Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/0hu74NT9Nl_eazTEnAcyb5h2InE.roa
File: 0hu74NT9Nl_eazTEnAcyb5h2InE.roa (raw, json)
Hash identifier: m6XuEPCt02s4/4h9V+rmT4i+jJ/Bk1HfFseea23UT9Y=
Subject key identifier: D2:1B:BB:E0:D4:FD:36:5F:DE:6B:34:C4:9C:07:32:6F:98:76:22:71
Certificate issuer: /CN=32010f70276e418d58f08c56a79a82b99aca1763
Certificate serial: 019B791039FB9D3C029E8242307516A34DA8
Authority key identifier: 32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/0hu74NT9Nl_eazTEnAcyb5h2InE.roa
Signing time: Thu 01 Jan 2026 10:17:45 +0000
ROA not before: Thu 01 Jan 2026 10:17:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57365
IP address blocks: 45.88.249.0/24 maxlen: 24
128.140.200.0/21 maxlen: 21
128.140.200.0/24 maxlen: 24
128.140.201.0/24 maxlen: 24
128.140.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:39:fb:9d:3c:02:9e:82:42:30:75:16:a3:4d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32010f70276e418d58f08c56a79a82b99aca1763
Validity
Not Before: Jan 1 10:17:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d21bbbe0d4fd365fde6b34c49c07326f98762271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:f6:db:a1:a9:5a:c2:3a:8a:e0:8d:4d:a1:
5c:e1:68:2f:88:fa:86:6d:c1:32:00:94:d4:cb:23:
36:44:44:3e:7d:62:9d:8c:52:6d:5c:ee:34:f2:0a:
27:37:a1:72:3b:84:bb:67:ba:84:22:e0:4f:17:da:
00:1d:cd:ec:b8:83:7d:b9:ec:27:63:37:31:97:57:
bd:c7:fd:e8:28:5b:70:d3:7b:5f:5d:67:60:b1:7b:
e8:5e:bd:7a:e0:c9:f6:27:5d:31:dd:35:b2:7d:e8:
6d:a8:b7:eb:23:d1:ae:91:ad:a1:78:da:ff:47:ab:
cf:81:1c:57:b3:a0:26:17:f8:86:bd:80:f8:69:ef:
13:e7:93:bd:f2:62:7d:9a:61:51:18:b0:94:e1:fa:
15:04:de:97:a7:ad:27:e4:76:74:72:0d:b7:d8:e6:
16:0d:e4:d3:82:79:2e:31:64:b8:08:65:2b:23:71:
c3:ca:e9:56:3b:0f:93:c6:3b:6e:55:33:e7:0c:00:
b6:a5:23:d4:c7:72:b2:e4:39:35:4d:3b:c7:88:77:
cf:42:b3:2f:f5:16:f2:bb:95:37:2e:02:88:22:27:
c7:50:32:2c:7e:0e:53:b1:0b:1a:d7:a8:1a:25:b5:
c1:5e:be:ce:d8:f0:b2:11:e1:30:e3:99:04:a4:ac:
e8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1B:BB:E0:D4:FD:36:5F:DE:6B:34:C4:9C:07:32:6F:98:76:22:71
X509v3 Authority Key Identifier:
keyid:32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/0hu74NT9Nl_eazTEnAcyb5h2InE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.249.0/24
128.140.200.0/21
Signature Algorithm: sha256WithRSAEncryption
14:a8:98:de:c3:9c:7f:67:55:43:77:76:50:36:4d:48:5b:35:
90:cb:fb:f4:5f:e9:51:3e:e1:e0:66:7c:54:f4:b9:82:72:74:
d1:91:b6:ff:21:94:fa:be:07:3a:cd:53:ff:d6:b5:5e:37:d5:
8c:f7:7a:24:de:cc:3c:df:c6:a7:39:1b:e0:e3:20:49:66:43:
0e:e4:13:e5:3f:12:da:47:86:4c:d2:78:fc:38:76:62:a8:b5:
62:26:c4:ba:db:a8:a9:95:70:b2:f3:22:05:cf:9c:af:be:d2:
40:8c:91:6b:21:6f:cb:b9:c0:da:ac:91:35:7a:06:ad:6b:3b:
a9:d1:af:b5:47:61:24:e6:05:71:06:31:7b:dc:45:7f:a2:19:
92:ce:54:7d:d4:3b:79:96:55:cc:1c:e5:f7:5d:4a:95:8d:64:
92:04:0c:c0:2a:b8:37:6e:3b:85:77:e0:0e:0b:54:33:e2:99:
75:14:ac:88:31:8a:97:0b:08:6f:a8:80:72:32:a7:15:81:25:
44:3d:82:11:bc:70:d7:cc:0c:43:24:6f:66:79:f8:e5:70:04:
7b:ca:16:d0:f4:cc:9d:f9:6a:69:13:fd:e9:bb:01:f8:e7:fc:
3c:a2:68:94:39:24:d2:34:1e:b2:e8:0b:bd:b7:dc:2f:69:a6:
c3:a2:53:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt5EDn7nTwCnoJCMHUWo02oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDEwZjcwMjc2ZTQxOGQ1OGYwOGM1NmE3OWE4MmI5OWFj
YTE3NjMwHhcNMjYwMTAxMTAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFiYmJlMGQ0ZmQzNjVmZGU2YjM0YzQ5YzA3MzI2Zjk4NzYyMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrf226GpWsI6iuCNTaFc4WgviPqG
bcEyAJTUyyM2REQ+fWKdjFJtXO408gonN6FyO4S7Z7qEIuBPF9oAHc3suIN9uewn
Yzcxl1e9x/3oKFtw03tfXWdgsXvoXr164Mn2J10x3TWyfehtqLfrI9Guka2heNr/
R6vPgRxXs6AmF/iGvYD4ae8T55O98mJ9mmFRGLCU4foVBN6Xp60n5HZ0cg232OYW
DeTTgnkuMWS4CGUrI3HDyulWOw+TxjtuVTPnDAC2pSPUx3Ky5Dk1TTvHiHfPQrMv
9Rbyu5U3LgKIIifHUDIsfg5TsQsa16gaJbXBXr7O2PCyEeEw45kEpKzopQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIbu+DU/TZf3ms0xJwHMm+YdiJxMB8GA1UdIwQY
MBaAFDIBD3AnbkGNWPCMVqeagrmayhdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEt
MmY2ODIxNmI3NDI0LzEvMGh1NzROVDlObF9lYXpURW5BY3liNWgySW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEtMmY2ODIxNmI3NDI0
LzEvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVj5AwQD
gIzIMA0GCSqGSIb3DQEBCwUAA4IBAQAUqJjew5x/Z1VDd3ZQNk1IWzWQy/v0X+lR
PuHgZnxU9LmCcnTRkbb/IZT6vgc6zVP/1rVeN9WM93ok3sw838anORvg4yBJZkMO
5BPlPxLaR4ZM0nj8OHZiqLViJsS626iplXCy8yIFz5yvvtJAjJFrIW/LucDarJE1
egatazup0a+1R2Ek5gVxBjF73EV/ohmSzlR91Dt5llXMHOX3XUqVjWSSBAzAKrg3
bjuFd+AOC1Qz4pl1FKyIMYqXCwhvqIByMqcVgSVEPYIRvHDXzAxDJG9mefjlcAR7
yhbQ9Myd+WppE/3puwH45/w8omiUOSTSNB6y6Au9t9wvaabDolOF
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:10:36 2026 by rpki-client