Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DgnHYMNEO3cW02ohlMn2axnldPY.roa
File: DgnHYMNEO3cW02ohlMn2axnldPY.roa (raw, json)
Hash identifier: vaq0LBl35c7hmyKRAqN3BqKt0SzicUAX8/qk3xf0Rag=
Subject key identifier: 0E:09:C7:60:C3:44:3B:77:16:D3:6A:21:94:C9:F6:6B:19:E5:74:F6
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019EB0F33E06989D25950DC163B324CE6E5C
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DgnHYMNEO3cW02ohlMn2axnldPY.roa
Signing time: Wed 10 Jun 2026 09:53:11 +0000
ROA not before: Wed 10 Jun 2026 09:53:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 77.81.167.0/24 maxlen: 24
92.114.36.0/24 maxlen: 24
92.114.53.0/24 maxlen: 24
92.114.83.0/24 maxlen: 24
185.128.192.0/22 maxlen: 24
185.248.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 06:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:f3:3e:06:98:9d:25:95:0d:c1:63:b3:24:ce:6e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jun 10 09:53:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e09c760c3443b7716d36a2194c9f66b19e574f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:c7:9c:6c:b0:93:a7:f7:57:d2:9a:25:9f:
a7:95:51:2b:0b:22:6f:70:93:7c:ea:86:fc:50:c3:
ae:80:23:9a:5b:e2:8a:fc:f3:57:80:8d:94:aa:ff:
25:d9:8c:d6:b4:85:fd:92:de:00:e0:2a:ac:d9:2e:
18:0b:c0:e8:79:0c:41:56:9e:13:82:9e:11:aa:77:
74:40:9f:ea:0a:6d:de:81:68:92:26:01:43:63:5f:
ad:b6:65:6b:ff:31:af:4f:4e:09:c3:85:27:b5:ce:
98:8b:59:c3:f3:b7:f9:d6:67:14:ec:f2:10:ac:a2:
3b:c5:94:fe:ef:e6:a5:ea:c9:07:25:08:50:a9:cd:
02:19:e4:d7:34:dd:19:90:de:74:c2:44:b8:e3:c8:
c8:6b:c7:a4:85:2a:bf:e5:7e:e7:70:17:c6:90:a4:
33:23:13:24:6a:98:80:cc:5a:9a:dc:70:00:37:3c:
2b:91:cd:10:f0:48:81:cf:49:1c:c7:47:2b:23:e9:
ea:06:35:12:8e:75:7c:58:aa:61:77:34:0e:15:b1:
76:22:7d:89:00:b8:cb:03:2b:a5:c1:34:0a:70:76:
ec:65:67:c0:90:d4:5b:22:6a:95:e2:3b:ab:5e:59:
86:c2:97:7c:bc:3b:4b:ee:c1:5a:9f:7f:3b:dd:3b:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:09:C7:60:C3:44:3B:77:16:D3:6A:21:94:C9:F6:6B:19:E5:74:F6
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DgnHYMNEO3cW02ohlMn2axnldPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.167.0/24
92.114.36.0/24
92.114.53.0/24
92.114.83.0/24
185.128.192.0/22
185.248.208.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:0d:cb:a1:67:e7:f6:3f:d3:fe:5e:a0:71:25:a3:12:f6:96:
9c:64:0b:d0:02:91:2b:f6:8b:d0:27:16:74:87:71:eb:fd:4c:
f2:fa:ec:a0:f8:f7:fe:35:bc:ea:84:96:64:93:a7:0c:c1:f8:
10:76:af:99:7d:77:30:0d:63:ce:91:bb:22:42:b5:3e:bc:f9:
34:a5:73:54:d0:ea:77:6c:08:1f:c0:bc:ef:8f:2d:c1:7e:bf:
77:a6:c3:47:ad:ab:c7:36:38:25:16:03:09:5e:bf:b8:33:42:
c7:af:78:0c:51:dc:d1:da:0a:cc:7d:b6:bf:e8:13:9e:9e:b1:
f1:47:13:18:12:d1:ad:6e:7d:d2:b0:aa:3c:86:ca:0e:a0:dd:
bd:01:14:ce:cc:c3:2f:5b:35:1d:a5:c8:4f:58:5d:37:46:88:
81:3a:88:4f:1f:35:41:59:41:29:f1:14:9e:6c:15:a6:77:bd:
9e:13:cf:ce:e5:f0:8b:64:67:1e:69:74:72:cc:2f:02:94:30:
ad:28:f2:e8:fb:fb:75:2a:a0:ba:73:55:c2:87:71:f9:20:e0:
4d:9c:b9:50:e9:5c:78:c1:3f:17:35:8f:69:30:50:7a:e1:c3:
5a:7c:49:b8:46:7c:92:a8:f1:61:91:22:b0:90:cf:0e:bd:fa:
7c:a1:d2:c8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6w8z4GmJ0llQ3BY7Mkzm5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjYwNjEwMDk1MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA5Yzc2MGMzNDQzYjc3MTZkMzZhMjE5NGM5ZjY2YjE5ZTU3NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriLHnGywk6f3V9KaJZ+nlVErCyJv
cJN86ob8UMOugCOaW+KK/PNXgI2Uqv8l2YzWtIX9kt4A4Cqs2S4YC8DoeQxBVp4T
gp4Rqnd0QJ/qCm3egWiSJgFDY1+ttmVr/zGvT04Jw4Untc6Yi1nD87f51mcU7PIQ
rKI7xZT+7+al6skHJQhQqc0CGeTXNN0ZkN50wkS448jIa8ekhSq/5X7ncBfGkKQz
IxMkapiAzFqa3HAANzwrkc0Q8EiBz0kcx0crI+nqBjUSjnV8WKphdzQOFbF2In2J
ALjLAyulwTQKcHbsZWfAkNRbImqV4jurXlmGwpd8vDtL7sFan3873TtAWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA4Jx2DDRDt3FtNqIZTJ9msZ5XT2MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvRGduSFlNTkVPM2NXMDJvaGxNbjJheG5sZFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATVGnAwQA
XHIkAwQAXHI1AwQAXHJTAwQCuYDAAwQCufjQMA0GCSqGSIb3DQEBCwUAA4IBAQB8
DcuhZ+f2P9P+XqBxJaMS9pacZAvQApEr9ovQJxZ0h3Hr/Uzy+uyg+Pf+NbzqhJZk
k6cMwfgQdq+ZfXcwDWPOkbsiQrU+vPk0pXNU0Op3bAgfwLzvjy3Bfr93psNHravH
NjglFgMJXr+4M0LHr3gMUdzR2grMfba/6BOenrHxRxMYEtGtbn3SsKo8hsoOoN29
ARTOzMMvWzUdpchPWF03RoiBOohPHzVBWUEp8RSebBWmd72eE8/O5fCLZGceaXRy
zC8ClDCtKPLo+/t1KqC6c1XCh3H5IOBNnLlQ6Vx4wT8XNY9pMFB64cNafEm4RnyS
qPFhkSKwkM8Ovfp8odLI
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:54:04 2026 by rpki-client