Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D9hn0zDQT8oIA00OrZOAvI94E8k.roa
File: D9hn0zDQT8oIA00OrZOAvI94E8k.roa (raw, json)
Hash identifier: qqgdksRdKKTjW+EkmjlH8Tsn8Br4sPsrjlGEj1246Fw=
Subject key identifier: 0F:D8:67:D3:30:D0:4F:CA:08:03:4D:0E:AD:93:80:BC:8F:78:13:C9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E98903F274C5C9D0E8F56D2D32BDDCDC8
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D9hn0zDQT8oIA00OrZOAvI94E8k.roa
Signing time: Fri 05 Jun 2026 16:14:10 +0000
ROA not before: Fri 05 Jun 2026 16:14:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203516
IP address blocks: 5.83.131.0/24 maxlen: 24
5.83.135.0/24 maxlen: 24
5.175.136.0/24 maxlen: 24
5.175.206.0/24 maxlen: 24
89.144.10.0/24 maxlen: 24
89.144.20.0/24 maxlen: 24
2a02:2fc0:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:90:3f:27:4c:5c:9d:0e:8f:56:d2:d3:2b:dd:cd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 5 16:14:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0fd867d330d04fca08034d0ead9380bc8f7813c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:98:42:30:91:0f:32:47:70:ae:18:7b:35:cd:
8c:7c:38:a8:de:a7:a1:0b:5d:22:04:62:a7:c1:7e:
2e:5a:f6:1d:32:c3:99:9f:cf:24:7c:d4:19:d1:8f:
67:4c:9e:b2:72:7a:0b:f8:89:52:3c:d7:f1:a9:e2:
c8:56:97:a8:01:c3:b2:65:9a:a9:4e:4f:a1:d7:99:
2c:52:75:40:e8:98:c9:72:51:ce:c1:9e:da:2a:72:
c8:62:12:fa:63:de:10:25:7e:33:0d:4e:98:03:4d:
fc:63:37:16:a9:b4:63:b7:53:72:54:ee:41:93:71:
7e:95:a9:3d:9a:eb:95:d2:54:ec:19:c1:0f:ee:31:
dc:90:a3:79:d1:f4:c0:0a:5a:aa:de:18:cb:4a:fa:
73:1b:7f:84:c4:58:59:ec:6f:7b:08:1d:90:57:ca:
46:e4:e9:f5:42:c8:73:c8:4e:8f:60:80:fc:33:81:
3b:18:1a:4e:15:25:09:ec:c5:59:5d:9a:d2:f2:86:
95:c3:c5:fa:9f:26:3c:34:12:be:dc:d1:d5:81:12:
ca:04:68:42:99:fb:c0:2d:43:cd:6e:af:31:a4:a7:
e7:8b:35:d1:f2:2e:50:69:f4:6c:79:b4:78:73:89:
4c:7f:48:dd:86:ca:96:58:74:e7:0c:78:cd:c5:26:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D8:67:D3:30:D0:4F:CA:08:03:4D:0E:AD:93:80:BC:8F:78:13:C9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D9hn0zDQT8oIA00OrZOAvI94E8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.131.0/24
5.83.135.0/24
5.175.136.0/24
5.175.206.0/24
89.144.10.0/24
89.144.20.0/24
IPv6:
2a02:2fc0:12::/48
Signature Algorithm: sha256WithRSAEncryption
66:82:d0:01:05:40:03:48:60:09:f3:85:ea:32:df:88:73:2c:
a6:8d:41:e7:b4:b5:4d:9b:91:94:0a:b3:8c:5c:f9:bb:51:b0:
a9:f8:24:79:19:97:01:32:e1:04:64:d0:7d:9b:63:b8:bb:8e:
21:66:20:7e:7e:52:58:6f:e3:22:95:f3:cb:29:30:76:42:03:
25:9f:2b:c6:6c:ed:ee:7e:ba:c2:71:d2:da:48:65:a1:03:e7:
a6:55:a0:52:99:6f:f6:a2:09:7c:7f:01:e4:a5:f1:cf:6a:c3:
a9:01:d2:5b:29:a9:6d:79:9a:ae:ac:16:47:4e:85:8a:7a:91:
3e:d2:52:4b:74:4c:2a:aa:6b:37:33:b9:6b:fb:03:b7:ec:5c:
94:01:b1:c4:ab:a9:64:30:0f:fc:8a:03:b4:0c:36:79:1f:58:
35:a7:c7:44:ab:25:d6:c3:26:c0:62:28:1d:33:83:31:7b:25:
4d:42:0f:17:32:a9:54:e5:11:8c:5b:ff:03:22:8b:7f:6a:5f:
1a:36:2a:9d:c0:a2:e2:35:40:18:a9:75:cb:ba:0f:22:ef:9d:
35:d2:a9:3f:07:60:9b:f8:28:5b:c3:99:d9:35:fe:ed:b2:c1:
b8:0a:24:7a:d5:ef:95:63:32:90:09:b7:c6:8f:3e:a7:b0:7a:
c1:10:03:1f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ6YkD8nTFydDo9W0tMr3c3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNjA1MTYxNDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ4NjdkMzMwZDA0ZmNhMDgwMzRkMGVhZDkzODBiYzhmNzgxM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJhCMJEPMkdwrhh7Nc2MfDio3qeh
C10iBGKnwX4uWvYdMsOZn88kfNQZ0Y9nTJ6ycnoL+IlSPNfxqeLIVpeoAcOyZZqp
Tk+h15ksUnVA6JjJclHOwZ7aKnLIYhL6Y94QJX4zDU6YA038YzcWqbRjt1NyVO5B
k3F+lak9muuV0lTsGcEP7jHckKN50fTAClqq3hjLSvpzG3+ExFhZ7G97CB2QV8pG
5On1QshzyE6PYID8M4E7GBpOFSUJ7MVZXZrS8oaVw8X6nyY8NBK+3NHVgRLKBGhC
mfvALUPNbq8xpKfnizXR8i5QafRsebR4c4lMf0jdhsqWWHTnDHjNxSatawIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFA/YZ9Mw0E/KCANNDq2TgLyPeBPJMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRDlobjB6RFFUOG9JQTAwT3JaT0F2STk0RThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQABVODAwQA
BVOHAwQABa+IAwQABa/OAwQAWZAKAwQAWZAUMA8EAgACMAkDBwAqAi/AABIwDQYJ
KoZIhvcNAQELBQADggEBAGaC0AEFQANIYAnzheoy34hzLKaNQee0tU2bkZQKs4xc
+btRsKn4JHkZlwEy4QRk0H2bY7i7jiFmIH5+Ulhv4yKV88spMHZCAyWfK8Zs7e5+
usJx0tpIZaED56ZVoFKZb/aiCXx/AeSl8c9qw6kB0lspqW15mq6sFkdOhYp6kT7S
Ukt0TCqqazczuWv7A7fsXJQBscSrqWQwD/yKA7QMNnkfWDWnx0SrJdbDJsBiKB0z
gzF7JU1CDxcyqVTlEYxb/wMii39qXxo2Kp3AouI1QBipdcu6DyLvnTXSqT8HYJv4
KFvDmdk1/u2ywbgKJHrV75VjMpAJt8aPPqewesEQAx8=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:40:19 2026 by rpki-client