Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/COtHusEabrBvQLnxQV8Rwa9vfP0.roa
File: COtHusEabrBvQLnxQV8Rwa9vfP0.roa (raw, json)
Hash identifier: MTke7oIqlqXexp4QzwfRoi+EZinRlsgv3n81R0HNKz0=
Subject key identifier: 08:EB:47:BA:C1:1A:6E:B0:6F:40:B9:F1:41:5F:11:C1:AF:6F:7C:FD
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019D7B63540DDAC0D82DF28EB30EFC300808
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/COtHusEabrBvQLnxQV8Rwa9vfP0.roa
Signing time: Sat 11 Apr 2026 07:13:20 +0000
ROA not before: Sat 11 Apr 2026 07:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204104
IP address blocks: 5.57.33.0/24 maxlen: 24
37.32.43.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7b:63:54:0d:da:c0:d8:2d:f2:8e:b3:0e:fc:30:08:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Apr 11 07:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08eb47bac11a6eb06f40b9f1415f11c1af6f7cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ff:83:65:dc:9c:0a:27:5c:12:8a:f7:78:d5:
79:02:e8:12:89:7e:64:4d:25:b0:b8:de:9d:60:1b:
bb:b3:20:77:84:f0:62:16:11:38:92:e0:ff:02:14:
b3:e0:86:20:62:b7:d1:8b:a4:8a:c7:d3:28:95:5b:
7d:86:ce:69:64:4e:9a:a8:7b:1b:e6:61:06:13:45:
d6:5c:65:73:21:92:81:f3:7c:b3:d0:9d:03:b8:c8:
6a:fa:07:37:3b:83:44:06:bc:9f:5d:82:da:9d:56:
b2:5c:43:f1:cf:44:68:a6:d4:ec:4e:5f:f7:5f:54:
3b:51:49:99:83:2d:32:3d:fc:5e:b0:4a:06:c8:a0:
35:e7:e9:fd:cf:b9:58:4d:2c:b9:d8:b4:80:20:56:
af:49:f1:c3:35:c2:66:01:be:fa:39:f4:41:2b:f9:
3b:f0:e0:09:1f:71:31:ba:1d:bf:ef:0d:27:5a:da:
30:79:5c:32:9d:7b:c2:0e:c7:d7:56:1f:86:fa:8c:
ed:a1:b1:48:16:e4:c5:05:4b:ff:16:8e:12:28:20:
33:95:8c:42:f3:cb:ff:1a:f7:2a:9c:3e:54:43:22:
5d:61:64:68:e2:7f:f0:77:de:aa:0b:70:d3:26:f3:
cc:4d:aa:33:cd:e3:05:01:77:11:1a:1a:99:62:f8:
a1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EB:47:BA:C1:1A:6E:B0:6F:40:B9:F1:41:5F:11:C1:AF:6F:7C:FD
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/COtHusEabrBvQLnxQV8Rwa9vfP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.33.0/24
37.32.43.0/24
185.26.32.0/24
185.212.49.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:f5:b8:d6:82:4e:de:4b:52:a3:0c:b9:83:d4:38:80:f1:1f:
99:72:8f:8a:56:9c:c2:83:ea:c3:97:01:52:16:0a:53:c3:38:
af:50:15:de:57:db:39:0c:fb:6a:30:b5:e8:f7:b5:ab:bd:a4:
47:c7:e7:1a:6d:d0:58:b1:76:06:3b:ad:cf:5a:bf:68:4e:aa:
c5:d9:bc:e1:01:1c:9d:35:b7:99:80:2a:a9:da:2d:30:9c:2f:
d8:25:84:10:cd:6c:c0:3a:b7:0b:20:fb:3a:3c:38:d9:8a:ab:
1d:2a:ba:69:f1:65:7c:ed:fd:ae:6f:e1:7c:dd:90:f8:82:be:
d3:93:86:28:36:7b:a6:a4:9d:9b:09:df:b7:b3:df:89:0a:50:
77:11:45:eb:22:17:be:fe:1c:00:da:f3:e9:b4:ab:1e:70:5f:
ec:84:d5:f2:73:fa:3c:aa:e8:fe:65:89:0b:f1:3b:6f:80:09:
29:a0:4b:41:db:e8:ff:55:4a:28:9d:5b:f2:ca:c2:94:bb:6a:
55:fb:59:cd:60:ca:5a:64:33:80:99:6f:8c:71:d9:16:0c:07:
f8:b7:85:2c:a3:28:df:3a:ad:5a:7d:41:b8:1d:d1:13:2c:81:
33:8e:29:c7:5c:e8:02:8e:56:9d:12:e6:13:b7:0c:df:e5:64:
b4:83:55:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ17Y1QN2sDYLfKOsw78MAgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNDExMDcxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGViNDdiYWMxMWE2ZWIwNmY0MGI5ZjE0MTVmMTFjMWFmNmY3Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf+DZdycCidcEor3eNV5AugSiX5k
TSWwuN6dYBu7syB3hPBiFhE4kuD/AhSz4IYgYrfRi6SKx9MolVt9hs5pZE6aqHsb
5mEGE0XWXGVzIZKB83yz0J0DuMhq+gc3O4NEBryfXYLanVayXEPxz0RoptTsTl/3
X1Q7UUmZgy0yPfxesEoGyKA15+n9z7lYTSy52LSAIFavSfHDNcJmAb76OfRBK/k7
8OAJH3Exuh2/7w0nWtoweVwynXvCDsfXVh+G+oztobFIFuTFBUv/Fo4SKCAzlYxC
88v/GvcqnD5UQyJdYWRo4n/wd96qC3DTJvPMTaozzeMFAXcRGhqZYvihTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAjrR7rBGm6wb0C58UFfEcGvb3z9MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvQ090SHVzRWFickJ2UUxueFFWOFJ3YTl2ZlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkhAwQA
JSArAwQAuRogAwQAudQxMA0GCSqGSIb3DQEBCwUAA4IBAQCr9bjWgk7eS1KjDLmD
1DiA8R+Zco+KVpzCg+rDlwFSFgpTwzivUBXeV9s5DPtqMLXo97WrvaRHx+cabdBY
sXYGO63PWr9oTqrF2bzhARydNbeZgCqp2i0wnC/YJYQQzWzAOrcLIPs6PDjZiqsd
Krpp8WV87f2ub+F83ZD4gr7Tk4YoNnumpJ2bCd+3s9+JClB3EUXrIhe+/hwA2vPp
tKsecF/shNXyc/o8quj+ZYkL8TtvgAkpoEtB2+j/VUoonVvyysKUu2pV+1nNYMpa
ZDOAmW+McdkWDAf4t4UsoyjfOq1afUG4HdETLIEzjinHXOgCjladEuYTtwzf5WS0
g1WP
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:11:43 2026 by rpki-client