Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/d1jP90vciiSKp3aodWDKGnu38Bk.roa
File: d1jP90vciiSKp3aodWDKGnu38Bk.roa (raw, json)
Hash identifier: nxrJlRcagS8YYk40MdJDJveIMr4yj0rHLHg2nPrUsoI=
Subject key identifier: 77:58:CF:F7:4B:DC:8A:24:8A:A7:76:A8:75:60:CA:1A:7B:B7:F0:19
Certificate issuer: /CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Certificate serial: 019B7D5C70C4665A0AF9F5D35403A8F7AE50
Authority key identifier: DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/d1jP90vciiSKp3aodWDKGnu38Bk.roa
Signing time: Fri 02 Jan 2026 06:19:28 +0000
ROA not before: Fri 02 Jan 2026 06:19:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207572
IP address blocks: 193.17.3.0/24 maxlen: 24
193.17.15.0/24 maxlen: 24
193.17.20.0/24 maxlen: 24
193.17.23.0/24 maxlen: 24
2a0f:74c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:70:c4:66:5a:0a:f9:f5:d3:54:03:a8:f7:ae:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Validity
Not Before: Jan 2 06:19:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7758cff74bdc8a248aa776a87560ca1a7bb7f019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f2:d2:ca:79:80:53:d9:bf:c5:5c:39:9f:45:
7c:ae:8d:64:dd:56:56:8f:c6:9c:19:7d:6b:96:5c:
aa:36:d7:b4:c1:7d:8b:6a:58:9e:8f:5c:1d:49:95:
10:37:0c:85:be:60:7e:8b:8e:42:a1:df:13:a2:67:
f7:d4:d4:90:25:88:64:da:97:31:62:fd:fd:36:17:
52:f7:f8:5b:ba:3b:e6:05:a5:49:48:33:b3:63:13:
2a:ec:a9:17:c8:53:77:17:8c:83:9d:41:d6:91:fe:
c9:9d:af:ac:81:26:e6:c7:ee:94:c6:06:75:ec:1c:
33:38:88:7e:ec:3b:c2:b4:20:b8:f5:8f:bd:4c:cf:
6e:8e:4f:fa:0d:c7:d1:6d:67:ae:10:27:07:56:f4:
dd:4b:96:fa:26:1b:56:2d:d4:ed:e0:d7:86:58:03:
5d:95:8d:c3:39:ee:f4:b0:f6:be:ae:49:dc:f6:4e:
a0:b3:61:1e:cf:a0:cd:40:f5:49:95:0f:99:43:f4:
fd:ce:08:11:b8:39:4f:c8:b7:12:54:d8:97:3c:81:
54:d1:ba:a1:36:98:5a:c2:ef:74:cf:1f:01:75:b6:
fa:79:ab:64:f1:48:b5:7f:69:8f:ee:df:31:9a:4f:
e9:b7:9e:33:05:e7:47:55:d0:24:e8:bf:ae:c8:c2:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:58:CF:F7:4B:DC:8A:24:8A:A7:76:A8:75:60:CA:1A:7B:B7:F0:19
X509v3 Authority Key Identifier:
keyid:DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/d1jP90vciiSKp3aodWDKGnu38Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.3.0/24
193.17.15.0/24
193.17.20.0/24
193.17.23.0/24
IPv6:
2a0f:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:d0:c6:28:36:c0:48:85:2d:37:04:64:31:b5:e2:01:46:67:
d0:77:51:01:7a:6f:5e:e7:e4:92:62:ba:c3:d1:b1:53:10:e7:
22:91:38:6f:7f:69:fe:f0:5d:36:14:58:00:6a:0f:d3:4e:a3:
90:bc:c4:b2:66:86:72:b0:8e:05:93:75:8d:10:43:1b:64:cf:
28:1f:4b:5b:c8:03:d6:d3:75:c5:a1:46:86:8d:87:6c:e3:15:
fb:7e:de:65:69:83:21:6a:c9:23:aa:f4:9b:fe:e4:06:23:51:
ec:d7:b0:e8:67:ba:54:d1:8d:ff:e7:85:7a:27:03:86:7c:4d:
91:29:41:83:12:2f:ef:2f:8b:4e:13:15:aa:79:de:f0:98:d0:
ce:83:da:bf:63:08:b8:c6:f1:a3:a5:51:b3:12:56:5e:7e:d1:
13:79:02:42:40:4c:85:7a:81:3a:db:58:95:48:c6:65:8f:60:
d5:c5:a8:ca:66:0c:40:e7:a1:74:bc:65:22:f7:03:fa:17:19:
f2:43:32:19:d5:19:aa:8b:3a:33:3f:4e:e7:7f:11:39:19:36:
0b:08:63:60:c2:c8:85:d7:c9:a3:ff:2e:55:20:83:11:ca:ae:
44:74:a1:ea:b4:67:2e:b6:15:89:f2:d0:e6:38:10:55:cc:a3:
a8:b7:f7:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt9XHDEZloK+fXTVAOo965QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGEzYTQzMzAxY2QyYzgwNDdlYjg1NDRmODBhYjRmZmNm
ZTlhY2YwHhcNMjYwMTAyMDYxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU4Y2ZmNzRiZGM4YTI0OGFhNzc2YTg3NTYwY2ExYTdiYjdmMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPLSynmAU9m/xVw5n0V8ro1k3VZW
j8acGX1rllyqNte0wX2Laliej1wdSZUQNwyFvmB+i45Cod8Tomf31NSQJYhk2pcx
Yv39NhdS9/hbujvmBaVJSDOzYxMq7KkXyFN3F4yDnUHWkf7Jna+sgSbmx+6UxgZ1
7BwzOIh+7DvCtCC49Y+9TM9ujk/6DcfRbWeuECcHVvTdS5b6JhtWLdTt4NeGWANd
lY3DOe70sPa+rknc9k6gs2Eez6DNQPVJlQ+ZQ/T9zggRuDlPyLcSVNiXPIFU0bqh
Nphawu90zx8Bdbb6eatk8Ui1f2mP7t8xmk/pt54zBedHVdAk6L+uyMLhuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHdYz/dL3Iokiqd2qHVgyhp7t/AZMB8GA1UdIwQY
MBaAFNyKOkMwHNLIBH64VE+Aq0/8/prPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQt
ZmU4NDQwNjBhNDZkLzEvZDFqUDkwdmNpaVNLcDNhb2RXREtHbnUzOEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQtZmU4NDQwNjBhNDZk
LzEvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwREDAwQA
wREPAwQAwREUAwQAwREXMA0EAgACMAcDBQMqD3TAMA0GCSqGSIb3DQEBCwUAA4IB
AQDN0MYoNsBIhS03BGQxteIBRmfQd1EBem9e5+SSYrrD0bFTEOcikThvf2n+8F02
FFgAag/TTqOQvMSyZoZysI4Fk3WNEEMbZM8oH0tbyAPW03XFoUaGjYds4xX7ft5l
aYMhaskjqvSb/uQGI1Hs17DoZ7pU0Y3/54V6JwOGfE2RKUGDEi/vL4tOExWqed7w
mNDOg9q/Ywi4xvGjpVGzElZeftETeQJCQEyFeoE621iVSMZlj2DVxajKZgxA56F0
vGUi9wP6FxnyQzIZ1RmqizozP07nfxE5GTYLCGNgwsiF18mj/y5VIIMRyq5EdKHq
tGcuthWJ8tDmOBBVzKOot/eI
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:35:27 2026 by rpki-client