Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/DnToB2fcBGWxAKcfq3WaZ_D6K3A.roa
File: DnToB2fcBGWxAKcfq3WaZ_D6K3A.roa (raw, json)
Hash identifier: FlkECwDyQ/oLu1bWPPOyfLJjCJIMSr6+ELw6r9iCwbg=
Subject key identifier: 0E:74:E8:07:67:DC:04:65:B1:00:A7:1F:AB:75:9A:67:F0:FA:2B:70
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019D6D077BB1FFBA89DCB963AE6F7BC0FE9C
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/DnToB2fcBGWxAKcfq3WaZ_D6K3A.roa
Signing time: Wed 08 Apr 2026 12:18:20 +0000
ROA not before: Wed 08 Apr 2026 12:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28917
IP address blocks: 81.95.42.0/24 maxlen: 24
82.194.244.0/22 maxlen: 22
89.188.164.0/22 maxlen: 24
89.188.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:07:7b:b1:ff:ba:89:dc:b9:63:ae:6f:7b:c0:fe:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Apr 8 12:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e74e80767dc0465b100a71fab759a67f0fa2b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:29:e9:bb:47:f7:6c:4c:73:51:ff:e3:86:37:
6a:da:af:4a:75:87:0c:15:13:51:f1:23:06:4a:9a:
54:c1:48:3a:2d:77:e3:89:c2:4b:63:c4:e1:f0:a1:
21:53:f2:40:91:8a:14:cf:6c:8b:97:5a:d0:7b:9b:
43:dd:ce:90:8c:ea:22:64:97:06:e9:59:84:10:11:
0b:49:02:ae:23:43:ed:80:08:b9:bf:1f:5c:75:30:
f0:ad:8f:c3:9d:9d:52:80:1d:ec:68:70:e0:4a:ab:
8b:48:4a:e3:73:26:75:8d:c8:4c:3f:ae:0b:a9:79:
2c:96:c1:35:d1:92:34:c3:82:0e:49:58:a7:74:f1:
b0:14:d7:b8:b4:d3:02:10:32:25:6c:47:20:6c:64:
d5:45:8f:87:91:3a:17:06:49:84:c4:05:86:cd:70:
bc:5c:ee:7f:dc:cf:31:3c:e4:b8:2c:13:a8:dd:20:
60:5b:25:5e:a1:4b:38:f1:b4:b6:70:bf:ef:91:05:
9e:79:ab:9f:3a:c5:c4:5d:30:ef:af:1b:ed:fe:40:
ae:cb:ed:b5:4c:0b:d6:ac:0b:cd:a9:23:b9:44:96:
e6:6c:85:ee:61:23:35:c4:81:9a:40:96:a6:86:f8:
95:3e:12:ab:6f:e7:79:cd:e9:b5:8f:cc:6a:23:bf:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:74:E8:07:67:DC:04:65:B1:00:A7:1F:AB:75:9A:67:F0:FA:2B:70
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/DnToB2fcBGWxAKcfq3WaZ_D6K3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.42.0/24
82.194.244.0/22
89.188.164.0/22
89.188.176.0/22
Signature Algorithm: sha256WithRSAEncryption
75:d1:0c:79:f0:c8:82:9a:75:8c:5d:3a:0b:d6:14:f0:0b:71:
dc:8e:ea:f5:85:68:fc:55:de:3b:17:17:61:07:2a:f0:d3:3d:
df:99:b2:b1:74:ec:97:f4:8f:0b:58:c9:d5:c6:00:ad:e2:db:
1c:d1:c0:c6:10:40:63:c0:9d:79:00:26:24:e6:8c:6a:bc:5d:
68:ce:41:19:1e:33:2a:5f:8b:2c:9b:a3:6c:77:4b:40:a4:15:
4f:0c:d5:b9:3c:57:71:4b:8d:ff:9f:8d:ae:93:b8:34:6f:4d:
78:6d:53:ba:c1:83:2b:0f:e7:a4:91:06:59:ba:ef:e2:b7:06:
41:07:c8:f7:fd:80:6c:20:99:4f:34:af:b0:d2:09:7a:94:61:
5a:cb:8a:7d:30:ee:ea:96:06:25:1e:28:65:85:88:e2:36:28:
26:4d:05:07:08:97:7c:f9:a1:71:39:92:53:92:94:d9:4d:2d:
e4:ca:ec:46:00:c6:c1:97:86:b6:41:9f:b4:44:93:da:bb:43:
fd:3d:e3:6c:99:f2:64:66:cc:3c:17:08:c6:de:68:66:27:dc:
ac:7b:69:c7:83:fa:81:24:b8:4d:30:4f:18:fe:04:e0:b3:b7:
7d:0c:18:3a:5e:5a:73:ac:6e:3b:c9:2c:f2:b3:b7:52:79:f8:
81:96:7f:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1tB3ux/7qJ3Lljrm97wP6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjYwNDA4MTIxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc0ZTgwNzY3ZGMwNDY1YjEwMGE3MWZhYjc1OWE2N2YwZmEyYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCnpu0f3bExzUf/jhjdq2q9KdYcM
FRNR8SMGSppUwUg6LXfjicJLY8Th8KEhU/JAkYoUz2yLl1rQe5tD3c6QjOoiZJcG
6VmEEBELSQKuI0PtgAi5vx9cdTDwrY/DnZ1SgB3saHDgSquLSErjcyZ1jchMP64L
qXkslsE10ZI0w4IOSVindPGwFNe4tNMCEDIlbEcgbGTVRY+HkToXBkmExAWGzXC8
XO5/3M8xPOS4LBOo3SBgWyVeoUs48bS2cL/vkQWeeaufOsXEXTDvrxvt/kCuy+21
TAvWrAvNqSO5RJbmbIXuYSM1xIGaQJamhviVPhKrb+d5zem1j8xqI78x6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA506Adn3ARlsQCnH6t1mmfw+itwMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvRG5Ub0IyZmNCR1d4QUtjZnEzV2FaX0Q2SzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUV8qAwQC
UsL0AwQCWbykAwQCWbywMA0GCSqGSIb3DQEBCwUAA4IBAQB10Qx58MiCmnWMXToL
1hTwC3Hcjur1hWj8Vd47FxdhByrw0z3fmbKxdOyX9I8LWMnVxgCt4tsc0cDGEEBj
wJ15ACYk5oxqvF1ozkEZHjMqX4ssm6Nsd0tApBVPDNW5PFdxS43/n42uk7g0b014
bVO6wYMrD+ekkQZZuu/itwZBB8j3/YBsIJlPNK+w0gl6lGFay4p9MO7qlgYlHihl
hYjiNigmTQUHCJd8+aFxOZJTkpTZTS3kyuxGAMbBl4a2QZ+0RJPau0P9PeNsmfJk
Zsw8FwjG3mhmJ9yse2nHg/qBJLhNME8Y/gTgs7d9DBg6XlpzrG47ySzys7dSefiB
ln9D
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:59 2026 by rpki-client