Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/dmE1mURwbo1v9xYDFiuIvh4HZz4.roa
File: dmE1mURwbo1v9xYDFiuIvh4HZz4.roa (raw, json)
Hash identifier: E0j3Vog7/eKV4rz8QxbpUA9nxxFmMsDogYNNNnTdFVQ=
Subject key identifier: 76:61:35:99:44:70:6E:8D:6F:F7:16:03:16:2B:88:BE:1E:07:67:3E
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 019E69802806FB998D63A3C9B4666DF21A79
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/dmE1mURwbo1v9xYDFiuIvh4HZz4.roa
Signing time: Wed 27 May 2026 12:54:26 +0000
ROA not before: Wed 27 May 2026 12:54:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.64.0/19 maxlen: 24
83.166.64.0/24 maxlen: 24
83.166.65.0/24 maxlen: 24
83.166.66.0/24 maxlen: 24
83.166.67.0/24 maxlen: 24
83.166.68.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
83.166.88.0/24 maxlen: 24
83.166.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:69:80:28:06:fb:99:8d:63:a3:c9:b4:66:6d:f2:1a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: May 27 12:54:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7661359944706e8d6ff71603162b88be1e07673e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e8:3f:14:3e:43:d2:56:7c:a7:a1:a7:1c:3e:
27:e7:86:12:b0:47:ab:fb:92:d3:7f:bf:6d:a6:e3:
c2:38:36:a9:9a:7f:7e:64:53:50:9e:bb:62:6e:40:
f7:6a:d6:34:8b:8c:9d:b9:ab:52:b5:a8:58:ca:1e:
f6:3a:30:4b:2a:4c:3a:d6:19:ce:47:d8:b8:2d:84:
1c:92:71:94:22:5d:24:6c:2b:d1:f1:0a:3a:7a:89:
7c:64:59:b3:91:72:4e:39:13:10:07:b3:14:de:a1:
cb:0a:d2:04:49:78:18:98:44:57:72:4a:b1:bb:bd:
6d:f6:65:7d:f7:25:4c:14:e8:28:4f:1e:29:67:7f:
35:08:c3:bb:88:b9:e5:18:4e:9c:57:c3:6c:78:10:
a8:73:cb:d4:2c:88:8b:52:87:99:ec:8b:1b:03:f3:
81:29:84:3c:90:48:40:c2:0f:48:64:d8:aa:b9:76:
f0:40:c3:b2:69:7c:30:c3:61:8c:e9:c8:03:c9:67:
92:e8:97:88:8f:68:f0:cc:5a:63:f6:9c:9a:e6:91:
5a:ac:93:2d:26:0d:97:ef:15:7c:be:eb:de:0b:3d:
3f:f6:5c:50:e8:76:a7:20:18:5b:60:6d:d1:a4:fd:
f4:ae:a6:50:7f:46:0c:6c:10:ce:06:c3:46:bc:16:
f1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:61:35:99:44:70:6E:8D:6F:F7:16:03:16:2B:88:BE:1E:07:67:3E
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/dmE1mURwbo1v9xYDFiuIvh4HZz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
Signature Algorithm: sha256WithRSAEncryption
19:44:2d:94:9a:1b:57:1b:f4:f1:f7:f0:2d:4e:d7:98:98:65:
0b:b1:b4:ea:62:a5:b1:e3:21:00:c6:55:83:93:00:00:61:ce:
f6:51:18:17:f6:fa:c7:1b:26:05:13:12:93:0b:2b:91:c1:d4:
22:a1:39:4d:e4:61:45:e5:a3:c2:be:c4:3b:01:60:ab:16:e8:
e9:b0:d8:c1:b5:f0:be:53:60:e9:19:5a:a7:30:54:64:1f:b7:
4d:2b:cf:f7:d5:70:45:5e:a1:40:5e:7f:5a:2f:48:ef:3f:58:
64:36:9d:e1:e7:d6:7f:92:f2:22:6f:0a:05:e4:8a:c6:d4:98:
fb:fd:8b:7e:fb:96:ba:01:c1:3c:51:e3:3e:94:2e:50:10:14:
c2:30:3f:0e:c6:c0:96:d0:e8:b9:48:db:05:96:10:47:ff:f9:
48:f0:80:60:03:9c:ad:1f:33:dd:43:1b:d0:cc:ea:ba:56:df:
b6:c2:af:35:44:99:32:26:86:8b:0e:12:f1:8f:7e:23:53:3d:
02:89:e7:58:63:29:9c:39:01:ea:18:89:28:75:6e:7d:fd:8d:
c5:bc:bb:22:18:84:cf:d0:45:54:b0:b0:89:57:7c:db:4a:11:
44:2f:c2:d1:fd:1a:18:29:b2:45:43:7c:aa:d7:f7:07:87:4d:
9b:85:66:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5pgCgG+5mNY6PJtGZt8hp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjYwNTI3MTI1NDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjYxMzU5OTQ0NzA2ZThkNmZmNzE2MDMxNjJiODhiZTFlMDc2NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOg/FD5D0lZ8p6GnHD4n54YSsEer
+5LTf79tpuPCODapmn9+ZFNQnrtibkD3atY0i4yduatStahYyh72OjBLKkw61hnO
R9i4LYQcknGUIl0kbCvR8Qo6eol8ZFmzkXJOORMQB7MU3qHLCtIESXgYmERXckqx
u71t9mV99yVMFOgoTx4pZ381CMO7iLnlGE6cV8NseBCoc8vULIiLUoeZ7IsbA/OB
KYQ8kEhAwg9IZNiquXbwQMOyaXwww2GM6cgDyWeS6JeIj2jwzFpj9pya5pFarJMt
Jg2X7xV8vuveCz0/9lxQ6HanIBhbYG3RpP30rqZQf0YMbBDOBsNGvBbxJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZhNZlEcG6Nb/cWAxYriL4eB2c+MB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvZG1FMW1VUndibzF2OXhZREZpdUl2aDRIWno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQAZRC2UmhtXG/Tx9/AtTteYmGULsbTqYqWx4yEAxlWD
kwAAYc72URgX9vrHGyYFExKTCyuRwdQioTlN5GFF5aPCvsQ7AWCrFujpsNjBtfC+
U2DpGVqnMFRkH7dNK8/31XBFXqFAXn9aL0jvP1hkNp3h59Z/kvIibwoF5IrG1Jj7
/Yt++5a6AcE8UeM+lC5QEBTCMD8OxsCW0Oi5SNsFlhBH//lI8IBgA5ytHzPdQxvQ
zOq6Vt+2wq81RJkyJoaLDhLxj34jUz0CiedYYymcOQHqGIkodW59/Y3FvLsiGITP
0EVUsLCJV3zbShFEL8LR/RoYKbJFQ3yq1/cHh02bhWbw
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:53:45 2026 by rpki-client