Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/dlWKJRjnZ2U7WO_1zPdLWle-kk0.roa
File: dlWKJRjnZ2U7WO_1zPdLWle-kk0.roa (raw, json)
Hash identifier: ccVK1hbXQ01uxFYfHzxcGCOT5sst0ssJaUPm+OxjkPU=
Subject key identifier: 76:55:8A:25:18:E7:67:65:3B:58:EF:F5:CC:F7:4B:5A:57:BE:92:4D
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 019CDE4D8FAEC40D28341FD1E1B5E688F74A
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/dlWKJRjnZ2U7WO_1zPdLWle-kk0.roa
Signing time: Wed 11 Mar 2026 19:09:10 +0000
ROA not before: Wed 11 Mar 2026 19:09:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63911
IP address blocks: 85.136.16.0/20 maxlen: 24
85.136.48.0/20 maxlen: 24
85.136.84.0/22 maxlen: 24
85.136.120.0/21 maxlen: 24
85.136.144.0/21 maxlen: 24
85.137.4.0/22 maxlen: 24
85.137.8.0/22 maxlen: 24
85.137.12.0/22 maxlen: 24
85.137.32.0/20 maxlen: 24
85.137.64.0/20 maxlen: 24
85.137.96.0/20 maxlen: 24
165.217.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:de:4d:8f:ae:c4:0d:28:34:1f:d1:e1:b5:e6:88:f7:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Mar 11 19:09:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76558a2518e767653b58eff5ccf74b5a57be924d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1e:0a:ec:b1:85:13:8b:e5:5e:67:dd:52:b5:
ce:5f:74:87:0f:db:31:16:2c:4b:07:91:8e:b4:08:
04:0b:eb:53:27:80:52:35:54:dd:a5:9e:78:0c:eb:
40:7e:db:33:b7:79:7e:a0:bb:ac:5f:2c:6e:f0:7f:
6c:f5:b5:90:d9:2a:41:98:51:4e:ca:a4:fd:81:ae:
f5:73:2b:7c:d8:cc:02:a2:39:93:45:8e:00:01:6e:
0e:a6:ff:45:c5:29:7d:4a:d3:3c:f7:d7:d3:f5:87:
01:4c:0c:ee:4b:21:35:1b:a7:be:74:5a:42:05:a7:
c6:e3:4d:a5:a6:08:5d:6f:24:11:3b:e7:2b:43:1e:
59:e8:cb:c0:5d:33:17:db:95:38:23:92:46:81:88:
67:53:af:f4:f3:55:6e:48:09:ff:a2:1a:24:1e:dc:
da:11:ba:87:d3:a2:71:3f:d1:7c:e3:72:10:9c:0f:
7c:bf:cf:80:e3:d2:f7:48:81:79:05:da:70:c6:4e:
80:8d:f4:ba:ec:40:6a:f6:9a:79:92:31:dd:d2:7e:
e2:cc:46:42:62:6a:e8:1b:b4:a9:0f:85:99:1b:e2:
af:66:21:6d:a9:a2:34:39:4e:60:e4:6b:66:b0:9e:
27:19:23:ba:b1:f6:a3:dc:c5:c1:ff:89:4f:a0:f7:
aa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:55:8A:25:18:E7:67:65:3B:58:EF:F5:CC:F7:4B:5A:57:BE:92:4D
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/dlWKJRjnZ2U7WO_1zPdLWle-kk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.136.16.0/20
85.136.48.0/20
85.136.84.0/22
85.136.120.0/21
85.136.144.0/21
85.137.4.0-85.137.15.255
85.137.32.0/20
85.137.64.0/20
85.137.96.0/20
165.217.112.0/20
Signature Algorithm: sha256WithRSAEncryption
57:b2:f1:be:db:30:2e:3b:b6:1c:28:09:6a:a2:69:3c:48:53:
62:81:29:a3:46:4a:a4:9a:41:0f:e1:87:06:87:ed:31:a8:7e:
21:5b:f9:87:c3:13:ab:34:ea:81:f4:09:cc:54:23:6b:91:31:
8a:92:c6:8f:f7:8b:77:3c:3e:53:9d:cd:fa:3f:c8:d8:67:20:
71:9f:36:ff:9e:cb:fb:43:09:08:4e:c6:0c:5e:55:5b:79:93:
1a:73:1d:d8:98:e3:3b:ba:9d:7a:6b:1c:23:39:2f:07:6f:a9:
5e:b0:67:c8:08:ba:ca:8e:80:9e:12:31:fd:38:b8:d0:9a:d8:
1c:68:13:6e:15:4d:f5:42:cf:f7:5b:ee:29:4b:a4:51:7f:8d:
15:ed:18:1b:4c:4b:ec:76:65:23:49:74:84:5f:dd:e9:a4:6d:
66:20:7b:93:62:bd:f5:17:8b:87:ba:80:c8:7c:ee:e2:0a:58:
96:99:1a:3b:92:4c:61:b0:f7:ec:b0:af:7e:c5:fa:76:8d:d4:
84:7c:17:d7:8d:c1:05:bc:75:20:c4:10:ac:b6:ab:4f:ee:e1:
be:dc:e8:8f:a9:cd:a1:79:ac:15:0a:a7:00:84:08:c8:ba:59:
75:f7:6a:87:d2:6d:12:97:ef:58:4d:28:47:ca:51:3b:1d:ea:
41:69:1b:74
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZzeTY+uxA0oNB/R4bXmiPdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjYwMzExMTkwOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU1OGEyNTE4ZTc2NzY1M2I1OGVmZjVjY2Y3NGI1YTU3YmU5MjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox4K7LGFE4vlXmfdUrXOX3SHD9sx
FixLB5GOtAgEC+tTJ4BSNVTdpZ54DOtAftszt3l+oLusXyxu8H9s9bWQ2SpBmFFO
yqT9ga71cyt82MwCojmTRY4AAW4Opv9FxSl9StM899fT9YcBTAzuSyE1G6e+dFpC
BafG402lpghdbyQRO+crQx5Z6MvAXTMX25U4I5JGgYhnU6/081VuSAn/ohokHtza
EbqH06JxP9F843IQnA98v8+A49L3SIF5Bdpwxk6AjfS67EBq9pp5kjHd0n7izEZC
YmroG7SpD4WZG+KvZiFtqaI0OU5g5GtmsJ4nGSO6sfaj3MXB/4lPoPeqcQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHZViiUY52dlO1jv9cz3S1pXvpJNMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvZGxXS0pSam5aMlU3V09fMXpQZExXbGUta2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQEVYgQAwQE
VYgwAwQCVYhUAwQDVYh4AwQDVYiQMAwDBAJViQQDBARViQADBARViSADBARViUAD
BARViWADBASl2XAwDQYJKoZIhvcNAQELBQADggEBAFey8b7bMC47thwoCWqiaTxI
U2KBKaNGSqSaQQ/hhwaH7TGofiFb+YfDE6s06oH0CcxUI2uRMYqSxo/3i3c8PlOd
zfo/yNhnIHGfNv+ey/tDCQhOxgxeVVt5kxpzHdiY4zu6nXprHCM5LwdvqV6wZ8gI
usqOgJ4SMf04uNCa2BxoE24VTfVCz/db7ilLpFF/jRXtGBtMS+x2ZSNJdIRf3emk
bWYge5NivfUXi4e6gMh87uIKWJaZGjuSTGGw9+ywr37F+naN1IR8F9eNwQW8dSDE
EKy2q0/u4b7c6I+pzaF5rBUKpwCECMi6WXX3aofSbRKX71hNKEfKUTsd6kFpG3Q=
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:34:23 2026 by rpki-client