Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/OuXh_yUtNzDmLHa2qDKI-11v3Mk.roa
File: OuXh_yUtNzDmLHa2qDKI-11v3Mk.roa (raw, json)
Hash identifier: FwdJQKq3+ljQgcDRiKWFd9GFpjmh3Tp5wt559mqIWP4=
Subject key identifier: 3A:E5:E1:FF:25:2D:37:30:E6:2C:76:B6:A8:32:88:FB:5D:6F:DC:C9
Certificate issuer: /CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Certificate serial: 019DB1B29F2C64246D2D18855E2005FF9219
Authority key identifier: 16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/OuXh_yUtNzDmLHa2qDKI-11v3Mk.roa
Signing time: Tue 21 Apr 2026 20:19:26 +0000
ROA not before: Tue 21 Apr 2026 20:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12778
IP address blocks: 5.32.136.0/21 maxlen: 24
77.234.128.0/19 maxlen: 19
91.199.161.0/24 maxlen: 24
185.205.116.0/22 maxlen: 24
185.205.116.0/24 maxlen: 24
194.247.162.0/23 maxlen: 24
212.72.96.0/19 maxlen: 19
2a02:d68::/32 maxlen: 32
2a06:c180::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:b2:9f:2c:64:24:6d:2d:18:85:5e:20:05:ff:92:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Validity
Not Before: Apr 21 20:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ae5e1ff252d3730e62c76b6a83288fb5d6fdcc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:56:6a:58:8b:ab:cf:4c:6f:c2:bf:91:52:39:
1d:e3:ac:6d:f1:58:73:8a:15:bc:5b:eb:fe:2e:b8:
83:27:09:22:b5:50:62:1b:03:0b:0f:eb:10:93:6a:
45:65:ae:84:89:93:f3:3f:d3:a0:b9:e0:93:fb:d3:
b2:b9:22:b9:ef:fe:1c:6b:77:8b:97:62:7d:29:79:
6c:05:eb:ff:df:b2:5d:00:37:07:0e:11:3a:f7:2d:
48:5b:82:dd:52:e1:06:7f:59:a5:5d:f4:2c:81:01:
14:52:63:31:d2:3a:5b:d2:59:bb:4b:a1:ae:a3:ee:
1a:2a:8b:b2:f1:b6:cc:05:76:73:a4:58:61:eb:ac:
8a:21:b4:e6:06:12:ad:62:3c:48:ba:36:b4:52:a6:
b1:49:f3:44:1b:a1:9a:8d:0e:32:21:d7:79:a6:56:
2d:0a:af:30:ed:bb:3e:c8:8c:70:d9:7b:08:36:2d:
0f:cc:5a:fc:64:4a:80:ac:c4:68:25:99:18:11:c2:
cb:68:0a:5d:a8:06:29:5a:a8:43:73:a8:d2:44:ea:
cb:c7:84:51:71:92:c1:2f:58:17:c4:51:7d:18:cc:
4a:bd:66:f1:19:53:51:b9:6d:3b:05:d1:ec:44:25:
3c:ea:24:5b:f7:93:6d:29:34:8c:26:94:0b:bb:ec:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E5:E1:FF:25:2D:37:30:E6:2C:76:B6:A8:32:88:FB:5D:6F:DC:C9
X509v3 Authority Key Identifier:
keyid:16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/OuXh_yUtNzDmLHa2qDKI-11v3Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.136.0/21
77.234.128.0/19
91.199.161.0/24
185.205.116.0/22
194.247.162.0/23
212.72.96.0/19
IPv6:
2a02:d68::/32
2a06:c180::/29
Signature Algorithm: sha256WithRSAEncryption
72:58:64:a5:65:d7:9b:e0:5e:68:92:f5:18:52:5a:54:88:55:
c3:76:07:a7:b1:99:b5:bf:76:52:0f:bf:8f:c3:76:2d:a6:19:
3b:83:2e:a0:0d:ab:88:b9:0c:18:cd:d9:aa:b7:ee:78:15:66:
fe:c5:b7:4a:48:01:01:00:55:a6:e2:f8:ac:59:4d:bf:4d:0d:
10:91:02:9e:dc:22:0d:75:a1:8e:46:e6:44:6a:be:9d:85:b6:
96:d7:cf:0d:29:8e:19:51:9f:be:ff:13:d1:e6:24:3f:26:5d:
70:81:68:2d:44:11:6d:be:36:31:2d:a4:aa:b5:d7:99:5a:25:
9e:4b:32:26:62:09:62:ed:91:a6:28:e9:c5:7d:cd:f9:21:11:
fc:6b:83:3a:ec:e2:33:18:ec:64:17:95:9f:12:7f:cd:82:11:
0f:6b:65:c2:19:74:c2:f3:6a:a4:5e:d5:1f:7e:06:ac:29:b5:
48:36:11:6f:a4:87:91:39:b0:f4:15:0e:41:00:c7:dc:d4:9c:
32:42:cb:60:11:d3:65:c0:56:eb:53:e7:2c:33:75:75:80:0f:
13:b2:b1:4b:f8:09:b3:27:9e:80:f6:27:8a:b0:51:bb:fe:6b:
16:1d:c5:c8:38:16:25:b7:6f:f9:02:f9:be:6a:82:6d:2d:b7:
f8:9d:54:df
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ2xsp8sZCRtLRiFXiAF/5IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDk2Y2Y0MTA5YTRhODVkMTg2M2JmNTRhYTRmYTNlODFl
MGMwZTYwHhcNMjYwNDIxMjAxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU1ZTFmZjI1MmQzNzMwZTYyYzc2YjZhODMyODhmYjVkNmZkY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11ZqWIurz0xvwr+RUjkd46xt8Vhz
ihW8W+v+LriDJwkitVBiGwMLD+sQk2pFZa6EiZPzP9OgueCT+9OyuSK57/4ca3eL
l2J9KXlsBev/37JdADcHDhE69y1IW4LdUuEGf1mlXfQsgQEUUmMx0jpb0lm7S6Gu
o+4aKouy8bbMBXZzpFhh66yKIbTmBhKtYjxIuja0UqaxSfNEG6GajQ4yIdd5plYt
Cq8w7bs+yIxw2XsINi0PzFr8ZEqArMRoJZkYEcLLaApdqAYpWqhDc6jSROrLx4RR
cZLBL1gXxFF9GMxKvWbxGVNRuW07BdHsRCU86iRb95NtKTSMJpQLu+xkXwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDrl4f8lLTcw5ix2tqgyiPtdb9zJMB8GA1UdIwQY
MBaAFBbZbPQQmkqF0YY79Uqk+j6B4MDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAt
MTQwN2MwOGRiNTgyLzEvT3VYaF95VXROekRtTEhhMnFES0ktMTF2M01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAtMTQwN2MwOGRiNTgy
LzEvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBSCIAwQF
TeqAAwQAW8ehAwQCuc10AwQBwveiAwQF1EhgMBQEAgACMA4DBQAqAg1oAwUDKgbB
gDANBgkqhkiG9w0BAQsFAAOCAQEAclhkpWXXm+BeaJL1GFJaVIhVw3YHp7GZtb92
Ug+/j8N2LaYZO4MuoA2riLkMGM3ZqrfueBVm/sW3SkgBAQBVpuL4rFlNv00NEJEC
ntwiDXWhjkbmRGq+nYW2ltfPDSmOGVGfvv8T0eYkPyZdcIFoLUQRbb42MS2kqrXX
mVolnksyJmIJYu2RpijpxX3N+SER/GuDOuziMxjsZBeVnxJ/zYIRD2tlwhl0wvNq
pF7VH34GrCm1SDYRb6SHkTmw9BUOQQDH3NScMkLLYBHTZcBW61PnLDN1dYAPE7Kx
S/gJsyeegPYnirBRu/5rFh3FyDgWJbdv+QL5vmqCbS23+J1U3w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:55:54 2026 by rpki-client