Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Dz3gNiJY89jDyvkJpGkeJcJTKB4.roa
File: Dz3gNiJY89jDyvkJpGkeJcJTKB4.roa (raw, json)
Hash identifier: L3NLmxg4Uy+RiagoCPUuhkUaLSZMDoHR/IhNXoa1E1w=
Subject key identifier: 0F:3D:E0:36:22:58:F3:D8:C3:CA:F9:09:A4:69:1E:25:C2:53:28:1E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0198E315A9823051EB9848B8C311470C4984
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Dz3gNiJY89jDyvkJpGkeJcJTKB4.roa
Signing time: Mon 25 Aug 2025 21:15:04 +0000
ROA not before: Mon 25 Aug 2025 21:15:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 31.186.180.0/22 maxlen: 24
82.163.56.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e3:15:a9:82:30:51:eb:98:48:b8:c3:11:47:0c:49:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 25 21:15:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f3de0362258f3d8c3caf909a4691e25c253281e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:d0:3f:8e:e8:3b:c8:92:d4:2f:18:63:c3:
7e:9e:91:92:49:b5:5d:a1:98:ba:16:86:26:78:49:
74:49:ae:9b:3a:b4:7e:39:6f:6f:20:50:ab:ad:9d:
f5:f4:af:17:4b:a4:99:a0:76:52:5b:f1:37:c7:ce:
9a:4b:ab:cd:dc:1b:8d:3e:8e:4e:a7:2c:e7:2d:94:
17:5f:b2:b5:be:42:db:3c:c5:ea:8f:46:bc:2e:bd:
65:2e:ea:b0:93:21:10:dd:97:22:2f:97:af:ef:8a:
e3:05:83:97:b0:a0:35:c5:51:40:db:7e:ff:8a:a6:
70:c9:e7:f3:bb:54:d6:1d:05:7a:bd:a4:cc:21:ea:
d6:d3:77:b9:98:16:1e:b9:76:18:a9:92:19:2e:50:
1d:d7:af:1c:ba:a3:0f:01:c1:96:39:3d:1a:a9:39:
e7:4b:50:36:e9:f1:b1:30:81:f5:87:4e:5e:57:1d:
ce:c9:ea:a8:e7:ac:f6:a2:f4:40:98:50:97:71:4c:
18:7b:19:79:ad:cf:c6:f8:a7:0b:82:4c:b2:7e:1f:
1c:fa:9b:3d:85:2d:5f:19:de:b8:04:5f:b3:2b:49:
65:6a:c7:b1:95:21:cd:e6:ed:1b:82:49:52:30:6f:
ed:89:1c:a0:78:2f:e5:18:f2:d6:ef:3d:cd:f7:e7:
2a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3D:E0:36:22:58:F3:D8:C3:CA:F9:09:A4:69:1E:25:C2:53:28:1E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Dz3gNiJY89jDyvkJpGkeJcJTKB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
82.163.56.0/22
82.163.96.0/21
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
98:26:72:64:1f:1b:b3:72:c4:0d:bb:5f:b4:a9:ff:1a:74:ea:
1d:1b:5c:c3:e2:42:26:75:7e:59:0b:7e:98:e7:3e:d1:7a:dc:
9d:fb:01:cf:70:47:34:21:96:16:04:fc:66:c6:7d:57:ee:16:
35:08:f5:f9:68:03:0d:ba:97:af:06:43:1c:43:51:4c:36:e8:
9e:13:88:80:21:78:08:69:f6:e4:0c:68:a2:b7:2e:f6:7c:d4:
08:91:83:0a:94:1b:b9:2c:33:43:85:d4:d9:6f:de:23:e5:a1:
e6:b6:c6:fd:4d:03:4d:87:b5:04:4a:fb:b4:a9:bf:a2:c9:e8:
2a:a3:e2:0d:8f:c6:78:ca:15:3a:1e:c5:16:47:ec:05:c5:65:
0d:38:fa:46:ec:96:af:10:1b:37:05:14:a5:2d:d3:43:60:28:
e3:a9:ef:0c:03:9d:82:e6:72:0f:04:f7:ca:da:63:c0:79:b2:
39:0d:ba:da:8b:4f:14:14:53:b5:fa:b9:e3:db:b6:3f:d0:6b:
e1:62:9b:6e:43:61:48:e0:72:25:24:46:d2:69:11:c3:2e:58:
a4:7b:ef:71:de:54:a6:09:38:4a:cc:0a:24:e8:c0:3a:70:21:
0c:57:35:2a:c0:42:07:13:82:1f:11:87:2e:4c:32:af:91:73:
a0:0f:f1:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjjFamCMFHrmEi4wxFHDEmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwODI1MjExNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNkZTAzNjIyNThmM2Q4YzNjYWY5MDlhNDY5MWUyNWMyNTMyODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4TQP47oO8iS1C8YY8N+npGSSbVd
oZi6FoYmeEl0Sa6bOrR+OW9vIFCrrZ319K8XS6SZoHZSW/E3x86aS6vN3BuNPo5O
pyznLZQXX7K1vkLbPMXqj0a8Lr1lLuqwkyEQ3ZciL5ev74rjBYOXsKA1xVFA237/
iqZwyefzu1TWHQV6vaTMIerW03e5mBYeuXYYqZIZLlAd168cuqMPAcGWOT0aqTnn
S1A26fGxMIH1h05eVx3Oyeqo56z2ovRAmFCXcUwYexl5rc/G+KcLgkyyfh8c+ps9
hS1fGd64BF+zK0llasexlSHN5u0bgklSMG/tiRygeC/lGPLW7z3N9+cqhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA894DYiWPPYw8r5CaRpHiXCUygeMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvRHozZ05pSlk4OWpEeXZrSnBHa2VKY0pUS0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7q0AwQC
UqM4AwQDUqNgAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQCYJnJkHxuzcsQNu1+0
qf8adOodG1zD4kImdX5ZC36Y5z7Retyd+wHPcEc0IZYWBPxmxn1X7hY1CPX5aAMN
upevBkMcQ1FMNuieE4iAIXgIafbkDGiity72fNQIkYMKlBu5LDNDhdTZb94j5aHm
tsb9TQNNh7UESvu0qb+iyegqo+INj8Z4yhU6HsUWR+wFxWUNOPpG7JavEBs3BRSl
LdNDYCjjqe8MA52C5nIPBPfK2mPAebI5Dbrai08UFFO1+rnj27Y/0GvhYptuQ2FI
4HIlJEbSaRHDLlike+9x3lSmCThKzAok6MA6cCEMVzUqwEIHE4IfEYcuTDKvkXOg
D/GT
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:56:43 2025 by rpki-client