Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OA3uefR3GL0nvDsymWuvde4CpZM.roa
File: OA3uefR3GL0nvDsymWuvde4CpZM.roa (raw, json)
Hash identifier: FAzmxKbmrlQ4LuWJWM5I610VmeFPLmSW9A+rgleU4HM=
Subject key identifier: 38:0D:EE:79:F4:77:18:BD:27:BC:3B:32:99:6B:AF:75:EE:02:A5:93
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019C437E4DD6C35B8D4C2C060F37BC9CEB16
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OA3uefR3GL0nvDsymWuvde4CpZM.roa
Signing time: Mon 09 Feb 2026 17:41:16 +0000
ROA not before: Mon 09 Feb 2026 17:41:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213535
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.91.248.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
45.141.118.0/24 maxlen: 24
92.119.166.0/24 maxlen: 24
152.89.253.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:43:7e:4d:d6:c3:5b:8d:4c:2c:06:0f:37:bc:9c:eb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Feb 9 17:41:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=380dee79f47718bd27bc3b32996baf75ee02a593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1c:09:ad:7e:4d:06:1b:d9:5e:32:c0:2a:34:
1b:49:2d:4b:dd:01:44:b5:80:53:bf:d3:65:4e:d7:
25:68:d8:b0:3c:75:36:ad:58:e3:e4:9d:ed:b7:39:
c4:93:a9:6b:a0:67:ca:4a:23:7e:f3:c7:29:b1:9a:
e2:e1:eb:10:c7:cf:c4:6b:eb:44:3a:67:76:23:e8:
64:a0:b8:a2:e7:e7:2d:6c:c9:5a:1f:9c:23:84:34:
3a:a1:ea:b3:73:c4:ba:7b:ab:d8:5c:b3:e9:a7:d5:
9d:53:84:2c:96:ce:70:a2:b1:00:80:47:6d:5f:f6:
e9:0e:31:a6:6d:c4:73:4f:77:b7:0c:1f:62:7b:76:
8c:f4:70:2e:0e:72:82:77:2c:e4:4a:5f:6f:d4:c8:
8b:51:42:77:9e:a9:8a:e4:42:a3:fc:81:9c:ec:77:
13:d1:74:e0:ec:45:c1:2c:57:2c:72:15:53:e2:39:
7c:b2:2e:8b:17:0d:30:86:c8:08:79:b9:ba:72:4a:
df:c6:ce:e4:5c:5e:d3:15:88:ae:63:2e:2c:4c:78:
da:35:47:6f:13:34:22:ff:60:cf:6d:9f:20:ef:32:
ca:b0:6b:81:07:42:57:c8:8c:43:64:5a:2d:ff:d7:
88:7f:ea:ad:40:c1:5f:8b:47:c9:12:10:09:6f:51:
72:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0D:EE:79:F4:77:18:BD:27:BC:3B:32:99:6B:AF:75:EE:02:A5:93
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OA3uefR3GL0nvDsymWuvde4CpZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.136.0/24
45.67.139.0/24
45.91.248.0/24
45.92.218.0/23
45.141.118.0/24
92.119.166.0/24
152.89.253.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c1:25:7c:01:67:03:a6:93:30:e9:14:26:a6:2a:3b:b7:25:
a6:c1:89:3c:c9:ff:a5:79:12:66:45:aa:fd:28:83:33:a3:a4:
03:f5:37:09:1a:41:71:b8:0e:71:e7:18:05:41:c9:f5:8a:55:
08:75:23:40:15:77:37:25:62:86:45:ba:69:5a:ee:73:14:64:
d1:7e:61:43:5a:d1:6e:65:06:30:3a:b8:35:ab:ca:9f:bd:86:
e1:03:7e:79:f8:ee:23:63:2c:f4:83:6f:b8:6a:66:a9:22:9e:
71:f2:75:12:bf:97:a6:c6:94:78:10:7b:c3:61:c8:cd:c8:9e:
89:9b:c6:c4:39:13:dc:76:79:cb:4e:66:14:72:57:93:17:f4:
a2:92:10:16:fb:eb:f4:8c:36:b9:d8:0c:b6:05:46:a7:13:b0:
40:61:68:21:8c:2d:f6:3f:0e:50:01:5a:bd:d9:24:8a:b9:c0:
da:e9:c3:b4:37:1d:6b:e9:67:cd:e1:48:13:64:25:42:2c:f1:
8a:2d:1d:57:92:06:d4:94:05:f0:2d:1f:d6:72:6e:50:a9:b8:
ac:f5:8c:e4:a9:55:31:04:7d:f3:42:c9:48:18:26:71:fd:c3:
d6:03:c8:3a:4a:d6:81:1f:8a:6d:32:f7:fe:ee:34:7e:4d:45:
66:1a:09:6e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZxDfk3Ww1uNTCwGDze8nOsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjYwMjA5MTc0MTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBkZWU3OWY0NzcxOGJkMjdiYzNiMzI5OTZiYWY3NWVlMDJhNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxwJrX5NBhvZXjLAKjQbSS1L3QFE
tYBTv9NlTtclaNiwPHU2rVjj5J3ttznEk6lroGfKSiN+88cpsZri4esQx8/Ea+tE
Omd2I+hkoLii5+ctbMlaH5wjhDQ6oeqzc8S6e6vYXLPpp9WdU4Qsls5worEAgEdt
X/bpDjGmbcRzT3e3DB9ie3aM9HAuDnKCdyzkSl9v1MiLUUJ3nqmK5EKj/IGc7HcT
0XTg7EXBLFcschVT4jl8si6LFw0whsgIebm6ckrfxs7kXF7TFYiuYy4sTHjaNUdv
EzQi/2DPbZ8g7zLKsGuBB0JXyIxDZFot/9eIf+qtQMFfi0fJEhAJb1FyDQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDgN7nn0dxi9J7w7Mplrr3XuAqWTMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvT0EzdWVmUjNHTDBudkRzeW1XdXZkZTRDcFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQ3iAwQA
LUOIAwQALUOLAwQALVv4AwQBLVzaAwQALY12AwQAXHemAwQAmFn9AwQAuXUAMA0G
CSqGSIb3DQEBCwUAA4IBAQAGwSV8AWcDppMw6RQmpio7tyWmwYk8yf+leRJmRar9
KIMzo6QD9TcJGkFxuA5x5xgFQcn1ilUIdSNAFXc3JWKGRbppWu5zFGTRfmFDWtFu
ZQYwOrg1q8qfvYbhA355+O4jYyz0g2+4amapIp5x8nUSv5emxpR4EHvDYcjNyJ6J
m8bEORPcdnnLTmYUcleTF/SikhAW++v0jDa52Ay2BUanE7BAYWghjC32Pw5QAVq9
2SSKucDa6cO0Nx1r6WfN4UgTZCVCLPGKLR1XkgbUlAXwLR/Wcm5Qqbis9YzkqVUx
BH3zQslIGCZx/cPWA8g6StaBH4ptMvf+7jR+TUVmGglu
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:29:00 2026 by rpki-client