Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/3OMBkOzT06rmiiUnS5LEcdnXd4E.roa
File: 3OMBkOzT06rmiiUnS5LEcdnXd4E.roa (raw, json)
Hash identifier: TjjnmhASdsxVvkkPJGFd8+LbQbz+nLBXswxcPbrOPCQ=
Subject key identifier: DC:E3:01:90:EC:D3:D3:AA:E6:8A:25:27:4B:92:C4:71:D9:D7:77:81
Certificate issuer: /CN=ede7662d597fafc96dd765577508c3ed029d6567
Certificate serial: 019B7D5C82150209874E268B9B84BD049554
Authority key identifier: ED:E7:66:2D:59:7F:AF:C9:6D:D7:65:57:75:08:C3:ED:02:9D:65:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7edmLVl_r8lt12VXdQjD7QKdZWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/3OMBkOzT06rmiiUnS5LEcdnXd4E.roa
Signing time: Fri 02 Jan 2026 06:19:33 +0000
ROA not before: Fri 02 Jan 2026 06:19:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44205
IP address blocks: 45.8.120.0/22 maxlen: 22
45.144.180.0/22 maxlen: 22
185.115.120.0/22 maxlen: 22
2a06:7600::/29 maxlen: 29
2a0e:8900::/29 maxlen: 29
2a0e:f340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/7edmLVl_r8lt12VXdQjD7QKdZWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/7edmLVl_r8lt12VXdQjD7QKdZWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7edmLVl_r8lt12VXdQjD7QKdZWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:82:15:02:09:87:4e:26:8b:9b:84:bd:04:95:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ede7662d597fafc96dd765577508c3ed029d6567
Validity
Not Before: Jan 2 06:19:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dce30190ecd3d3aae68a25274b92c471d9d77781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:5e:63:ef:5f:f1:65:36:6c:25:7c:b7:1c:
0b:01:ba:56:22:dc:45:e3:61:cf:15:d8:35:de:57:
5a:9f:9e:35:f0:49:ba:19:a9:85:a2:d6:81:ce:33:
67:8a:a6:fb:df:32:b3:61:c1:cf:5b:af:94:2c:bb:
65:73:cd:50:ee:6c:be:93:a7:5f:57:1c:01:7a:14:
1a:f8:15:0b:39:46:24:eb:78:86:c2:05:89:ee:56:
85:a9:f7:39:05:76:ae:c3:3f:a6:c0:5c:1c:28:63:
4c:c8:2e:57:c9:86:9a:46:98:45:09:a9:7f:67:b1:
55:42:6d:c6:6f:05:47:45:63:3c:7e:df:a3:3e:6a:
a6:04:f9:c0:2f:f7:ec:7c:7f:92:d6:cb:f2:37:52:
a9:73:cb:c4:2e:5a:5e:42:92:a3:6f:cd:a5:4d:ee:
e2:bd:da:30:19:4a:91:37:f9:7b:da:fc:ec:de:e6:
0c:1f:1b:40:e3:0e:42:60:02:f2:d5:26:83:cf:75:
b8:89:46:3b:54:01:01:47:e7:c8:ae:9a:a6:1c:0b:
52:a3:ca:29:b4:93:82:c5:07:a3:bd:3f:81:fa:a7:
9a:b9:ca:6b:87:4c:43:d3:45:1f:9f:fc:bc:dd:ce:
a6:55:7c:7a:09:ea:6e:ce:61:4d:e9:a7:89:f9:40:
9c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E3:01:90:EC:D3:D3:AA:E6:8A:25:27:4B:92:C4:71:D9:D7:77:81
X509v3 Authority Key Identifier:
keyid:ED:E7:66:2D:59:7F:AF:C9:6D:D7:65:57:75:08:C3:ED:02:9D:65:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7edmLVl_r8lt12VXdQjD7QKdZWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/3OMBkOzT06rmiiUnS5LEcdnXd4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2dce04-747a-4a4d-96a2-d357f5aeeb85/1/7edmLVl_r8lt12VXdQjD7QKdZWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.120.0/22
45.144.180.0/22
185.115.120.0/22
IPv6:
2a06:7600::/29
2a0e:8900::/29
2a0e:f340::/29
Signature Algorithm: sha256WithRSAEncryption
81:ad:f4:3b:7e:2b:ab:f4:d2:3d:cb:67:c3:ba:73:9d:f7:b2:
42:07:78:ec:bc:cb:5d:cd:f1:f7:23:87:da:90:79:31:76:7f:
16:35:e5:4c:83:ef:02:aa:ca:bc:5c:1e:bf:72:40:6a:19:94:
f1:c0:93:2d:91:7f:fd:da:24:cb:11:73:87:d6:37:6d:83:e9:
ab:1f:5f:ad:4c:7a:1d:30:5e:9e:1b:96:6e:e4:c3:57:8c:ec:
6a:f6:d1:06:9f:47:80:a6:12:c8:76:d8:de:8c:5b:0b:e5:76:
d6:ad:75:4f:23:d2:40:51:ad:dc:13:81:c5:ac:8f:65:d2:e3:
e6:1d:7e:39:e0:cf:12:3e:4a:5a:eb:5b:65:d4:b1:a8:ec:b0:
d2:9d:b5:bc:96:79:a2:fc:9c:b9:f4:03:ec:19:de:11:57:84:
af:de:84:c6:6b:94:54:36:41:46:70:d0:0e:cc:5a:e7:52:30:
af:9b:32:5e:ef:15:c6:fd:55:53:80:a0:03:b2:e0:8b:4b:50:
e9:e0:6a:e2:6c:b5:2c:29:58:d3:0e:a7:cf:a3:6e:a7:fc:ca:
cf:fe:c8:7e:2f:57:8a:e2:95:73:b4:0a:d8:c2:69:ef:b9:fb:
67:19:5c:e6:d2:9b:56:bb:20:2f:6b:f4:7e:bd:8e:df:e6:aa:
00:3e:d7:45
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZt9XIIVAgmHTiaLm4S9BJVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZTc2NjJkNTk3ZmFmYzk2ZGQ3NjU1Nzc1MDhjM2VkMDI5
ZDY1NjcwHhcNMjYwMTAyMDYxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UzMDE5MGVjZDNkM2FhZTY4YTI1Mjc0YjkyYzQ3MWQ5ZDc3NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx1eY+9f8WU2bCV8txwLAbpWItxF
42HPFdg13ldan5418Em6GamFotaBzjNniqb73zKzYcHPW6+ULLtlc81Q7my+k6df
VxwBehQa+BULOUYk63iGwgWJ7laFqfc5BXauwz+mwFwcKGNMyC5XyYaaRphFCal/
Z7FVQm3GbwVHRWM8ft+jPmqmBPnAL/fsfH+S1svyN1Kpc8vELlpeQpKjb82lTe7i
vdowGUqRN/l72vzs3uYMHxtA4w5CYALy1SaDz3W4iUY7VAEBR+fIrpqmHAtSo8op
tJOCxQejvT+B+qeaucprh0xD00Ufn/y83c6mVXx6CepuzmFN6aeJ+UCcPQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFNzjAZDs09Oq5oolJ0uSxHHZ13eBMB8GA1UdIwQY
MBaAFO3nZi1Zf6/JbddlV3UIw+0CnWVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2VkbUxWbF9yOGx0MTJWWGRRakQ3UUtkWldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yZGNlMDQtNzQ3YS00YTRkLTk2YTIt
ZDM1N2Y1YWVlYjg1LzEvM09NQmtPelQwNnJtaWlVblM1TEVjZG5YZDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yZGNlMDQtNzQ3YS00YTRkLTk2YTItZDM1N2Y1YWVlYjg1
LzEvN2VkbUxWbF9yOGx0MTJWWGRRakQ3UUtkWldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLQh4AwQC
LZC0AwQCuXN4MBsEAgACMBUDBQMqBnYAAwUDKg6JAAMFAyoO80AwDQYJKoZIhvcN
AQELBQADggEBAIGt9Dt+K6v00j3LZ8O6c533skIHeOy8y13N8fcjh9qQeTF2fxY1
5UyD7wKqyrxcHr9yQGoZlPHAky2Rf/3aJMsRc4fWN22D6asfX61Meh0wXp4blm7k
w1eM7Gr20QafR4CmEsh22N6MWwvldtatdU8j0kBRrdwTgcWsj2XS4+YdfjngzxI+
SlrrW2XUsajssNKdtbyWeaL8nLn0A+wZ3hFXhK/ehMZrlFQ2QUZw0A7MWudSMK+b
Ml7vFcb9VVOAoAOy4ItLUOngauJstSwpWNMOp8+jbqf8ys/+yH4vV4rilXO0CtjC
ae+5+2cZXObSm1a7IC9r9H69jt/mqgA+10U=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:10:47 2026 by rpki-client