Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dlVQdZLTxWRwVgqI5k-k_mkHDkY.roa
File: dlVQdZLTxWRwVgqI5k-k_mkHDkY.roa (raw, json)
Hash identifier: J5t0QBxgYb49L35Fnnu0QIx6phJiQV4QiNxSEf47xYw=
Subject key identifier: 76:55:50:75:92:D3:C5:64:70:56:0A:88:E6:4F:A4:FE:69:07:0E:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019D7889A7858ADFEE119972165534F4311F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dlVQdZLTxWRwVgqI5k-k_mkHDkY.roa
Signing time: Fri 10 Apr 2026 17:56:20 +0000
ROA not before: Fri 10 Apr 2026 17:56:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.72.10.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.152.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.57.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.95.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.28.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:78:89:a7:85:8a:df:ee:11:99:72:16:55:34:f4:31:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 17:56:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7655507592d3c56470560a88e64fa4fe69070e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:61:1a:6e:f2:cc:98:c5:02:12:3e:8d:3c:a3:
85:34:5f:4f:bf:27:31:9d:a4:d3:8c:4b:a8:09:26:
43:4d:9e:9c:83:ce:51:5c:bf:90:04:66:47:8e:0b:
b8:5d:fa:57:c2:84:92:e1:db:87:ac:3e:a2:08:0f:
83:4c:ab:65:83:fc:34:94:47:7d:0b:50:31:20:2b:
0e:b3:dc:31:fb:b7:80:16:10:e2:45:af:00:85:f0:
aa:dc:97:ae:dc:b1:04:38:3b:b9:60:1a:cf:a7:c3:
01:2c:40:f5:36:92:27:f4:e7:f0:f7:93:5d:8a:11:
58:b3:af:b0:a9:fb:fe:c5:f2:c0:2b:76:2d:4c:40:
ea:9d:78:ad:43:d6:2d:b7:b8:06:0d:a5:ab:6a:97:
8f:17:43:48:77:80:33:be:b6:cc:be:81:b0:1d:3b:
fe:e2:4d:55:02:ca:9e:42:8e:89:7a:43:aa:a9:57:
1b:97:1e:fe:d0:c5:89:fe:19:79:95:c4:79:4a:33:
4a:28:91:f8:1d:00:4f:1d:e4:99:39:a9:df:71:ba:
52:b1:3b:89:28:36:2c:f7:13:f8:bc:46:32:10:92:
c8:27:0c:3e:54:ea:84:71:f4:70:2a:24:f9:0d:d2:
cd:4c:67:ca:fc:c1:09:7f:65:66:ee:1b:f1:10:88:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:55:50:75:92:D3:C5:64:70:56:0A:88:E6:4F:A4:FE:69:07:0E:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dlVQdZLTxWRwVgqI5k-k_mkHDkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.190.0/24
193.124.7.0/24
193.124.226.0/24
194.58.58.0/24
194.58.155.0/24
194.58.223.0/24
194.87.33.0/24
194.87.52.0/23
194.87.59.0/24
194.87.61.0/24
194.87.75.0/24
194.87.119.0/24
194.87.122.0/24
194.87.126.0/24
194.87.136.0/24
194.87.152.0/24
194.87.179.0/24
194.87.183.0/24
194.87.192.0/22
194.87.211.0-194.87.212.255
194.87.229.0/24
194.87.231.0/24
194.135.24.0/24
195.133.19.0/24
195.133.24.0/23
195.133.29.0/24
195.133.35.0/24
195.133.40.0/23
195.133.50.0/23
195.133.57.0-195.133.58.255
195.133.92.0/23
195.133.95.0/24
212.192.241.0-212.192.242.255
212.192.247.0/24
212.193.0.0/24
212.193.26.0-212.193.28.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
80:ac:92:d2:11:12:9a:15:32:2b:3f:d6:be:27:1a:af:2d:40:
02:02:5e:a3:12:44:fa:fa:e1:7c:cf:40:8b:c4:e9:c3:e8:55:
d6:94:d2:b9:62:fb:6b:81:65:bd:69:c3:42:a1:fe:49:0b:ad:
4f:fe:a0:f1:31:f0:39:1a:94:1b:a5:fd:dc:28:26:1c:40:1a:
18:6b:f4:60:88:49:e8:0d:50:50:1d:16:34:ee:03:5c:64:d3:
c5:8e:9c:91:1b:c6:36:03:1a:b6:32:90:47:f6:e5:d9:e5:7f:
20:36:5d:c4:62:03:7b:a7:01:7b:f6:af:d5:cd:f9:be:4f:b3:
06:2a:24:b8:ed:d7:37:2c:fb:b4:13:3a:ef:f9:ff:c3:53:3a:
da:27:99:65:56:cb:93:35:ce:0d:50:7d:38:51:fd:08:9d:a2:
b7:c4:4f:cc:56:f9:3a:5e:92:21:bc:a3:56:35:b7:27:31:41:
03:65:e9:53:c8:c8:16:44:c6:7f:16:ea:eb:a7:3c:1c:f9:a8:
04:5f:8b:f0:d2:d6:54:d2:f5:31:fd:45:dc:59:58:24:20:36:
c5:27:97:77:ee:6c:28:b6:a7:89:40:36:64:df:0e:ad:f5:ea:
6c:de:07:15:d3:a2:83:ca:9f:94:47:0d:d9:31:3c:55:02:5c:
95:1a:f4:99
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZ14iaeFit/uEZlyFlU09DEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNDEwMTc1NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU1NTA3NTkyZDNjNTY0NzA1NjBhODhlNjRmYTRmZTY5MDcwZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmEabvLMmMUCEj6NPKOFNF9Pvycx
naTTjEuoCSZDTZ6cg85RXL+QBGZHjgu4XfpXwoSS4duHrD6iCA+DTKtlg/w0lEd9
C1AxICsOs9wx+7eAFhDiRa8AhfCq3Jeu3LEEODu5YBrPp8MBLED1NpIn9Ofw95Nd
ihFYs6+wqfv+xfLAK3YtTEDqnXitQ9Ytt7gGDaWrapePF0NId4AzvrbMvoGwHTv+
4k1VAsqeQo6JekOqqVcblx7+0MWJ/hl5lcR5SjNKKJH4HQBPHeSZOanfcbpSsTuJ
KDYs9xP4vEYyEJLIJww+VOqEcfRwKiT5DdLNTGfK/MEJf2Vm7hvxEIjzOQIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFHZVUHWS08VkcFYKiOZPpP5pBw5GMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZGxWUWRaTFR4V1J3VmdxSTVrLWtfbWtIRGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCCAQUEAgABMIH+
AwQAuUgKAwQAwHy+AwQAwXwHAwQAwXziAwQAwjo6AwQAwjqbAwQAwjrfAwQAwlch
AwQBwlc0AwQAwlc7AwQAwlc9AwQAwldLAwQAwld3AwQAwld6AwQAwld+AwQAwleI
AwQAwleYAwQAwlezAwQAwle3AwQCwlfAMAwDBADCV9MDBADCV9QDBADCV+UDBADC
V+cDBADChxgDBADDhRMDBAHDhRgDBADDhR0DBADDhSMDBAHDhSgDBAHDhTIwDAME
AMOFOQMEAMOFOgMEAcOFXAMEAMOFXzAMAwQA1MDxAwQA1MDyAwQA1MD3AwQA1MEA
MAwDBAHUwRoDBADUwRwwFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEB
CwUAA4IBAQCArJLSERKaFTIrP9a+JxqvLUACAl6jEkT6+uF8z0CLxOnD6FXWlNK5
YvtrgWW9acNCof5JC61P/qDxMfA5GpQbpf3cKCYcQBoYa/RgiEnoDVBQHRY07gNc
ZNPFjpyRG8Y2Axq2MpBH9uXZ5X8gNl3EYgN7pwF79q/Vzfm+T7MGKiS47dc3LPu0
Ezrv+f/DUzraJ5llVsuTNc4NUH04Uf0InaK3xE/MVvk6XpIhvKNWNbcnMUEDZelT
yMgWRMZ/Furrpzwc+agEX4vw0tZU0vUx/UXcWVgkIDbFJ5d37mwotqeJQDZk3w6t
9eps3gcV06KDyp+URw3ZMTxVAlyVGvSZ
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:36:09 2026 by rpki-client