Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/O6tTo-EzouZEbfBpVRGby5BcpW8.roa
File: O6tTo-EzouZEbfBpVRGby5BcpW8.roa (raw, json)
Hash identifier: e+5cW5Q75TnsiB3DdCMBwxBeOV1HRtuc8+8HpOCCAs0=
Subject key identifier: 3B:AB:53:A3:E1:33:A2:E6:44:6D:F0:69:55:11:9B:CB:90:5C:A5:6F
Certificate issuer: /CN=54d65d06de265da2b5d588e06df8816ef45b2e17
Certificate serial: 019CBE5F0FDB5CAF5838A8CB5C8BE582FCBF
Authority key identifier: 54:D6:5D:06:DE:26:5D:A2:B5:D5:88:E0:6D:F8:81:6E:F4:5B:2E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNZdBt4mXaK11YjgbfiBbvRbLhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/O6tTo-EzouZEbfBpVRGby5BcpW8.roa
Signing time: Thu 05 Mar 2026 14:20:26 +0000
ROA not before: Thu 05 Mar 2026 14:20:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16740
IP address blocks: 130.43.163.0/24 maxlen: 24
2a11:46c0::/32 maxlen: 48
2a11:46c0::/48 maxlen: 48
2a11:46c0:21::/48 maxlen: 48
2a11:46c0:2e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/VNZdBt4mXaK11YjgbfiBbvRbLhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/VNZdBt4mXaK11YjgbfiBbvRbLhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VNZdBt4mXaK11YjgbfiBbvRbLhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:5f:0f:db:5c:af:58:38:a8:cb:5c:8b:e5:82:fc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d65d06de265da2b5d588e06df8816ef45b2e17
Validity
Not Before: Mar 5 14:20:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3bab53a3e133a2e6446df06955119bcb905ca56f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:7d:ea:9e:fe:a9:2d:fe:4c:8a:be:9c:32:
25:b2:82:79:ba:48:b2:bd:eb:21:77:29:43:c2:d1:
35:29:ad:01:1d:b5:29:47:d1:17:80:d7:7e:a1:52:
46:f6:d7:8a:81:a0:40:9b:83:3d:37:4f:ff:3d:a7:
d9:14:f2:7e:26:5e:07:1e:21:1f:8c:f2:cc:31:52:
e1:4d:8b:2f:74:f6:8f:47:6e:5c:71:35:2e:1b:53:
2c:db:03:ec:a1:28:fd:eb:0d:db:42:84:62:85:7f:
2d:09:e0:9a:f6:22:2e:30:c0:60:af:97:0c:dd:a2:
62:f8:0e:8b:f4:2a:ea:41:ad:ca:c8:c9:4a:77:a6:
3f:00:df:7c:d9:b0:0e:e4:f2:1a:12:09:ba:dd:87:
64:7f:9a:ad:a6:8f:ad:4f:be:3c:10:43:80:31:fc:
09:23:83:23:f4:39:e9:9e:48:1f:45:8d:29:f8:d4:
d7:3b:5f:56:b3:c4:23:93:74:cf:b9:8b:c9:87:94:
a7:3f:69:23:5b:c3:cf:a6:00:a4:cc:58:14:45:59:
f0:21:b3:ac:46:bb:03:b8:5b:89:55:c9:79:1e:cc:
fd:0a:cf:97:1b:35:06:9d:93:6f:6d:04:df:2e:44:
16:1f:84:d1:f9:9a:93:9a:a7:a8:22:09:84:7d:6e:
c9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AB:53:A3:E1:33:A2:E6:44:6D:F0:69:55:11:9B:CB:90:5C:A5:6F
X509v3 Authority Key Identifier:
keyid:54:D6:5D:06:DE:26:5D:A2:B5:D5:88:E0:6D:F8:81:6E:F4:5B:2E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNZdBt4mXaK11YjgbfiBbvRbLhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/O6tTo-EzouZEbfBpVRGby5BcpW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4ea873-fafc-40d1-aaeb-a1397870b166/1/VNZdBt4mXaK11YjgbfiBbvRbLhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.43.163.0/24
IPv6:
2a11:46c0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:21:d6:c1:49:92:7c:36:5f:bd:e7:04:75:c6:0b:8d:87:54:
86:90:5f:b1:93:ae:d8:a1:9f:d3:42:7f:e5:00:3e:1a:6e:e7:
7e:b8:c0:4f:84:0b:9b:c2:23:01:7a:64:11:9c:b5:67:0a:4e:
94:e4:84:75:98:bb:e8:e8:1a:4d:fa:24:00:13:e0:60:53:db:
27:04:bc:da:71:39:6a:59:46:46:88:fd:44:06:aa:81:13:31:
48:fc:b7:4b:7b:8b:74:0f:0c:18:f8:2d:cb:8e:35:cd:a3:04:
d0:8a:f9:20:26:c7:cd:0a:4c:fb:00:c9:42:a3:43:bd:72:49:
15:50:b0:fe:e4:89:0a:26:9b:49:d0:ad:d5:2d:a1:52:89:4b:
89:d0:7a:94:1c:eb:20:f5:ef:44:18:58:5b:c4:95:f3:ac:7c:
e6:4f:63:4d:ac:2f:df:68:2a:05:87:a4:ce:07:42:e8:0b:cd:
16:a8:77:9d:54:92:23:e1:33:d0:b7:db:cd:ad:7d:b9:aa:45:
87:cf:94:69:65:b9:e2:c7:cf:b1:48:4e:76:ee:82:22:01:b3:
b0:15:85:dd:2d:a6:83:e3:a3:0b:ba:f1:f5:b6:39:2a:e9:a1:
55:96:21:8f:57:ac:80:87:12:66:5d:7f:27:94:e2:e3:97:39:
bf:15:d1:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZy+Xw/bXK9YOKjLXIvlgvy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZDY1ZDA2ZGUyNjVkYTJiNWQ1ODhlMDZkZjg4MTZlZjQ1
YjJlMTcwHhcNMjYwMzA1MTQyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmFiNTNhM2UxMzNhMmU2NDQ2ZGYwNjk1NTExOWJjYjkwNWNhNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgZ96p7+qS3+TIq+nDIlsoJ5ukiy
veshdylDwtE1Ka0BHbUpR9EXgNd+oVJG9teKgaBAm4M9N0//PafZFPJ+Jl4HHiEf
jPLMMVLhTYsvdPaPR25ccTUuG1Ms2wPsoSj96w3bQoRihX8tCeCa9iIuMMBgr5cM
3aJi+A6L9CrqQa3KyMlKd6Y/AN982bAO5PIaEgm63Ydkf5qtpo+tT748EEOAMfwJ
I4Mj9DnpnkgfRY0p+NTXO19Ws8Qjk3TPuYvJh5SnP2kjW8PPpgCkzFgURVnwIbOs
RrsDuFuJVcl5Hsz9Cs+XGzUGnZNvbQTfLkQWH4TR+ZqTmqeoIgmEfW7JiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDurU6PhM6LmRG3waVURm8uQXKVvMB8GA1UdIwQY
MBaAFFTWXQbeJl2itdWI4G34gW70Wy4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk5aZEJ0NG1YYUsxMVlqZ2JmaUJidlJiTGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZWE4NzMtZmFmYy00MGQxLWFhZWIt
YTEzOTc4NzBiMTY2LzEvTzZ0VG8tRXpvdVpFYmZCcFZSR2J5NUJjcFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZWE4NzMtZmFmYy00MGQxLWFhZWItYTEzOTc4NzBiMTY2
LzEvVk5aZEJ0NG1YYUsxMVlqZ2JmaUJidlJiTGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAgiujMA0E
AgACMAcDBQAqEUbAMA0GCSqGSIb3DQEBCwUAA4IBAQC6IdbBSZJ8Nl+95wR1xguN
h1SGkF+xk67YoZ/TQn/lAD4abud+uMBPhAubwiMBemQRnLVnCk6U5IR1mLvo6BpN
+iQAE+BgU9snBLzacTlqWUZGiP1EBqqBEzFI/LdLe4t0DwwY+C3LjjXNowTQivkg
JsfNCkz7AMlCo0O9ckkVULD+5IkKJptJ0K3VLaFSiUuJ0HqUHOsg9e9EGFhbxJXz
rHzmT2NNrC/faCoFh6TOB0LoC80WqHedVJIj4TPQt9vNrX25qkWHz5RpZbnix8+x
SE527oIiAbOwFYXdLaaD46MLuvH1tjkq6aFVliGPV6yAhxJmXX8nlOLjlzm/FdGp
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:12:08 2026 by rpki-client