Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/dRzGNjF88MErNhrrQg2yz8rafv0.roa
File: dRzGNjF88MErNhrrQg2yz8rafv0.roa (raw, json)
Hash identifier: +FBAp00ZDN+iU5QU1eqzTHX3mavDuO3cm22qwXqFd98=
Subject key identifier: 75:1C:C6:36:31:7C:F0:C1:2B:36:1A:EB:42:0D:B2:CF:CA:DA:7E:FD
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 019E92DBF8C0C80F5E651305C594BA103E0D
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/dRzGNjF88MErNhrrQg2yz8rafv0.roa
Signing time: Thu 04 Jun 2026 13:39:10 +0000
ROA not before: Thu 04 Jun 2026 13:39:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48539
IP address blocks: 188.66.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:db:f8:c0:c8:0f:5e:65:13:05:c5:94:ba:10:3e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jun 4 13:39:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=751cc636317cf0c12b361aeb420db2cfcada7efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:24:9c:d2:f6:82:4e:5e:3c:9b:e8:84:e8:
3d:62:64:81:da:6d:07:92:88:fb:ac:1f:10:e7:0c:
79:01:bf:e0:1d:7c:eb:ca:be:f0:1e:4e:f3:74:0d:
db:34:58:55:18:f2:76:9c:82:55:8c:de:50:60:e6:
71:64:16:f2:de:b0:63:1a:8f:a0:50:01:92:c7:2e:
96:2a:8a:7e:de:fa:51:ee:a3:cc:32:59:4c:d5:c6:
56:1f:65:53:03:2e:87:1c:1e:4c:e1:dd:4a:29:23:
0b:35:97:c9:62:70:aa:79:ce:db:4c:1e:0c:11:c1:
12:fb:e8:d3:e9:57:62:5b:0c:66:96:4c:52:aa:cd:
46:d3:8f:04:36:05:bc:71:15:ae:7a:cc:b4:3c:52:
7a:9a:2b:ff:ed:db:dc:1b:0a:97:9d:f9:c0:f0:59:
1c:93:19:88:60:99:74:0c:a6:ff:33:58:22:75:31:
76:0c:ae:0c:2b:98:ef:55:2b:f4:97:93:53:7b:ee:
1c:01:64:32:07:1d:1a:45:73:aa:39:55:60:46:36:
2a:8c:5d:5a:27:fc:58:84:42:ac:33:a1:bb:4b:56:
86:cf:3f:09:c7:c8:c4:2c:5f:9c:3f:3b:a2:77:e3:
02:67:23:5b:21:83:38:ca:5e:8d:c2:d7:1b:a5:3a:
9b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1C:C6:36:31:7C:F0:C1:2B:36:1A:EB:42:0D:B2:CF:CA:DA:7E:FD
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/dRzGNjF88MErNhrrQg2yz8rafv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.25.0/24
Signature Algorithm: sha256WithRSAEncryption
12:bb:10:40:e2:b9:77:11:72:e2:d0:aa:6e:08:39:19:63:10:
59:a2:41:99:71:fe:a2:93:90:a6:e0:a7:1b:ef:b8:06:18:31:
83:3a:01:04:0a:29:98:c9:f9:f9:c7:bc:a6:81:ea:43:50:63:
ef:27:fb:03:3a:23:22:dd:c6:02:ad:87:76:6c:43:15:56:73:
6a:3e:4e:6a:1d:1b:46:af:18:71:35:28:0a:9e:c1:36:be:cb:
8f:25:e1:f3:c2:e5:31:48:78:12:61:60:c7:0a:58:79:70:3c:
68:d6:f7:44:fd:48:4c:b8:94:4f:e7:03:e3:d0:c3:ad:7a:6f:
26:79:39:f7:f2:91:3c:28:94:34:d4:19:9c:57:ec:98:c1:a2:
16:33:23:f1:55:83:e8:0f:0a:03:5d:f5:51:8c:aa:d3:56:9c:
81:48:ad:59:69:89:26:ed:8c:84:9b:79:c9:39:fd:c7:23:86:
b6:50:ed:e4:5b:31:74:18:01:f0:7e:d6:c5:6e:b4:0b:c6:67:
9c:1a:6b:d1:ac:f3:16:ee:21:8d:21:cc:1d:5e:59:89:44:83:
72:0b:25:fe:47:f9:40:6b:e4:2d:4b:c0:53:85:61:e1:1d:60:
a7:30:63:23:65:4e:d8:1e:af:7e:7d:fe:fb:93:15:09:e1:53:
9c:19:0e:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6S2/jAyA9eZRMFxZS6ED4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjYwNjA0MTMzOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFjYzYzNjMxN2NmMGMxMmIzNjFhZWI0MjBkYjJjZmNhZGE3ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA4knNL2gk5ePJvohOg9YmSB2m0H
koj7rB8Q5wx5Ab/gHXzryr7wHk7zdA3bNFhVGPJ2nIJVjN5QYOZxZBby3rBjGo+g
UAGSxy6WKop+3vpR7qPMMllM1cZWH2VTAy6HHB5M4d1KKSMLNZfJYnCqec7bTB4M
EcES++jT6VdiWwxmlkxSqs1G048ENgW8cRWuesy0PFJ6miv/7dvcGwqXnfnA8Fkc
kxmIYJl0DKb/M1gidTF2DK4MK5jvVSv0l5NTe+4cAWQyBx0aRXOqOVVgRjYqjF1a
J/xYhEKsM6G7S1aGzz8Jx8jELF+cPzuid+MCZyNbIYM4yl6NwtcbpTqb/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUcxjYxfPDBKzYa60INss/K2n79MB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvZFJ6R05qRjg4TUVyTmhyclFnMnl6OHJhZnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEIZMA0G
CSqGSIb3DQEBCwUAA4IBAQASuxBA4rl3EXLi0KpuCDkZYxBZokGZcf6ik5Cm4Kcb
77gGGDGDOgEECimYyfn5x7ymgepDUGPvJ/sDOiMi3cYCrYd2bEMVVnNqPk5qHRtG
rxhxNSgKnsE2vsuPJeHzwuUxSHgSYWDHClh5cDxo1vdE/UhMuJRP5wPj0MOtem8m
eTn38pE8KJQ01BmcV+yYwaIWMyPxVYPoDwoDXfVRjKrTVpyBSK1ZaYkm7YyEm3nJ
Of3HI4a2UO3kWzF0GAHwftbFbrQLxmecGmvRrPMW7iGNIcwdXlmJRINyCyX+R/lA
a+QtS8BThWHhHWCnMGMjZU7YHq9+ff77kxUJ4VOcGQ7k
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:21:26 2026 by rpki-client