Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/omaLVc5AtTLq6XQDbUHxmhH2kK0.roa
File: omaLVc5AtTLq6XQDbUHxmhH2kK0.roa (raw, json)
Hash identifier: MfzAIima6PJiHvHej6CwNquCq3zRKRiMh/V8bXOd4oM=
Subject key identifier: A2:66:8B:55:CE:40:B5:32:EA:E9:74:03:6D:41:F1:9A:11:F6:90:AD
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019C0F1DB396F3B17DCB0A3B67279C18C203
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/omaLVc5AtTLq6XQDbUHxmhH2kK0.roa
Signing time: Fri 30 Jan 2026 13:35:30 +0000
ROA not before: Fri 30 Jan 2026 13:35:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55201
IP address blocks: 2a06:b441::/32 maxlen: 40
2a06:cac0::/29 maxlen: 48
2a0e:7780::/32 maxlen: 40
2a0f:e000::/32 maxlen: 40
2a11:3b40::/32 maxlen: 40
2a11:9600::/29 maxlen: 48
2a11:dcc0::/32 maxlen: 40
2a12:440::/32 maxlen: 40
2a12:ec0::/29 maxlen: 48
2a12:1900::/29 maxlen: 48
2a12:28c0::/29 maxlen: 48
2a12:6640::/32 maxlen: 40
2a13:ba00::/32 maxlen: 40
2a13:dac0::/32 maxlen: 40
2a14:c0::/32 maxlen: 40
2a14:1c0::/32 maxlen: 40
2a14:800::/32 maxlen: 40
2a14:7e00::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0f:1d:b3:96:f3:b1:7d:cb:0a:3b:67:27:9c:18:c2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 30 13:35:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a2668b55ce40b532eae974036d41f19a11f690ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e5:d0:02:98:f4:4b:c3:09:0a:39:92:86:13:
28:eb:91:51:c9:1c:1e:86:34:b1:de:74:2e:e1:5f:
d1:76:8f:a8:d0:42:c7:10:69:a0:71:44:a5:78:26:
1f:d9:c8:6c:0f:5d:10:30:d1:32:95:44:42:38:7e:
fb:8a:9c:e4:fe:03:d6:c1:7c:33:4d:51:c5:24:ba:
d9:d6:22:f6:0c:d6:c3:16:8a:41:9c:9f:8c:20:1f:
92:ca:32:08:18:d3:9a:3f:a7:3b:8c:d5:4e:ac:a1:
d7:f6:09:61:19:92:e3:f0:37:bb:f1:ab:f3:02:60:
0f:64:cc:2a:37:e2:45:a9:1a:a2:a6:31:7e:d0:99:
8b:29:42:21:a6:55:2a:85:48:7f:eb:f2:f8:89:c4:
99:32:4e:6f:ea:53:e0:ee:cd:6c:b3:c2:0c:dc:6a:
69:26:06:e6:bc:46:8c:f0:bd:53:15:62:1c:6e:40:
1a:ec:c8:16:de:6c:73:1a:54:e1:99:bb:cb:6f:b6:
7b:aa:df:c8:b6:94:84:58:a0:16:6b:57:bd:3b:28:
f3:0c:ad:e5:90:5e:f8:a2:37:6f:49:1d:b7:ef:04:
dc:3d:bb:2e:e0:02:00:99:15:5c:0e:f8:ce:b7:ce:
fc:08:49:80:da:8b:86:9e:bb:02:1d:25:b4:f9:6d:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:66:8B:55:CE:40:B5:32:EA:E9:74:03:6D:41:F1:9A:11:F6:90:AD
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/omaLVc5AtTLq6XQDbUHxmhH2kK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b441::/32
2a06:cac0::/29
2a0e:7780::/32
2a0f:e000::/32
2a11:3b40::/32
2a11:9600::/29
2a11:dcc0::/32
2a12:440::/32
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6640::/32
2a13:ba00::/32
2a13:dac0::/32
2a14:c0::/32
2a14:1c0::/32
2a14:800::/32
2a14:7e00::/32
Signature Algorithm: sha256WithRSAEncryption
53:4e:02:41:7f:7d:2e:4d:91:a5:d6:cb:a7:e4:d4:f8:f9:78:
72:09:16:e5:77:e2:e7:bb:f5:b6:40:22:79:36:a7:cb:d7:16:
ee:66:75:13:43:62:32:d3:bf:9d:c4:90:0a:4a:13:ef:6b:d8:
40:df:36:d6:d0:b8:18:52:80:b8:55:5b:fc:26:16:e1:a2:80:
e8:0b:44:be:1d:c0:0c:28:d2:cd:ab:f5:8c:1b:a1:0d:30:a5:
34:72:95:0c:ce:1e:61:1d:2c:6b:16:4c:0a:19:28:82:0b:21:
e2:fb:75:c8:2d:41:76:c5:a4:6c:ba:b2:7c:32:dd:c2:77:c7:
c8:ce:63:9e:d3:36:a3:8f:57:d7:c7:f5:63:f2:c5:f2:02:ce:
51:6f:ca:cb:54:5b:4d:60:5c:dd:6f:55:5b:1c:a2:ea:af:63:
eb:d9:15:7e:d6:2c:56:26:5e:55:24:5b:b2:ea:fb:75:77:26:
9a:db:9d:ab:de:9a:be:90:f5:24:35:15:4a:d8:dd:ed:be:e7:
1d:53:fd:23:18:f8:80:3e:95:2e:a9:ca:ee:5a:74:b0:1b:30:
29:77:1e:14:6c:62:e3:e0:88:cf:be:b2:6f:c0:24:7d:08:4b:
28:ba:c1:90:dd:95:0d:dd:77:86:a5:23:5e:05:d2:9b:6c:49:
ba:26:23:a6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZwPHbOW87F9ywo7ZyecGMIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjYwMTMwMTMzNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY2OGI1NWNlNDBiNTMyZWFlOTc0MDM2ZDQxZjE5YTExZjY5MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+XQApj0S8MJCjmShhMo65FRyRwe
hjSx3nQu4V/Rdo+o0ELHEGmgcUSleCYf2chsD10QMNEylURCOH77ipzk/gPWwXwz
TVHFJLrZ1iL2DNbDFopBnJ+MIB+SyjIIGNOaP6c7jNVOrKHX9glhGZLj8De78avz
AmAPZMwqN+JFqRqipjF+0JmLKUIhplUqhUh/6/L4icSZMk5v6lPg7s1ss8IM3Gpp
JgbmvEaM8L1TFWIcbkAa7MgW3mxzGlThmbvLb7Z7qt/ItpSEWKAWa1e9OyjzDK3l
kF74ojdvSR237wTcPbsu4AIAmRVcDvjOt878CEmA2ouGnrsCHSW0+W1IiQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKJmi1XOQLUy6ul0A21B8ZoR9pCtMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvb21hTFZjNUF0VExxNlhRRGJVSHhtaEgya0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFACoG
tEEDBQMqBsrAAwUAKg53gAMFACoP4AADBQAqETtAAwUDKhGWAAMFACoR3MADBQAq
EgRAAwUDKhIOwAMFAyoSGQADBQMqEijAAwUAKhJmQAMFACoTugADBQAqE9rAAwUA
KhQAwAMFACoUAcADBQAqFAgAAwUAKhR+ADANBgkqhkiG9w0BAQsFAAOCAQEAU04C
QX99Lk2RpdbLp+TU+Pl4cgkW5Xfi57v1tkAieTany9cW7mZ1E0NiMtO/ncSQCkoT
72vYQN821tC4GFKAuFVb/CYW4aKA6AtEvh3ADCjSzav1jBuhDTClNHKVDM4eYR0s
axZMChkoggsh4vt1yC1BdsWkbLqyfDLdwnfHyM5jntM2o49X18f1Y/LF8gLOUW/K
y1RbTWBc3W9VWxyi6q9j69kVftYsViZeVSRbsur7dXcmmtudq96avpD1JDUVStjd
7b7nHVP9Ixj4gD6VLqnK7lp0sBswKXceFGxi4+CIz76yb8AkfQhLKLrBkN2VDd13
hqUjXgXSm2xJuiYjpg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:52 2026 by rpki-client