Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DWklXaBHq6lCrrInc9yfeIOI2zw.roa
File: DWklXaBHq6lCrrInc9yfeIOI2zw.roa (raw, json)
Hash identifier: MieDBbv5OYAebnqYRl6ivps6+JKJYPFsldoAoPOUxto=
Subject key identifier: 0D:69:25:5D:A0:47:AB:A9:42:AE:B2:27:73:DC:9F:78:83:88:DB:3C
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019CA16DB5E333783D401D967775A4AD42E3
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DWklXaBHq6lCrrInc9yfeIOI2zw.roa
Signing time: Fri 27 Feb 2026 23:27:27 +0000
ROA not before: Fri 27 Feb 2026 23:27:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.137.0/24 maxlen: 24
5.175.162.0/24 maxlen: 24
5.175.174.0/24 maxlen: 24
5.175.187.0/24 maxlen: 24
5.175.225.0/24 maxlen: 24
5.230.9.0/24 maxlen: 24
5.231.23.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.129.0/24 maxlen: 24
89.144.1.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.187.0/24 maxlen: 24
94.249.197.0/24 maxlen: 24
94.249.198.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.236.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
178.18.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:6d:b5:e3:33:78:3d:40:1d:96:77:75:a4:ad:42:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 27 23:27:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d69255da047aba942aeb22773dc9f788388db3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:02:83:1b:0a:43:83:6a:4d:27:57:b5:1b:fa:
91:be:35:77:35:e3:9c:ae:5e:44:79:42:37:0d:a2:
af:9b:ab:9c:d1:c9:de:d6:45:f4:f6:d5:a8:6e:b9:
0d:3c:b6:c1:b8:d8:d2:d9:08:d5:cb:75:88:63:33:
ad:22:62:63:5c:d0:63:9e:8d:68:43:7d:68:78:6f:
87:cd:91:cf:f8:90:0d:08:01:2c:51:4b:5a:bb:55:
61:d0:71:69:e2:85:92:86:b0:95:6f:c2:02:ce:44:
1b:cb:d7:63:5a:af:3a:7c:20:17:de:33:e5:09:7b:
c0:65:5c:41:b4:23:69:e0:97:05:35:f9:68:16:06:
c1:95:c1:c3:87:68:75:ea:6b:e8:a4:2b:56:14:d1:
41:f1:ee:dd:cc:2e:99:f5:d3:5b:2f:2a:77:a7:bc:
fb:5b:4c:e5:11:18:4a:05:a5:70:5b:01:8c:38:61:
dd:62:63:95:10:95:f3:1b:fc:6e:91:c4:44:d1:27:
f0:0a:13:58:39:07:30:02:25:90:3d:1e:a0:e6:f6:
52:1a:2c:1b:57:2c:35:d4:d3:c0:eb:b6:ca:2c:71:
09:f8:0c:e1:25:cd:f6:ef:d1:36:6d:ca:22:1b:06:
74:48:3a:e6:65:eb:a0:0a:3f:a1:ca:9d:46:57:9f:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:69:25:5D:A0:47:AB:A9:42:AE:B2:27:73:DC:9F:78:83:88:DB:3C
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DWklXaBHq6lCrrInc9yfeIOI2zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.137.0/24
5.175.162.0/24
5.175.174.0/24
5.175.187.0/24
5.175.225.0/24
5.230.9.0/24
5.231.23.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
5.231.203.0/24
5.231.247.0/24
77.90.39.0/24
85.118.162.0/24
87.239.129.0/24
89.144.1.0/24
94.103.167.0/24
94.249.150.0/24
94.249.153.0/24
94.249.187.0/24
94.249.197.0-94.249.198.255
94.249.201.0/24
94.249.236.0/24
95.215.33.0/24
178.18.146.0/24
Signature Algorithm: sha256WithRSAEncryption
83:22:58:7b:9a:fb:19:e4:26:ac:71:6b:33:0c:cf:eb:fb:83:
40:0e:e1:46:19:fd:45:b7:de:13:d9:df:05:94:63:23:a6:a3:
d9:81:c2:92:ec:81:47:18:4e:7b:ce:a7:40:09:b2:cd:78:f4:
35:e5:57:49:8a:ec:66:ef:7d:29:97:0b:62:a5:99:5d:d9:84:
bf:06:14:c4:63:a7:96:79:61:e3:16:89:30:b6:ad:ad:93:75:
93:42:ef:5d:28:bd:ef:b9:61:93:c8:9b:ab:3c:90:f1:c9:80:
e1:c6:6e:a4:f4:de:bb:a6:0d:69:fe:41:db:19:06:0b:31:79:
3d:9f:1b:88:b1:9a:cd:b2:13:1b:0b:d4:f8:0d:fc:f6:cb:85:
1b:55:2e:92:19:a5:88:58:a4:d6:38:b7:6c:3e:9c:f7:ea:b0:
ec:ac:08:56:53:fa:a6:43:42:5f:dd:a1:53:2b:f7:e7:46:84:
b3:b8:d2:3e:03:03:4e:1b:63:8c:23:d4:5e:6e:b4:5d:04:c8:
d1:db:58:93:df:f3:93:ed:de:8b:e1:45:17:a4:8c:aa:f9:d2:
18:45:e4:39:f2:77:b1:c4:0e:0e:e9:4e:e6:0c:6b:8b:a4:51:
36:5c:d7:27:d7:3e:86:7a:da:5f:ff:bd:00:72:f6:94:81:2a:
74:9e:7b:2f
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZyhbbXjM3g9QB2Wd3WkrULjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMjI3MjMyNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY5MjU1ZGEwNDdhYmE5NDJhZWIyMjc3M2RjOWY3ODgzODhkYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gKDGwpDg2pNJ1e1G/qRvjV3NeOc
rl5EeUI3DaKvm6uc0cne1kX09tWobrkNPLbBuNjS2QjVy3WIYzOtImJjXNBjno1o
Q31oeG+HzZHP+JANCAEsUUtau1Vh0HFp4oWShrCVb8ICzkQby9djWq86fCAX3jPl
CXvAZVxBtCNp4JcFNfloFgbBlcHDh2h16mvopCtWFNFB8e7dzC6Z9dNbLyp3p7z7
W0zlERhKBaVwWwGMOGHdYmOVEJXzG/xukcRE0SfwChNYOQcwAiWQPR6g5vZSGiwb
Vyw11NPA67bKLHEJ+AzhJc3279E2bcoiGwZ0SDrmZeugCj+hyp1GV5/TGwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFA1pJV2gR6upQq6yJ3Pcn3iDiNs8MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRFdrbFhhQkhxNmxDcnJJbmM5eWZlSU9JMnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAF
U5YDBAAFr4kDBAAFr6IDBAAFr64DBAAFr7sDBAAFr+EDBAAF5gkDBAAF5xcDBAAF
5xkDBAAF51IDBAAF52ADBAAF58sDBAAF5/cDBABNWicDBABVdqIDBABX74EDBABZ
kAEDBABeZ6cDBABe+ZYDBABe+ZkDBABe+bswDAMEAF75xQMEAF75xgMEAF75yQME
AF757AMEAF/XIQMEALISkjANBgkqhkiG9w0BAQsFAAOCAQEAgyJYe5r7GeQmrHFr
MwzP6/uDQA7hRhn9RbfeE9nfBZRjI6aj2YHCkuyBRxhOe86nQAmyzXj0NeVXSYrs
Zu99KZcLYqWZXdmEvwYUxGOnlnlh4xaJMLatrZN1k0LvXSi977lhk8ibqzyQ8cmA
4cZupPTeu6YNaf5B2xkGCzF5PZ8biLGazbITGwvU+A389suFG1UukhmliFik1ji3
bD6c9+qw7KwIVlP6pkNCX92hUyv350aEs7jSPgMDThtjjCPUXm60XQTI0dtYk9/z
k+3ei+FFF6SMqvnSGEXkOfJ3scQODulO5gxri6RRNlzXJ9c+hnraX/+9AHL2lIEq
dJ57Lw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:24 2026 by rpki-client