Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/ohXUok_zW7NMmajjFQxMHMt_T0Y.roa
File: ohXUok_zW7NMmajjFQxMHMt_T0Y.roa (raw, json)
Hash identifier: BmIJzfQHz5sgq48QzLBSe6fOOMb8+aHYQoGWrM4uQdc=
Subject key identifier: A2:15:D4:A2:4F:F3:5B:B3:4C:99:A8:E3:15:0C:4C:1C:CB:7F:4F:46
Certificate issuer: /CN=de12eb9c75d359d25137b5ef4e176f5eeb6c4342
Certificate serial: 019BFF4F11C37E109A5077615F1D9CA06A51
Authority key identifier: DE:12:EB:9C:75:D3:59:D2:51:37:B5:EF:4E:17:6F:5E:EB:6C:43:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/ohXUok_zW7NMmajjFQxMHMt_T0Y.roa
Signing time: Tue 27 Jan 2026 11:55:30 +0000
ROA not before: Tue 27 Jan 2026 11:55:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.0.0/24 maxlen: 24
94.26.3.0/24 maxlen: 24
94.26.32.0/24 maxlen: 24
94.26.41.0/24 maxlen: 24
94.26.42.0/24 maxlen: 24
94.26.68.0/24 maxlen: 24
94.26.69.0/24 maxlen: 24
94.26.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ff:4f:11:c3:7e:10:9a:50:77:61:5f:1d:9c:a0:6a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de12eb9c75d359d25137b5ef4e176f5eeb6c4342
Validity
Not Before: Jan 27 11:55:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a215d4a24ff35bb34c99a8e3150c4c1ccb7f4f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:d7:7e:81:0c:b1:5a:53:18:ea:c1:be:82:
00:8f:f9:01:26:f3:c9:f3:8d:61:f4:f6:ef:4f:f0:
a2:2c:a4:b9:27:b8:83:bf:43:b8:76:0d:3a:92:f0:
49:c8:83:cc:af:45:39:bf:47:5e:e8:0c:cf:00:ee:
9f:24:0c:b3:27:f2:24:9a:29:d3:e6:cb:f3:d4:f1:
73:ff:c7:6c:92:f4:c0:9b:fc:17:12:28:5d:91:35:
d6:59:bb:3c:bc:fb:14:12:57:9e:55:08:b6:a8:c9:
13:e5:e7:ba:66:1e:0d:c3:92:1f:09:98:1d:f6:df:
bb:22:5d:67:16:fa:7e:af:48:d3:4b:f8:e7:62:e8:
7c:98:4b:be:e6:dd:89:70:f3:7d:8f:bf:e6:10:78:
63:2e:7e:fc:9e:70:2c:0a:2c:ac:df:3b:ea:c7:b9:
1a:34:55:72:71:f8:25:8c:91:d5:20:c3:44:fe:86:
c3:ae:3b:a7:24:b0:29:07:50:bd:4c:1b:e2:03:b7:
62:81:9a:3f:b6:04:8a:ff:eb:66:4a:9e:20:1e:8a:
de:55:d4:8b:d7:8f:ce:26:7d:33:aa:1b:58:a8:28:
31:57:a7:31:eb:31:7d:08:76:7e:44:f7:54:da:89:
22:7a:f0:f5:f4:3c:2a:14:bc:1e:3a:e6:9b:e2:8f:
e3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:15:D4:A2:4F:F3:5B:B3:4C:99:A8:E3:15:0C:4C:1C:CB:7F:4F:46
X509v3 Authority Key Identifier:
keyid:DE:12:EB:9C:75:D3:59:D2:51:37:B5:EF:4E:17:6F:5E:EB:6C:43:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/ohXUok_zW7NMmajjFQxMHMt_T0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.0.0/24
94.26.3.0/24
94.26.32.0/24
94.26.41.0-94.26.42.255
94.26.68.0/23
94.26.88.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:d6:cf:0a:54:25:f2:2c:77:a0:04:50:4d:dc:1a:40:db:07:
5c:1d:42:72:a7:5a:bf:fd:85:f7:aa:c9:f2:d4:2f:82:80:d3:
cb:77:14:d7:01:11:84:f6:ed:09:ea:f9:36:f5:bc:9d:ac:46:
5c:80:07:15:2b:77:d0:cd:68:58:ca:87:2e:61:d2:fd:a8:0a:
79:bb:91:a9:a8:b2:0e:5d:2b:b4:a8:b0:11:e2:3e:79:7c:46:
b3:a1:f7:2a:9e:18:32:cc:dd:1f:2f:e9:94:26:eb:98:08:fd:
36:00:e5:f0:12:17:0d:2c:0d:44:f2:42:e4:af:3c:f9:99:44:
ff:7a:64:ad:83:1f:35:50:f6:9a:8c:4e:5f:9b:2e:e3:8d:83:
a7:34:95:96:9e:fa:d1:16:c6:9b:c4:9f:c6:a6:cf:cf:7e:3c:
be:b6:62:17:a6:3a:7f:a2:26:63:08:bd:2a:06:12:4f:e3:ef:
f0:50:b5:38:3c:81:98:93:c5:6d:d0:35:ab:7f:51:50:57:5c:
35:a9:77:ad:af:86:49:66:4a:dc:b3:09:de:44:59:58:32:fc:
35:94:78:42:29:e3:8d:5c:2d:7d:15:9d:be:93:a5:f8:53:26:
a2:cd:b6:a2:3d:39:55:e4:69:7a:fd:19:ba:d6:82:83:00:30:
b4:7c:26:1b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZv/TxHDfhCaUHdhXx2coGpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTJlYjljNzVkMzU5ZDI1MTM3YjVlZjRlMTc2ZjVlZWI2
YzQzNDIwHhcNMjYwMTI3MTE1NTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE1ZDRhMjRmZjM1YmIzNGM5OWE4ZTMxNTBjNGMxY2NiN2Y0ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH/XfoEMsVpTGOrBvoIAj/kBJvPJ
841h9PbvT/CiLKS5J7iDv0O4dg06kvBJyIPMr0U5v0de6AzPAO6fJAyzJ/IkminT
5svz1PFz/8dskvTAm/wXEihdkTXWWbs8vPsUEleeVQi2qMkT5ee6Zh4Nw5IfCZgd
9t+7Il1nFvp+r0jTS/jnYuh8mEu+5t2JcPN9j7/mEHhjLn78nnAsCiys3zvqx7ka
NFVycfgljJHVIMNE/obDrjunJLApB1C9TBviA7digZo/tgSK/+tmSp4gHoreVdSL
14/OJn0zqhtYqCgxV6cx6zF9CHZ+RPdU2okievD19DwqFLweOuab4o/jzQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKIV1KJP81uzTJmo4xUMTBzLf09GMB8GA1UdIwQY
MBaAFN4S65x101nSUTe1704Xb17rbENCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hMcm5IWFRXZEpSTjdYdlRoZHZYdXRzUTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yNjlhMDQtNzdiNC00ZWU3LWIxNjQt
YzE2Nzg3MjcyMDQ5LzEvb2hYVW9rX3pXN05NbWFqakZReE1ITXRfVDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yNjlhMDQtNzdiNC00ZWU3LWIxNjQtYzE2Nzg3MjcyMDQ5
LzEvM2hMcm5IWFRXZEpSTjdYdlRoZHZYdXRzUTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAXhoAAwQA
XhoDAwQAXhogMAwDBABeGikDBABeGioDBAFeGkQDBABeGlgwDQYJKoZIhvcNAQEL
BQADggEBAMLWzwpUJfIsd6AEUE3cGkDbB1wdQnKnWr/9hfeqyfLUL4KA08t3FNcB
EYT27Qnq+Tb1vJ2sRlyABxUrd9DNaFjKhy5h0v2oCnm7kamosg5dK7SosBHiPnl8
RrOh9yqeGDLM3R8v6ZQm65gI/TYA5fASFw0sDUTyQuSvPPmZRP96ZK2DHzVQ9pqM
Tl+bLuONg6c0lZae+tEWxpvEn8amz89+PL62YhemOn+iJmMIvSoGEk/j7/BQtTg8
gZiTxW3QNat/UVBXXDWpd62vhklmStyzCd5EWVgy/DWUeEIp441cLX0Vnb6TpfhT
JqLNtqI9OVXkaXr9GbrWgoMAMLR8Jhs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:59:12 2026 by rpki-client