Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSPT7TzRuolHiiU_2JAhrtwkF-k.roa
File: dSPT7TzRuolHiiU_2JAhrtwkF-k.roa (raw, json)
Hash identifier: R2tjd1AElzBLcmEyKtXkYRteeiAn4qDn9mgVUymO1zw=
Subject key identifier: 75:23:D3:ED:3C:D1:BA:89:47:8A:25:3F:D8:90:21:AE:DC:24:17:E9
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019E63FD7B487C12ACA315C854E1B33AC3D7
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSPT7TzRuolHiiU_2JAhrtwkF-k.roa
Signing time: Tue 26 May 2026 11:13:37 +0000
ROA not before: Tue 26 May 2026 11:13:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 84.232.28.0/24 maxlen: 24
84.236.196.0/24 maxlen: 24
86.104.25.0/24 maxlen: 24
86.105.159.0/24 maxlen: 24
88.148.24.0/23 maxlen: 24
88.148.29.0/24 maxlen: 24
88.148.54.0/24 maxlen: 24
88.148.56.0/24 maxlen: 24
88.148.60.0/24 maxlen: 24
88.148.61.0/24 maxlen: 24
88.148.84.0/24 maxlen: 24
89.35.149.0/24 maxlen: 24
89.44.64.0/24 maxlen: 24
94.24.35.0/24 maxlen: 24
94.176.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:fd:7b:48:7c:12:ac:a3:15:c8:54:e1:b3:3a:c3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: May 26 11:13:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7523d3ed3cd1ba89478a253fd89021aedc2417e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:11:c4:59:40:89:ba:df:03:7f:68:37:c7:d0:
0a:85:55:e1:9c:12:04:81:91:84:98:f7:7c:9e:43:
56:9b:aa:c2:a4:a8:a5:07:bc:f8:71:10:f5:dd:21:
7c:c2:64:7c:31:54:b8:ed:11:21:1d:50:dc:5b:f4:
43:31:12:83:d8:ca:e7:3d:53:3c:cc:05:14:35:1a:
01:5b:02:0b:b3:4c:45:47:35:da:47:d2:e0:3c:94:
e3:7e:78:c5:03:67:37:86:55:37:6a:a3:ba:2e:90:
f1:e9:43:01:52:17:09:fe:e2:80:f8:54:cc:a3:98:
58:7f:11:fe:79:d3:c4:8f:11:d7:9e:2c:e4:39:ac:
8b:5a:4b:d6:98:20:5e:fe:ce:53:ce:98:ee:d1:49:
83:db:51:7b:33:19:20:89:31:e5:e7:e8:d7:d5:ec:
17:65:14:26:e9:c8:5e:d7:1f:81:d5:06:fe:62:68:
d4:7e:e8:e4:83:f5:9b:81:58:23:e5:95:1e:d0:35:
dc:6c:27:af:a3:6a:db:c7:78:32:f4:fc:dd:33:f9:
29:9b:da:97:35:fa:6f:dd:98:48:12:2e:16:da:53:
29:bd:31:cc:a9:2d:ad:35:8e:81:9a:55:b3:ca:4f:
df:9d:f9:9b:2f:bf:3c:14:4e:01:37:05:cf:72:c4:
9d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:23:D3:ED:3C:D1:BA:89:47:8A:25:3F:D8:90:21:AE:DC:24:17:E9
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSPT7TzRuolHiiU_2JAhrtwkF-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.28.0/24
84.236.196.0/24
86.104.25.0/24
86.105.159.0/24
88.148.24.0/23
88.148.29.0/24
88.148.54.0/24
88.148.56.0/24
88.148.60.0/23
88.148.84.0/24
89.35.149.0/24
89.44.64.0/24
94.24.35.0/24
94.176.142.0/24
Signature Algorithm: sha256WithRSAEncryption
be:da:45:fc:75:e0:84:04:04:dc:de:a3:8c:a3:e9:aa:34:4b:
ef:f1:9f:de:3d:9b:21:ad:2d:d1:92:2a:a9:23:0c:b2:40:6b:
62:50:ae:0b:c5:90:b0:65:09:5f:c5:45:75:e4:f9:ca:eb:25:
2b:5d:15:c1:fa:a5:81:32:7a:f9:cc:06:6c:79:83:3a:b5:d7:
81:18:02:5f:91:0d:ef:2a:96:8e:da:1b:c6:6d:6a:cd:13:42:
c5:d9:52:c9:6e:d4:9e:63:be:de:52:fd:9a:73:d8:6e:9e:4f:
c0:71:cf:d2:28:2b:aa:57:0f:49:a0:00:99:99:9d:34:be:1a:
85:b2:2c:eb:5f:b9:67:6a:7f:ef:fa:82:e3:fb:db:c3:e0:10:
07:34:86:37:c4:7e:f5:2c:af:82:1e:7c:17:c4:b5:37:0a:04:
e3:51:5f:86:ff:a0:c6:d1:32:d7:44:e7:45:8e:f2:0d:7f:85:
e7:62:a8:bb:12:48:1d:cb:85:2d:27:94:0e:24:58:ea:39:90:
a6:69:f1:f6:24:1a:f1:e6:37:e8:1b:78:6e:49:76:59:7c:c4:
5d:76:60:b1:2d:44:00:89:4b:d7:94:cc:80:9f:e7:26:5c:7f:
7e:a7:22:dd:1a:39:c0:14:cd:e6:94:05:3d:01:c5:e4:d8:8b:
b5:8a:8e:cd
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ5j/XtIfBKsoxXIVOGzOsPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjYwNTI2MTExMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIzZDNlZDNjZDFiYTg5NDc4YTI1M2ZkODkwMjFhZWRjMjQxN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RHEWUCJut8Df2g3x9AKhVXhnBIE
gZGEmPd8nkNWm6rCpKilB7z4cRD13SF8wmR8MVS47REhHVDcW/RDMRKD2MrnPVM8
zAUUNRoBWwILs0xFRzXaR9LgPJTjfnjFA2c3hlU3aqO6LpDx6UMBUhcJ/uKA+FTM
o5hYfxH+edPEjxHXnizkOayLWkvWmCBe/s5Tzpju0UmD21F7MxkgiTHl5+jX1ewX
ZRQm6che1x+B1Qb+YmjUfujkg/WbgVgj5ZUe0DXcbCevo2rbx3gy9PzdM/kpm9qX
Nfpv3ZhIEi4W2lMpvTHMqS2tNY6BmlWzyk/fnfmbL788FE4BNwXPcsSd6QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHUj0+080bqJR4olP9iQIa7cJBfpMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZFNQVDdUelJ1b2xIaWlVXzJKQWhydHdrRi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAVOgcAwQA
VOzEAwQAVmgZAwQAVmmfAwQBWJQYAwQAWJQdAwQAWJQ2AwQAWJQ4AwQBWJQ8AwQA
WJRUAwQAWSOVAwQAWSxAAwQAXhgjAwQAXrCOMA0GCSqGSIb3DQEBCwUAA4IBAQC+
2kX8deCEBATc3qOMo+mqNEvv8Z/ePZshrS3RkiqpIwyyQGtiUK4LxZCwZQlfxUV1
5PnK6yUrXRXB+qWBMnr5zAZseYM6tdeBGAJfkQ3vKpaO2hvGbWrNE0LF2VLJbtSe
Y77eUv2ac9hunk/Acc/SKCuqVw9JoACZmZ00vhqFsizrX7lnan/v+oLj+9vD4BAH
NIY3xH71LK+CHnwXxLU3CgTjUV+G/6DG0TLXROdFjvINf4XnYqi7Ekgdy4UtJ5QO
JFjqOZCmafH2JBrx5jfoG3huSXZZfMRddmCxLUQAiUvXlMyAn+cmXH9+pyLdGjnA
FM3mlAU9AcXk2Iu1io7N
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:35 2026 by rpki-client