Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/OLfmHw3G69CHlt6FQSGhdYd-jnw.roa
File: OLfmHw3G69CHlt6FQSGhdYd-jnw.roa (raw, json)
Hash identifier: St7w/S2np1OP5tS27B/HX6714X0a8f9dEC3Bn7ikgwc=
Subject key identifier: 38:B7:E6:1F:0D:C6:EB:D0:87:96:DE:85:41:21:A1:75:87:7E:8E:7C
Certificate issuer: /CN=b2abd8fdc0fe268e3bc2026ee5ec69ca6bb89f35
Certificate serial: 019CFB267D633034BDD1802CC2AE4C340BF6
Authority key identifier: B2:AB:D8:FD:C0:FE:26:8E:3B:C2:02:6E:E5:EC:69:CA:6B:B8:9F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqvY_cD-Jo47wgJu5expymu4nzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/OLfmHw3G69CHlt6FQSGhdYd-jnw.roa
Signing time: Tue 17 Mar 2026 09:35:29 +0000
ROA not before: Tue 17 Mar 2026 09:35:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44415
IP address blocks: 194.8.66.0/23 maxlen: 23
194.54.84.0/22 maxlen: 22
194.54.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/sqvY_cD-Jo47wgJu5expymu4nzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/sqvY_cD-Jo47wgJu5expymu4nzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sqvY_cD-Jo47wgJu5expymu4nzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:26:7d:63:30:34:bd:d1:80:2c:c2:ae:4c:34:0b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2abd8fdc0fe268e3bc2026ee5ec69ca6bb89f35
Validity
Not Before: Mar 17 09:35:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38b7e61f0dc6ebd08796de854121a175877e8e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e5:cf:9a:b4:b8:b6:49:9e:84:38:9c:d6:cb:
ee:cc:d2:32:10:67:15:57:9d:3c:fa:b8:a2:dd:4b:
71:35:00:54:19:86:b5:89:a8:62:d4:15:25:b8:90:
2f:d7:ab:8f:47:5a:16:06:16:6b:23:93:1e:bf:d8:
53:b3:d6:02:78:1f:2a:a2:2c:98:de:60:25:b6:e2:
dd:8f:23:91:c7:a4:4a:52:24:c0:f1:98:66:2f:b7:
61:6d:da:a9:46:9e:aa:59:d4:c9:ed:b4:5b:07:4c:
37:7b:17:70:2d:a9:6e:25:84:59:50:32:a1:80:9d:
89:ae:43:1f:26:2e:94:2c:f4:7f:e0:a2:4c:e6:c4:
7a:e9:c0:f5:ba:8f:ce:7e:d1:b7:09:f4:1a:ef:e0:
f1:1a:69:c2:88:3d:ab:6c:e8:23:6f:56:49:7f:bb:
87:7a:ed:ce:74:be:89:80:13:1e:5e:6d:c3:48:c4:
1a:a1:db:ad:e0:d3:33:4f:9c:62:48:49:96:d4:ae:
3c:c8:03:d0:8c:f4:b4:39:43:3e:76:be:f9:65:06:
1c:1c:6f:1d:a7:06:44:43:ed:cf:88:da:67:6b:4d:
6e:ad:99:9e:89:75:d1:a2:bf:51:f0:41:fb:e8:43:
0e:02:b3:77:67:c7:4d:f8:60:bf:0f:be:52:b9:bf:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B7:E6:1F:0D:C6:EB:D0:87:96:DE:85:41:21:A1:75:87:7E:8E:7C
X509v3 Authority Key Identifier:
keyid:B2:AB:D8:FD:C0:FE:26:8E:3B:C2:02:6E:E5:EC:69:CA:6B:B8:9F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqvY_cD-Jo47wgJu5expymu4nzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/OLfmHw3G69CHlt6FQSGhdYd-jnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ca71bf-ab7f-4a0e-a955-7efc5b751a7d/1/sqvY_cD-Jo47wgJu5expymu4nzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.66.0/23
194.54.84.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:6e:a8:1c:50:36:56:70:86:99:b2:21:4e:83:6a:57:28:63:
78:6b:d2:56:f6:db:51:70:70:5a:9e:bf:25:3a:63:00:e0:f0:
cf:07:5e:90:e7:1c:b3:61:dd:e7:db:40:36:2e:da:06:8d:dd:
97:e4:4d:3a:e0:9b:bf:07:f2:6e:e7:27:62:42:e6:9a:e3:a5:
c1:28:be:0b:ff:3c:ae:4e:45:7d:96:71:f3:c1:01:6f:4a:e0:
e9:6d:fc:aa:20:98:d6:52:ca:d5:8f:09:8b:a4:06:1f:d7:38:
ab:26:13:34:94:d8:e6:2a:64:27:8d:c4:24:c2:32:db:c5:12:
30:7a:4a:fb:6b:e9:54:e2:a0:ef:1d:4f:fd:51:cd:41:5f:2c:
c0:47:21:c9:47:54:b7:da:10:5a:b0:91:1c:50:d7:35:1f:d6:
34:87:e5:5c:14:dd:84:c3:22:ce:2a:f6:dd:dd:7f:33:0a:cb:
15:1a:f0:03:28:73:24:f4:6b:ce:2a:5d:94:a9:04:7a:50:d0:
4e:f5:9c:4d:aa:cb:2d:44:bb:30:83:ac:dc:0f:4e:33:de:71:
62:97:7c:2f:b0:a4:d3:51:8e:1e:02:5b:9b:5a:e1:ae:a2:ae:
73:d2:4a:ad:ce:05:c2:db:38:42:e8:01:b5:f1:4a:10:90:bb:
9c:6d:ab:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZz7Jn1jMDS90YAswq5MNAv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYWJkOGZkYzBmZTI2OGUzYmMyMDI2ZWU1ZWM2OWNhNmJi
ODlmMzUwHhcNMjYwMzE3MDkzNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI3ZTYxZjBkYzZlYmQwODc5NmRlODU0MTIxYTE3NTg3N2U4ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOXPmrS4tkmehDic1svuzNIyEGcV
V508+rii3UtxNQBUGYa1iahi1BUluJAv16uPR1oWBhZrI5Mev9hTs9YCeB8qoiyY
3mAltuLdjyORx6RKUiTA8ZhmL7dhbdqpRp6qWdTJ7bRbB0w3exdwLaluJYRZUDKh
gJ2JrkMfJi6ULPR/4KJM5sR66cD1uo/OftG3CfQa7+DxGmnCiD2rbOgjb1ZJf7uH
eu3OdL6JgBMeXm3DSMQaodut4NMzT5xiSEmW1K48yAPQjPS0OUM+dr75ZQYcHG8d
pwZEQ+3PiNpna01urZmeiXXRor9R8EH76EMOArN3Z8dN+GC/D75Sub/x/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDi35h8NxuvQh5behUEhoXWHfo58MB8GA1UdIwQY
MBaAFLKr2P3A/iaOO8ICbuXsacpruJ81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3F2WV9jRC1KbzQ3d2dKdTVleHB5bXU0bnpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jYTcxYmYtYWI3Zi00YTBlLWE5NTUt
N2VmYzViNzUxYTdkLzEvT0xmbUh3M0c2OUNIbHQ2RlFTR2hkWWQtam53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jYTcxYmYtYWI3Zi00YTBlLWE5NTUtN2VmYzViNzUxYTdk
LzEvc3F2WV9jRC1KbzQ3d2dKdTVleHB5bXU0bnpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwghCAwQC
wjZUMA0GCSqGSIb3DQEBCwUAA4IBAQCxbqgcUDZWcIaZsiFOg2pXKGN4a9JW9ttR
cHBanr8lOmMA4PDPB16Q5xyzYd3n20A2LtoGjd2X5E064Ju/B/Ju5ydiQuaa46XB
KL4L/zyuTkV9lnHzwQFvSuDpbfyqIJjWUsrVjwmLpAYf1zirJhM0lNjmKmQnjcQk
wjLbxRIwekr7a+lU4qDvHU/9Uc1BXyzARyHJR1S32hBasJEcUNc1H9Y0h+VcFN2E
wyLOKvbd3X8zCssVGvADKHMk9GvOKl2UqQR6UNBO9ZxNqsstRLswg6zcD04z3nFi
l3wvsKTTUY4eAlubWuGuoq5z0kqtzgXC2zhC6AG18UoQkLucbav8
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:16:23 2026 by rpki-client