Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/OoBivahrO8NKgmow1ha5HnFLjdg.roa
File: OoBivahrO8NKgmow1ha5HnFLjdg.roa (raw, json)
Hash identifier: rIPS+hhmxWZi5r/MGY50wJQp2xRVWCwpFLqOPmWnZpc=
Subject key identifier: 3A:80:62:BD:A8:6B:3B:C3:4A:82:6A:30:D6:16:B9:1E:71:4B:8D:D8
Certificate issuer: /CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Certificate serial: 019C8ED89F4F86E438A4081B46C76AAC1D7E
Authority key identifier: EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/OoBivahrO8NKgmow1ha5HnFLjdg.roa
Signing time: Tue 24 Feb 2026 08:51:26 +0000
ROA not before: Tue 24 Feb 2026 08:51:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203712
IP address blocks: 37.18.132.0/22 maxlen: 24
185.126.104.0/24 maxlen: 24
185.126.105.0/24 maxlen: 24
185.126.106.0/24 maxlen: 24
185.126.107.0/24 maxlen: 24
2a0a:7040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:d8:9f:4f:86:e4:38:a4:08:1b:46:c7:6a:ac:1d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Validity
Not Before: Feb 24 08:51:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a8062bda86b3bc34a826a30d616b91e714b8dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:35:b2:fc:72:cb:d3:98:f9:4b:c2:5e:da:e9:
b8:92:53:d3:13:d1:5b:22:04:22:a7:21:ad:23:0f:
0a:3b:95:0d:be:4a:de:5b:12:c2:9c:b4:08:e9:f4:
6d:31:15:68:4a:e6:3e:45:d6:d3:59:1c:bb:dd:43:
25:ba:40:8d:af:d0:f5:f1:84:0d:35:d2:a8:d8:06:
29:84:4e:53:84:c5:be:f2:ec:78:1d:55:3a:03:d6:
04:7f:cd:2b:6f:0c:fc:f0:57:9a:e0:a1:1f:d5:e1:
ae:95:41:2f:16:14:a5:ce:c2:d4:30:8c:42:f1:62:
d4:e8:eb:99:7a:b5:69:95:e5:43:55:a0:4e:84:af:
c1:0f:ca:ab:eb:39:d1:b3:47:7d:d4:52:7c:d4:2c:
9d:c1:4d:9c:98:be:9e:c0:4d:7f:0e:4e:1d:3e:e9:
d0:05:8a:4f:cf:95:7d:0f:54:ed:78:53:80:53:10:
ca:2c:b0:e4:f2:77:d3:8b:ea:45:8b:37:07:71:59:
89:dd:ac:ee:b0:ce:a8:9e:41:c1:90:d8:c8:ea:b6:
c0:a5:b9:ea:b8:11:80:5b:77:ec:a7:6e:f9:4c:97:
14:c4:89:23:f4:ca:72:5d:4b:cf:69:8c:f4:c6:a1:
14:6f:1e:1b:b9:e9:ed:a3:bc:79:e7:62:b0:27:56:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:80:62:BD:A8:6B:3B:C3:4A:82:6A:30:D6:16:B9:1E:71:4B:8D:D8
X509v3 Authority Key Identifier:
keyid:EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/OoBivahrO8NKgmow1ha5HnFLjdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.132.0/22
185.126.104.0/22
IPv6:
2a0a:7040::/32
Signature Algorithm: sha256WithRSAEncryption
40:6d:5e:64:a1:52:67:b9:4e:f5:ae:69:b7:cb:48:41:90:6b:
4f:43:5f:42:22:55:62:52:bb:ef:5a:cb:00:56:71:a7:13:cf:
82:ba:6f:76:9b:6f:82:56:80:47:14:cd:00:03:02:05:d7:1b:
5b:4e:28:ce:cb:9d:93:1b:be:74:ad:79:13:11:ac:c7:46:ca:
b2:01:0a:43:c1:c6:d9:62:e6:2d:ce:88:c2:7c:59:b6:e3:b0:
fa:eb:65:26:5a:f0:c0:e9:a9:ac:2b:96:3b:74:c6:14:e2:3d:
73:5f:07:84:f5:27:66:b8:84:d2:a9:4e:c0:f1:d5:0b:98:46:
5e:16:0b:f8:96:9b:2b:49:33:8f:63:10:51:99:be:d5:61:b6:
ad:d1:ac:99:7f:a8:ff:1a:eb:e4:bb:90:17:12:a0:7e:3e:ea:
35:c6:67:66:ce:ef:c8:c8:45:39:61:c5:7b:19:47:5e:2b:fd:
c4:59:71:6d:9b:30:fe:6a:04:40:57:08:38:d3:46:5a:82:a9:
80:84:b9:0b:51:1e:95:ca:45:b3:72:8b:14:a0:87:55:91:49:
a1:14:e8:c9:4c:b4:6a:d4:06:85:0a:cf:14:5f:8b:53:1e:96:
bd:ef:f0:a4:d4:4a:59:de:e5:fc:37:82:37:d8:19:6e:ea:22:
eb:e8:22:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZyO2J9PhuQ4pAgbRsdqrB1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM2MDg3YzNmY2VjZmIwMDZmNTE4ZDc4MTFiMjU1ZWE1
N2M5MGQwHhcNMjYwMjI0MDg1MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgwNjJiZGE4NmIzYmMzNGE4MjZhMzBkNjE2YjkxZTcxNGI4ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TWy/HLL05j5S8Je2um4klPTE9Fb
IgQipyGtIw8KO5UNvkreWxLCnLQI6fRtMRVoSuY+RdbTWRy73UMlukCNr9D18YQN
NdKo2AYphE5ThMW+8ux4HVU6A9YEf80rbwz88Fea4KEf1eGulUEvFhSlzsLUMIxC
8WLU6OuZerVpleVDVaBOhK/BD8qr6znRs0d91FJ81CydwU2cmL6ewE1/Dk4dPunQ
BYpPz5V9D1TteFOAUxDKLLDk8nfTi+pFizcHcVmJ3azusM6onkHBkNjI6rbApbnq
uBGAW3fsp275TJcUxIkj9MpyXUvPaYz0xqEUbx4buento7x552KwJ1ZChQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDqAYr2oazvDSoJqMNYWuR5xS43YMB8GA1UdIwQY
MBaAFOvzYIfD/Oz7AG9RjXgRslXqV8kNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUt
NjhhNDU1MWY2OGE4LzEvT29CaXZhaHJPOE5LZ21vdzFoYTVIbkZMamRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUtNjhhNDU1MWY2OGE4
LzEvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJRKEAwQC
uX5oMA0EAgACMAcDBQAqCnBAMA0GCSqGSIb3DQEBCwUAA4IBAQBAbV5koVJnuU71
rmm3y0hBkGtPQ19CIlViUrvvWssAVnGnE8+Cum92m2+CVoBHFM0AAwIF1xtbTijO
y52TG750rXkTEazHRsqyAQpDwcbZYuYtzojCfFm247D662UmWvDA6amsK5Y7dMYU
4j1zXweE9SdmuITSqU7A8dULmEZeFgv4lpsrSTOPYxBRmb7VYbat0ayZf6j/Guvk
u5AXEqB+Puo1xmdmzu/IyEU5YcV7GUdeK/3EWXFtmzD+agRAVwg400ZagqmAhLkL
UR6VykWzcosUoIdVkUmhFOjJTLRq1AaFCs8UX4tTHpa97/Ck1EpZ3uX8N4I32Blu
6iLr6CL/
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:07:47 2026 by rpki-client