Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dt9efzM2ULu4Zu9iP73WrgNj2DI.roa
File: dt9efzM2ULu4Zu9iP73WrgNj2DI.roa (raw, json)
Hash identifier: ywiBGBfSgs3jqHvwb/CwkJgnrvsScuOriaFHr/KCcjE=
Subject key identifier: 76:DF:5E:7F:33:36:50:BB:B8:66:EF:62:3F:BD:D6:AE:03:63:D8:32
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019ECA6F4ECEE537EA77EEBDBDFB3A577FAA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dt9efzM2ULu4Zu9iP73WrgNj2DI.roa
Signing time: Mon 15 Jun 2026 08:39:12 +0000
ROA not before: Mon 15 Jun 2026 08:39:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209693
IP address blocks: 45.88.88.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Jun 2026 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:6f:4e:ce:e5:37:ea:77:ee:bd:bd:fb:3a:57:7f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 15 08:39:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76df5e7f333650bbb866ef623fbdd6ae0363d832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:73:f7:94:37:9c:f9:f8:04:b9:6c:c7:0f:
98:0d:33:5c:08:48:e9:eb:8f:cd:29:7b:fb:96:4f:
ba:5b:15:5f:88:85:30:fa:4b:8a:5e:1f:b3:0e:eb:
f7:12:c2:b4:df:8d:60:08:81:7c:87:13:9d:96:8d:
38:11:0f:ba:de:dd:16:35:40:93:26:a1:b7:a3:7e:
2e:0f:77:0b:e6:7b:3d:4e:a7:1c:c9:62:a1:51:a8:
15:4b:bb:56:fe:7d:54:a5:8c:fb:3c:f4:ce:23:2e:
dc:bb:d9:ff:49:89:af:01:27:91:f0:db:f9:0b:a7:
f8:2c:50:ca:46:b5:67:65:19:45:19:2e:4e:3a:1b:
40:14:a5:68:15:43:1f:18:04:84:f2:5c:17:c6:39:
d5:87:50:d9:00:56:ee:39:ee:bc:08:20:26:11:99:
84:c7:73:41:f2:a5:42:d0:c5:0f:4a:5a:0c:57:44:
f4:2d:67:92:25:ca:57:33:c8:36:bf:6f:e4:64:d2:
42:a6:ce:1f:d5:67:28:e4:4b:2c:bb:11:3b:dd:8f:
2e:52:3a:ed:a4:c0:6e:75:0d:37:8b:61:67:e6:3d:
ff:44:e1:c9:75:dc:a3:37:a3:52:e6:a6:ed:9f:30:
2d:8c:79:a5:e5:60:da:37:ce:2c:1a:13:12:e1:f1:
ca:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DF:5E:7F:33:36:50:BB:B8:66:EF:62:3F:BD:D6:AE:03:63:D8:32
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dt9efzM2ULu4Zu9iP73WrgNj2DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
83.219.97.0/24
87.121.86.0/24
176.125.254.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
51:3a:bf:54:10:87:81:72:12:a3:c1:4d:99:13:2e:38:9e:e9:
f2:86:f2:37:f6:f2:26:f0:73:72:7c:53:b0:c0:77:64:9c:e2:
a3:89:76:5b:51:e1:99:d0:5c:f4:e2:e5:8e:ad:e1:b0:a7:eb:
d8:8c:61:94:bc:ce:a3:59:ca:5d:e4:19:cc:f5:ca:0b:ea:c2:
aa:05:de:c6:9c:25:59:50:a4:13:47:4c:b1:34:28:c9:9e:88:
df:c9:75:ef:4a:4a:95:31:54:52:ee:2e:0f:63:27:b0:8c:76:
96:3d:d4:b1:a1:78:a6:12:ff:e3:80:00:c5:0b:6b:d3:28:a1:
69:29:a1:1f:73:4d:20:0b:cc:02:e9:e2:af:97:a8:89:a1:75:
de:94:c7:6d:30:93:16:fa:61:72:8e:ed:cd:c9:e5:b8:37:8c:
83:9f:bb:fd:5f:b2:30:13:c8:fe:85:1e:09:d9:c9:a7:3d:fb:
96:cb:4d:37:53:9b:a1:47:8d:c8:e2:af:33:85:a8:4d:5e:86:
fd:83:30:c7:e4:7d:e2:95:d1:90:76:9e:38:a2:a7:b9:57:fe:
8b:cb:0c:e6:55:cb:18:87:f9:5e:63:6d:b3:43:3a:ab:a3:71:
58:f1:6a:92:63:ae:09:a6:1c:19:51:ab:81:51:7d:c3:95:08:
65:9d:cc:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ7Kb07O5Tfqd+69vfs6V3+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjE1MDgzOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRmNWU3ZjMzMzY1MGJiYjg2NmVmNjIzZmJkZDZhZTAzNjNkODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Gdz95Q3nPn4BLlsxw+YDTNcCEjp
64/NKXv7lk+6WxVfiIUw+kuKXh+zDuv3EsK0341gCIF8hxOdlo04EQ+63t0WNUCT
JqG3o34uD3cL5ns9TqccyWKhUagVS7tW/n1UpYz7PPTOIy7cu9n/SYmvASeR8Nv5
C6f4LFDKRrVnZRlFGS5OOhtAFKVoFUMfGASE8lwXxjnVh1DZAFbuOe68CCAmEZmE
x3NB8qVC0MUPSloMV0T0LWeSJcpXM8g2v2/kZNJCps4f1Wco5EssuxE73Y8uUjrt
pMBudQ03i2Fn5j3/ROHJddyjN6NS5qbtnzAtjHml5WDaN84sGhMS4fHKLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHbfXn8zNlC7uGbvYj+91q4DY9gyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZHQ5ZWZ6TTJVTHU0WnU5aVA3M1dyZ05qMkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVhYAwQA
U9thAwQAV3lWAwQAsH3+AwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQBROr9UEIeB
chKjwU2ZEy44nunyhvI39vIm8HNyfFOwwHdknOKjiXZbUeGZ0Fz04uWOreGwp+vY
jGGUvM6jWcpd5BnM9coL6sKqBd7GnCVZUKQTR0yxNCjJnojfyXXvSkqVMVRS7i4P
YyewjHaWPdSxoXimEv/jgADFC2vTKKFpKaEfc00gC8wC6eKvl6iJoXXelMdtMJMW
+mFyju3NyeW4N4yDn7v9X7IwE8j+hR4J2cmnPfuWy003U5uhR43I4q8zhahNXob9
gzDH5H3ildGQdp44oqe5V/6LywzmVcsYh/leY22zQzqro3FY8WqSY64JphwZUauB
UX3DlQhlncxP
-----END CERTIFICATE-----
Generated at Tue Jun 16 02:11:42 2026 by rpki-client