Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/KoHLJNQuOcHspjZQJtsgwfHF3m4.roa
File: KoHLJNQuOcHspjZQJtsgwfHF3m4.roa (raw, json)
Hash identifier: Pm229i2zgzIKXvQ6Hz77HG6vbpEhWAQEJXW3BVSV54E=
Subject key identifier: 2A:81:CB:24:D4:2E:39:C1:EC:A6:36:50:26:DB:20:C1:F1:C5:DE:6E
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 019CE8CCECAA33DA4A45B97AE559401287A6
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/KoHLJNQuOcHspjZQJtsgwfHF3m4.roa
Signing time: Fri 13 Mar 2026 20:04:29 +0000
ROA not before: Fri 13 Mar 2026 20:04:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212219
IP address blocks: 80.253.246.0/24 maxlen: 24
91.151.88.0/24 maxlen: 24
91.151.89.0/24 maxlen: 24
91.151.95.0/24 maxlen: 24
212.108.107.0/24 maxlen: 24
213.142.148.0/24 maxlen: 24
213.142.151.0/24 maxlen: 24
213.142.159.0/24 maxlen: 24
2a0f:bf00::/29 maxlen: 29
2a0f:bf01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e8:cc:ec:aa:33:da:4a:45:b9:7a:e5:59:40:12:87:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Mar 13 20:04:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a81cb24d42e39c1eca6365026db20c1f1c5de6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:7a:25:70:ca:f9:63:5f:c3:09:38:29:81:
c5:31:08:3e:38:0e:b3:ea:7c:1b:11:30:8e:0d:02:
5b:65:91:ec:1c:28:13:ae:7f:ac:e6:e1:3d:28:41:
4e:cb:ae:af:19:ca:4b:fb:73:ca:22:50:37:45:e9:
ec:e6:ec:6c:a5:68:50:c0:0b:c8:cc:08:43:ec:ba:
53:cf:da:94:6d:7b:21:48:03:0e:58:28:df:73:79:
32:32:ba:63:69:21:71:99:5c:a0:49:cf:27:8d:07:
b4:1b:c9:00:9e:b3:ae:d9:dd:a0:4a:0e:1f:86:39:
6f:eb:b2:9f:6d:e0:d4:f4:dd:df:aa:76:e2:4c:2b:
43:89:38:31:77:70:5d:a2:42:9f:11:cf:e4:75:ff:
f7:d1:79:63:18:60:33:a4:47:35:1b:e2:6e:99:89:
c2:1d:99:b4:f5:d6:10:20:66:75:c2:95:89:18:9e:
bb:9d:51:3d:eb:a0:d7:f9:7b:d3:3c:14:db:d3:e6:
d4:6a:6a:1c:7a:8b:60:c1:d6:d9:81:11:22:3a:c9:
18:81:50:fc:eb:2e:c7:79:27:0a:b1:b1:5a:d2:ee:
72:18:91:c2:46:e7:6c:9a:32:bf:36:f1:39:85:4e:
1b:cf:4e:e2:e8:df:7c:d5:7c:5f:d9:e2:94:02:4e:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:81:CB:24:D4:2E:39:C1:EC:A6:36:50:26:DB:20:C1:F1:C5:DE:6E
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/KoHLJNQuOcHspjZQJtsgwfHF3m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
91.151.88.0/23
91.151.95.0/24
212.108.107.0/24
213.142.148.0/24
213.142.151.0/24
213.142.159.0/24
IPv6:
2a0f:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
93:01:af:d1:ba:be:23:7e:b2:dd:e4:70:39:55:f6:23:e6:4d:
e0:27:c2:13:ba:74:5f:71:d2:59:a7:f1:55:ad:31:1f:4b:4a:
91:9b:f7:03:a0:fc:70:97:d0:df:86:36:d2:ea:3b:af:d2:09:
1c:8f:bf:52:41:62:df:27:18:f0:9b:2e:39:2e:7a:c2:aa:1a:
5b:4d:7e:16:5b:83:b2:12:82:db:87:8f:af:92:3b:98:f4:f6:
ef:0e:95:27:c4:bc:31:b6:e4:6b:36:aa:91:76:a8:82:e6:e5:
95:52:9a:c0:16:35:14:7f:3c:3e:d0:7b:86:6b:55:04:10:4a:
9e:01:ad:ed:21:d4:2a:27:92:82:1e:7f:89:a9:4e:85:96:e8:
52:a6:67:30:28:2b:c0:c2:06:f9:ef:67:fc:50:b1:06:9b:e9:
23:f0:08:0f:58:04:67:d3:af:ea:96:f8:c7:31:54:ff:d6:e2:
5f:86:0a:29:dc:c3:1d:aa:b3:87:73:c7:d0:41:4b:c8:99:ad:
10:7f:90:5e:c0:85:fa:91:d7:f4:f6:cc:ba:93:9b:9b:ff:99:
49:3f:50:a3:d6:18:69:c8:79:ec:72:d3:55:9f:07:52:8c:f4:
71:70:fd:bf:92:94:31:2e:5e:c6:d8:72:13:ea:0a:d4:ee:75:
be:b2:8a:0d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZzozOyqM9pKRbl65VlAEoemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjYwMzEzMjAwNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgxY2IyNGQ0MmUzOWMxZWNhNjM2NTAyNmRiMjBjMWYxYzVkZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq96JXDK+WNfwwk4KYHFMQg+OA6z
6nwbETCODQJbZZHsHCgTrn+s5uE9KEFOy66vGcpL+3PKIlA3Rens5uxspWhQwAvI
zAhD7LpTz9qUbXshSAMOWCjfc3kyMrpjaSFxmVygSc8njQe0G8kAnrOu2d2gSg4f
hjlv67KfbeDU9N3fqnbiTCtDiTgxd3BdokKfEc/kdf/30XljGGAzpEc1G+JumYnC
HZm09dYQIGZ1wpWJGJ67nVE966DX+XvTPBTb0+bUamoceotgwdbZgREiOskYgVD8
6y7HeScKsbFa0u5yGJHCRudsmjK/NvE5hU4bz07i6N981Xxf2eKUAk6HIQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCqByyTULjnB7KY2UCbbIMHxxd5uMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvS29ITEpOUXVPY0hzcGpaUUp0c2d3ZkhGM200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAUP32AwQB
W5dYAwQAW5dfAwQA1GxrAwQA1Y6UAwQA1Y6XAwQA1Y6fMA0EAgACMAcDBQMqD78A
MA0GCSqGSIb3DQEBCwUAA4IBAQCTAa/Rur4jfrLd5HA5VfYj5k3gJ8ITunRfcdJZ
p/FVrTEfS0qRm/cDoPxwl9DfhjbS6juv0gkcj79SQWLfJxjwmy45LnrCqhpbTX4W
W4OyEoLbh4+vkjuY9PbvDpUnxLwxtuRrNqqRdqiC5uWVUprAFjUUfzw+0HuGa1UE
EEqeAa3tIdQqJ5KCHn+JqU6FluhSpmcwKCvAwgb572f8ULEGm+kj8AgPWARn06/q
lvjHMVT/1uJfhgop3MMdqrOHc8fQQUvIma0Qf5BewIX6kdf09sy6k5ub/5lJP1Cj
1hhpyHnsctNVnwdSjPRxcP2/kpQxLl7G2HIT6grU7nW+sooN
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:22 2026 by rpki-client