Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/O16DrZlJHzuhj0W8FexnAw3AIQg.roa
File: O16DrZlJHzuhj0W8FexnAw3AIQg.roa (raw, json)
Hash identifier: PYeQyX0bnsioFO8KHOzkkDt+kDAaH5RtiV5DGLPlkLI=
Subject key identifier: 3B:5E:83:AD:99:49:1F:3B:A1:8F:45:BC:15:EC:67:03:0D:C0:21:08
Certificate issuer: /CN=a6162102e5a3c0aeeab63c21ed92a805826db7aa
Certificate serial: 019CAE81C8233A81A2421A08BCF279853CBC
Authority key identifier: A6:16:21:02:E5:A3:C0:AE:EA:B6:3C:21:ED:92:A8:05:82:6D:B7:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/O16DrZlJHzuhj0W8FexnAw3AIQg.roa
Signing time: Mon 02 Mar 2026 12:24:26 +0000
ROA not before: Mon 02 Mar 2026 12:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59956
IP address blocks: 194.145.227.0/24 maxlen: 24
195.191.200.0/24 maxlen: 24
195.191.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:81:c8:23:3a:81:a2:42:1a:08:bc:f2:79:85:3c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6162102e5a3c0aeeab63c21ed92a805826db7aa
Validity
Not Before: Mar 2 12:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b5e83ad99491f3ba18f45bc15ec67030dc02108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:99:b4:72:17:10:22:4c:8f:0e:40:7d:e9:
80:23:5a:64:73:c4:cf:6f:cf:d9:b0:0b:14:ca:cd:
73:16:a9:fc:3c:d0:77:44:20:6a:ce:d7:59:14:3e:
a5:de:36:8c:c5:c2:77:f8:68:53:6e:79:ce:45:b0:
4d:cb:a5:f9:73:6b:21:26:77:1c:52:ae:f4:4b:fe:
03:a7:e3:c6:27:23:56:8e:7d:9c:e6:85:8e:ac:18:
b5:86:e9:24:4c:b3:8b:25:b9:d9:3b:08:3f:c3:7e:
d8:74:1e:27:88:a3:f7:5d:fc:be:93:4c:73:25:3d:
d8:d6:56:4e:39:af:4b:dc:a9:57:0d:32:af:e9:fa:
59:b2:c8:88:6c:11:e9:ba:8e:1f:fe:7a:70:ec:99:
d4:2b:0e:fb:6f:c5:90:61:00:bc:87:89:80:38:77:
d1:60:32:41:16:9b:e4:36:e7:c7:6f:e3:df:d4:55:
47:67:b2:b0:5a:57:dd:a5:4b:73:9b:b1:f5:36:f0:
a8:b4:52:c9:4e:30:04:d8:fb:47:e9:4c:84:70:64:
aa:d4:68:34:d9:c4:d3:6b:80:2b:3f:6d:f1:f4:24:
7d:62:3a:9e:64:42:fe:e7:6a:29:2d:e2:fc:49:4f:
03:4e:3b:d0:ac:ce:1a:a8:52:45:44:08:be:e8:aa:
91:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5E:83:AD:99:49:1F:3B:A1:8F:45:BC:15:EC:67:03:0D:C0:21:08
X509v3 Authority Key Identifier:
keyid:A6:16:21:02:E5:A3:C0:AE:EA:B6:3C:21:ED:92:A8:05:82:6D:B7:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phYhAuWjwK7qtjwh7ZKoBYJtt6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/O16DrZlJHzuhj0W8FexnAw3AIQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/7dd25d-a521-479c-988b-9cee77bc5222/1/phYhAuWjwK7qtjwh7ZKoBYJtt6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.227.0/24
195.191.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:27:6b:2b:6b:0d:8f:7a:84:a3:51:e6:e6:99:db:40:ca:f7:
1d:34:53:85:53:dc:94:46:95:91:ea:9b:03:7a:e5:d9:c4:dd:
1e:6e:7c:dc:cb:17:69:6b:d3:c9:6a:fa:65:30:59:d4:d7:ae:
67:75:f4:28:f4:ef:9a:16:f5:45:53:b4:93:8f:4f:23:1f:85:
10:ce:49:87:00:c1:a7:d7:f9:1a:21:55:5d:4c:eb:ac:05:1f:
05:65:e6:ba:31:87:46:1d:b4:e0:f2:53:df:92:ab:73:2c:2f:
b9:43:22:54:53:68:2e:c7:38:2c:04:d2:03:89:bb:55:53:39:
0d:d3:17:a6:27:7a:41:e1:8c:53:4e:be:f1:cf:0d:4c:60:55:
92:57:2d:4b:f7:86:29:0f:93:b1:29:fe:78:8b:6f:ed:86:ed:
a4:35:9c:6e:39:d1:87:da:8b:3f:66:f1:bf:d1:82:2c:e3:5d:
05:93:d9:46:b7:17:b7:fc:c8:cf:0a:da:60:ef:7b:ca:d6:7d:
62:b0:52:78:a5:97:c5:ef:50:29:22:cc:f6:be:ab:ad:88:ac:
4c:aa:db:a9:70:73:cb:54:e9:f3:00:82:b7:72:1e:b0:0a:8e:
aa:a4:87:8b:72:3a:0b:14:8e:a6:26:24:ff:12:2a:ae:6d:79:
2b:e5:a7:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyugcgjOoGiQhoIvPJ5hTy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MTYyMTAyZTVhM2MwYWVlYWI2M2MyMWVkOTJhODA1ODI2
ZGI3YWEwHhcNMjYwMzAyMTIyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVlODNhZDk5NDkxZjNiYTE4ZjQ1YmMxNWVjNjcwMzBkYzAyMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3WZtHIXECJMjw5AfemAI1pkc8TP
b8/ZsAsUys1zFqn8PNB3RCBqztdZFD6l3jaMxcJ3+GhTbnnORbBNy6X5c2shJncc
Uq70S/4Dp+PGJyNWjn2c5oWOrBi1hukkTLOLJbnZOwg/w37YdB4niKP3Xfy+k0xz
JT3Y1lZOOa9L3KlXDTKv6fpZssiIbBHpuo4f/npw7JnUKw77b8WQYQC8h4mAOHfR
YDJBFpvkNufHb+Pf1FVHZ7KwWlfdpUtzm7H1NvCotFLJTjAE2PtH6UyEcGSq1Gg0
2cTTa4ArP23x9CR9YjqeZEL+52opLeL8SU8DTjvQrM4aqFJFRAi+6KqRNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDteg62ZSR87oY9FvBXsZwMNwCEIMB8GA1UdIwQY
MBaAFKYWIQLlo8Cu6rY8Ie2SqAWCbbeqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhZaEF1V2p3SzdxdGp3aDdaS29CWUp0dDZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83ZGQyNWQtYTUyMS00NzljLTk4OGIt
OWNlZTc3YmM1MjIyLzEvTzE2RHJabEpIenVoajBXOEZleG5BdzNBSVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83ZGQyNWQtYTUyMS00NzljLTk4OGItOWNlZTc3YmM1MjIy
LzEvcGhZaEF1V2p3SzdxdGp3aDdaS29CWUp0dDZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpHjAwQB
w7/IMA0GCSqGSIb3DQEBCwUAA4IBAQBLJ2sraw2PeoSjUebmmdtAyvcdNFOFU9yU
RpWR6psDeuXZxN0ebnzcyxdpa9PJavplMFnU165ndfQo9O+aFvVFU7STj08jH4UQ
zkmHAMGn1/kaIVVdTOusBR8FZea6MYdGHbTg8lPfkqtzLC+5QyJUU2guxzgsBNID
ibtVUzkN0xemJ3pB4YxTTr7xzw1MYFWSVy1L94YpD5OxKf54i2/thu2kNZxuOdGH
2os/ZvG/0YIs410Fk9lGtxe3/MjPCtpg73vK1n1isFJ4pZfF71ApIsz2vqutiKxM
qtupcHPLVOnzAIK3ch6wCo6qpIeLcjoLFI6mJiT/EiqubXkr5ado
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:37:10 2026 by rpki-client