Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/OmjJ2pra7ZH3kLcHVULQEDldWT0.roa
File: OmjJ2pra7ZH3kLcHVULQEDldWT0.roa (raw, json)
Hash identifier: HKO7YcTjc8EFym8TIk3ZAFMXKyhjZxul8fsRraKS1vs=
Subject key identifier: 3A:68:C9:DA:9A:DA:ED:91:F7:90:B7:07:55:42:D0:10:39:5D:59:3D
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 019C7473D00832AFFEFF36FE63A0C2EA3663
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/OmjJ2pra7ZH3kLcHVULQEDldWT0.roa
Signing time: Thu 19 Feb 2026 05:51:12 +0000
ROA not before: Thu 19 Feb 2026 05:51:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.249.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
95.130.225.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:74:73:d0:08:32:af:fe:ff:36:fe:63:a0:c2:ea:36:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Feb 19 05:51:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a68c9da9adaed91f790b7075542d010395d593d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0b:71:6f:0f:87:21:f7:fd:76:3b:a1:07:fe:
3f:99:35:23:a2:31:c2:9e:0c:fe:da:97:92:18:c5:
ff:26:5c:ba:1c:17:2b:2f:24:b3:a2:c3:ae:80:de:
9f:64:5a:20:86:a4:ea:88:88:68:60:78:77:ed:eb:
d9:7c:89:99:b9:e7:7b:1d:4a:1b:53:c5:bd:1f:8f:
90:06:50:0a:c2:e6:e6:2a:e7:39:63:0f:a4:80:9d:
da:a1:c2:bd:b1:d6:67:8f:c5:67:36:32:db:83:02:
c4:53:66:e4:42:2c:c1:88:bf:b8:ca:51:96:d3:77:
0d:ae:ed:91:2a:06:61:4c:d2:25:63:19:8e:76:ee:
b9:16:ea:de:d5:10:aa:a6:b5:45:19:97:6a:17:27:
81:89:93:e4:b3:72:93:a6:f5:70:17:1d:20:29:c2:
69:32:35:97:da:c1:8e:8d:b6:20:78:66:6c:76:a5:
07:33:9b:c6:c4:36:1d:83:20:a8:d8:07:db:ff:48:
e6:1f:9d:98:9a:0a:13:4a:b3:f2:2b:70:d0:59:be:
c8:66:0f:71:d6:5e:3e:c1:86:aa:45:94:4e:34:1d:
30:95:5b:51:f9:7f:05:72:8d:64:c3:ea:20:5b:ac:
37:cc:a6:3a:05:55:95:a3:da:ab:9d:95:1e:2c:8c:
d7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:68:C9:DA:9A:DA:ED:91:F7:90:B7:07:55:42:D0:10:39:5D:59:3D
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/OmjJ2pra7ZH3kLcHVULQEDldWT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.4.0/24
45.86.6.0/23
45.148.248.0/22
95.130.225.0/24
185.140.232.0/24
185.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
41:05:6a:64:28:d9:65:5b:69:df:2c:99:bd:a0:ad:c2:49:af:
d4:57:b7:c7:ef:76:8e:d8:89:19:62:a9:10:a5:89:ed:9f:89:
36:5f:68:a2:87:57:90:ae:6a:4b:28:e4:41:32:53:ec:5a:20:
2b:cb:4a:25:5d:3d:ac:43:27:cd:9f:08:eb:b3:21:38:c0:31:
09:14:be:9e:9b:0b:2f:d9:c5:78:10:1f:40:af:28:ba:24:f9:
62:21:65:79:d5:a0:8b:21:c6:04:a9:00:f1:02:e7:d1:f0:4d:
4c:80:4b:29:c9:81:f0:37:cc:89:02:5d:b5:65:e8:ab:a7:74:
2c:b6:74:b0:bd:40:de:d6:14:03:6f:28:cb:ae:73:1f:44:f3:
35:99:84:91:a4:90:b5:f5:51:98:7a:9a:d6:33:43:80:b6:58:
18:d3:e5:80:05:d6:ab:9b:37:8a:90:ce:e8:07:e8:6e:16:96:
e0:1c:c9:6e:89:d0:e2:a1:af:f5:d8:45:42:75:ff:6f:cb:92:
f5:b8:32:71:eb:c9:b4:1a:f6:1a:fa:72:fa:f7:1c:92:be:6c:
3c:a6:de:a3:da:f1:65:2a:57:29:4d:15:09:cd:c0:17:d7:db:
28:7a:a5:2e:18:65:a4:75:0a:62:5c:65:0c:3d:77:ed:7b:e6:
87:a9:c3:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZx0c9AIMq/+/zb+Y6DC6jZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjYwMjE5MDU1MTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY4YzlkYTlhZGFlZDkxZjc5MGI3MDc1NTQyZDAxMDM5NWQ1OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gtxbw+HIff9djuhB/4/mTUjojHC
ngz+2peSGMX/Jly6HBcrLySzosOugN6fZFoghqTqiIhoYHh37evZfImZued7HUob
U8W9H4+QBlAKwubmKuc5Yw+kgJ3aocK9sdZnj8VnNjLbgwLEU2bkQizBiL+4ylGW
03cNru2RKgZhTNIlYxmOdu65Fure1RCqprVFGZdqFyeBiZPks3KTpvVwFx0gKcJp
MjWX2sGOjbYgeGZsdqUHM5vGxDYdgyCo2Afb/0jmH52YmgoTSrPyK3DQWb7IZg9x
1l4+wYaqRZRONB0wlVtR+X8Fco1kw+ogW6w3zKY6BVWVo9qrnZUeLIzXSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDpoydqa2u2R95C3B1VC0BA5XVk9MB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvT21qSjJwcmE3Wkgza0xjSFZVTFFFRGxkV1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLQmQAwQA
LVYEAwQBLVYGAwQCLZT4AwQAX4LhAwQAuYzoAwQBuYzqMA0GCSqGSIb3DQEBCwUA
A4IBAQBBBWpkKNllW2nfLJm9oK3CSa/UV7fH73aO2IkZYqkQpYntn4k2X2iih1eQ
rmpLKORBMlPsWiAry0olXT2sQyfNnwjrsyE4wDEJFL6emwsv2cV4EB9Aryi6JPli
IWV51aCLIcYEqQDxAufR8E1MgEspyYHwN8yJAl21Zeirp3QstnSwvUDe1hQDbyjL
rnMfRPM1mYSRpJC19VGYeprWM0OAtlgY0+WABdarmzeKkM7oB+huFpbgHMluidDi
oa/12EVCdf9vy5L1uDJx68m0GvYa+nL69xySvmw8pt6j2vFlKlcpTRUJzcAX19so
eqUuGGWkdQpiXGUMPXfte+aHqcNO
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:21:55 2026 by rpki-client