Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/0QdIgS7DDvl-j2e9iPDJVmto1mA.roa
File: 0QdIgS7DDvl-j2e9iPDJVmto1mA.roa (raw, json)
Hash identifier: Sb1A9kEpD+QV8XUDT9W+NanMFy1cryrjwCV6oLUjadE=
Subject key identifier: D1:07:48:81:2E:C3:0E:F9:7E:8F:67:BD:88:F0:C9:56:6B:68:D6:60
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 019E68E2AFAC98BC1F1020EB494906DAF8EF
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/0QdIgS7DDvl-j2e9iPDJVmto1mA.roa
Signing time: Wed 27 May 2026 10:02:27 +0000
ROA not before: Wed 27 May 2026 10:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.212.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.18.0/24 maxlen: 24
185.247.19.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f02::/48 maxlen: 128
2a03:6f02::/64 maxlen: 64
2a03:6f02:1::/48 maxlen: 128
2a03:6f02:2::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:e2:af:ac:98:bc:1f:10:20:eb:49:49:06:da:f8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 27 10:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d10748812ec30ef97e8f67bd88f0c9566b68d660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7d:b4:c4:c3:4f:89:a4:28:e2:f1:46:e6:18:
0b:2f:56:5b:84:c6:25:b4:76:27:c6:18:fc:e9:07:
46:9d:52:f7:b0:ba:49:4d:a5:71:54:8d:4b:76:8c:
4e:c9:e3:49:4a:5b:c4:bf:30:56:b3:3c:82:69:70:
bb:9e:8c:e0:5a:58:f7:43:10:70:43:d1:b4:42:d8:
21:5c:00:d7:05:3c:b9:1f:37:69:f8:27:e9:a1:41:
d3:73:b8:54:a4:c6:cd:ea:eb:27:b1:46:63:87:79:
3c:cc:9a:f2:cf:5b:c9:ca:18:4f:b6:72:89:8e:52:
cb:e7:2c:98:05:35:5a:77:bc:47:d1:dc:54:44:c1:
1d:47:de:9e:35:b6:35:17:50:9a:f6:13:23:f6:13:
a1:3b:17:73:8c:dd:c3:be:37:b5:27:21:8c:db:0c:
06:f2:f1:46:47:bd:a0:bc:c6:4b:e0:ad:67:2f:5c:
4e:0d:3e:61:14:99:1e:64:5c:27:6a:df:e0:86:02:
e4:59:89:79:c0:b6:9d:d0:84:29:e7:25:a8:b0:19:
f2:53:18:b9:b6:22:8a:6f:6b:a4:c2:38:1a:8a:f8:
85:06:39:29:c8:2f:5e:5a:a7:ad:d3:04:00:21:92:
21:0a:2d:6b:68:84:28:74:2a:ad:bb:54:6f:d0:62:
22:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:07:48:81:2E:C3:0E:F9:7E:8F:67:BD:88:F0:C9:56:6B:68:D6:60
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/0QdIgS7DDvl-j2e9iPDJVmto1mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.212.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.18.0/23
188.225.14.0/24
194.35.117.0/24
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f02::-2a03:6f02:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:5a:16:b3:5a:7d:12:92:93:96:96:86:d7:f4:db:50:9e:4e:
b8:47:67:4a:71:5c:7a:2c:59:93:56:09:82:69:4f:63:f2:2b:
cd:33:6c:d7:f2:69:48:5c:e4:d6:e7:c5:73:fc:b7:6c:34:55:
01:43:c6:c9:d8:8e:69:29:ff:34:ef:bb:23:68:11:49:55:e6:
78:9d:63:1d:89:24:22:2b:9f:43:fc:97:9a:83:fc:26:37:d9:
0d:78:cb:8b:50:bc:22:ec:f1:dd:4c:53:9d:c0:cb:a8:e8:21:
a0:35:4e:c5:15:28:12:d8:6d:da:2d:15:d3:d6:e8:10:43:b5:
69:a2:b4:ed:71:77:bc:4b:65:fe:5d:6e:e2:4c:13:be:ac:e4:
3f:8a:c5:b0:19:f4:46:ce:c4:5e:6e:47:c5:12:da:59:e3:62:
8f:48:e6:d3:75:b7:79:49:db:f5:57:b2:ac:70:7a:a8:59:a6:
10:a2:eb:2c:cd:23:82:b4:e6:a4:77:16:30:08:98:3d:f6:6c:
e1:b7:09:00:4e:fc:fb:5d:f5:9b:78:95:b5:6b:7c:7d:59:fa:
a8:12:be:06:03:ea:4d:dc:78:5c:fe:1a:e7:84:f6:27:d7:b1:
90:5a:35:35:f2:19:ae:cb:e5:26:1c:ea:bc:5c:47:a1:e7:4b:
86:3a:43:18
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ5o4q+smLwfECDrSUkG2vjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjYwNTI3MTAwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA3NDg4MTJlYzMwZWY5N2U4ZjY3YmQ4OGYwYzk1NjZiNjhkNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX20xMNPiaQo4vFG5hgLL1ZbhMYl
tHYnxhj86QdGnVL3sLpJTaVxVI1LdoxOyeNJSlvEvzBWszyCaXC7nozgWlj3QxBw
Q9G0QtghXADXBTy5Hzdp+CfpoUHTc7hUpMbN6usnsUZjh3k8zJryz1vJyhhPtnKJ
jlLL5yyYBTVad7xH0dxURMEdR96eNbY1F1Ca9hMj9hOhOxdzjN3Dvje1JyGM2wwG
8vFGR72gvMZL4K1nL1xODT5hFJkeZFwnat/ghgLkWYl5wLad0IQp5yWosBnyUxi5
tiKKb2ukwjgaiviFBjkpyC9eWqet0wQAIZIhCi1raIQodCqtu1Rv0GIiMQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFNEHSIEuww75fo9nvYjwyVZraNZgMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvMFFkSWdTN0REdmwtajJlOWlQREpWbXRvMW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjByBAIAATBsAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpznAwQAXuR6AwQAsDnUAwQAsDnd
AwQAuWhwAwQAuWhzAwQBufcSAwQAvOEOAwQAwiN1AwQA2RlbAwQA2RlfAwQA2Zfl
AwQA2ZfnMBgEAgACMBIwEAMFASoDbwIDBwAqA28CAAIwDQYJKoZIhvcNAQELBQAD
ggEBACxaFrNafRKSk5aWhtf021CeTrhHZ0pxXHosWZNWCYJpT2PyK80zbNfyaUhc
5NbnxXP8t2w0VQFDxsnYjmkp/zTvuyNoEUlV5nidYx2JJCIrn0P8l5qD/CY32Q14
y4tQvCLs8d1MU53Ay6joIaA1TsUVKBLYbdotFdPW6BBDtWmitO1xd7xLZf5dbuJM
E76s5D+KxbAZ9EbOxF5uR8US2lnjYo9I5tN1t3lJ2/VXsqxweqhZphCi6yzNI4K0
5qR3FjAImD32bOG3CQBO/Ptd9Zt4lbVrfH1Z+qgSvgYD6k3ceFz+GueE9ifXsZBa
NTXyGa7L5SYc6rxcR6HnS4Y6Qxg=
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:03:57 2026 by rpki-client