Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/Db0vWV10PDdNvJlPrQIc334_tN8.roa
File: Db0vWV10PDdNvJlPrQIc334_tN8.roa (raw, json)
Hash identifier: c9vHRsLZpkXkOA11QWT95eyXoTQe6iY901YAkf3L6Io=
Subject key identifier: 0D:BD:2F:59:5D:74:3C:37:4D:BC:99:4F:AD:02:1C:DF:7E:3F:B4:DF
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 019B7834923C1C8C2BD47698625ED1E931D2
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/Db0vWV10PDdNvJlPrQIc334_tN8.roa
Signing time: Thu 01 Jan 2026 06:17:49 +0000
ROA not before: Thu 01 Jan 2026 06:17:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205747
IP address blocks: 91.212.77.0/24 maxlen: 24
185.188.196.0/22 maxlen: 24
192.175.38.0/23 maxlen: 23
193.247.254.0/24 maxlen: 24
2a0b:d080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:92:3c:1c:8c:2b:d4:76:98:62:5e:d1:e9:31:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Jan 1 06:17:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0dbd2f595d743c374dbc994fad021cdf7e3fb4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ba:91:9f:bd:0b:67:75:90:38:a2:31:ce:3a:
d1:80:9b:da:64:97:03:78:a5:dd:33:3b:b1:52:95:
0c:e4:39:56:4c:2b:10:d1:1a:5d:8a:90:65:2c:3d:
0f:b9:e2:54:7f:92:77:d2:99:3f:d2:5c:72:b2:65:
b3:5e:1a:27:1f:81:09:a3:f4:f5:e5:7a:4f:ad:bf:
43:a3:27:eb:0a:20:94:85:12:b0:7c:57:2a:46:89:
10:9b:63:59:fe:04:fd:00:d0:37:f0:b0:fc:35:82:
eb:d9:dc:96:7f:cd:f6:aa:6b:6c:4d:55:40:87:c4:
2d:28:4b:36:46:03:1d:b3:f1:d3:11:48:f6:e7:cb:
61:03:fe:aa:e1:0e:9e:d2:0c:39:c4:ef:2a:18:ac:
94:c5:ec:70:99:ba:0b:36:d6:e5:6d:d3:20:d4:3a:
65:33:ff:51:55:ff:e8:67:ab:c1:f7:ae:61:ec:44:
4c:21:c2:c2:20:5c:ad:47:b3:c0:58:13:c5:ae:25:
0f:28:1e:64:30:2b:b7:bf:76:dd:a0:c3:46:6b:42:
78:b6:bc:55:85:f3:e5:d4:0d:93:8d:29:84:00:d1:
95:86:cd:5f:d7:ec:2c:9f:1b:1d:8c:f3:5b:ce:ca:
10:54:4a:b4:bc:6b:32:87:0f:97:06:c5:13:55:e5:
57:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BD:2F:59:5D:74:3C:37:4D:BC:99:4F:AD:02:1C:DF:7E:3F:B4:DF
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/Db0vWV10PDdNvJlPrQIc334_tN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.77.0/24
185.188.196.0/22
192.175.38.0/23
193.247.254.0/24
IPv6:
2a0b:d080::/32
Signature Algorithm: sha256WithRSAEncryption
49:1a:ac:5e:71:88:2a:bb:84:87:17:74:30:45:03:bb:ae:9d:
8b:38:16:cf:9f:e2:5b:a5:bc:e8:9d:f0:d9:3c:fa:06:8c:bd:
9c:e8:7f:63:b8:e2:4c:8f:0e:2f:22:ca:ec:e4:1d:1f:f4:1e:
70:b0:4c:32:2d:7d:b9:0e:3e:63:57:ae:45:9b:59:74:09:f8:
e0:ab:21:d4:d4:dd:a1:5d:57:54:dd:6d:60:f2:6a:59:c3:fe:
99:6e:cc:68:99:53:8a:85:d1:bc:52:c5:ad:28:21:80:9f:b6:
23:29:dd:1e:99:32:d6:51:2f:36:86:e3:7c:57:67:03:e5:9f:
ce:5e:96:ce:dd:f2:40:1f:36:a0:97:d6:13:de:83:9d:1b:20:
13:e0:bd:63:18:f3:f4:7d:7e:02:98:ce:4e:9e:31:d3:3a:0e:
ea:02:4c:04:1e:d3:b8:68:55:d2:76:17:6c:8d:cf:76:ff:fc:
b5:aa:dd:f9:31:1b:23:94:ea:cf:4a:3e:2d:02:66:df:ba:b1:
90:98:c8:67:21:24:ce:76:bb:b1:19:b3:5c:3c:30:59:2b:92:
62:39:1a:b4:fc:4e:9a:d6:cc:60:57:7f:fd:69:13:5a:95:08:
3a:e8:46:22:2b:df:1f:bc:87:ed:2e:d1:f6:e2:f8:51:db:6f:
79:83:26:cc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt4NJI8HIwr1HaYYl7R6THSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm
YzdkN2MwHhcNMjYwMTAxMDYxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJkMmY1OTVkNzQzYzM3NGRiYzk5NGZhZDAyMWNkZjdlM2ZiNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLqRn70LZ3WQOKIxzjrRgJvaZJcD
eKXdMzuxUpUM5DlWTCsQ0RpdipBlLD0PueJUf5J30pk/0lxysmWzXhonH4EJo/T1
5XpPrb9DoyfrCiCUhRKwfFcqRokQm2NZ/gT9ANA38LD8NYLr2dyWf832qmtsTVVA
h8QtKEs2RgMds/HTEUj258thA/6q4Q6e0gw5xO8qGKyUxexwmboLNtblbdMg1Dpl
M/9RVf/oZ6vB965h7ERMIcLCIFytR7PAWBPFriUPKB5kMCu3v3bdoMNGa0J4trxV
hfPl1A2TjSmEANGVhs1f1+wsnxsdjPNbzsoQVEq0vGsyhw+XBsUTVeVX0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA29L1lddDw3TbyZT60CHN9+P7TfMB8GA1UdIwQY
MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt
YWY0ZTUyNDFiZjIwLzEvRGIwdldWMTBQRGROdkpsUHJRSWMzMzRfdE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw
LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9RNAwQC
ubzEAwQBwK8mAwQAwff+MA0EAgACMAcDBQAqC9CAMA0GCSqGSIb3DQEBCwUAA4IB
AQBJGqxecYgqu4SHF3QwRQO7rp2LOBbPn+JbpbzonfDZPPoGjL2c6H9juOJMjw4v
Isrs5B0f9B5wsEwyLX25Dj5jV65Fm1l0CfjgqyHU1N2hXVdU3W1g8mpZw/6Zbsxo
mVOKhdG8UsWtKCGAn7YjKd0emTLWUS82huN8V2cD5Z/OXpbO3fJAHzagl9YT3oOd
GyAT4L1jGPP0fX4CmM5OnjHTOg7qAkwEHtO4aFXSdhdsjc92//y1qt35MRsjlOrP
Sj4tAmbfurGQmMhnISTOdruxGbNcPDBZK5JiORq0/E6a1sxgV3/9aRNalQg66EYi
K98fvIftLtH24vhR2295gybM
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:51:27 2026 by rpki-client