Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DKv5Zzat2o41YXKTZx9ascv0SFc.roa
File: DKv5Zzat2o41YXKTZx9ascv0SFc.roa (raw, json)
Hash identifier: YfMlxASbK6MbUVihev8fOlJe5bs50D6SNgWIa9ltdWU=
Subject key identifier: 0C:AB:F9:67:36:AD:DA:8E:35:61:72:93:67:1F:5A:B1:CB:F4:48:57
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019CD270C4E0C0EFA28131458D528E18F852
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DKv5Zzat2o41YXKTZx9ascv0SFc.roa
Signing time: Mon 09 Mar 2026 11:52:11 +0000
ROA not before: Mon 09 Mar 2026 11:52:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 158.173.192.0/24 maxlen: 24
158.173.229.0/24 maxlen: 24
158.173.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:70:c4:e0:c0:ef:a2:81:31:45:8d:52:8e:18:f8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 9 11:52:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0cabf96736adda8e35617293671f5ab1cbf44857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9f:f0:99:bb:e5:9c:df:30:2b:18:7c:a6:12:
46:49:1b:11:24:06:3a:39:ac:6e:00:80:02:21:de:
02:04:22:26:55:22:c2:c1:b9:f9:bb:86:4d:2e:56:
4f:ae:41:00:8f:c3:52:5a:ad:8b:16:1d:0a:2c:f0:
54:7e:94:30:dd:2e:76:18:36:9f:5e:e7:67:6c:68:
8c:37:cc:c9:3b:03:f8:be:1b:7e:87:f5:3c:33:8c:
49:a1:a6:0c:c2:4b:eb:98:19:ad:77:0f:13:b1:0d:
96:3a:6e:21:89:5a:40:95:c3:68:04:28:d8:e0:2f:
79:08:64:50:e9:6a:8f:7f:8b:3e:9b:89:f6:bf:6a:
d0:57:43:e8:f9:53:d5:88:8b:23:9d:ee:57:b4:f5:
30:33:be:5c:f7:03:13:99:c9:d9:c4:90:66:7b:4e:
2d:9c:b9:4f:56:21:74:0e:1f:fd:3c:cd:44:f4:bd:
78:52:68:bd:58:e9:21:d0:01:8d:af:da:db:54:31:
4b:ee:f6:d1:ce:b4:3e:04:9f:a3:98:ee:7b:03:ee:
d4:56:a8:07:d7:42:4d:2e:f4:57:b9:5d:34:ef:a8:
6d:50:a3:2a:a7:f2:3b:fd:06:ea:0c:02:89:9b:80:
0b:bc:80:2e:56:d2:1b:3f:61:23:b4:97:f5:36:00:
f8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AB:F9:67:36:AD:DA:8E:35:61:72:93:67:1F:5A:B1:CB:F4:48:57
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DKv5Zzat2o41YXKTZx9ascv0SFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.192.0/24
158.173.229.0/24
158.173.237.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:30:d5:8c:93:ef:f0:93:be:44:97:a5:13:7f:f8:00:c7:28:
86:5c:57:73:a5:0f:89:0c:67:4f:50:28:be:fa:77:c3:e0:82:
ae:f5:39:13:2e:99:f8:c3:c2:83:25:06:f6:1f:f1:a4:07:1e:
4d:7f:b8:12:f3:ca:98:b1:21:79:2e:da:3f:18:cf:48:bf:d8:
28:61:2e:a7:d0:a6:8b:e0:a5:82:fa:4c:61:bb:ba:3b:86:f6:
e4:fc:48:34:6d:4d:02:04:01:7a:23:df:7f:a3:27:69:67:18:
de:a7:99:81:35:20:ad:9f:76:3a:c2:2c:a1:43:31:c3:73:a8:
05:fe:98:a9:5e:50:a7:a5:c2:00:7f:f9:2c:86:a1:5b:aa:d7:
45:14:e6:94:7d:a0:56:32:87:05:6b:cc:d2:c5:b9:17:77:d5:
39:a5:27:78:68:c5:fa:5f:5d:7e:f7:43:3b:93:98:5c:6d:e9:
a7:6e:61:ba:d2:31:54:16:3d:1e:38:75:71:d3:b1:e2:8f:25:
5e:db:7d:01:44:f3:79:19:52:3e:cc:04:4d:a4:7e:ad:5f:89:
ed:ba:21:f3:36:af:a4:b2:e6:3f:76:50:e9:4f:40:22:cb:b3:
c8:a8:bd:dd:c5:ee:cb:44:49:c2:da:fa:33:43:de:2f:5d:64:
21:42:18:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZzScMTgwO+igTFFjVKOGPhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzA5MTE1MjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2FiZjk2NzM2YWRkYThlMzU2MTcyOTM2NzFmNWFiMWNiZjQ0ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05/wmbvlnN8wKxh8phJGSRsRJAY6
OaxuAIACId4CBCImVSLCwbn5u4ZNLlZPrkEAj8NSWq2LFh0KLPBUfpQw3S52GDaf
XudnbGiMN8zJOwP4vht+h/U8M4xJoaYMwkvrmBmtdw8TsQ2WOm4hiVpAlcNoBCjY
4C95CGRQ6WqPf4s+m4n2v2rQV0Po+VPViIsjne5XtPUwM75c9wMTmcnZxJBme04t
nLlPViF0Dh/9PM1E9L14Umi9WOkh0AGNr9rbVDFL7vbRzrQ+BJ+jmO57A+7UVqgH
10JNLvRXuV0076htUKMqp/I7/QbqDAKJm4ALvIAuVtIbP2EjtJf1NgD4qwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAyr+Wc2rdqONWFyk2cfWrHL9EhXMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvREt2NVp6YXQybzQxWVhLVFp4OWFzY3YwU0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnq3AAwQA
nq3lAwQAnq3tMA0GCSqGSIb3DQEBCwUAA4IBAQAcMNWMk+/wk75El6UTf/gAxyiG
XFdzpQ+JDGdPUCi++nfD4IKu9TkTLpn4w8KDJQb2H/GkBx5Nf7gS88qYsSF5Lto/
GM9Iv9goYS6n0KaL4KWC+kxhu7o7hvbk/Eg0bU0CBAF6I99/oydpZxjep5mBNSCt
n3Y6wiyhQzHDc6gF/pipXlCnpcIAf/kshqFbqtdFFOaUfaBWMocFa8zSxbkXd9U5
pSd4aMX6X11+90M7k5hcbemnbmG60jFUFj0eOHVx07HijyVe230BRPN5GVI+zARN
pH6tX4ntuiHzNq+ksuY/dlDpT0Aiy7PIqL3dxe7LREnC2vozQ94vXWQhQhgs
-----END CERTIFICATE-----
Generated at Tue Mar 10 09:17:43 2026 by rpki-client