Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ohJz4CqXdPYr3fRchuc-93oEkBM.roa
File: ohJz4CqXdPYr3fRchuc-93oEkBM.roa (raw, json)
Hash identifier: n3iQEz1IlsFi3+xmUMNsqe2MW/+p+jTXT9Vh9/Vo7PY=
Subject key identifier: A2:12:73:E0:2A:97:74:F6:2B:DD:F4:5C:86:E7:3E:F7:7A:04:90:13
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019D7DED5AB951533924268E33FADA0BF5A7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ohJz4CqXdPYr3fRchuc-93oEkBM.roa
Signing time: Sat 11 Apr 2026 19:03:20 +0000
ROA not before: Sat 11 Apr 2026 19:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216246
IP address blocks: 185.103.100.0/24 maxlen: 24
193.233.21.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
193.233.132.0/24 maxlen: 24
193.233.216.0/21 maxlen: 24
193.233.230.0/24 maxlen: 24
193.233.231.0/24 maxlen: 24
193.233.244.0/22 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:ed:5a:b9:51:53:39:24:26:8e:33:fa:da:0b:f5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 11 19:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a21273e02a9774f62bddf45c86e73ef77a049013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:51:e0:e2:8c:c7:a7:3d:14:59:48:9c:d1:93:
0e:22:2f:e2:24:a9:98:99:f7:22:71:94:4e:dd:c3:
88:f6:f8:a6:ec:a6:f1:2e:71:1a:8d:e8:cc:48:17:
f4:c8:fd:0b:9b:07:ca:81:1b:03:ad:2a:43:28:de:
dd:7b:8b:d0:29:bd:00:a6:f8:40:0a:a6:82:49:92:
5f:ca:30:74:ad:ec:c6:cd:7d:97:e3:2c:e0:18:7a:
35:d8:2c:c4:8f:3b:28:3d:a1:6a:37:ee:69:d6:42:
25:ab:d8:99:33:70:d2:84:0f:02:14:5c:b2:c5:b9:
fa:4e:ca:55:39:2d:30:60:52:a2:3f:97:d8:e0:c1:
58:71:71:29:7c:02:6b:58:23:cc:33:a8:04:c2:17:
6d:f9:99:5e:a7:bd:73:f9:ce:66:cb:09:b0:48:92:
b2:da:70:c3:4e:fe:29:a3:5b:75:dc:3c:a0:9e:2a:
00:72:43:6c:c9:33:88:b7:2e:76:ba:f5:1e:bb:e2:
66:7a:45:25:15:47:a1:ac:47:2f:32:25:50:2f:5c:
b2:5d:1f:7a:9b:75:8a:c7:39:f6:91:7f:6c:26:70:
f7:ab:fa:ad:91:00:b0:42:02:eb:5f:82:3a:b4:c2:
ce:13:16:35:ee:d4:f4:6f:28:e0:f9:c7:fe:58:c9:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:12:73:E0:2A:97:74:F6:2B:DD:F4:5C:86:E7:3E:F7:7A:04:90:13
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ohJz4CqXdPYr3fRchuc-93oEkBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.100.0/24
193.233.21.0/24
193.233.88.0/22
193.233.132.0/24
193.233.216.0/21
193.233.230.0/23
193.233.244.0-193.233.251.255
Signature Algorithm: sha256WithRSAEncryption
8d:a6:9e:c7:a1:03:f7:05:0e:cd:c7:a2:bf:03:8d:2c:9b:51:
b7:56:a3:69:1a:b5:c6:a2:b1:33:81:b1:5a:8d:c8:24:83:bf:
8c:4f:8b:8e:cd:4a:1f:a4:7a:a4:75:b5:5a:40:3e:23:e8:a0:
53:fb:76:a1:00:2d:1f:81:21:ef:f0:30:64:cc:03:a7:76:63:
aa:6b:72:dd:f3:b9:89:8a:d0:c1:1a:b7:d5:af:42:73:7b:a6:
38:dc:b3:ed:1e:05:f4:23:15:3c:9f:cc:94:12:92:53:9b:f4:
3b:1c:0c:d7:ca:d4:db:a8:31:96:f5:9c:8a:c8:ab:04:42:fb:
09:a0:6f:7c:91:99:c9:84:a9:f9:34:b6:56:e9:d9:df:55:ef:
b0:27:9e:f3:a3:d9:5d:8a:c1:84:1b:4b:ff:58:02:4e:0d:b9:
46:ac:ae:7b:c7:ee:a3:a9:30:14:26:1f:44:fc:da:b1:84:6b:
e2:4e:9a:19:b1:87:52:03:7d:59:70:5f:4d:63:f6:dc:2d:26:
4a:02:f5:11:cd:de:3b:0d:c4:72:e2:30:2a:e6:a9:a5:0a:28:
87:a5:4c:7b:d5:c7:3f:1f:58:51:3a:e7:23:e2:a9:88:3f:c1:
ac:5c:11:45:8e:e4:5a:fa:fc:ca:df:d3:21:81:b4:4f:39:c2:
ed:07:0f:f9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ197Vq5UVM5JCaOM/raC/WnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwNDExMTkwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEyNzNlMDJhOTc3NGY2MmJkZGY0NWM4NmU3M2VmNzdhMDQ5MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1Hg4ozHpz0UWUic0ZMOIi/iJKmY
mfcicZRO3cOI9vim7KbxLnEajejMSBf0yP0LmwfKgRsDrSpDKN7de4vQKb0ApvhA
CqaCSZJfyjB0rezGzX2X4yzgGHo12CzEjzsoPaFqN+5p1kIlq9iZM3DShA8CFFyy
xbn6TspVOS0wYFKiP5fY4MFYcXEpfAJrWCPMM6gEwhdt+Zlep71z+c5mywmwSJKy
2nDDTv4po1t13DygnioAckNsyTOIty52uvUeu+JmekUlFUehrEcvMiVQL1yyXR96
m3WKxzn2kX9sJnD3q/qtkQCwQgLrX4I6tMLOExY17tT0byjg+cf+WMnHawIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKISc+Aql3T2K930XIbnPvd6BJATMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvb2hKejRDcVhkUFlyM2ZSY2h1Yy05M29Fa0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAuWdkAwQA
wekVAwQCwelYAwQAwemEAwQDwenYAwQBwenmMAwDBALB6fQDBALB6fgwDQYJKoZI
hvcNAQELBQADggEBAI2mnsehA/cFDs3Hor8DjSybUbdWo2katcaisTOBsVqNyCSD
v4xPi47NSh+keqR1tVpAPiPooFP7dqEALR+BIe/wMGTMA6d2Y6prct3zuYmK0MEa
t9WvQnN7pjjcs+0eBfQjFTyfzJQSklOb9DscDNfK1NuoMZb1nIrIqwRC+wmgb3yR
mcmEqfk0tlbp2d9V77AnnvOj2V2KwYQbS/9YAk4NuUasrnvH7qOpMBQmH0T82rGE
a+JOmhmxh1IDfVlwX01j9twtJkoC9RHN3jsNxHLiMCrmqaUKKIelTHvVxz8fWFE6
5yPiqYg/waxcEUWO5Fr6/Mrf0yGBtE85wu0HD/k=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:56 2026 by rpki-client