Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/DHTVOspVelmD6hKbvHHdFSxrQgA.roa
File: DHTVOspVelmD6hKbvHHdFSxrQgA.roa (raw, json)
Hash identifier: A7Oq6WR9f6YTO2BNgRao+GzDKScqL9wSwbqMrDuqnLc=
Subject key identifier: 0C:74:D5:3A:CA:55:7A:59:83:EA:12:9B:BC:71:DD:15:2C:6B:42:00
Certificate issuer: /CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Certificate serial: 019E5F9DC9F6411547348EC78E2E04EE906B
Authority key identifier: A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/DHTVOspVelmD6hKbvHHdFSxrQgA.roa
Signing time: Mon 25 May 2026 14:50:36 +0000
ROA not before: Mon 25 May 2026 14:50:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137
IP address blocks: 90.147.0.0/16 maxlen: 16
138.41.0.0/16 maxlen: 16
185.191.180.0/22 maxlen: 22
192.167.0.0/16 maxlen: 16
192.167.59.0/24 maxlen: 24
193.204.0.0/15 maxlen: 15
193.206.0.0/16 maxlen: 16
212.189.128.0/17 maxlen: 17
2001:760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:9d:c9:f6:41:15:47:34:8e:c7:8e:2e:04:ee:90:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Validity
Not Before: May 25 14:50:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0c74d53aca557a5983ea129bbc71dd152c6b4200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:62:88:44:32:30:1d:10:61:07:86:e1:9e:
a2:1e:b4:38:7c:f1:68:69:57:56:dd:df:99:fb:3a:
41:e5:dd:93:fe:ca:24:42:2c:c0:5e:94:1e:b3:23:
e1:17:6b:db:a9:e2:70:41:02:bf:13:29:bb:f1:93:
98:07:b9:13:86:e7:05:17:b5:cc:93:34:30:10:d2:
70:e7:94:51:af:ad:17:0d:44:1b:4b:9d:ce:39:f2:
2a:c0:1f:84:b3:ef:b1:88:da:88:56:95:bc:2d:bf:
c0:07:08:6d:27:c4:a1:fd:20:07:5f:91:33:65:fc:
a2:12:57:8f:c2:c3:0c:f0:c9:72:6b:5d:9e:cd:e9:
95:f2:26:f1:f6:08:6e:dd:68:3b:5e:7b:80:ca:7a:
c5:c0:61:33:06:a5:51:01:10:a5:bd:a5:56:c3:9f:
aa:a2:75:cd:d2:78:38:e5:50:88:51:07:e2:1d:92:
cc:cc:0b:f3:17:91:b2:ae:94:49:f8:12:fb:e9:23:
15:a0:89:28:90:68:dc:9b:15:6c:a6:4e:39:53:bf:
57:c3:e7:86:38:cc:a7:16:36:29:ad:40:28:e8:20:
c3:8d:be:44:6c:96:39:7d:6b:0c:88:f1:f1:59:d6:
94:5e:1e:97:80:79:d5:32:be:9f:d4:c5:76:88:ac:
f5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:74:D5:3A:CA:55:7A:59:83:EA:12:9B:BC:71:DD:15:2C:6B:42:00
X509v3 Authority Key Identifier:
keyid:A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/DHTVOspVelmD6hKbvHHdFSxrQgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.147.0.0/16
138.41.0.0/16
185.191.180.0/22
192.167.0.0/16
193.204.0.0-193.206.255.255
212.189.128.0/17
IPv6:
2001:760::/32
Signature Algorithm: sha256WithRSAEncryption
bd:86:d5:18:45:26:8b:73:a0:9f:1b:2d:49:50:37:f4:16:17:
f4:e8:a3:00:87:60:15:7e:78:92:b8:14:62:71:a4:ed:c2:38:
ca:3c:0a:24:91:0e:77:52:c2:21:27:95:31:00:d6:5c:ba:61:
cb:39:ee:2e:0e:fb:9f:d3:c2:68:14:02:dc:90:8e:a3:7a:a9:
e1:a1:ef:86:a4:7b:45:3d:26:de:b8:ff:ad:36:a5:f1:bd:ff:
28:da:e7:b1:69:aa:29:db:2d:2d:81:0c:e1:ca:2f:7b:8a:63:
32:c2:0d:ea:a7:a2:c6:f6:ca:27:55:f3:fc:95:19:ab:e1:f5:
32:93:3a:b3:fb:04:39:b7:ad:4e:50:8d:3f:a8:c0:28:eb:b5:
c8:ea:a8:7b:3d:b3:13:c6:25:3b:74:58:29:e6:b8:0c:c3:18:
a2:65:a8:e0:04:92:ea:76:18:ab:6c:f1:ec:17:19:b8:5f:de:
8e:54:6d:42:b7:98:d8:c5:62:4c:2e:17:89:53:68:38:0a:77:
0e:34:2c:97:6f:33:23:b9:cb:97:de:ac:e1:9b:f7:d4:01:5f:
a3:ff:70:1b:76:7b:ef:f3:bb:48:1a:0c:1a:4d:2e:3d:d1:51:
97:ba:ec:b0:bc:cc:36:36:f0:c4:c2:67:18:13:e0:6a:8b:4e:
de:25:d1:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ5fncn2QRVHNI7Hji4E7pBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNjg1NTk4MGIyNzNlNWFlNTdkYzFiOWViMjJlOWY1ZjNh
N2NkZjcwHhcNMjYwNTI1MTQ1MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc0ZDUzYWNhNTU3YTU5ODNlYTEyOWJiYzcxZGQxNTJjNmI0MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE9iiEQyMB0QYQeG4Z6iHrQ4fPFo
aVdW3d+Z+zpB5d2T/sokQizAXpQesyPhF2vbqeJwQQK/Eym78ZOYB7kThucFF7XM
kzQwENJw55RRr60XDUQbS53OOfIqwB+Es++xiNqIVpW8Lb/ABwhtJ8Sh/SAHX5Ez
ZfyiElePwsMM8Mlya12ezemV8ibx9ghu3Wg7XnuAynrFwGEzBqVRARClvaVWw5+q
onXN0ng45VCIUQfiHZLMzAvzF5GyrpRJ+BL76SMVoIkokGjcmxVspk45U79Xw+eG
OMynFjYprUAo6CDDjb5EbJY5fWsMiPHxWdaUXh6XgHnVMr6f1MV2iKz1iQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAx01TrKVXpZg+oSm7xx3RUsa0IAMB8GA1UdIwQY
MBaAFKJoVZgLJz5a5X3Buesi6fXzp833MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb21oVm1Bc25QbHJsZmNHNTZ5THA5Zk9uemZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84YWZkZGEtNmM2Yi00NTg3LThhMjEt
ODFlYjYxZjViNzFlLzEvREhUVk9zcFZlbG1ENmhLYnZISGRGU3hyUWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84YWZkZGEtNmM2Yi00NTg3LThhMjEtODFlYjYxZjViNzFl
LzEvb21oVm1Bc25QbHJsZmNHNTZ5THA5Zk9uemZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWpMDAwCK
KQMEArm/tAMDAMCnMAoDAwLBzAMDAMHOAwQH1L2AMA0EAgACMAcDBQAgAQdgMA0G
CSqGSIb3DQEBCwUAA4IBAQC9htUYRSaLc6CfGy1JUDf0Fhf06KMAh2AVfniSuBRi
caTtwjjKPAokkQ53UsIhJ5UxANZcumHLOe4uDvuf08JoFALckI6jeqnhoe+GpHtF
PSbeuP+tNqXxvf8o2uexaaop2y0tgQzhyi97imMywg3qp6LG9sonVfP8lRmr4fUy
kzqz+wQ5t61OUI0/qMAo67XI6qh7PbMTxiU7dFgp5rgMwxiiZajgBJLqdhirbPHs
Fxm4X96OVG1Ct5jYxWJMLheJU2g4CncONCyXbzMjucuX3qzhm/fUAV+j/3Abdnvv
87tIGgwaTS490VGXuuywvMw2NvDEwmcYE+Bqi07eJdHp
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:24:27 2026 by rpki-client