Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/oUYxyz9K10owyMgLb9Tbkm17AiY.roa
File: oUYxyz9K10owyMgLb9Tbkm17AiY.roa (raw, json)
Hash identifier: AGy37bHGmP4SIowccjLydimzeuBoQwkNyn1U3LuqE2Y=
Subject key identifier: A1:46:31:CB:3F:4A:D7:4A:30:C8:C8:0B:6F:D4:DB:92:6D:7B:02:26
Certificate issuer: /CN=d7a80068bd7328ef41120f4788c28d3a92047067
Certificate serial: 019CC31B38A0218DFFAE5FB1530BF8788776
Authority key identifier: D7:A8:00:68:BD:73:28:EF:41:12:0F:47:88:C2:8D:3A:92:04:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/16gAaL1zKO9BEg9HiMKNOpIEcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/oUYxyz9K10owyMgLb9Tbkm17AiY.roa
Signing time: Fri 06 Mar 2026 12:24:26 +0000
ROA not before: Fri 06 Mar 2026 12:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397373
IP address blocks: 91.236.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/16gAaL1zKO9BEg9HiMKNOpIEcGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/16gAaL1zKO9BEg9HiMKNOpIEcGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/16gAaL1zKO9BEg9HiMKNOpIEcGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:1b:38:a0:21:8d:ff:ae:5f:b1:53:0b:f8:78:87:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7a80068bd7328ef41120f4788c28d3a92047067
Validity
Not Before: Mar 6 12:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a14631cb3f4ad74a30c8c80b6fd4db926d7b0226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:81:28:b2:e0:58:50:7c:4a:7b:0f:12:b4:97:
f9:d7:2a:73:50:c1:47:52:d3:81:8e:98:0c:e5:98:
39:d9:97:e7:dd:89:b2:34:ec:09:61:be:83:ce:f6:
b7:6b:01:56:3b:3a:75:32:52:c3:af:f0:7f:c2:f7:
70:0f:10:ab:27:b8:50:67:cb:e8:8c:bf:ec:1b:f3:
7c:1f:b4:e5:38:69:1a:77:6c:28:32:1a:b7:38:7c:
7a:da:0e:06:60:eb:e2:d3:a0:38:e4:fe:6b:bd:ae:
d2:05:1a:8a:02:1a:0a:c3:35:26:d5:be:14:e5:bc:
a1:e1:c0:42:7b:63:eb:b2:40:ce:46:f9:bc:19:f9:
8f:8f:8b:70:da:f9:52:cf:c9:b4:70:2d:10:26:65:
b1:e4:19:c7:f4:ef:39:4a:eb:bb:5b:af:3a:fe:75:
f3:58:d0:7e:06:58:6c:d4:60:3e:27:39:c3:a3:c9:
0c:b3:81:87:b1:9c:5f:0e:71:f3:77:bf:5f:4c:ae:
bb:fe:05:10:d5:e3:ba:73:37:22:71:f1:b7:41:e1:
a6:5e:1b:34:b7:30:a6:c3:25:8b:dc:4c:c7:57:a0:
89:bd:c6:f8:e5:17:53:a9:41:d7:7a:dd:fa:4d:69:
77:d7:0f:94:9c:d8:ae:3b:a4:08:da:e6:9e:8c:02:
bf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:46:31:CB:3F:4A:D7:4A:30:C8:C8:0B:6F:D4:DB:92:6D:7B:02:26
X509v3 Authority Key Identifier:
keyid:D7:A8:00:68:BD:73:28:EF:41:12:0F:47:88:C2:8D:3A:92:04:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/16gAaL1zKO9BEg9HiMKNOpIEcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/oUYxyz9K10owyMgLb9Tbkm17AiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a45d1c-e3b6-4f23-a8c6-ef332a0256d6/1/16gAaL1zKO9BEg9HiMKNOpIEcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.119.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:65:21:a6:bd:47:4c:ec:ad:a8:3c:39:11:06:e4:9e:dd:b3:
1b:5c:51:bb:38:7f:0d:8a:6f:4e:fa:68:24:f5:fc:75:f2:21:
9b:da:c5:07:4c:1b:0b:5a:60:0f:f5:10:77:fc:fa:b1:44:aa:
c2:fb:c1:03:37:17:57:4e:17:ef:f2:d1:8b:a5:69:cb:ab:63:
a4:d9:01:37:97:65:e8:e0:e0:a3:88:dc:cc:53:b8:7c:a1:75:
9f:1c:b9:91:3b:c9:16:58:89:9f:3f:11:b3:6d:75:4b:f6:38:
37:58:d7:b1:2a:b9:b4:44:43:8a:b0:94:e9:e3:34:8d:fd:cf:
b7:da:45:08:63:88:03:c8:23:17:09:50:d3:56:db:b7:24:a1:
a7:b4:36:fa:4b:d1:de:d5:89:bd:33:74:23:16:62:2b:7f:60:
84:55:20:0a:30:13:a7:85:e0:54:9b:fc:ef:82:15:27:d9:1e:
54:22:22:61:63:ab:0a:97:a3:ff:26:6f:8a:77:35:b7:10:cd:
f3:e5:12:e9:e6:37:2e:23:71:10:28:39:5f:62:93:96:71:96:
69:36:98:d9:59:cb:2c:b3:42:a1:44:c8:ee:90:45:c0:e0:7d:
68:df:9f:ba:df:10:b5:70:ac:f9:66:d3:a3:fd:e0:93:27:04:
e1:de:0d:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzDGzigIY3/rl+xUwv4eId2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YTgwMDY4YmQ3MzI4ZWY0MTEyMGY0Nzg4YzI4ZDNhOTIw
NDcwNjcwHhcNMjYwMzA2MTIyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ2MzFjYjNmNGFkNzRhMzBjOGM4MGI2ZmQ0ZGI5MjZkN2IwMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloEosuBYUHxKew8StJf51ypzUMFH
UtOBjpgM5Zg52Zfn3YmyNOwJYb6Dzva3awFWOzp1MlLDr/B/wvdwDxCrJ7hQZ8vo
jL/sG/N8H7TlOGkad2woMhq3OHx62g4GYOvi06A45P5rva7SBRqKAhoKwzUm1b4U
5byh4cBCe2PrskDORvm8GfmPj4tw2vlSz8m0cC0QJmWx5BnH9O85Suu7W686/nXz
WNB+Blhs1GA+JznDo8kMs4GHsZxfDnHzd79fTK67/gUQ1eO6czcicfG3QeGmXhs0
tzCmwyWL3EzHV6CJvcb45RdTqUHXet36TWl31w+UnNiuO6QI2uaejAK/vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFGMcs/StdKMMjIC2/U25JtewImMB8GA1UdIwQY
MBaAFNeoAGi9cyjvQRIPR4jCjTqSBHBnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTZnQWFMMXpLTzlCRWc5SGlNS05PcElFY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hNDVkMWMtZTNiNi00ZjIzLWE4YzYt
ZWYzMzJhMDI1NmQ2LzEvb1VZeHl6OUsxMG93eU1nTGI5VGJrbTE3QWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hNDVkMWMtZTNiNi00ZjIzLWE4YzYtZWYzMzJhMDI1NmQ2
LzEvMTZnQWFMMXpLTzlCRWc5SGlNS05PcElFY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+x3MA0G
CSqGSIb3DQEBCwUAA4IBAQCLZSGmvUdM7K2oPDkRBuSe3bMbXFG7OH8Nim9O+mgk
9fx18iGb2sUHTBsLWmAP9RB3/PqxRKrC+8EDNxdXThfv8tGLpWnLq2Ok2QE3l2Xo
4OCjiNzMU7h8oXWfHLmRO8kWWImfPxGzbXVL9jg3WNexKrm0REOKsJTp4zSN/c+3
2kUIY4gDyCMXCVDTVtu3JKGntDb6S9He1Ym9M3QjFmIrf2CEVSAKMBOnheBUm/zv
ghUn2R5UIiJhY6sKl6P/Jm+KdzW3EM3z5RLp5jcuI3EQKDlfYpOWcZZpNpjZWcss
s0KhRMjukEXA4H1o35+63xC1cKz5ZtOj/eCTJwTh3g2B
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:50:00 2026 by rpki-client