Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/oQBH_NeiRPG_e4KmNZk-RR3kCKY.roa
File: oQBH_NeiRPG_e4KmNZk-RR3kCKY.roa (raw, json)
Hash identifier: 5yk4+t8nbe4unzo/kayRm3A5afivIZP6j3VoWZbzs/4=
Subject key identifier: A1:00:47:FC:D7:A2:44:F1:BF:7B:82:A6:35:99:3E:45:1D:E4:08:A6
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019EA316A30FA3EF4816A4691B74CEEC5C58
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/oQBH_NeiRPG_e4KmNZk-RR3kCKY.roa
Signing time: Sun 07 Jun 2026 17:17:10 +0000
ROA not before: Sun 07 Jun 2026 17:17:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 87.232.83.0/24 maxlen: 24
89.126.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a3:16:a3:0f:a3:ef:48:16:a4:69:1b:74:ce:ec:5c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: Jun 7 17:17:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a10047fcd7a244f1bf7b82a635993e451de408a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0c:32:f7:08:93:71:72:48:34:f1:e5:5a:f0:
eb:65:2d:0e:1d:ac:22:e2:07:12:8e:42:79:fc:44:
b6:8b:2f:05:63:95:58:28:8b:ea:6b:9f:7e:8d:39:
9f:32:50:b4:55:fe:32:71:80:20:81:09:05:af:d9:
f8:90:20:08:1a:9a:e3:7a:13:fe:92:35:8f:9e:bb:
dc:f6:a8:81:7f:3f:ec:04:00:92:45:eb:3a:e6:68:
27:a3:89:73:22:d7:77:0f:0f:7f:2d:a1:89:46:ee:
b6:34:8c:50:3a:dd:88:45:a4:1a:d7:40:1d:c5:da:
34:64:3b:1a:4e:8c:f8:34:27:9d:17:50:8e:40:e3:
80:a7:02:e6:15:38:3d:f7:6b:58:2b:0b:9e:ee:a4:
5b:5c:3c:32:7f:d1:95:f2:cb:34:3e:e6:b5:ab:9b:
3f:63:70:ee:85:4e:52:47:47:58:2c:c4:22:8b:1e:
07:06:34:cf:25:a0:4e:9a:75:a9:30:be:36:f7:be:
84:b3:89:86:d1:c3:97:fc:90:aa:49:f9:39:0c:a5:
4d:75:94:bd:0e:70:e7:f7:0c:dd:c1:99:91:bc:b5:
49:10:b8:c2:4f:85:38:50:4b:2e:5c:df:f1:d1:12:
e1:d7:44:09:ad:cd:c8:36:43:5c:c7:40:b2:d7:58:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:00:47:FC:D7:A2:44:F1:BF:7B:82:A6:35:99:3E:45:1D:E4:08:A6
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/oQBH_NeiRPG_e4KmNZk-RR3kCKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.232.83.0/24
89.126.230.0/24
Signature Algorithm: sha256WithRSAEncryption
53:38:8b:fa:06:53:ef:9e:ae:28:0b:4d:cb:8c:5e:23:8f:8f:
0d:f5:2a:f5:e1:c9:0b:94:fe:3d:65:98:c6:3c:e4:8c:03:15:
53:89:57:fb:81:65:ff:d9:16:31:85:eb:d8:91:1f:ea:eb:30:
7c:72:81:dd:a1:d2:99:5b:9a:4b:2c:2b:21:e7:c4:83:7d:68:
99:ac:b4:0b:34:39:e3:4e:73:78:2f:08:96:c6:35:05:5e:d3:
2c:e9:b7:da:89:ef:71:b5:89:73:6e:e6:b5:ff:b3:90:9d:21:
99:c6:9a:1b:14:21:c9:ed:e4:22:f3:6b:1d:f3:3e:ee:6a:c7:
4b:04:84:00:aa:95:fe:67:26:90:db:57:ab:94:7e:60:7a:3c:
75:3c:5c:90:e6:f7:e0:c5:7d:1c:22:ec:7c:2d:f7:b1:a5:e8:
9a:e9:81:3e:ed:49:34:fc:a2:c7:db:ff:b7:2b:46:54:5a:15:
d7:19:7f:18:93:59:39:fd:a0:d9:99:72:e7:17:22:e3:95:77:
db:9a:da:1f:d6:d5:c9:f6:9f:27:b4:4c:f5:87:a5:38:79:4d:
da:67:9c:0f:12:9e:39:8f:30:a6:7e:88:b4:56:c0:17:c1:6d:
bb:ff:b1:b6:5c:bd:46:95:fd:55:58:b0:13:5b:2c:dc:1d:01:
ac:a5:d9:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6jFqMPo+9IFqRpG3TO7FxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwNjA3MTcxNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTAwNDdmY2Q3YTI0NGYxYmY3YjgyYTYzNTk5M2U0NTFkZTQwOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQwy9wiTcXJINPHlWvDrZS0OHawi
4gcSjkJ5/ES2iy8FY5VYKIvqa59+jTmfMlC0Vf4ycYAggQkFr9n4kCAIGprjehP+
kjWPnrvc9qiBfz/sBACSRes65mgno4lzItd3Dw9/LaGJRu62NIxQOt2IRaQa10Ad
xdo0ZDsaToz4NCedF1COQOOApwLmFTg992tYKwue7qRbXDwyf9GV8ss0Pua1q5s/
Y3DuhU5SR0dYLMQiix4HBjTPJaBOmnWpML42976Es4mG0cOX/JCqSfk5DKVNdZS9
DnDn9wzdwZmRvLVJELjCT4U4UEsuXN/x0RLh10QJrc3INkNcx0Cy11jLVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKEAR/zXokTxv3uCpjWZPkUd5AimMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvb1FCSF9OZWlSUEdfZTRLbU5aay1SUjNrQ0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+hTAwQA
WX7mMA0GCSqGSIb3DQEBCwUAA4IBAQBTOIv6BlPvnq4oC03LjF4jj48N9Sr14ckL
lP49ZZjGPOSMAxVTiVf7gWX/2RYxhevYkR/q6zB8coHdodKZW5pLLCsh58SDfWiZ
rLQLNDnjTnN4LwiWxjUFXtMs6bfaie9xtYlzbua1/7OQnSGZxpobFCHJ7eQi82sd
8z7uasdLBIQAqpX+ZyaQ21erlH5gejx1PFyQ5vfgxX0cIux8Lfexpeia6YE+7Uk0
/KLH2/+3K0ZUWhXXGX8Yk1k5/aDZmXLnFyLjlXfbmtof1tXJ9p8ntEz1h6U4eU3a
Z5wPEp45jzCmfoi0VsAXwW27/7G2XL1Glf1VWLATWyzcHQGspdkT
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:54:57 2026 by rpki-client