Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/ob5sPFaRhRWX8YvpmsOhf_L42qk.roa
File: ob5sPFaRhRWX8YvpmsOhf_L42qk.roa (raw, json)
Hash identifier: F2rzq+6Lw+VZW+xrLLgUfoPJgDVHj07vj+YUG1nzWfs=
Subject key identifier: A1:BE:6C:3C:56:91:85:15:97:F1:8B:E9:9A:C3:A1:7F:F2:F8:DA:A9
Certificate issuer: /CN=98a987c6cd0a36f94dbef10ef2a2c66020a95611
Certificate serial: 019DD3740A23E7AE8BC7A0653C559844CEC9
Authority key identifier: 98:A9:87:C6:CD:0A:36:F9:4D:BE:F1:0E:F2:A2:C6:60:20:A9:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKmHxs0KNvlNvvEO8qLGYCCpVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/ob5sPFaRhRWX8YvpmsOhf_L42qk.roa
Signing time: Tue 28 Apr 2026 09:38:10 +0000
ROA not before: Tue 28 Apr 2026 09:38:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29611
IP address blocks: 45.157.84.0/22 maxlen: 24
45.157.84.0/24 maxlen: 24
45.157.85.0/24 maxlen: 24
45.157.86.0/24 maxlen: 24
45.157.87.0/24 maxlen: 24
185.2.216.0/22 maxlen: 24
185.2.216.0/24 maxlen: 24
185.2.217.0/24 maxlen: 24
185.2.218.0/24 maxlen: 24
185.2.219.0/24 maxlen: 24
185.43.184.0/22 maxlen: 24
185.43.184.0/24 maxlen: 24
185.43.185.0/24 maxlen: 24
185.43.186.0/24 maxlen: 24
185.43.187.0/24 maxlen: 24
185.73.184.0/22 maxlen: 24
185.73.184.0/24 maxlen: 24
185.73.185.0/24 maxlen: 24
185.73.186.0/24 maxlen: 24
185.73.187.0/24 maxlen: 24
217.68.240.0/20 maxlen: 24
217.68.242.0/24 maxlen: 24
217.69.32.0/20 maxlen: 24
2a00:c20::/32 maxlen: 32
2a03:2d20::/32 maxlen: 32
2a04:95c0::/29 maxlen: 29
2a0f:5280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/mKmHxs0KNvlNvvEO8qLGYCCpVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/mKmHxs0KNvlNvvEO8qLGYCCpVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKmHxs0KNvlNvvEO8qLGYCCpVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:74:0a:23:e7:ae:8b:c7:a0:65:3c:55:98:44:ce:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a987c6cd0a36f94dbef10ef2a2c66020a95611
Validity
Not Before: Apr 28 09:38:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1be6c3c5691851597f18be99ac3a17ff2f8daa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ad:9e:58:39:ff:bf:ce:37:6e:a1:88:8d:aa:
38:8c:ed:b8:47:64:6f:e2:f8:d4:9f:d3:35:b7:48:
28:0e:be:ca:44:34:88:5a:04:00:86:48:1e:fb:86:
e7:28:10:ff:ee:44:18:5f:57:22:0e:cf:9f:38:88:
82:0c:4b:ca:f3:ae:c6:b8:cb:90:ac:32:9b:36:1b:
b0:aa:2e:76:81:d8:82:0e:f2:ea:23:58:c4:67:29:
af:3d:7d:07:11:b0:33:7a:cf:3c:88:78:bd:c6:c0:
4c:be:6c:36:76:54:2c:21:68:f4:ad:05:bc:af:dd:
80:a2:50:1f:dc:5b:da:84:1f:0d:55:eb:27:d8:af:
f1:88:be:8d:e0:a0:54:7b:6d:f4:f4:ae:1a:72:a1:
6b:bd:46:03:aa:32:e8:89:96:9f:46:19:54:25:1a:
7a:13:ba:6b:13:5f:31:2d:61:03:6a:e7:af:23:1c:
95:09:f4:4f:ba:e6:87:c0:e3:b4:c7:c5:c1:46:5d:
10:31:b3:15:21:42:a0:07:c1:98:99:db:83:11:97:
d3:fb:7b:d8:16:65:4d:c5:68:25:e9:00:9d:1f:92:
4e:40:67:56:9d:38:b3:89:40:f3:9f:02:be:e5:5a:
24:4f:29:ee:d5:8a:12:49:70:4e:8f:d5:5b:ab:52:
ee:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BE:6C:3C:56:91:85:15:97:F1:8B:E9:9A:C3:A1:7F:F2:F8:DA:A9
X509v3 Authority Key Identifier:
keyid:98:A9:87:C6:CD:0A:36:F9:4D:BE:F1:0E:F2:A2:C6:60:20:A9:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKmHxs0KNvlNvvEO8qLGYCCpVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/ob5sPFaRhRWX8YvpmsOhf_L42qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/mKmHxs0KNvlNvvEO8qLGYCCpVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.84.0/22
185.2.216.0/22
185.43.184.0/22
185.73.184.0/22
217.68.240.0/20
217.69.32.0/20
IPv6:
2a00:c20::/32
2a03:2d20::/32
2a04:95c0::/29
2a0f:5280::/29
Signature Algorithm: sha256WithRSAEncryption
12:ca:96:1f:a6:a4:e6:e5:e8:ed:49:28:f7:97:3c:e4:33:64:
8c:1d:6e:a5:3f:db:cd:66:b7:f6:e5:fc:08:c9:cd:a6:ab:eb:
a6:d7:36:ee:66:89:14:24:25:0b:02:a0:2b:e6:9c:ec:be:94:
6c:0b:15:1d:1f:78:c8:b6:8a:f5:64:7c:c2:34:62:e4:ca:ef:
d5:7f:5a:ea:a3:51:40:cc:71:a9:ef:8a:4a:e0:17:92:5a:e4:
81:a2:4f:65:54:82:21:65:e6:d6:f8:da:dc:0e:25:49:5f:50:
8e:1f:0c:b2:6d:61:34:8d:41:21:67:6c:ab:c7:60:e2:b8:08:
32:bf:12:fd:a4:f3:a8:a7:8e:4c:19:9a:67:a7:55:f8:8e:b5:
44:0c:51:1f:21:e7:1a:2d:46:99:79:f2:1c:ed:0b:e5:87:81:
d2:f7:05:01:22:88:45:9d:c6:66:c2:57:03:f5:86:7d:84:f9:
d3:af:d1:a1:3f:1a:78:fc:b9:95:3e:04:3c:b8:4d:48:16:18:
03:d5:fc:c1:68:99:be:9f:fd:ed:d7:43:2b:98:b1:cf:e5:7d:
5a:67:55:00:fe:a5:32:cd:2d:d8:19:1a:bd:15:d7:1d:7d:6c:
db:09:b2:62:64:07:3c:7c:ac:ea:8b:14:c3:3e:2c:45:90:e7:
90:37:06:1c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ3TdAoj566Lx6BlPFWYRM7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTk4N2M2Y2QwYTM2Zjk0ZGJlZjEwZWYyYTJjNjYwMjBh
OTU2MTEwHhcNMjYwNDI4MDkzODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJlNmMzYzU2OTE4NTE1OTdmMThiZTk5YWMzYTE3ZmYyZjhkYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza2eWDn/v843bqGIjao4jO24R2Rv
4vjUn9M1t0goDr7KRDSIWgQAhkge+4bnKBD/7kQYX1ciDs+fOIiCDEvK867GuMuQ
rDKbNhuwqi52gdiCDvLqI1jEZymvPX0HEbAzes88iHi9xsBMvmw2dlQsIWj0rQW8
r92AolAf3FvahB8NVesn2K/xiL6N4KBUe2309K4acqFrvUYDqjLoiZafRhlUJRp6
E7prE18xLWEDauevIxyVCfRPuuaHwOO0x8XBRl0QMbMVIUKgB8GYmduDEZfT+3vY
FmVNxWgl6QCdH5JOQGdWnTiziUDznwK+5VokTynu1YoSSXBOj9Vbq1Lu5wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKG+bDxWkYUVl/GL6ZrDoX/y+NqpMB8GA1UdIwQY
MBaAFJiph8bNCjb5Tb7xDvKixmAgqVYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUttSHhzMEtOdmxOdnZFTzhxTEdZQ0NwVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hYjgzMDctNWY5Yy00OWM2LThhMGIt
ZjNiNDU4MTlmMmIwLzEvb2I1c1BGYVJoUldYOFl2cG1zT2hmX0w0MnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hYjgzMDctNWY5Yy00OWM2LThhMGItZjNiNDU4MTlmMmIw
LzEvbUttSHhzMEtOdmxOdnZFTzhxTEdZQ0NwVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQCLZ1UAwQC
uQLYAwQCuSu4AwQCuUm4AwQE2UTwAwQE2UUgMCIEAgACMBwDBQAqAAwgAwUAKgMt
IAMFAyoElcADBQMqD1KAMA0GCSqGSIb3DQEBCwUAA4IBAQASypYfpqTm5ejtSSj3
lzzkM2SMHW6lP9vNZrf25fwIyc2mq+um1zbuZokUJCULAqAr5pzsvpRsCxUdH3jI
tor1ZHzCNGLkyu/Vf1rqo1FAzHGp74pK4BeSWuSBok9lVIIhZebW+NrcDiVJX1CO
HwyybWE0jUEhZ2yrx2DiuAgyvxL9pPOop45MGZpnp1X4jrVEDFEfIecaLUaZefIc
7Qvlh4HS9wUBIohFncZmwlcD9YZ9hPnTr9GhPxp4/LmVPgQ8uE1IFhgD1fzBaJm+
n/3t10MrmLHP5X1aZ1UA/qUyzS3YGRq9FdcdfWzbCbJiZAc8fKzqixTDPixFkOeQ
NwYc
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:05:13 2026 by rpki-client