Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/oSptT-0ci_ZGXafc3V2IqTfIf0s.roa
File: oSptT-0ci_ZGXafc3V2IqTfIf0s.roa (raw, json)
Hash identifier: 2ePOPwiRcBxV+mjrfIP+IE/Cxy8JzrOsuyP5kjxlWXA=
Subject key identifier: A1:2A:6D:4F:ED:1C:8B:F6:46:5D:A7:DC:DD:5D:88:A9:37:C8:7F:4B
Certificate issuer: /CN=43ca7f3f65d2947af94f398bb3c7c9c320019084
Certificate serial: 019D71A6579542B6375408EBFB1FA2EB6BE5
Authority key identifier: 43:CA:7F:3F:65:D2:94:7A:F9:4F:39:8B:B3:C7:C9:C3:20:01:90:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/oSptT-0ci_ZGXafc3V2IqTfIf0s.roa
Signing time: Thu 09 Apr 2026 09:50:20 +0000
ROA not before: Thu 09 Apr 2026 09:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42093
IP address blocks: 37.72.108.0/24 maxlen: 24
93.190.185.0/24 maxlen: 24
146.19.214.0/24 maxlen: 24
178.251.24.0/21 maxlen: 21
185.10.156.0/22 maxlen: 24
185.10.158.0/24 maxlen: 24
185.218.224.0/24 maxlen: 24
195.22.100.0/22 maxlen: 22
195.253.241.0/24 maxlen: 24
213.232.253.0/24 maxlen: 24
2a00:1938::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:a6:57:95:42:b6:37:54:08:eb:fb:1f:a2:eb:6b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43ca7f3f65d2947af94f398bb3c7c9c320019084
Validity
Not Before: Apr 9 09:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a12a6d4fed1c8bf6465da7dcdd5d88a937c87f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f5:78:b6:4e:01:b3:be:aa:2a:b1:33:dd:78:
95:a1:77:79:e1:ae:7e:81:01:dd:9a:7b:3b:74:96:
98:d9:c6:b6:d4:74:c1:69:4a:13:87:d5:b2:3a:5a:
4b:4d:27:2a:19:16:e3:5f:01:ed:91:16:3d:f5:b8:
4d:ec:dd:a5:87:14:8d:b0:44:58:f4:61:59:0c:c2:
c1:11:c1:2c:30:9e:6d:ea:61:26:4e:8e:57:4d:5a:
3e:d0:88:99:22:b8:72:04:c8:b6:87:b0:b0:27:c8:
a6:30:2b:06:c1:b5:9f:66:48:8b:40:96:d1:4e:80:
f0:02:05:4a:ec:55:58:5f:9a:97:8c:cc:bd:3e:c8:
c3:c3:00:03:64:32:ce:29:cb:fa:73:5f:86:7b:e7:
87:f5:5c:45:1e:21:88:c4:67:91:66:1b:fa:45:53:
23:fc:f9:ab:ab:38:ba:c8:24:08:0a:68:8f:16:a8:
c6:5d:fb:0b:e9:fe:a4:8f:44:e4:24:0a:6f:f9:12:
76:71:f1:68:c0:03:27:84:63:8b:9a:e9:28:29:17:
f1:fd:f2:7b:72:78:b7:e6:08:69:f3:e7:7a:ac:6f:
cd:3f:3f:a5:0a:03:c4:88:3a:c4:3e:23:01:07:ab:
8f:93:05:7e:21:cb:48:3e:4d:bf:89:22:d2:51:4a:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2A:6D:4F:ED:1C:8B:F6:46:5D:A7:DC:DD:5D:88:A9:37:C8:7F:4B
X509v3 Authority Key Identifier:
keyid:43:CA:7F:3F:65:D2:94:7A:F9:4F:39:8B:B3:C7:C9:C3:20:01:90:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/oSptT-0ci_ZGXafc3V2IqTfIf0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.108.0/24
93.190.185.0/24
146.19.214.0/24
178.251.24.0/21
185.10.156.0/22
185.218.224.0/24
195.22.100.0/22
195.253.241.0/24
213.232.253.0/24
IPv6:
2a00:1938::/32
Signature Algorithm: sha256WithRSAEncryption
21:37:a3:c5:7f:0b:f4:e6:07:e9:e8:49:7b:be:ed:23:78:a6:
d1:85:ef:8a:80:a8:66:0b:62:02:fe:66:46:b1:5b:ff:f2:f2:
2e:26:4c:dd:b0:1f:11:21:dd:83:68:9f:93:13:3a:c6:c8:e9:
6b:c1:23:e1:70:b6:fb:58:51:9a:4b:c9:3c:47:49:e8:a5:51:
81:0d:3e:3e:3c:39:84:35:89:97:4c:42:da:7e:94:a3:7a:f2:
ca:03:c6:ea:6c:0f:73:c0:0c:70:d5:2c:d6:08:d9:c0:39:5c:
31:e2:1a:93:ee:41:7b:d8:ed:a7:04:e4:96:85:c8:b9:8d:93:
9c:20:dd:63:bc:05:d7:f1:d6:07:63:9b:0e:d6:fe:e7:de:d0:
e7:f1:68:a8:f6:cf:27:04:a1:dd:ae:ca:de:a5:77:1a:99:52:
15:6a:3a:24:fa:a0:c8:16:95:b9:7e:60:85:6e:f8:8e:88:62:
5d:92:40:8e:36:52:ce:ae:1a:39:b2:2f:b6:2e:0b:19:f7:53:
c8:c0:20:7b:6f:2c:f9:93:40:41:3c:7a:18:f3:a6:cc:32:b9:
dc:85:9c:99:a7:f9:d4:25:71:51:43:c4:97:eb:11:f9:1b:fc:
f5:65:ff:6a:14:11:9d:78:a2:d3:a2:1e:e8:5b:63:d9:e0:b8:
f6:df:e1:50
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ1xpleVQrY3VAjr+x+i62vlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzY2E3ZjNmNjVkMjk0N2FmOTRmMzk4YmIzYzdjOWMzMjAw
MTkwODQwHhcNMjYwNDA5MDk1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJhNmQ0ZmVkMWM4YmY2NDY1ZGE3ZGNkZDVkODhhOTM3Yzg3ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPV4tk4Bs76qKrEz3XiVoXd54a5+
gQHdmns7dJaY2ca21HTBaUoTh9WyOlpLTScqGRbjXwHtkRY99bhN7N2lhxSNsERY
9GFZDMLBEcEsMJ5t6mEmTo5XTVo+0IiZIrhyBMi2h7CwJ8imMCsGwbWfZkiLQJbR
ToDwAgVK7FVYX5qXjMy9PsjDwwADZDLOKcv6c1+Ge+eH9VxFHiGIxGeRZhv6RVMj
/Pmrqzi6yCQICmiPFqjGXfsL6f6kj0TkJApv+RJ2cfFowAMnhGOLmukoKRfx/fJ7
cni35ghp8+d6rG/NPz+lCgPEiDrEPiMBB6uPkwV+IctIPk2/iSLSUUqaRwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKEqbU/tHIv2Rl2n3N1diKk3yH9LMB8GA1UdIwQY
MBaAFEPKfz9l0pR6+U85i7PHycMgAZCEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThwX1AyWFNsSHI1VHptTHM4Zkp3eUFCa0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9mNmNmNDQtNjZkMy00ZjBiLTgxMzIt
ZDUzODExZmJkN2IwLzEvb1NwdFQtMGNpX1pHWGFmYzNWMklxVGZJZjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9mNmNmNDQtNjZkMy00ZjBiLTgxMzItZDUzODExZmJkN2Iw
LzEvUThwX1AyWFNsSHI1VHptTHM4Zkp3eUFCa0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAJUhsAwQA
Xb65AwQAkhPWAwQDsvsYAwQCuQqcAwQAudrgAwQCwxZkAwQAw/3xAwQA1ej9MA0E
AgACMAcDBQAqABk4MA0GCSqGSIb3DQEBCwUAA4IBAQAhN6PFfwv05gfp6El7vu0j
eKbRhe+KgKhmC2IC/mZGsVv/8vIuJkzdsB8RId2DaJ+TEzrGyOlrwSPhcLb7WFGa
S8k8R0nopVGBDT4+PDmENYmXTELafpSjevLKA8bqbA9zwAxw1SzWCNnAOVwx4hqT
7kF72O2nBOSWhci5jZOcIN1jvAXX8dYHY5sO1v7n3tDn8Wio9s8nBKHdrsrepXca
mVIVajok+qDIFpW5fmCFbviOiGJdkkCONlLOrho5si+2LgsZ91PIwCB7byz5k0BB
PHoY86bMMrnchZyZp/nUJXFRQ8SX6xH5G/z1Zf9qFBGdeKLToh7oW2PZ4Lj23+FQ
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:11 2026 by rpki-client