Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dqTANP5pNZTCRfs274ktIJ5kyVE.roa
File: dqTANP5pNZTCRfs274ktIJ5kyVE.roa (raw, json)
Hash identifier: A8pKTaM/ilVYUk6hX24CD6ZMeMiPQwdfZB9Z9vekHdY=
Subject key identifier: 76:A4:C0:34:FE:69:35:94:C2:45:FB:36:EF:89:2D:20:9E:64:C9:51
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019E4F09D01179655AD152625E047A8F9637
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dqTANP5pNZTCRfs274ktIJ5kyVE.roa
Signing time: Fri 22 May 2026 09:35:03 +0000
ROA not before: Fri 22 May 2026 09:35:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 88.214.54.0/24 maxlen: 24
194.41.114.0/24 maxlen: 24
217.147.14.0/23 maxlen: 23
2a0e:f180::/29 maxlen: 29
2a10:eac0::/29 maxlen: 29
2a11:400::/29 maxlen: 29
2a11:1440::/29 maxlen: 29
2a11:2500::/29 maxlen: 29
2a11:4200::/29 maxlen: 29
2a11:5280::/29 maxlen: 29
2a11:8240::/29 maxlen: 29
2a11:e800::/29 maxlen: 29
2a11:e940::/29 maxlen: 29
2a12:d500::/29 maxlen: 29
2a12:de00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:09:d0:11:79:65:5a:d1:52:62:5e:04:7a:8f:96:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: May 22 09:35:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76a4c034fe693594c245fb36ef892d209e64c951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5d:cc:cf:e5:06:b7:e2:c6:29:85:92:ea:07:
9b:fb:46:3f:dd:7b:0a:23:f2:52:24:36:55:c2:e0:
b8:0b:9f:96:03:13:8d:64:10:6b:5b:96:01:4f:26:
cb:87:4c:88:fd:ec:02:d2:61:35:f7:0a:40:ab:c6:
45:2d:e4:3a:83:ee:70:2d:6b:57:44:b4:5c:b0:b2:
17:06:7a:72:e2:7d:78:77:ba:75:1d:43:56:48:7d:
19:e5:9f:b5:9f:5a:7f:c6:15:86:70:7f:c7:cb:25:
cf:73:23:7b:1f:75:5e:b2:76:ed:d4:85:2e:19:b9:
a7:fc:71:44:a0:9e:a8:ea:96:9c:3e:d3:22:15:5c:
04:8e:4d:14:d9:ab:65:75:4e:a1:fe:e6:c9:d4:38:
c5:2b:b2:3e:48:75:df:20:02:13:17:00:aa:e6:89:
23:77:4e:39:de:9f:0f:b5:f1:05:7c:f8:2c:1c:7a:
5f:ac:06:b2:de:ee:d6:77:92:d6:2c:16:5c:7a:ee:
d5:1c:46:3f:ec:d3:8e:e5:59:89:cc:58:74:51:98:
82:22:44:ac:03:60:a9:85:2d:a3:bc:29:60:8b:14:
cd:89:14:7f:29:25:a5:2a:96:a1:22:34:3e:e8:a5:
f5:5b:6a:7f:d7:f7:e9:67:1b:b8:dc:b2:b8:77:c4:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A4:C0:34:FE:69:35:94:C2:45:FB:36:EF:89:2D:20:9E:64:C9:51
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/dqTANP5pNZTCRfs274ktIJ5kyVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.54.0/24
194.41.114.0/24
217.147.14.0/23
IPv6:
2a0e:f180::/29
2a10:eac0::/29
2a11:400::/29
2a11:1440::/29
2a11:2500::/29
2a11:4200::/29
2a11:5280::/29
2a11:8240::/29
2a11:e800::/29
2a11:e940::/29
2a12:d500::/29
2a12:de00::/29
Signature Algorithm: sha256WithRSAEncryption
7f:51:07:c9:fb:fe:8f:4e:96:c3:c8:49:2c:ad:40:ef:1d:58:
b6:fc:f5:44:96:2a:f4:cd:94:bb:a3:0e:c7:14:14:ca:d3:99:
99:5a:ef:5d:69:c5:88:ae:a2:72:21:5b:32:d4:b4:b6:cc:74:
85:72:9d:97:cb:ee:9a:22:35:b7:a7:42:53:8a:f3:06:aa:fd:
f9:cf:58:a6:c1:40:48:ae:07:6f:af:ad:16:13:ee:4a:0c:9d:
69:c4:25:58:1e:1e:45:8b:69:6d:96:7e:8a:7a:be:52:3f:9e:
05:b9:7c:8c:55:49:6f:36:59:a1:b9:7d:b1:54:ac:df:80:3e:
64:3f:e2:f1:25:d8:10:9c:34:3f:2d:76:e9:8c:3a:42:77:29:
e2:aa:23:94:8c:07:96:d3:94:7b:ca:56:ef:fb:7d:c5:b7:01:
40:15:2d:1d:4c:a5:d0:e9:db:81:00:af:fd:23:67:4a:73:bf:
f0:55:f5:d7:18:2f:a4:ba:06:bb:76:f1:f3:4d:39:ad:d5:ff:
6f:2e:f9:56:75:75:93:49:cd:0c:bf:c5:91:7c:c5:9f:2a:9a:
3f:5a:1c:ed:0b:d8:47:0b:b6:4b:be:07:e8:d2:05:55:bd:d2:
29:3c:f7:be:51:51:bd:50:ad:53:1e:4e:36:56:f3:81:f8:78:
31:a0:cf:0f
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZ5PCdAReWVa0VJiXgR6j5Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwNTIyMDkzNTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE0YzAzNGZlNjkzNTk0YzI0NWZiMzZlZjg5MmQyMDllNjRjOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl3Mz+UGt+LGKYWS6geb+0Y/3XsK
I/JSJDZVwuC4C5+WAxONZBBrW5YBTybLh0yI/ewC0mE19wpAq8ZFLeQ6g+5wLWtX
RLRcsLIXBnpy4n14d7p1HUNWSH0Z5Z+1n1p/xhWGcH/HyyXPcyN7H3Vesnbt1IUu
Gbmn/HFEoJ6o6pacPtMiFVwEjk0U2atldU6h/ubJ1DjFK7I+SHXfIAITFwCq5okj
d0453p8PtfEFfPgsHHpfrAay3u7Wd5LWLBZceu7VHEY/7NOO5VmJzFh0UZiCIkSs
A2CphS2jvClgixTNiRR/KSWlKpahIjQ+6KX1W2p/1/fpZxu43LK4d8TzWQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFHakwDT+aTWUwkX7Nu+JLSCeZMlRMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvZHFUQU5QNXBOWlRDUmZzMjc0a3RJSjVreVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwGAQCAAEwEgMEAFjWNgME
AMIpcgMEAdmTDjBaBAIAAjBUAwUDKg7xgAMFAyoQ6sADBQMqEQQAAwUDKhEUQAMF
AyoRJQADBQMqEUIAAwUDKhFSgAMFAyoRgkADBQMqEegAAwUDKhHpQAMFAyoS1QAD
BQMqEt4AMA0GCSqGSIb3DQEBCwUAA4IBAQB/UQfJ+/6PTpbDyEksrUDvHVi2/PVE
lir0zZS7ow7HFBTK05mZWu9dacWIrqJyIVsy1LS2zHSFcp2Xy+6aIjW3p0JTivMG
qv35z1imwUBIrgdvr60WE+5KDJ1pxCVYHh5Fi2ltln6Ker5SP54FuXyMVUlvNlmh
uX2xVKzfgD5kP+LxJdgQnDQ/LXbpjDpCdyniqiOUjAeW05R7ylbv+33FtwFAFS0d
TKXQ6duBAK/9I2dKc7/wVfXXGC+kuga7dvHzTTmt1f9vLvlWdXWTSc0Mv8WRfMWf
Kpo/WhztC9hHC7ZLvgfo0gVVvdIpPPe+UVG9UK1THk42VvOB+HgxoM8P
-----END CERTIFICATE-----
Generated at Sat May 23 03:03:14 2026 by rpki-client