Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DZ-kWa7MlJNrkvm3FIT62Rz5iEM.roa
File: DZ-kWa7MlJNrkvm3FIT62Rz5iEM.roa (raw, json)
Hash identifier: Pj4P5H+kvG0YHA4/R2KLn09YuC+WHP3UcRgpZqQLxW8=
Subject key identifier: 0D:9F:A4:59:AE:CC:94:93:6B:92:F9:B7:14:84:FA:D9:1C:F9:88:43
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E72B9501FB197D24C7D8C042AAFA48CDD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DZ-kWa7MlJNrkvm3FIT62Rz5iEM.roa
Signing time: Fri 29 May 2026 07:53:27 +0000
ROA not before: Fri 29 May 2026 07:53:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:b9:50:1f:b1:97:d2:4c:7d:8c:04:2a:af:a4:8c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 29 07:53:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d9fa459aecc94936b92f9b71484fad91cf98843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:69:6d:0b:5d:9b:fb:88:7f:f5:81:db:6c:57:
3b:31:68:2d:0f:92:0c:fa:b3:b9:e4:7d:7e:26:ba:
43:35:ef:f5:85:5c:f0:31:8f:e3:60:a4:e5:2a:ee:
c2:3b:fd:f7:42:34:b9:a7:58:13:e9:17:d3:86:4c:
95:fd:52:bd:21:11:7f:5c:89:ad:30:fe:ee:ab:4c:
05:13:dc:89:e5:20:a0:a4:b9:29:7a:1f:53:3b:4b:
27:f3:cf:a9:fe:10:b0:98:e3:7a:05:48:bb:7c:cb:
80:e8:54:50:ba:af:95:04:00:6a:5e:fe:ff:cc:f9:
66:d0:ae:35:9f:cb:9a:d0:9e:35:b5:1a:18:40:f7:
68:db:f1:f5:b6:5b:0c:4f:f6:8b:39:e2:30:9c:be:
0c:8e:96:2a:b6:2d:ac:cc:35:69:5f:ca:06:23:e7:
1e:dc:28:0b:e5:10:f5:be:a2:7f:2f:4a:e0:31:36:
dd:e9:2b:70:a3:07:3e:cf:34:81:56:e8:60:3e:16:
cd:08:12:66:2f:b4:97:01:d7:d7:87:dd:7c:10:d5:
1a:89:43:ed:d5:64:27:8b:ce:bf:df:10:8e:9b:58:
a2:f3:9b:b4:dc:33:33:3a:12:57:b1:31:1b:fb:44:
b5:67:f5:df:3f:cc:3a:ef:4c:f8:39:2b:f3:30:9c:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9F:A4:59:AE:CC:94:93:6B:92:F9:B7:14:84:FA:D9:1C:F9:88:43
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DZ-kWa7MlJNrkvm3FIT62Rz5iEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/23
185.210.155.0/24
185.210.232.0/24
185.210.235.0/24
185.214.102.0/24
185.225.0.0/24
185.227.145.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
47:80:6c:91:0e:c9:af:8d:ad:e6:fa:dd:b5:26:81:79:1d:36:
3f:80:28:a6:31:44:0f:d6:8a:f5:d4:40:c2:54:37:1e:eb:e3:
f9:54:84:1b:8d:5d:64:5e:45:52:4b:fb:5e:49:6a:56:0a:38:
a4:0d:4d:6f:df:2d:9e:c4:d3:67:2c:c3:d0:f3:2e:06:ae:a0:
f6:0a:3d:b3:0a:d6:35:4a:a0:0a:ca:b5:b4:7e:c3:e2:95:03:
f3:5f:dd:a6:b7:87:df:f7:4d:c6:cf:23:55:fa:da:73:e0:23:
92:5c:6e:01:81:04:d7:79:07:89:8f:4e:ff:c6:3b:4f:f6:5a:
eb:86:75:a3:dd:15:e8:c5:a3:f4:3b:27:24:45:43:b5:45:6d:
75:2c:dd:d9:48:c6:99:3c:b3:08:a4:02:37:eb:30:5c:0d:50:
7a:22:78:3f:d9:bb:94:c3:38:ce:83:a1:6e:ef:fc:3a:56:1f:
23:54:31:c4:61:5a:9c:07:4a:78:93:8f:a0:35:83:5b:a2:81:
2a:ad:ef:b3:6a:65:91:8e:f8:f9:43:45:3b:ac:0e:61:87:27:
aa:b5:e6:7b:30:c1:7c:8a:f7:20:a4:53:9f:76:9e:4b:13:57:
26:77:3b:bf:32:d7:aa:3c:96:2f:52:e2:66:13:9a:7e:a5:98:
e5:2b:be:92
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5yuVAfsZfSTH2MBCqvpIzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTI5MDc1MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDlmYTQ1OWFlY2M5NDkzNmI5MmY5YjcxNDg0ZmFkOTFjZjk4ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2ltC12b+4h/9YHbbFc7MWgtD5IM
+rO55H1+JrpDNe/1hVzwMY/jYKTlKu7CO/33QjS5p1gT6RfThkyV/VK9IRF/XImt
MP7uq0wFE9yJ5SCgpLkpeh9TO0sn88+p/hCwmON6BUi7fMuA6FRQuq+VBABqXv7/
zPlm0K41n8ua0J41tRoYQPdo2/H1tlsMT/aLOeIwnL4MjpYqti2szDVpX8oGI+ce
3CgL5RD1vqJ/L0rgMTbd6Stwowc+zzSBVuhgPhbNCBJmL7SXAdfXh918ENUaiUPt
1WQni86/3xCOm1ii85u03DMzOhJXsTEb+0S1Z/XfP8w670z4OSvzMJxsJwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFA2fpFmuzJSTa5L5txSE+tkc+YhDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRFota1dhN01sSk5ya3ZtM0ZJVDYyUno1aUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAsH34AwQA
uc77AwQBudEkAwQBudKYAwQAudKbAwQAudLoAwQAudLrAwQAudZmAwQAueEAAwQA
ueORAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBHgGyRDsmvja3m+t21JoF5HTY/
gCimMUQP1or11EDCVDce6+P5VIQbjV1kXkVSS/teSWpWCjikDU1v3y2exNNnLMPQ
8y4GrqD2Cj2zCtY1SqAKyrW0fsPilQPzX92mt4ff903GzyNV+tpz4COSXG4BgQTX
eQeJj07/xjtP9lrrhnWj3RXoxaP0OyckRUO1RW11LN3ZSMaZPLMIpAI36zBcDVB6
Ing/2buUwzjOg6Fu7/w6Vh8jVDHEYVqcB0p4k4+gNYNbooEqre+zamWRjvj5Q0U7
rA5hhyeqteZ7MMF8ivcgpFOfdp5LE1cmdzu/MteqPJYvUuJmE5p+pZjlK76S
-----END CERTIFICATE-----
Generated at Mon Jun 1 03:17:34 2026 by rpki-client