Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OJtF0pPBQbFSyVDdFWy9pmhhoqs.roa
File: OJtF0pPBQbFSyVDdFWy9pmhhoqs.roa (raw, json)
Hash identifier: DSt/qq/J3XwZPhyRiVNSutgXRx//0+8JQmzXUU3O2qo=
Subject key identifier: 38:9B:45:D2:93:C1:41:B1:52:C9:50:DD:15:6C:BD:A6:68:61:A2:AB
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019D768460AF4F161AA991F04E9FB6BC6640
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OJtF0pPBQbFSyVDdFWy9pmhhoqs.roa
Signing time: Fri 10 Apr 2026 08:31:20 +0000
ROA not before: Fri 10 Apr 2026 08:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212150
IP address blocks: 185.115.160.0/24 maxlen: 24
185.115.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:84:60:af:4f:16:1a:a9:91:f0:4e:9f:b6:bc:66:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Apr 10 08:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=389b45d293c141b152c950dd156cbda66861a2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:82:fc:8e:99:1a:65:ca:dd:4e:09:ad:55:46:
3b:43:be:da:90:89:b5:68:48:18:b1:72:e8:fa:e0:
44:ff:ae:fa:9c:21:8b:2d:78:75:e1:af:86:64:a5:
84:c5:5d:2f:8a:a5:2d:35:00:34:b6:26:75:39:10:
8d:2a:15:d2:66:ae:ad:ed:6e:7d:6d:fe:21:59:39:
c0:ec:f6:33:6b:06:ca:8a:ca:28:54:ff:a2:f3:ee:
e8:29:82:99:d8:d9:66:c0:a8:4e:12:96:a5:48:3f:
ee:8c:35:56:73:f9:a2:41:03:17:bb:a9:82:a1:ae:
8f:08:0c:fb:21:d6:68:28:90:61:58:60:c8:a8:0d:
09:c4:a3:fa:e6:37:15:35:04:4e:c3:18:fd:81:95:
b3:9f:96:c4:e5:2d:2d:d4:47:ce:9c:90:05:10:75:
59:5e:a8:ff:0c:62:0f:4b:6f:54:f5:12:7c:40:ca:
a5:79:2a:51:a8:38:57:18:11:bf:00:a5:b0:0e:a5:
9c:a2:b9:d3:61:3a:0c:bc:83:bb:a3:73:1e:d0:6c:
f9:99:d3:06:bd:8e:cc:5e:6f:6b:3a:ae:f0:05:65:
cf:e0:21:b1:62:da:cc:31:30:8e:3f:76:4a:70:09:
49:91:81:87:7d:7e:94:15:07:01:a5:b4:86:e3:c5:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9B:45:D2:93:C1:41:B1:52:C9:50:DD:15:6C:BD:A6:68:61:A2:AB
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OJtF0pPBQbFSyVDdFWy9pmhhoqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.160.0/24
185.115.163.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d3:e5:d3:01:9d:15:7e:6f:c7:80:0f:77:72:5d:a3:4f:26:
2d:5d:48:e5:fc:37:b0:bf:0d:de:ed:de:a4:fd:63:cf:07:46:
f6:a1:ee:5e:b6:a9:a1:e9:17:99:fc:a3:d2:ce:bf:b6:e0:66:
36:1f:c5:d8:17:e1:60:83:6d:3d:fe:c9:ed:43:c7:2a:b5:e9:
51:53:4c:8c:db:52:02:97:8f:93:75:65:47:15:35:d5:4d:1b:
48:d9:08:95:42:75:f3:ba:33:fa:3a:16:1c:44:15:e4:35:a5:
0b:5f:b3:15:cb:56:f6:8a:f8:b5:5c:26:2d:eb:61:9b:83:15:
96:52:2a:cb:b5:9c:fe:03:13:c5:15:bf:12:40:ba:09:27:cc:
e2:6f:e6:87:96:22:4e:3c:f5:12:c6:46:92:42:c2:38:6a:80:
7f:7a:3e:f4:d8:54:6e:2f:9e:b6:9b:25:2b:60:f8:92:22:95:
cf:93:9e:a0:7d:30:1b:45:90:8b:46:64:c8:e5:24:03:c3:85:
61:84:64:b9:d0:d9:98:52:3d:bb:55:5f:e5:72:35:c4:f6:64:
7a:94:73:b6:93:1c:74:25:41:ff:51:af:2b:95:d4:9f:26:7a:
1f:70:1f:83:94:89:62:39:33:85:10:e1:8b:95:3b:12:fa:05:
be:43:a3:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ12hGCvTxYaqZHwTp+2vGZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwNDEwMDgzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODliNDVkMjkzYzE0MWIxNTJjOTUwZGQxNTZjYmRhNjY4NjFhMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4L8jpkaZcrdTgmtVUY7Q77akIm1
aEgYsXLo+uBE/676nCGLLXh14a+GZKWExV0viqUtNQA0tiZ1ORCNKhXSZq6t7W59
bf4hWTnA7PYzawbKisooVP+i8+7oKYKZ2NlmwKhOEpalSD/ujDVWc/miQQMXu6mC
oa6PCAz7IdZoKJBhWGDIqA0JxKP65jcVNQROwxj9gZWzn5bE5S0t1EfOnJAFEHVZ
Xqj/DGIPS29U9RJ8QMqleSpRqDhXGBG/AKWwDqWcornTYToMvIO7o3Me0Gz5mdMG
vY7MXm9rOq7wBWXP4CGxYtrMMTCOP3ZKcAlJkYGHfX6UFQcBpbSG48UtdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDibRdKTwUGxUslQ3RVsvaZoYaKrMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvT0p0RjBwUEJRYkZTeVZEZEZXeTlwbWhob3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXOgAwQA
uXOjMA0GCSqGSIb3DQEBCwUAA4IBAQBJ0+XTAZ0Vfm/HgA93cl2jTyYtXUjl/Dew
vw3e7d6k/WPPB0b2oe5etqmh6ReZ/KPSzr+24GY2H8XYF+Fgg209/sntQ8cqtelR
U0yM21ICl4+TdWVHFTXVTRtI2QiVQnXzujP6OhYcRBXkNaULX7MVy1b2ivi1XCYt
62GbgxWWUirLtZz+AxPFFb8SQLoJJ8zib+aHliJOPPUSxkaSQsI4aoB/ej702FRu
L562myUrYPiSIpXPk56gfTAbRZCLRmTI5SQDw4VhhGS50NmYUj27VV/lcjXE9mR6
lHO2kxx0JUH/Ua8rldSfJnofcB+DlIliOTOFEOGLlTsS+gW+Q6OT
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:24 2026 by rpki-client