Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/Di2m4-5_QDl5Rldoh59q9lj5dCY.roa
File: Di2m4-5_QDl5Rldoh59q9lj5dCY.roa (raw, json)
Hash identifier: GNTOuw95a8w2YtoMmrRI/JIWU21DxcdrGmYPu8oxIao=
Subject key identifier: 0E:2D:A6:E3:EE:7F:40:39:79:46:57:68:87:9F:6A:F6:58:F9:74:26
Certificate issuer: /CN=ad5ce553006070fe080370adfb944ed29b7d9411
Certificate serial: 019E3EEB1EC93B328D8858F3A9F2E9D41FBF
Authority key identifier: AD:5C:E5:53:00:60:70:FE:08:03:70:AD:FB:94:4E:D2:9B:7D:94:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/Di2m4-5_QDl5Rldoh59q9lj5dCY.roa
Signing time: Tue 19 May 2026 06:27:36 +0000
ROA not before: Tue 19 May 2026 06:27:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198433
IP address blocks: 37.128.176.0/21 maxlen: 24
87.117.120.0/21 maxlen: 24
185.80.64.0/22 maxlen: 24
2a00:82c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:eb:1e:c9:3b:32:8d:88:58:f3:a9:f2:e9:d4:1f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5ce553006070fe080370adfb944ed29b7d9411
Validity
Not Before: May 19 06:27:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e2da6e3ee7f403979465768879f6af658f97426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:42:52:1e:22:f7:5c:7a:19:8b:af:84:c0:
33:b0:66:b1:68:0b:05:57:71:92:c5:04:fa:82:1a:
53:82:66:fa:ee:7d:d4:51:13:06:7e:8a:52:4a:38:
4e:83:99:c2:36:10:d4:42:40:96:7b:c2:44:d9:f3:
34:19:dd:fc:55:b0:9f:27:32:92:50:f0:0d:f9:6c:
ac:f9:e9:f3:99:ce:cd:4b:d7:e9:50:83:e0:13:ea:
d0:55:70:43:93:ff:93:39:de:64:04:24:d0:ef:36:
e6:4c:31:96:a6:ea:99:48:7d:03:8a:6c:ae:0e:b2:
ce:e9:56:8e:1f:6c:a6:bd:17:97:d5:39:76:fe:f5:
60:fc:01:17:15:6a:ae:1e:4f:b4:ec:d4:58:40:32:
db:01:63:2a:fa:a7:ac:c7:b5:3b:01:18:3a:10:a5:
f0:8e:27:a8:5f:c1:c7:c4:93:11:33:3c:a6:85:34:
ae:4a:c6:4b:f5:d8:c9:3e:26:1e:54:ff:99:a9:e4:
32:46:e5:58:6a:83:31:b0:e5:1b:12:ce:66:73:98:
fd:f3:09:35:05:5c:fb:d8:da:b9:3a:33:a8:14:f7:
e9:6c:c0:6c:bc:ba:fd:07:43:35:95:b4:ab:04:19:
21:91:3e:bd:1d:72:79:a5:fb:a4:6b:a5:c7:12:90:
a0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:A6:E3:EE:7F:40:39:79:46:57:68:87:9F:6A:F6:58:F9:74:26
X509v3 Authority Key Identifier:
keyid:AD:5C:E5:53:00:60:70:FE:08:03:70:AD:FB:94:4E:D2:9B:7D:94:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/Di2m4-5_QDl5Rldoh59q9lj5dCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2177e6-d3f0-4552-8b39-493fdb65ee05/1/rVzlUwBgcP4IA3Ct-5RO0pt9lBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.176.0/21
87.117.120.0/21
185.80.64.0/22
IPv6:
2a00:82c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:57:c1:2c:68:27:87:42:72:1d:20:20:13:50:ab:63:b7:a8:
f5:d5:9e:b6:1e:76:d7:87:f8:df:82:ce:d1:4d:66:66:bf:00:
32:63:79:91:62:07:26:c8:2d:71:ff:05:d3:6a:99:5d:15:0a:
ff:03:23:70:d2:4b:ff:b4:eb:59:c6:f9:af:c1:ed:db:eb:56:
99:37:d4:50:7c:ad:b8:6f:51:e1:29:e2:88:00:21:1e:be:1e:
d9:3c:1f:c2:82:b4:8b:fe:16:1c:46:e0:2f:6f:f8:69:b0:2c:
f9:e9:68:c1:00:98:aa:3b:0c:6d:a9:5c:97:03:15:31:48:27:
ae:c1:4d:82:f1:80:8e:b8:86:0f:7a:58:8d:7d:65:d5:30:09:
31:96:01:4f:57:03:07:47:fc:f3:4d:f6:d1:38:fc:ad:7d:fe:
30:31:ef:3b:d5:29:7c:03:a3:8b:ff:fd:dd:2d:82:79:10:02:
77:82:1f:75:96:40:46:e3:74:b8:6a:db:f4:33:db:60:0d:42:
d0:46:46:74:67:a5:f8:f1:2a:38:6b:65:c7:9e:b2:b9:04:af:
05:53:9f:2f:83:c3:18:dc:02:73:72:77:29:fb:68:9c:7e:15:
a9:d5:7b:ee:be:61:62:26:ea:91:d8:e5:7d:93:3d:cb:83:a7:
c4:6e:10:ef
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4+6x7JOzKNiFjzqfLp1B+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWNlNTUzMDA2MDcwZmUwODAzNzBhZGZiOTQ0ZWQyOWI3
ZDk0MTEwHhcNMjYwNTE5MDYyNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJkYTZlM2VlN2Y0MDM5Nzk0NjU3Njg4NzlmNmFmNjU4Zjk3NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWVCUh4i91x6GYuvhMAzsGaxaAsF
V3GSxQT6ghpTgmb67n3UURMGfopSSjhOg5nCNhDUQkCWe8JE2fM0Gd38VbCfJzKS
UPAN+Wys+enzmc7NS9fpUIPgE+rQVXBDk/+TOd5kBCTQ7zbmTDGWpuqZSH0Dimyu
DrLO6VaOH2ymvReX1Tl2/vVg/AEXFWquHk+07NRYQDLbAWMq+qesx7U7ARg6EKXw
jieoX8HHxJMRMzymhTSuSsZL9djJPiYeVP+ZqeQyRuVYaoMxsOUbEs5mc5j98wk1
BVz72Nq5OjOoFPfpbMBsvLr9B0M1lbSrBBkhkT69HXJ5pfuka6XHEpCg8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA4tpuPuf0A5eUZXaIefavZY+XQmMB8GA1UdIwQY
MBaAFK1c5VMAYHD+CANwrfuUTtKbfZQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZ6bFV3QmdjUDRJQTNDdC01Uk8wcHQ5bEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yMTc3ZTYtZDNmMC00NTUyLThiMzkt
NDkzZmRiNjVlZTA1LzEvRGkybTQtNV9RRGw1Umxkb2g1OXE5bGo1ZENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yMTc3ZTYtZDNmMC00NTUyLThiMzktNDkzZmRiNjVlZTA1
LzEvclZ6bFV3QmdjUDRJQTNDdC01Uk8wcHQ5bEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJYCwAwQD
V3V4AwQCuVBAMA0EAgACMAcDBQAqAILAMA0GCSqGSIb3DQEBCwUAA4IBAQApV8Es
aCeHQnIdICATUKtjt6j11Z62HnbXh/jfgs7RTWZmvwAyY3mRYgcmyC1x/wXTapld
FQr/AyNw0kv/tOtZxvmvwe3b61aZN9RQfK24b1HhKeKIACEevh7ZPB/CgrSL/hYc
RuAvb/hpsCz56WjBAJiqOwxtqVyXAxUxSCeuwU2C8YCOuIYPeliNfWXVMAkxlgFP
VwMHR/zzTfbROPytff4wMe871Sl8A6OL//3dLYJ5EAJ3gh91lkBG43S4atv0M9tg
DULQRkZ0Z6X48So4a2XHnrK5BK8FU58vg8MY3AJzcncp+2icfhWp1XvuvmFiJuqR
2OV9kz3Lg6fEbhDv
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:15:39 2026 by rpki-client