Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OcXOaVrYHHB9F0asXRo0v_gAK3M.roa
File: OcXOaVrYHHB9F0asXRo0v_gAK3M.roa (raw, json)
Hash identifier: 2BcDyFN/4X63LWnjgScFS17Z+V6sSggqWAkuhUo2+04=
Subject key identifier: 39:C5:CE:69:5A:D8:1C:70:7D:17:46:AC:5D:1A:34:BF:F8:00:2B:73
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019EA8E751AAF223DA57377657264AA34E12
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OcXOaVrYHHB9F0asXRo0v_gAK3M.roa
Signing time: Mon 08 Jun 2026 20:23:12 +0000
ROA not before: Mon 08 Jun 2026 20:23:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34534
IP address blocks: 194.55.137.0/24 maxlen: 24
194.55.189.0/24 maxlen: 24
194.59.221.0/24 maxlen: 24
194.59.245.0/24 maxlen: 24
194.76.146.0/24 maxlen: 24
194.76.147.0/24 maxlen: 24
194.76.154.0/24 maxlen: 24
194.76.155.0/24 maxlen: 24
194.124.250.0/24 maxlen: 24
194.124.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:e7:51:aa:f2:23:da:57:37:76:57:26:4a:a3:4e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 8 20:23:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39c5ce695ad81c707d1746ac5d1a34bff8002b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:f5:ea:fd:b5:f6:4d:bb:43:2e:48:3e:80:
e3:dc:3d:bd:7b:cf:46:2c:19:27:5d:42:58:be:32:
f3:e6:99:dd:f8:6b:d2:fc:12:50:45:45:e3:7b:88:
7f:eb:39:03:9a:a6:5a:8e:9e:fd:f6:06:67:02:cc:
cb:dd:d0:a8:6d:8b:48:e1:91:e6:e1:80:f8:e0:95:
6c:97:9c:b8:34:49:d3:a6:cd:00:e5:01:10:e3:95:
a8:db:4f:d2:05:bc:28:54:f1:d2:73:63:53:8f:3d:
28:ae:4e:93:b5:42:8f:38:7b:d6:0d:b8:bf:e8:1c:
14:ee:e1:95:ac:c4:b1:1c:6a:95:b0:b0:5f:f9:f1:
0c:e8:6f:8f:50:7c:bd:08:e5:d0:65:4f:db:9b:6c:
f7:e7:c8:33:79:50:3e:11:d7:36:2b:58:a8:2f:df:
b9:ee:fc:60:bd:8a:73:06:56:79:39:a3:42:58:ca:
35:37:2f:1c:59:fd:14:e3:37:ac:d8:3b:e6:52:1f:
58:ee:ab:85:bd:5c:24:03:33:32:d8:8d:20:78:18:
14:ae:3f:66:ec:69:c9:f0:2f:5c:0a:de:09:ca:c2:
a5:52:2b:cd:69:11:67:66:c7:19:6c:d6:34:9c:d9:
58:77:a2:3d:fa:4b:c7:43:8f:6a:eb:e8:f1:f4:1b:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C5:CE:69:5A:D8:1C:70:7D:17:46:AC:5D:1A:34:BF:F8:00:2B:73
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OcXOaVrYHHB9F0asXRo0v_gAK3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.137.0/24
194.55.189.0/24
194.59.221.0/24
194.59.245.0/24
194.76.146.0/23
194.76.154.0/23
194.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:1a:74:0f:cc:4d:64:e6:0a:49:c0:8f:48:0e:da:69:8e:1d:
e3:71:3a:33:7c:2c:ca:5a:9a:a4:8f:d6:1e:b1:85:ea:8a:c3:
92:13:86:80:fd:d3:70:91:d9:d8:f3:a3:ea:e4:e2:b0:dc:79:
fc:97:38:f0:f7:75:4c:a9:92:c5:7b:25:81:99:b3:94:89:ac:
d5:75:5e:9a:dc:6f:3f:76:6a:cd:3c:e7:7b:f5:e4:8f:d3:43:
0d:d1:f5:bb:e7:8a:09:3d:6c:cc:3e:fd:11:9e:21:ce:9d:cc:
6e:32:77:32:b8:9f:da:66:77:11:f5:a2:b3:70:1b:eb:14:ba:
86:c1:d8:ad:eb:8b:3d:2f:7f:ed:f5:33:9c:5b:2b:26:49:30:
63:f0:3a:6c:e8:d3:e2:05:e1:fa:44:ea:6b:1b:db:cc:2e:1e:
27:17:45:65:e8:18:24:53:f4:4f:fc:fa:85:61:05:6c:f1:a1:
80:e6:8e:3e:fe:6e:38:a4:c9:60:3c:fa:77:36:2b:e5:55:0a:
bb:27:62:0b:6b:93:29:29:6b:9c:8a:0c:31:c2:72:c3:d3:79:
00:0d:32:45:b6:61:cf:43:92:72:04:8f:1f:1e:6a:43:24:ad:
78:56:57:23:84:13:c5:a1:01:bc:c0:15:a5:a8:14:c0:39:1f:
c5:7d:a9:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6o51Gq8iPaVzd2VyZKo04SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjA4MjAyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM1Y2U2OTVhZDgxYzcwN2QxNzQ2YWM1ZDFhMzRiZmY4MDAyYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUb16v219k27Qy5IPoDj3D29e89G
LBknXUJYvjLz5pnd+GvS/BJQRUXje4h/6zkDmqZajp799gZnAszL3dCobYtI4ZHm
4YD44JVsl5y4NEnTps0A5QEQ45Wo20/SBbwoVPHSc2NTjz0ork6TtUKPOHvWDbi/
6BwU7uGVrMSxHGqVsLBf+fEM6G+PUHy9COXQZU/bm2z358gzeVA+Edc2K1ioL9+5
7vxgvYpzBlZ5OaNCWMo1Ny8cWf0U4zes2DvmUh9Y7quFvVwkAzMy2I0geBgUrj9m
7GnJ8C9cCt4JysKlUivNaRFnZscZbNY0nNlYd6I9+kvHQ49q6+jx9BvxxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDnFzmla2BxwfRdGrF0aNL/4ACtzMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvT2NYT2FWcllISEI5RjBhc1hSbzB2X2dBSzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwjeJAwQA
wje9AwQAwjvdAwQAwjv1AwQBwkySAwQBwkyaAwQBwnz6MA0GCSqGSIb3DQEBCwUA
A4IBAQDHGnQPzE1k5gpJwI9IDtppjh3jcTozfCzKWpqkj9YesYXqisOSE4aA/dNw
kdnY86Pq5OKw3Hn8lzjw93VMqZLFeyWBmbOUiazVdV6a3G8/dmrNPOd79eSP00MN
0fW754oJPWzMPv0RniHOncxuMncyuJ/aZncR9aKzcBvrFLqGwdit64s9L3/t9TOc
WysmSTBj8Dps6NPiBeH6ROprG9vMLh4nF0Vl6BgkU/RP/PqFYQVs8aGA5o4+/m44
pMlgPPp3NivlVQq7J2ILa5MpKWucigwxwnLD03kADTJFtmHPQ5JyBI8fHmpDJK14
VlcjhBPFoQG8wBWlqBTAOR/Ffakb
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:50:39 2026 by rpki-client