Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/1-DVwjJnlYesJ6hI7V6SCMioPiMg.roa
File: 1-DVwjJnlYesJ6hI7V6SCMioPiMg.roa (raw, json)
Hash identifier: B6PIINsmXGXDrWgg3rctmnPYYJQ+R9+eST6t3Ymv0FU=
Subject key identifier: F8:35:70:8C:99:E5:61:EB:09:EA:12:3B:57:A4:82:32:2A:0F:88:C8
Certificate issuer: /CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Certificate serial: 019D870F9BA084DD77C5225CBFEA2EE9B85B
Authority key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/1-DVwjJnlYesJ6hI7V6SCMioPiMg.roa
Signing time: Mon 13 Apr 2026 13:37:20 +0000
ROA not before: Mon 13 Apr 2026 13:37:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203020
IP address blocks: 65.38.102.0/23 maxlen: 32
65.38.104.0/23 maxlen: 32
66.45.17.0/24 maxlen: 32
66.45.18.0/23 maxlen: 32
66.45.38.0/23 maxlen: 32
66.45.61.0/24 maxlen: 32
66.45.63.0/24 maxlen: 32
66.45.114.0/23 maxlen: 32
66.179.36.0/23 maxlen: 32
66.179.88.0/23 maxlen: 32
66.179.99.0/24 maxlen: 32
66.179.106.0/23 maxlen: 32
66.179.161.0/24 maxlen: 32
66.179.204.0/23 maxlen: 32
66.179.207.0/24 maxlen: 32
66.179.213.0/24 maxlen: 32
66.179.247.0/24 maxlen: 32
67.202.232.0/24 maxlen: 32
69.48.213.0/24 maxlen: 32
69.71.220.0/24 maxlen: 32
69.161.128.0/20 maxlen: 32
69.161.144.0/20 maxlen: 32
69.164.84.0/23 maxlen: 32
69.164.87.0/24 maxlen: 32
69.164.88.0/23 maxlen: 32
69.164.96.0/24 maxlen: 32
74.205.245.0/24 maxlen: 32
108.60.0.0/20 maxlen: 32
173.209.230.0/23 maxlen: 32
209.46.56.0/23 maxlen: 32
216.177.153.0/24 maxlen: 32
216.177.154.0/24 maxlen: 32
216.183.118.0/23 maxlen: 32
216.183.126.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 17:59:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:0f:9b:a0:84:dd:77:c5:22:5c:bf:ea:2e:e9:b8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Validity
Not Before: Apr 13 13:37:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f835708c99e561eb09ea123b57a482322a0f88c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6f:3d:f1:6b:0e:a3:de:4d:cc:5f:fe:19:d4:
3a:d9:63:89:61:bf:ba:a8:de:d2:2c:f5:46:3b:6b:
02:75:36:00:32:56:fb:d5:8c:3d:67:e0:d0:26:ea:
e7:ac:46:45:bc:26:ab:52:99:56:b3:12:69:98:93:
1c:e5:a2:e8:d1:e7:c2:57:a1:34:85:71:15:a8:17:
dd:29:70:f8:c6:8f:bb:13:6d:75:79:05:99:ab:46:
a8:58:f7:49:fd:ae:7f:d0:26:5f:3c:82:6a:77:eb:
31:c6:02:69:6f:e3:f0:c0:f7:04:9a:b1:8c:8f:1f:
be:37:d2:a6:ea:d1:1c:b5:9d:bc:45:78:cc:1b:b5:
d1:6f:6c:da:62:8d:4a:11:2a:d9:ea:a5:5d:60:e6:
e3:d0:1d:f6:0e:26:80:b6:35:00:61:ae:c0:7e:1f:
e5:72:25:c4:ed:bb:c5:62:81:26:e7:04:1b:f7:64:
7f:4c:16:13:82:11:7e:a5:4f:ca:82:46:4c:ac:9e:
51:1b:cb:3d:c9:0a:ef:49:d3:e1:ad:c0:3d:0d:12:
6e:f4:42:1c:5c:e5:86:f5:ae:6c:2f:a3:4f:20:bd:
5d:42:d4:b5:6c:af:6e:4e:64:b2:76:bb:1c:fa:75:
b5:98:22:53:13:db:fe:bb:4a:f3:58:8e:34:a0:77:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:35:70:8C:99:E5:61:EB:09:EA:12:3B:57:A4:82:32:2A:0F:88:C8
X509v3 Authority Key Identifier:
keyid:32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/1-DVwjJnlYesJ6hI7V6SCMioPiMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.38.102.0-65.38.105.255
66.45.17.0-66.45.19.255
66.45.38.0/23
66.45.61.0/24
66.45.63.0/24
66.45.114.0/23
66.179.36.0/23
66.179.88.0/23
66.179.99.0/24
66.179.106.0/23
66.179.161.0/24
66.179.204.0/23
66.179.207.0/24
66.179.213.0/24
66.179.247.0/24
67.202.232.0/24
69.48.213.0/24
69.71.220.0/24
69.161.128.0/19
69.164.84.0/23
69.164.87.0-69.164.89.255
69.164.96.0/24
74.205.245.0/24
108.60.0.0/20
173.209.230.0/23
209.46.56.0/23
216.177.153.0-216.177.154.255
216.183.118.0/23
216.183.126.0/23
Signature Algorithm: sha256WithRSAEncryption
23:84:1b:0a:83:5c:f7:10:44:51:81:90:9a:58:9a:f3:f9:81:
22:d6:c9:c3:ee:c2:fe:3c:8b:c5:42:cb:fe:dd:69:94:a0:71:
a0:1a:04:7e:ae:88:90:bf:41:fa:a5:4a:48:cd:92:a3:cb:a6:
d2:77:14:6e:b4:5a:2f:95:c4:c9:c8:97:d4:a8:a5:33:7f:14:
82:cc:0d:58:45:e9:d4:31:2b:0e:68:24:ee:3c:14:08:0e:6f:
90:45:62:dc:39:93:f3:66:aa:37:5c:13:0e:e1:49:c1:c1:59:
cf:aa:f2:54:89:48:1e:5f:88:4f:44:7c:5c:29:7b:1d:07:c5:
2b:cc:8e:a6:24:55:43:f2:70:68:17:e0:8e:25:0f:46:19:66:
ca:39:83:01:77:49:a7:6f:84:b1:5c:86:f7:ac:80:c3:db:10:
2f:fc:b2:fb:a0:87:16:6a:e9:a7:a1:2d:22:49:60:de:59:6a:
c7:0b:02:73:e4:cd:e9:6c:c2:06:c4:5c:b1:67:9b:d2:28:0d:
4f:61:e3:89:17:3d:3d:05:63:dc:18:04:9d:f6:08:53:5d:47:
6f:e2:02:d1:cb:c5:9c:e4:f0:73:0f:73:5e:98:30:77:d8:08:
c0:77:a4:b2:02:4a:3f:23:37:fa:1a:24:0a:c4:dd:df:dd:5c:
84:22:cf:16
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAZ2HD5ughN13xSJcv+ou6bhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDQ0OTE5ZmRkMDhhZmI5YTRkMGE4Nzc4OTIzMDExMjUx
ZGQ3ZjAwHhcNMjYwNDEzMTMzNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM1NzA4Yzk5ZTU2MWViMDllYTEyM2I1N2E0ODIzMjJhMGY4OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02898WsOo95NzF/+GdQ62WOJYb+6
qN7SLPVGO2sCdTYAMlb71Yw9Z+DQJurnrEZFvCarUplWsxJpmJMc5aLo0efCV6E0
hXEVqBfdKXD4xo+7E211eQWZq0aoWPdJ/a5/0CZfPIJqd+sxxgJpb+PwwPcEmrGM
jx++N9Km6tEctZ28RXjMG7XRb2zaYo1KESrZ6qVdYObj0B32DiaAtjUAYa7Afh/l
ciXE7bvFYoEm5wQb92R/TBYTghF+pU/KgkZMrJ5RG8s9yQrvSdPhrcA9DRJu9EIc
XOWG9a5sL6NPIL1dQtS1bK9uTmSydrsc+nW1mCJTE9v+u0rzWI40oHfBsQIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFPg1cIyZ5WHrCeoSO1ekgjIqD4jIMB8GA1UdIwQY
MBaAFDLUSRn90Ir7mk0Kh3iSMBElHdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRSSkdmM1FpdnVhVFFxSGVKSXdFU1VkMV9BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mZDIyOTQtY2YzNy00ZmM5LTllZGQt
YTRmN2IwODhiYzFhLzEvMS1EVndqSm5sWWVzSjZoSTdWNlNDTWlvUGlNZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmYvZmQyMjk0LWNmMzctNGZjOS05ZWRkLWE0ZjdiMDg4YmMx
YS8xL010UkpHZjNRaXZ1YVRRcUhlSkl3RVNVZDFfQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB6wYIKwYBBQUHAQcBAf8EgdswgdgwgdUEAgABMIHOMAwD
BAFBJmYDBAFBJmgwDAMEAEItEQMEAkItEAMEAUItJgMEAEItPQMEAEItPwMEAUIt
cgMEAUKzJAMEAUKzWAMEAEKzYwMEAUKzagMEAEKzoQMEAUKzzAMEAEKzzwMEAEKz
1QMEAEKz9wMEAEPK6AMEAEUw1QMEAEVH3AMEBUWhgAMEAUWkVDAMAwQARaRXAwQB
RaRYAwQARaRgAwQASs31AwQEbDwAAwQBrdHmAwQB0S44MAwDBADYsZkDBADYsZoD
BAHYt3YDBAHYt34wDQYJKoZIhvcNAQELBQADggEBACOEGwqDXPcQRFGBkJpYmvP5
gSLWycPuwv48i8VCy/7daZSgcaAaBH6uiJC/QfqlSkjNkqPLptJ3FG60Wi+VxMnI
l9SopTN/FILMDVhF6dQxKw5oJO48FAgOb5BFYtw5k/NmqjdcEw7hScHBWc+q8lSJ
SB5fiE9EfFwpex0HxSvMjqYkVUPycGgX4I4lD0YZZso5gwF3SadvhLFchvesgMPb
EC/8svughxZq6aehLSJJYN5ZascLAnPkzelswgbEXLFnm9IoDU9h44kXPT0FY9wY
BJ32CFNdR2/iAtHLxZzk8HMPc16YMHfYCMB3pLICSj8jN/oaJArE3d/dXIQizxY=
-----END CERTIFICATE-----
Generated at Sat Apr 18 22:20:30 2026 by rpki-client