Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/o2oMp4w_9TGCM9aisNXx6hIf0dE.roa
File: o2oMp4w_9TGCM9aisNXx6hIf0dE.roa (raw, json)
Hash identifier: 5zj6ry4dUTAYdyPOXRmxJv5IwbCW/zphAyYpf0E3ouc=
Subject key identifier: A3:6A:0C:A7:8C:3F:F5:31:82:33:D6:A2:B0:D5:F1:EA:12:1F:D1:D1
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 019C1FE46F497721E1788F78DE8B4ABAAB5B
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/o2oMp4w_9TGCM9aisNXx6hIf0dE.roa
Signing time: Mon 02 Feb 2026 19:46:30 +0000
ROA not before: Mon 02 Feb 2026 19:46:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51264
IP address blocks: 91.202.0.0/24 maxlen: 24
91.202.3.0/24 maxlen: 24
91.228.218.0/24 maxlen: 24
176.117.68.0/23 maxlen: 23
193.108.170.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
195.14.123.0/24 maxlen: 24
195.93.173.0/24 maxlen: 24
2001:678:cfc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:1f:e4:6f:49:77:21:e1:78:8f:78:de:8b:4a:ba:ab:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Feb 2 19:46:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a36a0ca78c3ff5318233d6a2b0d5f1ea121fd1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:67:68:ed:17:bb:59:8b:31:0b:da:e8:fa:fc:
de:cb:5f:4f:21:5c:87:70:86:d3:5a:8e:ee:e8:9d:
0a:66:9d:37:90:dc:6b:fc:67:47:fd:f2:2c:09:73:
ae:64:6f:f4:e5:82:66:87:14:d4:c5:62:48:bd:cb:
11:da:49:08:bc:94:7c:da:38:e0:53:da:e5:4d:3e:
65:5f:db:5f:67:13:f4:27:d9:1a:12:61:3e:63:fc:
ca:e4:e7:45:4b:8e:25:07:02:c9:09:37:d0:38:fe:
f3:a1:09:d0:a7:f7:66:32:90:79:55:00:6f:df:15:
4c:63:ae:66:94:b9:3e:b3:49:10:81:36:f0:e8:4c:
54:f8:b8:eb:cc:90:9a:3b:60:91:ae:6b:4c:8b:6d:
a3:f8:b0:71:48:17:fc:d8:18:01:71:14:a3:c6:84:
1a:70:81:d6:d0:ec:99:2d:09:08:88:8e:fb:30:ef:
ef:51:42:63:63:50:58:0a:0a:45:1e:ef:e6:fc:73:
0a:71:64:f2:a0:52:82:ce:b2:0c:7d:c4:15:e6:23:
24:67:26:20:2c:51:6f:74:f7:65:1d:a3:d6:c1:d4:
f8:73:7f:c5:73:9f:d7:7d:f1:09:bb:2a:d8:9a:5a:
04:cd:b2:37:2f:cf:f0:87:7a:48:71:65:7c:af:a8:
10:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6A:0C:A7:8C:3F:F5:31:82:33:D6:A2:B0:D5:F1:EA:12:1F:D1:D1
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/o2oMp4w_9TGCM9aisNXx6hIf0dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.0.0/24
91.202.3.0/24
91.228.218.0/24
176.117.68.0/23
193.108.170.0/24
194.0.206.0/24
194.143.146.0/24
195.14.123.0/24
195.93.173.0/24
IPv6:
2001:678:cfc::/48
Signature Algorithm: sha256WithRSAEncryption
17:38:e3:c2:d5:a1:d5:d1:de:67:c8:e3:fc:93:bb:82:eb:0f:
eb:24:b6:96:86:2f:c0:d6:60:7e:6e:de:4f:87:8c:28:d8:f1:
10:91:b9:42:aa:df:cf:bd:bd:15:91:2e:6c:6c:cb:61:49:ca:
74:3b:78:4f:35:42:19:bd:88:41:d2:cf:89:36:a1:5f:ee:3f:
02:ad:17:4a:5d:ae:71:42:ae:68:ba:29:5d:6d:14:c1:f7:09:
53:a0:2e:41:9b:68:37:3b:27:16:cf:f2:a0:e2:33:96:ec:ab:
fe:f7:a1:2f:e1:58:d5:73:77:31:a4:40:5c:73:26:e3:79:ab:
5f:0f:f7:03:ff:23:d6:ab:88:f9:96:d7:eb:fb:db:3f:cd:9a:
64:5f:8f:5b:5c:77:e2:66:ed:29:12:94:b1:7f:37:21:25:a1:
32:84:e9:45:47:dc:d2:84:05:72:16:c6:b1:61:62:dc:30:a0:
bc:58:fb:93:4e:a8:ab:c9:8b:a2:16:45:c4:28:3b:3b:49:f0:
ab:0b:25:7e:2b:a1:58:50:b3:f1:50:e1:8e:b9:23:23:1d:dc:
f3:73:b3:f3:b9:2b:db:ad:71:dc:79:ac:25:b8:6c:08:61:81:
04:85:f4:95:5b:d9:b7:6d:48:a1:b0:37:41:56:81:a3:cb:67:
7b:35:d1:b8
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZwf5G9JdyHheI943otKuqtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjYwMjAyMTk0NjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZhMGNhNzhjM2ZmNTMxODIzM2Q2YTJiMGQ1ZjFlYTEyMWZkMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mdo7Re7WYsxC9ro+vzey19PIVyH
cIbTWo7u6J0KZp03kNxr/GdH/fIsCXOuZG/05YJmhxTUxWJIvcsR2kkIvJR82jjg
U9rlTT5lX9tfZxP0J9kaEmE+Y/zK5OdFS44lBwLJCTfQOP7zoQnQp/dmMpB5VQBv
3xVMY65mlLk+s0kQgTbw6ExU+LjrzJCaO2CRrmtMi22j+LBxSBf82BgBcRSjxoQa
cIHW0OyZLQkIiI77MO/vUUJjY1BYCgpFHu/m/HMKcWTyoFKCzrIMfcQV5iMkZyYg
LFFvdPdlHaPWwdT4c3/Fc5/XffEJuyrYmloEzbI3L8/wh3pIcWV8r6gQDQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKNqDKeMP/UxgjPWorDV8eoSH9HRMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvbzJvTXA0d185VEdDTTlhaXNOWHg2aElmMGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQAW8oAAwQA
W8oDAwQAW+TaAwQBsHVEAwQAwWyqAwQAwgDOAwQAwo+SAwQAww57AwQAw12tMA8E
AgACMAkDBwAgAQZ4DPwwDQYJKoZIhvcNAQELBQADggEBABc448LVodXR3mfI4/yT
u4LrD+sktpaGL8DWYH5u3k+HjCjY8RCRuUKq38+9vRWRLmxsy2FJynQ7eE81Qhm9
iEHSz4k2oV/uPwKtF0pdrnFCrmi6KV1tFMH3CVOgLkGbaDc7JxbP8qDiM5bsq/73
oS/hWNVzdzGkQFxzJuN5q18P9wP/I9ariPmW1+v72z/NmmRfj1tcd+Jm7SkSlLF/
NyEloTKE6UVH3NKEBXIWxrFhYtwwoLxY+5NOqKvJi6IWRcQoOztJ8KsLJX4roVhQ
s/FQ4Y65IyMd3PNzs/O5K9utcdx5rCW4bAhhgQSF9JVb2bdtSKGwN0FWgaPLZ3s1
0bg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:50:27 2026 by rpki-client