Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/8ojHQg-5gn_Du7oteDU3y4gT3eo.roa
File: 8ojHQg-5gn_Du7oteDU3y4gT3eo.roa (raw, json)
Hash identifier: i3m9CQuoZX6ywBrI0Ffbx9GRfJOG6PI2xg9iGzfKe/A=
Subject key identifier: F2:88:C7:42:0F:B9:82:7F:C3:BB:BA:2D:78:35:37:CB:88:13:DD:EA
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 019D80E27E0A0C37DC0EB802152CE5B83E0B
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/8ojHQg-5gn_Du7oteDU3y4gT3eo.roa
Signing time: Sun 12 Apr 2026 08:50:20 +0000
ROA not before: Sun 12 Apr 2026 08:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216419
IP address blocks: 46.49.160.0/24 maxlen: 24
95.177.144.0/23 maxlen: 23
134.239.64.0/19 maxlen: 19
134.239.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:80:e2:7e:0a:0c:37:dc:0e:b8:02:15:2c:e5:b8:3e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Apr 12 08:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f288c7420fb9827fc3bbba2d783537cb8813ddea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:c1:3a:e4:52:c2:1a:1f:e2:41:0b:8d:d3:
d2:cc:b4:48:58:3f:80:a8:d1:78:6e:a8:3e:1b:01:
99:ba:bc:92:8b:d7:ef:d1:6f:8f:f9:bc:c2:42:7e:
a4:ba:df:1e:ba:b6:cc:04:66:21:63:70:fc:76:28:
22:f7:6d:4a:0e:e1:5e:b7:17:88:c9:cf:4f:1b:72:
78:5c:ed:5a:df:21:03:a1:81:06:fa:d4:c5:4b:60:
fe:08:d4:2d:0f:b8:07:d6:c7:8d:78:b9:39:4f:22:
3a:77:ba:1d:a4:67:a4:ec:9b:19:88:48:77:9b:b8:
51:a1:68:9c:db:24:73:90:2b:d1:23:80:d2:21:ae:
e2:7d:a4:30:94:07:f3:f8:90:4c:36:5f:56:af:ad:
e5:d9:57:46:d4:1d:48:ef:96:66:b3:32:ff:43:28:
80:dc:e7:a0:05:b6:02:1b:33:60:51:19:6b:34:cf:
d2:63:7f:ab:16:90:83:97:9f:17:72:8e:10:c5:1a:
61:db:de:29:67:7e:de:90:66:b8:c6:15:3a:78:dc:
6e:bd:c2:17:cf:67:a1:16:cc:ed:65:d9:57:88:7a:
cb:c5:7c:ab:9f:6d:ed:06:aa:06:77:12:9e:2e:c8:
85:b9:71:69:73:1f:00:8c:f8:6f:94:48:7d:9c:81:
c5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:88:C7:42:0F:B9:82:7F:C3:BB:BA:2D:78:35:37:CB:88:13:DD:EA
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/8ojHQg-5gn_Du7oteDU3y4gT3eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.160.0/24
95.177.144.0/23
134.239.64.0/19
134.239.192.0/22
Signature Algorithm: sha256WithRSAEncryption
33:7e:7b:55:6c:dc:40:6b:77:3c:a2:d8:cf:76:0c:4a:1e:ac:
ba:84:3e:d1:8c:06:52:96:7c:b0:f5:9f:ef:8e:2f:fe:ea:34:
f4:34:41:47:ba:d3:f7:5a:25:ca:d6:ac:c2:74:aa:17:42:fb:
13:8e:16:e2:48:9b:39:9e:8c:30:2d:8f:5c:80:3b:5e:de:4d:
29:50:77:b9:8c:29:43:5c:b7:e8:fe:c9:b3:1b:25:f4:71:98:
5c:16:a8:9a:80:4f:4a:ff:f5:48:8d:f5:05:7c:34:55:3c:b0:
63:7b:79:93:e7:2b:1b:19:87:fa:23:39:ff:08:c9:b4:ae:a8:
74:1f:07:3c:00:62:af:cb:d4:75:88:f5:33:60:b4:3e:b8:b6:
f0:a2:fa:ce:1e:16:ff:4e:0d:dd:eb:f4:cb:dd:0b:51:0e:4c:
46:4f:4d:f9:4a:82:ad:52:ab:e5:ac:f4:54:76:fe:f4:fe:1f:
25:bf:3f:bb:4d:fb:40:52:65:3c:e0:5c:54:94:56:17:d5:99:
da:d6:1a:ef:64:88:b2:d1:5c:8d:31:75:f2:2c:13:bb:83:4f:
33:24:87:db:33:f5:bb:05:4d:82:15:53:95:c1:b7:ba:bf:b1:
4f:94:96:9e:f0:79:5b:a1:6e:3d:2a:b6:d3:53:f6:75:3c:3c:
30:ac:e2:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2A4n4KDDfcDrgCFSzluD4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjYwNDEyMDg1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjg4Yzc0MjBmYjk4MjdmYzNiYmJhMmQ3ODM1MzdjYjg4MTNkZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY3BOuRSwhof4kELjdPSzLRIWD+A
qNF4bqg+GwGZurySi9fv0W+P+bzCQn6kut8eurbMBGYhY3D8digi921KDuFetxeI
yc9PG3J4XO1a3yEDoYEG+tTFS2D+CNQtD7gH1seNeLk5TyI6d7odpGek7JsZiEh3
m7hRoWic2yRzkCvRI4DSIa7ifaQwlAfz+JBMNl9Wr63l2VdG1B1I75ZmszL/QyiA
3OegBbYCGzNgURlrNM/SY3+rFpCDl58Xco4QxRph294pZ37ekGa4xhU6eNxuvcIX
z2ehFsztZdlXiHrLxXyrn23tBqoGdxKeLsiFuXFpcx8AjPhvlEh9nIHFKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKIx0IPuYJ/w7u6LXg1N8uIE93qMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvOG9qSFFnLTVnbl9EdTdvdGVEVTN5NGdUM2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALjGgAwQB
X7GQAwQFhu9AAwQChu/AMA0GCSqGSIb3DQEBCwUAA4IBAQAzfntVbNxAa3c8otjP
dgxKHqy6hD7RjAZSlnyw9Z/vji/+6jT0NEFHutP3WiXK1qzCdKoXQvsTjhbiSJs5
nowwLY9cgDte3k0pUHe5jClDXLfo/smzGyX0cZhcFqiagE9K//VIjfUFfDRVPLBj
e3mT5ysbGYf6Izn/CMm0rqh0Hwc8AGKvy9R1iPUzYLQ+uLbwovrOHhb/Tg3d6/TL
3QtRDkxGT035SoKtUqvlrPRUdv70/h8lvz+7TftAUmU84FxUlFYX1Zna1hrvZIiy
0VyNMXXyLBO7g08zJIfbM/W7BU2CFVOVwbe6v7FPlJae8HlboW49KrbTU/Z1PDww
rOIs
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:18:05 2026 by rpki-client