Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d4RtW0cWOypxjQL2ykKYeTela3s.roa
File: d4RtW0cWOypxjQL2ykKYeTela3s.roa (raw, json)
Hash identifier: JOOYc5hQJFoG5xhiyQPNSlOt9BRFO2z7Y973zyOGIW8=
Subject key identifier: 77:84:6D:5B:47:16:3B:2A:71:8D:02:F6:CA:42:98:79:37:A5:6B:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019C9E55C5E27541D370D2BE069DF3072446
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d4RtW0cWOypxjQL2ykKYeTela3s.roa
Signing time: Fri 27 Feb 2026 09:02:27 +0000
ROA not before: Fri 27 Feb 2026 09:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216139
IP address blocks: 185.72.10.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
194.87.0.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:55:c5:e2:75:41:d3:70:d2:be:06:9d:f3:07:24:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 27 09:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77846d5b47163b2a718d02f6ca42987937a56b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:6c:a9:a4:b0:01:f2:0e:23:4b:b6:5f:47:
c1:94:1c:de:e4:a0:a3:f9:e5:a2:89:50:0c:f1:a0:
5b:fa:6b:ac:b5:d3:a0:b7:b1:99:12:78:6f:f1:5b:
73:d0:7d:75:e5:8f:08:09:57:28:d0:f0:30:df:f9:
f3:79:5a:cb:6a:42:ae:a3:df:e4:ce:3b:b9:b7:a7:
1d:c3:7c:e4:d0:90:d0:9b:fe:30:e0:5a:3b:97:b1:
c2:50:ea:af:61:86:00:64:00:db:7b:cd:83:6d:6c:
c1:97:c9:cf:d0:bd:19:a2:d6:5e:53:8d:19:c2:84:
6f:33:2f:34:e7:a5:f7:8f:76:0c:e1:13:36:bc:11:
26:61:38:95:c9:64:79:95:a8:5e:bf:84:e0:18:bf:
cd:ea:5b:a4:ac:c2:9b:34:9f:35:39:4f:de:70:2b:
30:ea:4c:8c:f9:7b:55:99:10:5d:7d:21:48:43:83:
14:f2:4c:13:e6:14:b6:bb:b5:77:fc:17:e0:14:8f:
d4:5c:1d:34:d9:24:9f:58:cb:56:f4:5a:d3:3a:da:
b9:05:2b:00:37:ac:7e:2e:e3:fe:b0:ff:a4:47:68:
84:65:96:60:31:6f:ed:b2:8c:88:4b:56:4a:ce:5e:
56:08:3a:b0:60:65:6d:6f:16:5e:24:4f:e5:7f:3e:
49:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:84:6D:5B:47:16:3B:2A:71:8D:02:F6:CA:42:98:79:37:A5:6B:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d4RtW0cWOypxjQL2ykKYeTela3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/23
194.87.0.0/24
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5b:76:b9:fb:fa:14:36:2f:61:a0:c4:c2:fc:a7:59:81:33:
7a:57:34:5b:b3:33:6e:a8:03:74:c9:4c:8d:ec:45:43:4c:65:
f5:f5:16:5b:af:8d:b4:4b:87:a7:97:dc:83:4f:0a:5e:30:08:
b4:0f:01:aa:d8:f6:f8:8e:b7:a0:ea:2e:40:46:0f:af:4c:34:
4e:ec:c3:9f:5f:49:d5:65:e1:1f:06:23:c7:67:2b:9c:8a:21:
0e:78:9f:39:86:be:07:0a:19:8c:d8:4d:20:68:84:3a:92:72:
93:37:69:04:33:f1:ba:41:0e:c0:92:63:45:27:ef:c6:4d:64:
69:55:6f:1f:97:28:0e:85:2a:35:ed:19:c3:ae:57:07:a3:eb:
70:7d:0f:78:f5:9d:9d:9b:59:88:50:08:70:2a:da:fd:54:ae:
80:a3:00:74:8d:63:2f:ec:ce:72:28:1b:f0:57:c6:1d:49:0b:
58:49:f1:a6:e0:fd:40:7c:d5:95:18:95:a1:79:77:b8:23:7a:
f1:55:b1:18:ac:9e:fe:73:9b:60:a4:b9:3e:99:10:0b:b0:60:
3e:0d:8e:61:07:3b:cc:23:a0:81:7e:53:51:41:48:f4:71:2d:
16:ea:27:fe:2f:03:05:ff:1d:74:29:8d:95:a0:2c:ba:07:90:
27:d6:dc:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyeVcXidUHTcNK+Bp3zByRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMjI3MDkwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzg0NmQ1YjQ3MTYzYjJhNzE4ZDAyZjZjYTQyOTg3OTM3YTU2YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpBsqaSwAfIOI0u2X0fBlBze5KCj
+eWiiVAM8aBb+mustdOgt7GZEnhv8Vtz0H115Y8ICVco0PAw3/nzeVrLakKuo9/k
zju5t6cdw3zk0JDQm/4w4Fo7l7HCUOqvYYYAZADbe82DbWzBl8nP0L0ZotZeU40Z
woRvMy8056X3j3YM4RM2vBEmYTiVyWR5lahev4TgGL/N6lukrMKbNJ81OU/ecCsw
6kyM+XtVmRBdfSFIQ4MU8kwT5hS2u7V3/BfgFI/UXB002SSfWMtW9FrTOtq5BSsA
N6x+LuP+sP+kR2iEZZZgMW/tsoyIS1ZKzl5WCDqwYGVtbxZeJE/lfz5JawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHeEbVtHFjsqcY0C9spCmHk3pWt7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZDRSdFcwY1dPeXB4alFMMnlrS1llVGVsYTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUgKAwQA
wlcAAwQAw4U7MA0GCSqGSIb3DQEBCwUAA4IBAQA3W3a5+/oUNi9hoMTC/KdZgTN6
VzRbszNuqAN0yUyN7EVDTGX19RZbr420S4enl9yDTwpeMAi0DwGq2Pb4jreg6i5A
Rg+vTDRO7MOfX0nVZeEfBiPHZyuciiEOeJ85hr4HChmM2E0gaIQ6knKTN2kEM/G6
QQ7AkmNFJ+/GTWRpVW8flygOhSo17RnDrlcHo+twfQ949Z2dm1mIUAhwKtr9VK6A
owB0jWMv7M5yKBvwV8YdSQtYSfGm4P1AfNWVGJWheXe4I3rxVbEYrJ7+c5tgpLk+
mRALsGA+DY5hBzvMI6CBflNRQUj0cS0W6if+LwMF/x10KY2VoCy6B5An1tzJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:06:47 2026 by rpki-client