Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/OM1cSFU8Ho_5gGRm9_J5AM__9Vo.roa
File: OM1cSFU8Ho_5gGRm9_J5AM__9Vo.roa (raw, json)
Hash identifier: gWCTvEKc3tzachY7brHH1xI78OvzIY3uE0uOo2Zryuw=
Subject key identifier: 38:CD:5C:48:55:3C:1E:8F:F9:80:64:66:F7:F2:79:00:CF:FF:F5:5A
Certificate issuer: /CN=7c61e3d81f05acb56bdf798ed4ae2af637794201
Certificate serial: 019B7C1351EFBCE4DF11AF8990D325DC957B
Authority key identifier: 7C:61:E3:D8:1F:05:AC:B5:6B:DF:79:8E:D4:AE:2A:F6:37:79:42:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fGHj2B8FrLVr33mO1K4q9jd5QgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/OM1cSFU8Ho_5gGRm9_J5AM__9Vo.roa
Signing time: Fri 02 Jan 2026 00:19:59 +0000
ROA not before: Fri 02 Jan 2026 00:19:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61307
IP address blocks: 31.24.56.0/21 maxlen: 21
31.24.56.0/22 maxlen: 22
31.24.60.0/22 maxlen: 22
85.196.192.0/18 maxlen: 18
85.196.192.0/19 maxlen: 19
85.196.224.0/19 maxlen: 19
93.185.240.0/20 maxlen: 20
93.185.240.0/21 maxlen: 21
93.185.248.0/21 maxlen: 21
185.97.248.0/22 maxlen: 22
185.97.248.0/23 maxlen: 23
185.97.250.0/23 maxlen: 23
2a03:4360::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/fGHj2B8FrLVr33mO1K4q9jd5QgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/fGHj2B8FrLVr33mO1K4q9jd5QgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/fGHj2B8FrLVr33mO1K4q9jd5QgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:13:51:ef:bc:e4:df:11:af:89:90:d3:25:dc:95:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c61e3d81f05acb56bdf798ed4ae2af637794201
Validity
Not Before: Jan 2 00:19:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38cd5c48553c1e8ff9806466f7f27900cffff55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:c5:79:b4:83:5d:34:02:37:a6:f2:0a:dd:
db:bc:7b:60:27:a3:df:92:b8:7c:e3:77:d9:05:58:
7d:6d:b6:12:2b:46:dd:a8:7e:99:fb:20:e9:3c:67:
57:e0:c1:40:e0:e0:9e:cd:a9:a7:84:54:57:5f:2a:
62:0d:47:c5:b8:50:98:30:e1:34:1c:3c:38:9f:b0:
5f:b7:44:b1:53:aa:63:53:82:61:83:5e:83:9a:1b:
7c:8a:cc:0a:89:3f:37:c6:0b:49:42:64:14:97:94:
1a:0d:63:81:e8:ee:f5:8a:f4:31:1b:d5:11:e4:fc:
00:af:ee:d0:96:ca:9c:eb:81:29:88:04:44:fb:99:
bd:fc:97:87:c4:09:c5:76:d2:bf:05:67:02:79:b9:
97:15:b8:2f:8d:3c:a2:03:5d:0d:71:85:9a:5b:e5:
74:12:18:55:fd:a1:8a:69:a4:67:1e:54:1d:92:e3:
c2:31:2f:03:57:e4:61:bc:28:19:cf:17:58:9b:bf:
67:8f:7e:94:54:ad:89:c0:51:71:99:9c:40:42:92:
e2:4e:15:f0:37:85:ec:17:85:c8:8c:33:e4:b5:3f:
cb:72:0e:e3:4e:83:fb:a7:61:20:67:64:1d:f3:fd:
85:d0:2f:30:f3:bd:47:2d:f5:07:31:1e:6a:79:7e:
f8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CD:5C:48:55:3C:1E:8F:F9:80:64:66:F7:F2:79:00:CF:FF:F5:5A
X509v3 Authority Key Identifier:
keyid:7C:61:E3:D8:1F:05:AC:B5:6B:DF:79:8E:D4:AE:2A:F6:37:79:42:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fGHj2B8FrLVr33mO1K4q9jd5QgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/OM1cSFU8Ho_5gGRm9_J5AM__9Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b0212a-eabe-45ab-bfd5-9dfbe6dda88a/1/fGHj2B8FrLVr33mO1K4q9jd5QgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.56.0/21
85.196.192.0/18
93.185.240.0/20
185.97.248.0/22
IPv6:
2a03:4360::/32
Signature Algorithm: sha256WithRSAEncryption
21:6a:3f:e5:2f:c4:7e:8a:4a:18:5d:c6:04:10:04:92:c9:80:
68:b5:01:96:fd:6d:4c:ed:40:d8:83:bb:4d:c6:50:16:a1:4f:
cf:77:3d:56:4b:e8:26:13:44:3a:4c:1c:53:44:94:14:04:98:
67:ae:4c:9c:b6:cb:69:1f:bf:2f:00:e8:fd:dd:10:53:41:8a:
ea:d9:fd:94:9f:d9:b8:47:18:bb:26:ab:db:78:75:67:ac:1b:
f7:a4:7c:e0:5c:8f:34:31:86:96:3c:9d:5d:ba:d5:24:6e:3a:
0f:6d:cd:10:12:25:a8:07:92:c0:e8:64:d3:57:55:27:e4:c9:
86:00:20:df:b0:9d:bc:54:98:26:f7:27:2c:a9:db:26:4c:38:
49:df:c7:f6:e1:e3:b6:b2:f8:a4:67:94:2f:59:a4:47:2a:3c:
59:8f:cf:77:b7:08:94:8a:5d:e9:d2:d2:5c:f0:9b:c9:87:f2:
92:c1:34:71:a6:8c:f7:5a:c7:d8:40:df:2f:c1:69:d7:a7:ef:
06:93:6f:d4:76:cc:82:26:3c:91:53:f1:e1:99:3f:8d:61:b6:
ef:45:55:bc:66:e1:38:e5:6c:69:f7:29:88:fc:d1:3d:ca:8a:
de:74:ac:1a:80:03:ef:3a:84:92:2c:1a:f7:8d:b1:b6:3a:28:
e2:ca:ac:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt8E1HvvOTfEa+JkNMl3JV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNjFlM2Q4MWYwNWFjYjU2YmRmNzk4ZWQ0YWUyYWY2Mzc3
OTQyMDEwHhcNMjYwMTAyMDAxOTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkNWM0ODU1M2MxZThmZjk4MDY0NjZmN2YyNzkwMGNmZmZmNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY7FebSDXTQCN6byCt3bvHtgJ6Pf
krh843fZBVh9bbYSK0bdqH6Z+yDpPGdX4MFA4OCezamnhFRXXypiDUfFuFCYMOE0
HDw4n7Bft0SxU6pjU4Jhg16Dmht8iswKiT83xgtJQmQUl5QaDWOB6O71ivQxG9UR
5PwAr+7Qlsqc64EpiARE+5m9/JeHxAnFdtK/BWcCebmXFbgvjTyiA10NcYWaW+V0
EhhV/aGKaaRnHlQdkuPCMS8DV+RhvCgZzxdYm79nj36UVK2JwFFxmZxAQpLiThXw
N4XsF4XIjDPktT/Lcg7jToP7p2EgZ2Qd8/2F0C8w871HLfUHMR5qeX74aQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDjNXEhVPB6P+YBkZvfyeQDP//VaMB8GA1UdIwQY
MBaAFHxh49gfBay1a995jtSuKvY3eUIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkdIajJCOEZyTFZyMzNtTzFLNHE5amQ1UWdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iMDIxMmEtZWFiZS00NWFiLWJmZDUt
OWRmYmU2ZGRhODhhLzEvT00xY1NGVThIb181Z0dSbTlfSjVBTV9fOVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iMDIxMmEtZWFiZS00NWFiLWJmZDUtOWRmYmU2ZGRhODhh
LzEvZkdIajJCOEZyTFZyMzNtTzFLNHE5amQ1UWdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxg4AwQG
VcTAAwQEXbnwAwQCuWH4MA0EAgACMAcDBQAqA0NgMA0GCSqGSIb3DQEBCwUAA4IB
AQAhaj/lL8R+ikoYXcYEEASSyYBotQGW/W1M7UDYg7tNxlAWoU/Pdz1WS+gmE0Q6
TBxTRJQUBJhnrkyctstpH78vAOj93RBTQYrq2f2Un9m4Rxi7JqvbeHVnrBv3pHzg
XI80MYaWPJ1dutUkbjoPbc0QEiWoB5LA6GTTV1Un5MmGACDfsJ28VJgm9ycsqdsm
TDhJ38f24eO2svikZ5QvWaRHKjxZj893twiUil3p0tJc8JvJh/KSwTRxpoz3WsfY
QN8vwWnXp+8Gk2/UdsyCJjyRU/HhmT+NYbbvRVW8ZuE45Wxp9ymI/NE9yoredKwa
gAPvOoSSLBr3jbG2OijiyqzJ
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:23:46 2026 by rpki-client