Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/5ojvbfCctNCB5Gqhmzf0iwXXOEM.roa
File: 5ojvbfCctNCB5Gqhmzf0iwXXOEM.roa (raw, json)
Hash identifier: k8Uj++Nl/KE3zAMHJHLKpfjTAKVmdctYhbK1Afyv9Ns=
Subject key identifier: E6:88:EF:6D:F0:9C:B4:D0:81:E4:6A:A1:9B:37:F4:8B:05:D7:38:43
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 019B7E38F79E79552F23AA8F5A11A66B4C98
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/5ojvbfCctNCB5Gqhmzf0iwXXOEM.roa
Signing time: Fri 02 Jan 2026 10:20:21 +0000
ROA not before: Fri 02 Jan 2026 10:20:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58173
IP address blocks: 5.61.72.0/21 maxlen: 21
5.61.72.0/22 maxlen: 22
5.61.72.0/24 maxlen: 24
5.61.76.0/22 maxlen: 22
134.0.80.0/21 maxlen: 24
134.0.80.0/22 maxlen: 22
134.0.80.0/24 maxlen: 24
134.0.84.0/22 maxlen: 22
185.18.48.0/22 maxlen: 22
185.18.48.0/23 maxlen: 23
185.18.48.0/24 maxlen: 24
185.18.50.0/23 maxlen: 23
185.18.50.0/24 maxlen: 24
185.96.192.0/22 maxlen: 24
185.96.192.0/23 maxlen: 23
185.96.193.0/24 maxlen: 24
185.205.160.0/22 maxlen: 24
185.205.160.0/23 maxlen: 23
185.205.162.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:f7:9e:79:55:2f:23:aa:8f:5a:11:a6:6b:4c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Jan 2 10:20:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e688ef6df09cb4d081e46aa19b37f48b05d73843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:53:4e:0b:75:34:db:c4:bf:39:51:23:e5:
a6:8b:cc:0a:18:e9:10:a1:c7:f0:cb:45:bd:3b:1f:
b3:4f:c9:20:18:c9:68:cf:e2:8b:29:e3:38:1a:10:
15:de:29:5f:e6:ef:31:2b:6c:52:bc:cd:e8:e8:bc:
9c:50:3f:2c:dd:ed:a4:30:d5:e9:e3:32:1b:02:25:
d7:94:1e:74:2a:da:8c:f7:52:a6:90:cc:2c:a5:5a:
a8:74:75:6a:28:62:33:90:ee:64:e8:c7:67:61:6c:
c8:a2:73:14:9f:aa:af:c3:cc:3f:38:31:e0:e6:5c:
89:95:c2:fc:76:22:c2:a4:1e:22:ee:bd:7e:db:1d:
de:fb:f3:12:a4:e8:bb:1b:0f:22:f0:cf:13:6d:28:
fd:a0:da:c4:50:61:ae:2d:c6:01:72:7b:20:44:c3:
8d:2f:cb:c4:ac:57:91:47:40:6e:3e:5d:06:3f:53:
5f:79:1d:77:1d:30:2b:ea:55:f4:6e:85:85:2d:60:
b8:d2:94:35:4b:e2:6d:23:55:2b:06:43:b5:1f:98:
e5:e0:79:ca:23:56:6c:d1:95:f3:c4:62:f9:0d:52:
f1:26:3f:ee:22:34:bc:fb:c9:35:0e:33:66:d3:39:
dd:7f:2b:1d:a8:72:70:ed:ef:ec:4e:60:27:3b:3d:
9c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:88:EF:6D:F0:9C:B4:D0:81:E4:6A:A1:9B:37:F4:8B:05:D7:38:43
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/5ojvbfCctNCB5Gqhmzf0iwXXOEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.72.0/21
134.0.80.0/21
185.18.48.0/22
185.96.192.0/22
185.205.160.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:2b:74:9c:0a:4e:07:ca:bc:91:8e:7f:4c:31:67:74:d6:87:
6f:ea:ff:a1:3e:ce:35:83:df:1c:bc:43:b8:1a:b2:4b:86:19:
85:ee:aa:08:23:ba:35:c0:91:71:d3:27:43:48:68:c9:29:1f:
0d:31:a2:55:15:be:3a:16:13:06:9e:e3:bf:bc:f9:75:08:60:
d2:3d:62:7f:58:0b:b1:cc:69:4e:84:17:4b:99:c0:59:cc:5f:
35:cb:ab:f7:18:f5:26:ef:ae:c0:a6:0d:22:05:1e:86:ee:88:
d3:e0:cd:7d:ae:9a:eb:cf:0b:34:ce:a1:fe:83:ff:0a:b9:9b:
4e:1c:6b:98:b0:ad:c9:cc:42:48:74:9f:68:c1:40:23:d5:6d:
a1:56:d7:36:66:8f:cf:36:df:d3:00:8f:ed:9f:46:66:24:63:
8c:49:d2:e3:4f:11:4c:e4:8f:76:36:9f:a5:f1:a1:41:17:71:
9e:47:a4:d7:ad:5f:3a:f2:81:97:23:b6:e6:4e:fd:a5:de:3f:
47:b1:05:2a:4d:d6:59:1c:0f:cf:a9:91:61:86:ed:0f:bb:19:
0e:fb:bf:3a:6b:07:2f:40:e8:24:83:d0:90:b4:23:27:97:93:
57:b5:1c:a6:8e:cb:14:40:07:6d:f2:f1:c4:a3:1e:9f:b1:32:
67:56:18:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZt+OPeeeVUvI6qPWhGma0yYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjYwMTAyMTAyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg4ZWY2ZGYwOWNiNGQwODFlNDZhYTE5YjM3ZjQ4YjA1ZDczODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCZTTgt1NNvEvzlRI+Wmi8wKGOkQ
ocfwy0W9Ox+zT8kgGMloz+KLKeM4GhAV3ilf5u8xK2xSvM3o6LycUD8s3e2kMNXp
4zIbAiXXlB50KtqM91KmkMwspVqodHVqKGIzkO5k6MdnYWzIonMUn6qvw8w/ODHg
5lyJlcL8diLCpB4i7r1+2x3e+/MSpOi7Gw8i8M8TbSj9oNrEUGGuLcYBcnsgRMON
L8vErFeRR0BuPl0GP1NfeR13HTAr6lX0boWFLWC40pQ1S+JtI1UrBkO1H5jl4HnK
I1Zs0ZXzxGL5DVLxJj/uIjS8+8k1DjNm0zndfysdqHJw7e/sTmAnOz2cqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOaI723wnLTQgeRqoZs39IsF1zhDMB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvNW9qdmJmQ2N0TkNCNUdxaG16ZjBpd1hYT0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBT1IAwQD
hgBQAwQCuRIwAwQCuWDAAwQCuc2gMA0GCSqGSIb3DQEBCwUAA4IBAQC0K3ScCk4H
yryRjn9MMWd01odv6v+hPs41g98cvEO4GrJLhhmF7qoII7o1wJFx0ydDSGjJKR8N
MaJVFb46FhMGnuO/vPl1CGDSPWJ/WAuxzGlOhBdLmcBZzF81y6v3GPUm767Apg0i
BR6G7ojT4M19rprrzws0zqH+g/8KuZtOHGuYsK3JzEJIdJ9owUAj1W2hVtc2Zo/P
Nt/TAI/tn0ZmJGOMSdLjTxFM5I92Np+l8aFBF3GeR6TXrV868oGXI7bmTv2l3j9H
sQUqTdZZHA/PqZFhhu0PuxkO+786awcvQOgkg9CQtCMnl5NXtRymjssUQAdt8vHE
ox6fsTJnVhgk
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:58:58 2026 by rpki-client