Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/yOjcC_v9jLEMw3DzVhlmsqmU6Yk.roa
File: yOjcC_v9jLEMw3DzVhlmsqmU6Yk.roa (raw, json)
Hash identifier: xoF0GSXbpt7M9bWTlnPF/z3jkbpV3tEKSL94Epm3XBU=
Subject key identifier: C8:E8:DC:0B:FB:FD:8C:B1:0C:C3:70:F3:56:19:66:B2:A9:94:E9:89
Certificate issuer: /CN=e6ad50ce461db5cb37a583e729b7154998ecb117
Certificate serial: 019B78A2FB7DE64C5C6A27A124AE6A21CE71
Authority key identifier: E6:AD:50:CE:46:1D:B5:CB:37:A5:83:E7:29:B7:15:49:98:EC:B1:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/yOjcC_v9jLEMw3DzVhlmsqmU6Yk.roa
Signing time: Thu 01 Jan 2026 08:18:25 +0000
ROA not before: Thu 01 Jan 2026 08:18:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48675
IP address blocks: 45.15.148.0/24 maxlen: 24
45.15.149.0/24 maxlen: 24
45.15.150.0/24 maxlen: 24
45.15.151.0/24 maxlen: 24
185.177.104.0/24 maxlen: 24
185.177.105.0/24 maxlen: 24
185.177.106.0/24 maxlen: 24
185.177.107.0/24 maxlen: 24
195.8.50.0/23 maxlen: 23
195.8.50.0/24 maxlen: 24
195.8.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:fb:7d:e6:4c:5c:6a:27:a1:24:ae:6a:21:ce:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6ad50ce461db5cb37a583e729b7154998ecb117
Validity
Not Before: Jan 1 08:18:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8e8dc0bfbfd8cb10cc370f3561966b2a994e989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:17:b0:37:26:54:bb:55:9b:4c:6f:aa:53:fd:
60:bb:88:fb:e4:2f:8d:dd:8a:c6:ea:bc:cd:75:8d:
06:70:17:bf:f3:fa:ea:e3:c4:5b:9b:f4:1f:64:b0:
6c:4e:2e:ab:4f:b7:6b:5b:51:14:28:ff:67:c6:64:
aa:b1:20:70:9c:f5:8a:70:f9:84:fe:e1:3b:99:50:
32:95:bb:89:82:e6:85:0c:f7:67:6f:9d:4f:0c:d4:
c8:32:f7:b0:aa:52:f7:1c:8b:6c:e3:a7:54:03:a5:
36:c5:b5:7f:37:01:e5:d3:7b:c3:2f:42:93:be:ee:
87:dc:01:ed:2d:28:ff:20:2b:e2:be:dc:36:70:39:
41:70:c5:48:9f:b1:ea:1c:c4:11:20:08:0f:94:6c:
4c:35:c2:5b:53:c9:01:20:9a:89:92:6e:2b:c8:ff:
c2:8e:08:f1:67:21:86:c0:16:6d:15:2c:ff:79:cd:
d3:53:ac:43:c1:df:9f:07:4b:a3:29:c7:43:d9:48:
c8:48:ea:fd:80:b1:b9:76:bc:23:5d:44:88:a0:f2:
57:f6:da:63:af:0d:9f:8c:1a:a2:6a:a9:6c:90:31:
05:4b:60:ff:d2:07:81:b4:5c:1b:f0:e5:52:41:32:
b2:ca:9e:3f:ed:33:60:e0:57:a3:c1:a3:b9:f6:07:
e7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E8:DC:0B:FB:FD:8C:B1:0C:C3:70:F3:56:19:66:B2:A9:94:E9:89
X509v3 Authority Key Identifier:
keyid:E6:AD:50:CE:46:1D:B5:CB:37:A5:83:E7:29:B7:15:49:98:EC:B1:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/yOjcC_v9jLEMw3DzVhlmsqmU6Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.148.0/22
185.177.104.0/22
195.8.50.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:f8:cc:57:d1:52:5d:5d:21:62:0f:06:6e:fc:c4:f6:05:63:
7c:40:ea:95:a3:92:63:f3:ca:5b:b0:85:94:6c:31:f1:90:bd:
e3:5f:e3:5a:03:ce:e8:21:eb:f7:29:be:99:91:29:7d:af:aa:
e8:38:84:a9:57:92:b4:84:ad:01:20:0c:9f:52:9e:50:92:42:
47:1a:3d:e9:2a:d0:92:eb:f1:ce:5c:e4:06:41:6a:15:47:11:
51:bf:97:f0:ac:33:a1:bc:c9:a3:e0:67:36:c4:00:58:50:15:
5f:57:0f:c8:c9:8c:35:6a:63:c0:51:b0:9e:a9:90:1d:1b:a1:
18:7c:ce:54:17:9b:22:ec:56:d9:a8:ba:ed:4a:98:80:91:6e:
52:35:7c:7f:13:46:a3:35:ed:ac:90:2d:b6:58:0b:7e:99:17:
a0:d4:fe:c2:fd:a8:e3:21:cf:d2:ca:ca:8f:19:f1:7d:52:91:
bf:1b:28:ff:25:b6:c9:68:c5:b8:84:ef:65:29:de:6c:28:d2:
3b:f7:0a:dd:e3:7a:d8:82:67:95:89:18:b7:2f:e8:6c:1c:50:
75:51:79:06:63:a3:1e:ac:3e:71:f1:1c:40:db:38:0c:3b:e5:
94:e1:e2:cd:f9:65:25:db:80:2d:10:eb:b0:1a:3b:ea:84:e9:
71:e2:78:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt4ovt95kxcaiehJK5qIc5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YWQ1MGNlNDYxZGI1Y2IzN2E1ODNlNzI5YjcxNTQ5OThl
Y2IxMTcwHhcNMjYwMTAxMDgxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU4ZGMwYmZiZmQ4Y2IxMGNjMzcwZjM1NjE5NjZiMmE5OTRlOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBewNyZUu1WbTG+qU/1gu4j75C+N
3YrG6rzNdY0GcBe/8/rq48Rbm/QfZLBsTi6rT7drW1EUKP9nxmSqsSBwnPWKcPmE
/uE7mVAylbuJguaFDPdnb51PDNTIMvewqlL3HIts46dUA6U2xbV/NwHl03vDL0KT
vu6H3AHtLSj/ICvivtw2cDlBcMVIn7HqHMQRIAgPlGxMNcJbU8kBIJqJkm4ryP/C
jgjxZyGGwBZtFSz/ec3TU6xDwd+fB0ujKcdD2UjISOr9gLG5drwjXUSIoPJX9tpj
rw2fjBqiaqlskDEFS2D/0geBtFwb8OVSQTKyyp4/7TNg4FejwaO59gfnVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMjo3Av7/YyxDMNw81YZZrKplOmJMB8GA1UdIwQY
MBaAFOatUM5GHbXLN6WD5ym3FUmY7LEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXExUXprWWR0Y3MzcFlQbktiY1ZTWmpzc1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lYTE3MjUtZGNkNS00OTkwLTk0NDgt
MGViM2JhNTEzNzRjLzEveU9qY0NfdjlqTEVNdzNEelZobG1zcW1VNllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lYTE3MjUtZGNkNS00OTkwLTk0NDgtMGViM2JhNTEzNzRj
LzEvNXExUXprWWR0Y3MzcFlQbktiY1ZTWmpzc1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ+UAwQC
ubFoAwQBwwgyMA0GCSqGSIb3DQEBCwUAA4IBAQCs+MxX0VJdXSFiDwZu/MT2BWN8
QOqVo5Jj88pbsIWUbDHxkL3jX+NaA87oIev3Kb6ZkSl9r6roOISpV5K0hK0BIAyf
Up5QkkJHGj3pKtCS6/HOXOQGQWoVRxFRv5fwrDOhvMmj4Gc2xABYUBVfVw/IyYw1
amPAUbCeqZAdG6EYfM5UF5si7FbZqLrtSpiAkW5SNXx/E0ajNe2skC22WAt+mReg
1P7C/ajjIc/SysqPGfF9UpG/Gyj/JbbJaMW4hO9lKd5sKNI79wrd43rYgmeViRi3
L+hsHFB1UXkGY6MerD5x8RxA2zgMO+WU4eLN+WUl24AtEOuwGjvqhOlx4njO
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:34:52 2026 by rpki-client