmXkgVFR4EGzX6nPaYiVeHSS0AT3elywxRwTrAlGD6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKIhZyc/DltN1glrbDB7m3MFghJ1MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvb2lGbkp6OE9XMDNXQ1d0c01IdWJjd1dDRW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABbXCED
BABbXCIDBABbXCsDBABdmOADBABeGlowDQYJKoZIhvcNAQELBQADggEBAFxyi62B
D/cUXkxBpNcOebtwkXsoc7AzAVFkijrZAg5vFgyGRrZIgdrdi25g8BwqtxM0eL6b
h49qhfvvOemzuVQXyUuvuGHtCCvACskk6IKlolyInPOV25/aQ6i2UHHrLk4K1EBp
R39JHF1AotITkjE1ZKdrUrVLlnaHpMPyVLFA+xLwvv67QVwSYscJBWBG6+XYn5wA
5C+ngP4Mm5Zb5GQ/W3GGFZhJri8dVcYMcdMp484YIE5D5mx9D+tPG4HNOToGzEZr
nkNcXZuzDuxw0U93QxqdY5vNtjNzdN4L8kfYcogPodZrCh1wU0FwPZkF+USCtlkz
FLnahOCZo3kqRi8=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:47:53 2026 by rpki-client