Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/OjY3C6L-EuPc2t0Qn-e-3bjWy-0.roa
File: OjY3C6L-EuPc2t0Qn-e-3bjWy-0.roa (raw, json)
Hash identifier: OthyvAnziDLpR9g+pkOT+1ZzWC7VC/seTw30st0/H/s=
Subject key identifier: 3A:36:37:0B:A2:FE:12:E3:DC:DA:DD:10:9F:E7:BE:DD:B8:D6:CB:ED
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019CD73AA69BD0B083CC1792CF0ECB72A8BA
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/OjY3C6L-EuPc2t0Qn-e-3bjWy-0.roa
Signing time: Tue 10 Mar 2026 10:11:10 +0000
ROA not before: Tue 10 Mar 2026 10:11:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204769
IP address blocks: 192.144.34.0/24 maxlen: 24
193.38.248.0/24 maxlen: 24
194.110.172.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
2a09:ff00:104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:3a:a6:9b:d0:b0:83:cc:17:92:cf:0e:cb:72:a8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Mar 10 10:11:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a36370ba2fe12e3dcdadd109fe7beddb8d6cbed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:24:df:7f:a5:8a:f6:8c:b0:ea:1a:40:05:e1:
87:29:cf:d6:51:4a:4b:8a:4b:0e:ab:8b:84:b1:b8:
67:9d:b8:74:64:bc:44:77:30:e5:c4:6e:2a:59:c7:
5f:64:2f:69:b9:3c:c0:12:d6:b2:76:95:5d:4e:a7:
19:05:6d:7c:03:74:a5:17:ac:59:08:a7:fa:7e:ee:
c1:81:85:61:a3:3e:68:c9:12:c7:cc:26:dd:61:25:
c2:7d:34:d3:aa:fe:53:18:d6:c7:0c:6f:e6:35:30:
65:4a:a9:31:21:96:8d:fb:14:c1:1b:fa:54:fd:06:
1a:bd:92:92:09:d6:07:6a:50:09:6f:a4:4c:40:63:
13:d8:39:7e:ee:8b:8d:69:bf:6a:93:3b:c8:b0:0b:
bd:b0:bd:6b:ab:07:2f:3a:a7:11:22:ee:86:23:c9:
7e:02:03:a0:e2:48:cd:af:1c:6d:04:b2:ce:96:b7:
24:f2:75:7a:58:27:21:9a:b6:48:8f:bf:b8:e8:19:
8e:95:72:db:dc:c3:b6:79:f0:e9:09:a8:74:10:73:
ed:9e:d0:1f:6a:19:be:1c:23:62:e4:da:b6:ce:43:
c2:85:06:17:cc:dd:3a:cc:17:49:7c:65:ef:04:6a:
40:04:8a:eb:42:3c:dd:9f:ed:30:e6:83:94:f3:b2:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:36:37:0B:A2:FE:12:E3:DC:DA:DD:10:9F:E7:BE:DD:B8:D6:CB:ED
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/OjY3C6L-EuPc2t0Qn-e-3bjWy-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.34.0/24
193.38.248.0/24
194.110.172.0/24
IPv6:
2a09:ff00:103::-2a09:ff00:104:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:39:69:7f:a8:39:db:fd:98:8b:5a:a3:0e:f5:af:6f:35:69:
67:29:01:49:49:5b:99:a9:c3:f2:43:9b:9a:5f:53:c0:a2:09:
1a:70:bb:52:7b:dd:74:00:f6:22:8d:f2:9f:95:50:0e:fe:93:
5d:08:62:9b:8e:4b:68:c5:22:92:c3:cd:bc:f4:5c:7b:99:8f:
ea:51:7a:dd:06:eb:de:ce:19:7a:42:bc:0d:d7:0f:01:02:27:
d3:d2:85:b4:fe:4c:48:3e:cf:36:1d:3e:81:3f:df:b1:de:b3:
f4:f1:3e:c1:1a:1b:30:de:cc:fa:d1:93:fe:f4:60:1f:41:1e:
ef:f6:b5:31:4c:47:f6:05:d4:f0:96:7a:5f:0b:95:cb:c0:a0:
75:ad:40:e6:be:03:08:79:6b:e9:f6:f1:8a:09:a9:cd:c7:55:
15:7b:05:88:42:4c:f5:a8:d5:c0:e3:f2:9f:c7:4b:17:9a:98:
7d:0c:07:f9:ea:9e:0a:69:32:4a:0d:c3:4f:44:35:a5:40:98:
9a:59:bc:f8:a3:7e:39:c0:a0:22:ea:7e:b0:8b:a8:a4:7c:24:
e7:bb:9c:57:23:25:1d:bd:94:3f:ad:3b:c1:0f:70:46:dd:04:
df:fe:24:32:da:aa:64:69:be:e4:4e:9c:7f:87:76:83:37:85:
f8:73:41:61
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZzXOqab0LCDzBeSzw7Lcqi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjYwMzEwMTAxMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM2MzcwYmEyZmUxMmUzZGNkYWRkMTA5ZmU3YmVkZGI4ZDZjYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1STff6WK9oyw6hpABeGHKc/WUUpL
iksOq4uEsbhnnbh0ZLxEdzDlxG4qWcdfZC9puTzAEtaydpVdTqcZBW18A3SlF6xZ
CKf6fu7BgYVhoz5oyRLHzCbdYSXCfTTTqv5TGNbHDG/mNTBlSqkxIZaN+xTBG/pU
/QYavZKSCdYHalAJb6RMQGMT2Dl+7ouNab9qkzvIsAu9sL1rqwcvOqcRIu6GI8l+
AgOg4kjNrxxtBLLOlrck8nV6WCchmrZIj7+46BmOlXLb3MO2efDpCah0EHPtntAf
ahm+HCNi5Nq2zkPChQYXzN06zBdJfGXvBGpABIrrQjzdn+0w5oOU87I/KQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDo2Nwui/hLj3NrdEJ/nvt241svtMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvT2pZM0M2TC1FdVBjMnQwUW4tZS0zYmpXeS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQAwJAiAwQA
wSb4AwQAwm6sMBoEAgACMBQwEgMHACoJ/wABAwMHACoJ/wABBDANBgkqhkiG9w0B
AQsFAAOCAQEAGTlpf6g52/2Yi1qjDvWvbzVpZykBSUlbmanD8kObml9TwKIJGnC7
UnvddAD2Io3yn5VQDv6TXQhim45LaMUiksPNvPRce5mP6lF63Qbr3s4ZekK8DdcP
AQIn09KFtP5MSD7PNh0+gT/fsd6z9PE+wRobMN7M+tGT/vRgH0Ee7/a1MUxH9gXU
8JZ6XwuVy8Cgda1A5r4DCHlr6fbxigmpzcdVFXsFiEJM9ajVwOPyn8dLF5qYfQwH
+eqeCmkySg3DT0Q1pUCYmlm8+KN+OcCgIup+sIuopHwk57ucVyMlHb2UP607wQ9w
Rt0E3/4kMtqqZGm+5E6cf4d2gzeF+HNBYQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:37 2026 by rpki-client