Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/DSk3FFy5gvsaRRg3bB7ZK-jhcAA.roa
File: DSk3FFy5gvsaRRg3bB7ZK-jhcAA.roa (raw, json)
Hash identifier: agD/2aG2MKwnSsEi4KQWHy0PJS0DxUvEeAaH6juJCD4=
Subject key identifier: 0D:29:37:14:5C:B9:82:FB:1A:45:18:37:6C:1E:D9:2B:E8:E1:70:00
Certificate issuer: /CN=8d3402eae027abcd926090cc0ddeff80aab92c35
Certificate serial: 019CB923A4D3622396FF9320212BB09A5798
Authority key identifier: 8D:34:02:EA:E0:27:AB:CD:92:60:90:CC:0D:DE:FF:80:AA:B9:2C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/DSk3FFy5gvsaRRg3bB7ZK-jhcAA.roa
Signing time: Wed 04 Mar 2026 13:57:26 +0000
ROA not before: Wed 04 Mar 2026 13:57:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136258
IP address blocks: 86.54.82.0/24 maxlen: 24
86.54.83.0/24 maxlen: 24
168.222.244.0/24 maxlen: 24
168.222.245.0/24 maxlen: 24
185.186.76.0/24 maxlen: 24
185.186.77.0/24 maxlen: 24
185.186.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 13:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:23:a4:d3:62:23:96:ff:93:20:21:2b:b0:9a:57:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d3402eae027abcd926090cc0ddeff80aab92c35
Validity
Not Before: Mar 4 13:57:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d2937145cb982fb1a4518376c1ed92be8e17000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9a:cc:e3:1d:e6:c6:c8:77:1d:ec:d3:86:92:
b2:a8:38:17:4b:f6:c2:9d:62:0d:7c:f5:5e:fa:0d:
0d:a3:2c:21:a0:3f:e6:0e:ab:8a:da:f0:a1:b1:25:
d3:96:8a:da:93:f6:45:59:3b:c9:b0:e7:98:db:05:
28:45:c7:34:8e:70:dd:5f:0e:2c:b5:de:6b:58:68:
73:4b:75:67:65:c8:de:ac:6c:41:4e:0d:84:d1:da:
a1:e3:10:24:f0:73:27:f1:ac:93:05:96:96:bb:89:
68:ba:34:48:e9:75:79:b9:c2:a2:f1:34:bb:9d:8c:
a8:8c:f4:c4:e1:de:4a:ac:e2:76:5b:ad:ab:10:83:
62:6f:6c:34:1b:09:72:f0:50:09:ed:a9:3c:ee:78:
13:d3:c2:64:ee:51:f4:5e:9e:ca:48:53:9a:3a:ff:
16:b6:64:74:78:ae:87:9b:e3:62:be:64:7d:96:15:
ba:36:9a:84:40:8a:24:8f:6b:ee:ad:40:ad:76:48:
36:3c:cf:5b:b3:dc:08:55:45:04:63:73:39:c9:c7:
d6:c8:fb:a2:93:75:38:93:bc:24:1a:06:9f:45:4b:
3c:a3:d6:77:ea:58:ee:15:45:ae:64:49:c6:84:44:
75:4a:3a:fd:eb:9b:cb:9b:af:83:0f:91:c4:2e:7d:
65:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:29:37:14:5C:B9:82:FB:1A:45:18:37:6C:1E:D9:2B:E8:E1:70:00
X509v3 Authority Key Identifier:
keyid:8D:34:02:EA:E0:27:AB:CD:92:60:90:CC:0D:DE:FF:80:AA:B9:2C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/DSk3FFy5gvsaRRg3bB7ZK-jhcAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.82.0/23
168.222.244.0/23
185.186.76.0-185.186.78.255
Signature Algorithm: sha256WithRSAEncryption
7e:fa:63:20:6e:c6:7e:3b:3f:09:c2:43:01:28:65:cd:da:23:
f7:e0:28:6b:c7:9b:b8:b4:d9:b9:8a:2d:97:96:23:49:06:9e:
20:14:b1:17:80:8b:81:11:32:df:34:b6:06:60:d8:34:55:89:
43:af:61:37:f5:56:b4:cd:8b:38:44:db:52:14:52:09:ae:fc:
cd:9b:d2:5a:4d:a7:46:e6:84:38:7a:b4:15:9d:d8:29:b4:17:
e1:a6:59:73:26:8d:17:f2:24:ea:76:ab:3c:8f:18:9d:7a:58:
01:39:95:7a:6c:1b:78:1b:a4:63:df:5f:fe:9f:76:be:b5:d1:
95:62:21:a5:17:28:9a:9e:ae:de:81:30:7f:82:28:a2:a2:e3:
58:5e:db:0f:37:22:a8:c5:4a:f9:04:02:fb:7d:3f:03:61:cc:
01:c2:1b:8d:11:0a:99:82:44:8f:51:b5:5c:9a:a2:a7:2e:5e:
81:c7:62:3b:bc:71:2d:f2:3a:e2:88:f3:c9:1d:5a:70:70:88:
11:37:0e:a8:2a:3d:08:b4:63:11:3c:55:75:f8:79:0d:8b:5f:
a0:e6:4a:94:de:e8:59:0c:b9:14:0b:ef:c0:cd:93:b7:12:9a:
63:e5:7b:35:25:7d:35:ce:f5:3c:24:e7:2e:ee:c0:cf:1d:24:
fb:ce:3e:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZy5I6TTYiOW/5MgISuwmleYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzQwMmVhZTAyN2FiY2Q5MjYwOTBjYzBkZGVmZjgwYWFi
OTJjMzUwHhcNMjYwMzA0MTM1NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDI5MzcxNDVjYjk4MmZiMWE0NTE4Mzc2YzFlZDkyYmU4ZTE3MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsprM4x3mxsh3HezThpKyqDgXS/bC
nWINfPVe+g0NoywhoD/mDquK2vChsSXTlorak/ZFWTvJsOeY2wUoRcc0jnDdXw4s
td5rWGhzS3VnZcjerGxBTg2E0dqh4xAk8HMn8ayTBZaWu4loujRI6XV5ucKi8TS7
nYyojPTE4d5KrOJ2W62rEINib2w0Gwly8FAJ7ak87ngT08Jk7lH0Xp7KSFOaOv8W
tmR0eK6Hm+NivmR9lhW6NpqEQIokj2vurUCtdkg2PM9bs9wIVUUEY3M5ycfWyPui
k3U4k7wkGgafRUs8o9Z36ljuFUWuZEnGhER1Sjr965vLm6+DD5HELn1l1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFA0pNxRcuYL7GkUYN2we2Svo4XAAMB8GA1UdIwQY
MBaAFI00AurgJ6vNkmCQzA3e/4CquSw1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRRQzZ1QW5xODJTWUpETURkN19nS3E1TERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81NTgzNDgtNDkxMi00YmMxLThlNTgt
ZjkyZDdkYzM3ZDJlLzEvRFNrM0ZGeTVndnNhUlJnM2JCN1pLLWpoY0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81NTgzNDgtNDkxMi00YmMxLThlNTgtZjkyZDdkYzM3ZDJl
LzEvalRRQzZ1QW5xODJTWUpETURkN19nS3E1TERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBVjZSAwQB
qN70MAwDBAK5ukwDBAC5uk4wDQYJKoZIhvcNAQELBQADggEBAH76YyBuxn47PwnC
QwEoZc3aI/fgKGvHm7i02bmKLZeWI0kGniAUsReAi4ERMt80tgZg2DRViUOvYTf1
VrTNizhE21IUUgmu/M2b0lpNp0bmhDh6tBWd2Cm0F+GmWXMmjRfyJOp2qzyPGJ16
WAE5lXpsG3gbpGPfX/6fdr610ZViIaUXKJqert6BMH+CKKKi41he2w83IqjFSvkE
Avt9PwNhzAHCG40RCpmCRI9RtVyaoqcuXoHHYju8cS3yOuKI88kdWnBwiBE3Dqgq
PQi0YxE8VXX4eQ2LX6DmSpTe6FkMuRQL78DNk7cSmmPlezUlfTXO9Twk5y7uwM8d
JPvOPuQ=
-----END CERTIFICATE-----
Generated at Wed Mar 4 22:17:57 2026 by rpki-client