Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/ofJXmIsyK_jDudPiA8bDAQbKAlU.roa
File: ofJXmIsyK_jDudPiA8bDAQbKAlU.roa (raw, json)
Hash identifier: +olJpgKdSnPRSUcTlissuMFWoxiuQFVYufPs4uhUsXc=
Subject key identifier: A1:F2:57:98:8B:32:2B:F8:C3:B9:D3:E2:03:C6:C3:01:06:CA:02:55
Certificate issuer: /CN=015f0e665a9c74223c4bfe270a1659ade4cef31f
Certificate serial: 019E6EA788BF720C9B7F9A2171E4EA92A84B
Authority key identifier: 01:5F:0E:66:5A:9C:74:22:3C:4B:FE:27:0A:16:59:AD:E4:CE:F3:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AV8OZlqcdCI8S_4nChZZreTO8x8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/ofJXmIsyK_jDudPiA8bDAQbKAlU.roa
Signing time: Thu 28 May 2026 12:55:33 +0000
ROA not before: Thu 28 May 2026 12:55:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48817
IP address blocks: 185.137.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/AV8OZlqcdCI8S_4nChZZreTO8x8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/AV8OZlqcdCI8S_4nChZZreTO8x8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AV8OZlqcdCI8S_4nChZZreTO8x8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:a7:88:bf:72:0c:9b:7f:9a:21:71:e4:ea:92:a8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015f0e665a9c74223c4bfe270a1659ade4cef31f
Validity
Not Before: May 28 12:55:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1f257988b322bf8c3b9d3e203c6c30106ca0255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:b8:8a:3a:c4:ee:0e:bb:b4:d1:0d:bf:5b:
35:f9:35:f4:91:ae:d6:b3:3c:db:e6:8b:d4:21:cc:
5b:a4:7f:7d:77:6b:58:72:8b:2b:86:9b:b1:cb:b2:
de:07:af:8a:c3:1f:9d:83:4c:2b:13:8f:63:cd:cc:
bd:40:d4:de:fa:f5:53:79:6d:66:de:24:99:92:c7:
48:cb:eb:28:ed:92:2b:5c:b0:dc:a5:61:0d:1f:43:
65:7a:98:62:25:81:ac:fa:1c:43:59:59:14:3f:eb:
07:70:77:a7:1d:06:6c:20:13:f4:7a:fd:c0:0a:24:
50:7f:db:52:2b:af:24:61:dd:97:75:81:ab:cb:61:
f4:6e:36:bc:2b:87:13:5c:64:43:1c:46:28:d2:ff:
60:5e:e2:cd:e3:4f:fa:bc:03:9a:e6:20:82:b1:38:
9c:b6:83:d1:37:4f:14:d8:40:d0:14:8a:fa:66:d9:
95:cc:0d:4a:ef:16:7a:54:ce:a8:7d:30:28:e2:4d:
89:b9:36:d8:fb:b6:08:f9:ae:38:6d:15:d4:a2:1b:
18:9c:ae:7d:f4:5e:ed:a1:2f:f0:29:2c:e8:b6:5c:
78:ba:7b:58:fb:52:39:39:c6:f3:a8:a5:0a:d1:2c:
6f:34:d5:54:62:47:d9:41:11:31:2a:32:9e:72:fd:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F2:57:98:8B:32:2B:F8:C3:B9:D3:E2:03:C6:C3:01:06:CA:02:55
X509v3 Authority Key Identifier:
keyid:01:5F:0E:66:5A:9C:74:22:3C:4B:FE:27:0A:16:59:AD:E4:CE:F3:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AV8OZlqcdCI8S_4nChZZreTO8x8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/ofJXmIsyK_jDudPiA8bDAQbKAlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/46bd33-b527-462e-81e0-8677b3dd8707/1/AV8OZlqcdCI8S_4nChZZreTO8x8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.167.0/24
Signature Algorithm: sha256WithRSAEncryption
94:0f:c5:0f:73:ed:49:10:08:78:60:bd:0a:2e:83:1a:77:37:
d3:44:a0:02:4a:6e:3f:68:90:6e:55:f7:22:90:1f:c5:fd:b9:
5e:53:42:f9:c4:39:97:e1:89:58:8c:a3:d9:19:af:29:ef:3d:
bd:c3:ed:35:94:b4:29:00:3f:84:b1:89:c5:6f:2f:81:47:f1:
c8:bb:c5:b4:4a:3c:8d:01:55:16:00:51:4d:eb:2c:53:ba:19:
ff:6d:6f:b7:34:88:f3:a8:09:83:85:ec:ae:36:a3:a9:48:d4:
5e:a1:60:6a:f1:44:af:f1:bc:c0:a4:4b:58:2d:ad:9c:6f:91:
67:52:9b:1c:e7:0f:08:8e:b6:11:92:b9:43:92:97:79:9b:45:
4a:c1:e5:42:69:e4:55:50:e5:29:e0:2c:16:27:13:c7:35:10:
8f:3c:cc:d0:a5:5c:fe:68:b0:9e:48:55:6f:f7:93:a8:ae:bf:
5a:18:86:97:f0:45:05:69:46:37:de:21:e1:6f:05:cd:47:64:
14:64:9b:c8:3a:19:05:47:de:69:28:f2:a1:09:a1:59:13:bc:
97:03:10:7a:b0:1f:57:ca:fd:e5:43:80:96:0e:02:af:73:fd:
68:c1:24:38:c8:b0:6a:b7:c4:11:49:3d:41:6a:2a:4a:2f:df:
99:f4:ea:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5up4i/cgybf5ohceTqkqhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWYwZTY2NWE5Yzc0MjIzYzRiZmUyNzBhMTY1OWFkZTRj
ZWYzMWYwHhcNMjYwNTI4MTI1NTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYyNTc5ODhiMzIyYmY4YzNiOWQzZTIwM2M2YzMwMTA2Y2EwMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzC4ijrE7g67tNENv1s1+TX0ka7W
szzb5ovUIcxbpH99d2tYcosrhpuxy7LeB6+Kwx+dg0wrE49jzcy9QNTe+vVTeW1m
3iSZksdIy+so7ZIrXLDcpWENH0NlephiJYGs+hxDWVkUP+sHcHenHQZsIBP0ev3A
CiRQf9tSK68kYd2XdYGry2H0bja8K4cTXGRDHEYo0v9gXuLN40/6vAOa5iCCsTic
toPRN08U2EDQFIr6ZtmVzA1K7xZ6VM6ofTAo4k2JuTbY+7YI+a44bRXUohsYnK59
9F7toS/wKSzotlx4untY+1I5OcbzqKUK0SxvNNVUYkfZQRExKjKecv1eDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHyV5iLMiv4w7nT4gPGwwEGygJVMB8GA1UdIwQY
MBaAFAFfDmZanHQiPEv+JwoWWa3kzvMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVY4T1pscWNkQ0k4U180bkNoWlpyZVRPOHg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80NmJkMzMtYjUyNy00NjJlLTgxZTAt
ODY3N2IzZGQ4NzA3LzEvb2ZKWG1Jc3lLX2pEdWRQaUE4YkRBUWJLQWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80NmJkMzMtYjUyNy00NjJlLTgxZTAtODY3N2IzZGQ4NzA3
LzEvQVY4T1pscWNkQ0k4U180bkNoWlpyZVRPOHg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYmnMA0G
CSqGSIb3DQEBCwUAA4IBAQCUD8UPc+1JEAh4YL0KLoMadzfTRKACSm4/aJBuVfci
kB/F/bleU0L5xDmX4YlYjKPZGa8p7z29w+01lLQpAD+EsYnFby+BR/HIu8W0SjyN
AVUWAFFN6yxTuhn/bW+3NIjzqAmDheyuNqOpSNReoWBq8USv8bzApEtYLa2cb5Fn
Upsc5w8IjrYRkrlDkpd5m0VKweVCaeRVUOUp4CwWJxPHNRCPPMzQpVz+aLCeSFVv
95Oorr9aGIaX8EUFaUY33iHhbwXNR2QUZJvIOhkFR95pKPKhCaFZE7yXAxB6sB9X
yv3lQ4CWDgKvc/1owSQ4yLBqt8QRST1BaipKL9+Z9OrL
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:39:04 2026 by rpki-client