Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/Dch7ul5aVnL_m2XEZjfUT9TlzKI.roa
File: Dch7ul5aVnL_m2XEZjfUT9TlzKI.roa (raw, json)
Hash identifier: dY0WBC4mPaz5+Exli1KBR1KbgYfTH82golhb7jbBUj0=
Subject key identifier: 0D:C8:7B:BA:5E:5A:56:72:FF:9B:65:C4:66:37:D4:4F:D4:E5:CC:A2
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 019C6AB8A9BE0B17FB22FF83CB143439B11C
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/Dch7ul5aVnL_m2XEZjfUT9TlzKI.roa
Signing time: Tue 17 Feb 2026 08:30:12 +0000
ROA not before: Tue 17 Feb 2026 08:30:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211316
IP address blocks: 62.146.248.0/21 maxlen: 24
62.146.253.0/24 maxlen: 24
91.212.42.0/24 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
185.101.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6a:b8:a9:be:0b:17:fb:22:ff:83:cb:14:34:39:b1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Feb 17 08:30:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0dc87bba5e5a5672ff9b65c46637d44fd4e5cca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:97:23:2b:e9:d0:b9:88:d6:cf:e2:2c:6e:65:
a7:a4:9b:c6:10:e3:22:14:47:bc:fb:59:bb:42:78:
d1:03:b3:28:d4:3b:f2:e3:39:59:5c:78:39:c2:81:
8c:56:2b:4a:c2:26:ab:83:aa:a9:8a:e2:6a:59:7d:
eb:81:c3:7b:bc:9f:d2:dc:82:72:30:ed:02:1f:05:
ed:97:38:d3:61:a5:f8:fd:45:d0:09:81:5c:2c:64:
82:db:da:17:b8:99:46:7b:b6:23:3f:a9:5b:4c:03:
48:2f:9b:94:31:53:b0:f3:0d:b3:4f:e8:34:b2:94:
16:7d:5c:dc:4e:eb:b9:81:6e:22:6a:21:a7:50:0e:
7c:0d:f7:e1:14:56:7c:a0:53:44:5a:d0:06:da:4d:
6e:43:e3:16:a0:34:68:4b:92:9e:e5:4a:80:c5:7e:
5c:78:9c:d4:e3:7e:36:5a:f1:7d:90:fe:65:7f:b3:
25:f5:13:3a:fc:24:68:a3:4a:eb:24:51:7b:fb:fc:
0f:5e:61:17:58:59:11:c8:91:16:96:a2:bb:35:05:
02:f3:40:a3:73:24:22:2c:8c:ba:bd:91:c9:df:8f:
4c:12:73:dd:47:9e:53:44:06:85:95:e8:b5:b3:03:
5d:a6:e2:6e:b8:24:6f:6e:c2:29:3a:f6:3c:5b:20:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C8:7B:BA:5E:5A:56:72:FF:9B:65:C4:66:37:D4:4F:D4:E5:CC:A2
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/Dch7ul5aVnL_m2XEZjfUT9TlzKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.248.0/21
91.212.42.0/24
147.12.16.0/20
185.101.196.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:04:22:0c:1b:20:ac:70:d4:4f:76:90:b5:ad:18:ec:32:82:
3c:5b:2f:27:a0:ee:e5:e9:e3:62:82:78:cb:fa:0e:33:e1:8c:
ad:06:73:18:31:9c:31:78:32:83:ad:6e:a4:37:5c:77:10:f5:
80:f7:4f:42:81:e1:d8:9f:6c:a8:bc:52:93:f1:4b:f6:d9:2e:
96:01:3f:01:a8:ea:b0:6f:f0:bb:be:0d:be:63:93:19:4e:a9:
c4:5a:c2:89:94:ef:ce:e7:5a:6e:21:67:fd:0d:88:36:f6:d4:
89:8a:6a:73:03:88:4c:6b:93:95:7f:2f:2a:30:98:4f:45:5e:
49:ef:cc:91:d5:56:e5:d7:eb:fc:2f:c1:94:be:1c:40:18:39:
69:77:58:bd:88:1b:b5:ea:2e:03:cc:0a:b9:f6:8b:bc:90:0e:
b6:88:50:54:eb:71:50:b6:5b:71:dd:85:f7:3c:4a:8f:51:72:
48:51:54:96:42:fd:12:36:67:66:4d:37:5d:10:cd:3d:78:48:
52:81:73:ad:d1:41:9e:cf:2e:69:72:1b:ac:1f:42:3b:49:7c:
9f:2a:3d:b4:0a:21:07:9f:6f:83:3c:7a:3b:dd:d8:ce:33:7b:
cf:4b:c4:de:5b:e9:78:a2:82:d8:c1:17:e3:aa:f2:16:40:5f:
c0:f6:89:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxquKm+Cxf7Iv+DyxQ0ObEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjYwMjE3MDgzMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGM4N2JiYTVlNWE1NjcyZmY5YjY1YzQ2NjM3ZDQ0ZmQ0ZTVjY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJcjK+nQuYjWz+IsbmWnpJvGEOMi
FEe8+1m7QnjRA7Mo1Dvy4zlZXHg5woGMVitKwiarg6qpiuJqWX3rgcN7vJ/S3IJy
MO0CHwXtlzjTYaX4/UXQCYFcLGSC29oXuJlGe7YjP6lbTANIL5uUMVOw8w2zT+g0
spQWfVzcTuu5gW4iaiGnUA58DffhFFZ8oFNEWtAG2k1uQ+MWoDRoS5Ke5UqAxX5c
eJzU4342WvF9kP5lf7Ml9RM6/CRoo0rrJFF7+/wPXmEXWFkRyJEWlqK7NQUC80Cj
cyQiLIy6vZHJ349MEnPdR55TRAaFlei1swNdpuJuuCRvbsIpOvY8WyDzfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA3Ie7peWlZy/5tlxGY31E/U5cyiMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvRGNoN3VsNWFWbkxfbTJYRVpqZlVUOVRsektJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPpL4AwQA
W9QqAwQEkwwQAwQCuWXEMA0GCSqGSIb3DQEBCwUAA4IBAQCMBCIMGyCscNRPdpC1
rRjsMoI8Wy8noO7l6eNignjL+g4z4YytBnMYMZwxeDKDrW6kN1x3EPWA909CgeHY
n2yovFKT8Uv22S6WAT8BqOqwb/C7vg2+Y5MZTqnEWsKJlO/O51puIWf9DYg29tSJ
impzA4hMa5OVfy8qMJhPRV5J78yR1Vbl1+v8L8GUvhxAGDlpd1i9iBu16i4DzAq5
9ou8kA62iFBU63FQtltx3YX3PEqPUXJIUVSWQv0SNmdmTTddEM09eEhSgXOt0UGe
zy5pchusH0I7SXyfKj20CiEHn2+DPHo73djOM3vPS8TeW+l4ooLYwRfjqvIWQF/A
9ol5
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:50:50 2026 by rpki-client