Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/oirT68elnD8WOEzPZnA1_dmBao4.roa
File: oirT68elnD8WOEzPZnA1_dmBao4.roa (raw, json)
Hash identifier: Akx9tyxE9m7xqNhCByZw0ZpZ6/f1RmbIztXn55qynJM=
Subject key identifier: A2:2A:D3:EB:C7:A5:9C:3F:16:38:4C:CF:66:70:35:FD:D9:81:6A:8E
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 019D4884096947C5F76044887A60055644C3
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/oirT68elnD8WOEzPZnA1_dmBao4.roa
Signing time: Wed 01 Apr 2026 10:08:25 +0000
ROA not before: Wed 01 Apr 2026 10:08:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8075
IP address blocks: 145.46.160.0/24 maxlen: 24
145.46.161.0/24 maxlen: 24
145.46.162.0/24 maxlen: 24
145.46.163.0/24 maxlen: 24
145.46.164.0/24 maxlen: 24
145.46.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:84:09:69:47:c5:f7:60:44:88:7a:60:05:56:44:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Apr 1 10:08:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a22ad3ebc7a59c3f16384ccf667035fdd9816a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1b:e5:bf:7f:71:ea:4b:66:de:07:9d:50:97:
04:5d:66:bc:f0:21:9b:56:47:99:e9:6d:52:91:ba:
2a:39:0a:00:12:7b:6f:d6:a9:d7:b2:26:b8:52:36:
3b:96:88:91:74:63:75:c5:95:fa:24:25:de:cb:12:
99:26:78:d7:c9:78:61:d2:4e:42:03:fe:2e:bd:ec:
a9:6d:87:b0:aa:34:36:cb:12:48:b4:0f:ab:d8:61:
c7:fc:47:c5:d5:c6:e1:24:93:87:27:7f:c1:22:2e:
ef:56:7b:ae:fc:23:49:7a:13:eb:4d:01:3c:4e:53:
4e:23:af:90:d1:a7:92:88:18:78:e3:36:f2:8b:c5:
9c:59:73:cd:24:6a:2d:55:69:23:6e:1b:a3:74:fe:
7c:d8:87:71:e3:6b:78:f3:54:45:18:df:7c:1b:ca:
5e:97:db:59:6f:6d:6d:a3:8b:98:a4:b2:ab:8e:89:
fa:33:08:95:66:c2:ff:e6:24:01:63:62:87:93:96:
66:4f:f6:29:06:cd:13:fa:42:3f:0a:ef:5e:aa:fb:
47:f8:1a:3b:05:00:85:71:2f:e8:27:37:2c:6b:2d:
ab:3d:bb:b8:c0:84:a9:7b:79:c7:ee:15:c5:9a:bc:
9c:38:b6:9e:27:a7:ce:37:53:2a:67:0b:3d:a4:22:
14:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2A:D3:EB:C7:A5:9C:3F:16:38:4C:CF:66:70:35:FD:D9:81:6A:8E
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/oirT68elnD8WOEzPZnA1_dmBao4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.160.0-145.46.165.255
Signature Algorithm: sha256WithRSAEncryption
6f:50:7e:e7:e4:9b:bf:80:bd:ea:5d:f0:45:f0:2e:a9:0c:ab:
c5:4e:31:ab:a2:12:57:7d:6f:13:ae:0b:d9:a4:5a:c4:bb:7b:
b8:d6:3a:0f:b4:ce:f8:9a:fd:ef:85:31:fc:5d:27:26:f8:8e:
79:de:a0:0d:25:e4:62:72:7c:27:00:61:e5:18:ec:64:a6:f0:
8d:ff:ac:c2:f9:15:a2:20:d2:f9:da:51:e2:d7:64:62:7a:8c:
54:49:f7:84:00:31:eb:1f:1b:78:2c:f3:81:bc:c5:bb:e1:c6:
2b:fe:50:40:f5:d9:93:ce:f8:ad:50:82:c0:30:7e:11:16:86:
29:b3:9a:a3:95:2a:b4:2e:d1:92:5e:e0:92:61:6c:5d:3e:fb:
02:1f:20:32:c9:6f:71:bc:cb:9f:4a:d7:45:39:c7:40:29:9d:
0c:7b:44:c6:42:f3:01:46:62:83:f6:5a:c9:d9:5f:c8:ff:2f:
0b:e6:4e:a1:44:d0:25:3b:f2:1e:10:cf:fd:c7:6e:44:1a:ac:
18:f3:e1:f4:90:13:83:20:43:0b:cb:92:69:7d:77:cc:41:63:
1f:11:2c:71:31:82:98:f9:10:ab:4f:d1:ee:26:ae:13:02:f5:
a7:9f:21:1d:f4:aa:82:82:de:1a:f7:03:6a:87:2b:77:45:19:
52:7f:27:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ1IhAlpR8X3YESIemAFVkTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjYwNDAxMTAwODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJhZDNlYmM3YTU5YzNmMTYzODRjY2Y2NjcwMzVmZGQ5ODE2YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRvlv39x6ktm3gedUJcEXWa88CGb
VkeZ6W1SkboqOQoAEntv1qnXsia4UjY7loiRdGN1xZX6JCXeyxKZJnjXyXhh0k5C
A/4uveypbYewqjQ2yxJItA+r2GHH/EfF1cbhJJOHJ3/BIi7vVnuu/CNJehPrTQE8
TlNOI6+Q0aeSiBh44zbyi8WcWXPNJGotVWkjbhujdP582Idx42t481RFGN98G8pe
l9tZb21to4uYpLKrjon6MwiVZsL/5iQBY2KHk5ZmT/YpBs0T+kI/Cu9eqvtH+Bo7
BQCFcS/oJzcsay2rPbu4wISpe3nH7hXFmrycOLaeJ6fON1MqZws9pCIUFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKIq0+vHpZw/FjhMz2ZwNf3ZgWqOMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvb2lyVDY4ZWxuRDhXT0V6UFpuQTFfZG1CYW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWRLqAD
BAGRLqQwDQYJKoZIhvcNAQELBQADggEBAG9Qfufkm7+Avepd8EXwLqkMq8VOMaui
Eld9bxOuC9mkWsS7e7jWOg+0zvia/e+FMfxdJyb4jnneoA0l5GJyfCcAYeUY7GSm
8I3/rML5FaIg0vnaUeLXZGJ6jFRJ94QAMesfG3gs84G8xbvhxiv+UED12ZPO+K1Q
gsAwfhEWhimzmqOVKrQu0ZJe4JJhbF0++wIfIDLJb3G8y59K10U5x0ApnQx7RMZC
8wFGYoP2WsnZX8j/LwvmTqFE0CU78h4Qz/3HbkQarBjz4fSQE4MgQwvLkml9d8xB
Yx8RLHExgpj5EKtP0e4mrhMC9aefIR30qoKC3hr3A2qHK3dFGVJ/J5M=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:38:06 2026 by rpki-client