Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DXkMv66W4osbnOMTyKl6HKeaWwQ.roa
File: DXkMv66W4osbnOMTyKl6HKeaWwQ.roa (raw, json)
Hash identifier: mhY1YsRrjfV00QrTUuSvBzsZtGJuf9AsmAFq2FK8Gj8=
Subject key identifier: 0D:79:0C:BF:AE:96:E2:8B:1B:9C:E3:13:C8:A9:7A:1C:A7:9A:5B:04
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E5B0DDA39DBDA70EB810CC89A5A22C605
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DXkMv66W4osbnOMTyKl6HKeaWwQ.roa
Signing time: Sun 24 May 2026 17:34:54 +0000
ROA not before: Sun 24 May 2026 17:34:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 94.158.189.0/24 maxlen: 24
157.22.41.0/24 maxlen: 24
157.22.50.0/24 maxlen: 24
157.22.58.0/24 maxlen: 24
157.22.97.0/24 maxlen: 24
157.22.106.0/24 maxlen: 24
157.22.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 May 2026 12:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5b:0d:da:39:db:da:70:eb:81:0c:c8:9a:5a:22:c6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 24 17:34:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d790cbfae96e28b1b9ce313c8a97a1ca79a5b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:34:11:5a:4e:a4:f0:a6:43:a4:94:77:7f:eb:
23:a9:fc:9b:ad:bf:37:e1:f9:a0:9e:8d:e8:6d:e0:
03:fd:3d:69:63:33:86:6f:ed:8e:29:19:21:44:75:
94:71:82:07:8b:5f:c3:b0:41:ba:59:02:d9:7f:82:
3c:b2:aa:38:38:c0:c9:65:65:f3:e8:50:5b:15:b8:
8a:eb:ca:9d:26:d7:f9:a5:0a:29:96:46:8c:62:1a:
14:bf:8e:eb:87:b8:2b:f4:4f:f2:45:24:b0:91:3b:
6e:7a:80:61:46:aa:49:65:c6:83:fc:57:47:30:28:
29:35:5f:f5:3d:e2:51:32:c7:39:9f:a1:91:f9:8b:
5b:58:73:d6:00:46:c3:c8:36:d6:b5:9b:5a:c1:57:
fc:4a:41:94:dd:6b:30:7d:98:19:ba:3c:21:8e:5d:
dc:ed:e8:ff:64:00:96:f3:e8:5d:7c:82:ca:2e:a7:
61:c9:e5:6e:eb:95:ac:18:2f:44:88:77:d3:21:aa:
6b:7c:f5:2f:2c:fd:01:d4:bc:54:55:b4:c8:6e:2e:
a6:5a:78:ff:11:59:4f:73:a0:fe:5c:b4:09:5d:d3:
49:8b:f0:c8:1b:a6:24:a5:16:74:fe:73:25:fb:02:
a6:12:a9:12:b4:4b:1c:a9:63:70:ce:be:9b:08:8b:
05:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:79:0C:BF:AE:96:E2:8B:1B:9C:E3:13:C8:A9:7A:1C:A7:9A:5B:04
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/DXkMv66W4osbnOMTyKl6HKeaWwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.189.0/24
157.22.41.0/24
157.22.50.0/24
157.22.58.0/24
157.22.97.0/24
157.22.106.0/24
157.22.116.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:2b:0d:91:79:a5:0a:92:65:5b:30:e1:3a:62:f6:23:74:92:
3b:c2:51:62:80:c6:42:50:ef:be:c4:3c:f2:5f:86:38:6d:e5:
a5:2d:b4:0c:02:37:34:7c:be:8e:32:71:5b:44:18:f0:d7:93:
90:12:cc:e2:63:2f:d4:fe:84:12:6b:61:3b:ab:59:cd:a2:36:
11:56:30:4c:c0:48:26:4c:b7:08:88:a3:72:ee:20:c9:1a:bb:
9b:60:9b:d9:09:6e:cc:ad:b7:15:41:48:63:c4:b4:e4:d2:b9:
62:cf:f4:9c:48:1c:f6:ee:e3:44:f9:96:32:25:22:81:8b:47:
69:bf:ff:9d:99:a0:4c:15:d0:45:5c:97:f1:2a:03:4f:ea:86:
9d:73:b8:8b:8a:24:18:9f:3f:1b:79:9e:70:23:56:77:b9:aa:
b9:23:ad:2f:88:ad:a6:25:d8:99:18:32:b1:07:be:f6:36:90:
fa:e6:47:7a:20:d8:2d:41:54:0b:e3:89:f4:bf:4b:56:1f:ef:
84:7d:f1:a7:4c:3e:42:ea:15:8d:5a:0f:e4:d7:f8:65:c3:68:
6a:b5:ed:3b:76:0c:92:e9:75:ec:06:ee:ec:49:ad:54:fc:92:
f3:84:fd:f1:5d:6e:d0:c4:87:b7:51:ee:24:66:04:34:59:e7:
55:72:eb:25
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5bDdo529pw64EMyJpaIsYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTI0MTczNDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc5MGNiZmFlOTZlMjhiMWI5Y2UzMTNjOGE5N2ExY2E3OWE1YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzQRWk6k8KZDpJR3f+sjqfybrb83
4fmgno3obeAD/T1pYzOGb+2OKRkhRHWUcYIHi1/DsEG6WQLZf4I8sqo4OMDJZWXz
6FBbFbiK68qdJtf5pQoplkaMYhoUv47rh7gr9E/yRSSwkTtueoBhRqpJZcaD/FdH
MCgpNV/1PeJRMsc5n6GR+YtbWHPWAEbDyDbWtZtawVf8SkGU3WswfZgZujwhjl3c
7ej/ZACW8+hdfILKLqdhyeVu65WsGC9EiHfTIaprfPUvLP0B1LxUVbTIbi6mWnj/
EVlPc6D+XLQJXdNJi/DIG6YkpRZ0/nMl+wKmEqkStEscqWNwzr6bCIsFzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA15DL+uluKLG5zjE8ipehynmlsEMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRFhrTXY2Nlc0b3Nibk9NVHlLbDZIS2VhV3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAXp69AwQA
nRYpAwQAnRYyAwQAnRY6AwQAnRZhAwQAnRZqAwQAnRZ0MA0GCSqGSIb3DQEBCwUA
A4IBAQCbKw2ReaUKkmVbMOE6YvYjdJI7wlFigMZCUO++xDzyX4Y4beWlLbQMAjc0
fL6OMnFbRBjw15OQEsziYy/U/oQSa2E7q1nNojYRVjBMwEgmTLcIiKNy7iDJGrub
YJvZCW7MrbcVQUhjxLTk0rliz/ScSBz27uNE+ZYyJSKBi0dpv/+dmaBMFdBFXJfx
KgNP6oadc7iLiiQYnz8beZ5wI1Z3uaq5I60viK2mJdiZGDKxB772NpD65kd6INgt
QVQL44n0v0tWH++EffGnTD5C6hWNWg/k1/hlw2hqte07dgyS6XXsBu7sSa1U/JLz
hP3xXW7QxIe3Ue4kZgQ0WedVcusl
-----END CERTIFICATE-----
Generated at Tue May 26 20:48:14 2026 by rpki-client