Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/oyf7mCDs6nxYq530jF1So73y6Ek.roa
File: oyf7mCDs6nxYq530jF1So73y6Ek.roa (raw, json)
Hash identifier: R1PvPZnB5AcZTpEKxOJHt9NkPCciXrOR+mSbYRi5v5k=
Subject key identifier: A3:27:FB:98:20:EC:EA:7C:58:AB:9D:F4:8C:5D:52:A3:BD:F2:E8:49
Certificate issuer: /CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Certificate serial: 019DD3A7E68D1F09B623CFF1DB57A47E9882
Authority key identifier: 1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/oyf7mCDs6nxYq530jF1So73y6Ek.roa
Signing time: Tue 28 Apr 2026 10:34:49 +0000
ROA not before: Tue 28 Apr 2026 10:34:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29611
IP address blocks: 185.119.52.0/22 maxlen: 22
185.119.52.0/24 maxlen: 24
185.119.53.0/24 maxlen: 24
185.119.54.0/24 maxlen: 24
185.119.55.0/24 maxlen: 24
2a06:8940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/HeXbwLYQSF0PfiGU2PgW1sFEUyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/HeXbwLYQSF0PfiGU2PgW1sFEUyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:a7:e6:8d:1f:09:b6:23:cf:f1:db:57:a4:7e:98:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Validity
Not Before: Apr 28 10:34:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a327fb9820ecea7c58ab9df48c5d52a3bdf2e849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:72:44:bd:0d:85:37:7b:28:a3:dc:be:8b:
4c:c3:ab:aa:db:5d:3b:b8:c8:c5:81:cd:78:aa:7b:
54:91:9d:e9:47:0c:8d:c8:5a:87:cb:c0:73:e4:78:
41:cc:5e:e4:ae:2b:36:ca:63:17:24:41:61:27:32:
39:69:23:a9:75:53:cf:f1:d8:b4:cb:c3:ec:d4:c9:
6e:a5:f3:17:42:65:1e:6a:f8:af:35:4b:82:72:cd:
b7:64:c8:3d:a0:c0:67:0b:4d:c6:e4:41:c5:fe:b9:
9b:65:33:d2:8d:66:05:75:13:5d:5b:b9:2b:62:71:
5b:68:ae:31:ae:ee:06:d9:bf:35:b3:86:c3:59:a0:
ad:47:74:05:33:ca:2b:bc:aa:01:31:c8:fb:13:0e:
1e:4a:15:1b:83:b5:fa:5c:18:e8:c2:a5:5d:39:09:
6e:56:26:17:7e:ce:b2:34:61:f7:5c:20:9f:f0:0e:
94:af:63:6d:48:72:e4:29:9d:aa:70:1f:6e:72:fc:
53:9f:52:28:27:0a:3a:2b:4c:97:87:d4:ea:c7:22:
98:44:82:e4:9a:1e:94:be:fc:ca:e4:57:2e:df:a5:
6f:49:02:6a:c6:ad:69:54:8e:68:f1:62:59:ba:49:
27:f8:7c:30:f7:5d:b6:1e:1e:27:e0:c9:a9:23:04:
ed:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:27:FB:98:20:EC:EA:7C:58:AB:9D:F4:8C:5D:52:A3:BD:F2:E8:49
X509v3 Authority Key Identifier:
keyid:1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/oyf7mCDs6nxYq530jF1So73y6Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/HeXbwLYQSF0PfiGU2PgW1sFEUyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.52.0/22
IPv6:
2a06:8940::/29
Signature Algorithm: sha256WithRSAEncryption
3e:fb:41:5f:e8:d3:46:f9:9c:a4:5a:c9:94:98:b2:33:f7:45:
93:0c:2d:4f:78:3e:eb:c3:51:39:13:0b:82:e5:6f:8f:1b:e4:
37:d6:2e:79:67:4f:45:20:18:23:7a:2e:41:b4:60:bc:cc:7f:
34:d4:3e:31:cf:01:46:0f:3a:b2:cb:57:e7:87:7b:f8:ad:36:
19:ae:d2:cd:05:3b:f0:f6:2b:0d:2b:bb:f0:5b:02:7a:6e:e4:
00:94:49:e8:2e:d8:42:a8:aa:5d:32:17:12:e6:0b:1e:e0:22:
1e:db:45:01:95:ed:41:d4:d0:fe:1b:6e:9a:1d:84:2b:8a:1c:
59:7e:3c:80:ae:25:48:59:24:77:ec:6f:45:38:bc:46:e8:75:
eb:3f:1d:30:76:41:1d:1c:4b:d2:44:fa:bc:a6:b4:c4:62:c2:
bb:a2:a5:96:68:1d:57:05:30:2f:2f:2e:8a:6f:e8:70:1f:c7:
2d:83:d4:17:0d:6f:ae:64:d2:cb:c0:85:6a:e8:39:b2:3c:31:
45:d2:64:16:b9:3d:34:dd:8b:1d:58:07:bc:a3:5a:00:ba:98:
de:5a:43:e2:2e:14:d1:25:44:44:01:34:e8:5a:bf:9e:94:7e:
6d:10:4b:71:44:e7:68:64:f2:ef:bd:44:8c:5c:21:cc:37:6a:
cb:62:4c:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ3Tp+aNHwm2I8/x21ekfpiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTVkYmMwYjYxMDQ4NWQwZjdlMjE5NGQ4ZjgxNmQ2YzE0
NDUzMjYwHhcNMjYwNDI4MTAzNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzI3ZmI5ODIwZWNlYTdjNThhYjlkZjQ4YzVkNTJhM2JkZjJlODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogxyRL0NhTd7KKPcvotMw6uq2107
uMjFgc14qntUkZ3pRwyNyFqHy8Bz5HhBzF7kris2ymMXJEFhJzI5aSOpdVPP8di0
y8Ps1MlupfMXQmUeavivNUuCcs23ZMg9oMBnC03G5EHF/rmbZTPSjWYFdRNdW7kr
YnFbaK4xru4G2b81s4bDWaCtR3QFM8orvKoBMcj7Ew4eShUbg7X6XBjowqVdOQlu
ViYXfs6yNGH3XCCf8A6Ur2NtSHLkKZ2qcB9ucvxTn1IoJwo6K0yXh9TqxyKYRILk
mh6UvvzK5Fcu36VvSQJqxq1pVI5o8WJZukkn+Hww9122Hh4n4MmpIwTt3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKMn+5gg7Op8WKud9IxdUqO98uhJMB8GA1UdIwQY
MBaAFB3l28C2EEhdD34hlNj4FtbBRFMmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQt
NjhlZWRmNWY2NmJjLzEvb3lmN21DRHM2bnhZcTUzMGpGMVNvNzN5NkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQtNjhlZWRmNWY2NmJj
LzEvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXc0MA0E
AgACMAcDBQMqBolAMA0GCSqGSIb3DQEBCwUAA4IBAQA++0Ff6NNG+ZykWsmUmLIz
90WTDC1PeD7rw1E5EwuC5W+PG+Q31i55Z09FIBgjei5BtGC8zH801D4xzwFGDzqy
y1fnh3v4rTYZrtLNBTvw9isNK7vwWwJ6buQAlEnoLthCqKpdMhcS5gse4CIe20UB
le1B1ND+G26aHYQrihxZfjyAriVIWSR37G9FOLxG6HXrPx0wdkEdHEvSRPq8prTE
YsK7oqWWaB1XBTAvLy6Kb+hwH8ctg9QXDW+uZNLLwIVq6DmyPDFF0mQWuT003Ysd
WAe8o1oAupjeWkPiLhTRJUREATToWr+elH5tEEtxROdoZPLvvUSMXCHMN2rLYkyO
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:18:19 2026 by rpki-client