Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/db04jbt1juH060SZDikF4LDdMEc.roa
File: db04jbt1juH060SZDikF4LDdMEc.roa (raw, json)
Hash identifier: H7iPw/DnllTw3JgA1zNPc/37rQ0rjLT8dLVLiet6l3c=
Subject key identifier: 75:BD:38:8D:BB:75:8E:E1:F4:EB:44:99:0E:29:05:E0:B0:DD:30:47
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019CAEDA9766032AC920F01A8839A09AAD7E
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/db04jbt1juH060SZDikF4LDdMEc.roa
Signing time: Mon 02 Mar 2026 14:01:27 +0000
ROA not before: Mon 02 Mar 2026 14:01:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199152
IP address blocks: 185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
212.22.75.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:97:66:03:2a:c9:20:f0:1a:88:39:a0:9a:ad:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 2 14:01:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=75bd388dbb758ee1f4eb44990e2905e0b0dd3047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ed:b7:46:f7:05:b6:aa:a3:06:cc:70:6c:9a:
cb:57:d8:b6:86:3d:5a:29:6c:8d:55:1a:01:f9:aa:
45:84:9b:0a:62:02:87:36:76:f3:d7:d8:8b:48:61:
0a:89:90:2e:73:fa:a7:88:0d:ff:30:22:e9:ac:3c:
53:53:50:b8:ad:15:9d:4c:65:9e:c2:e3:7e:ba:af:
15:0b:25:26:15:24:cb:04:1c:e6:c3:70:0f:fd:f2:
b4:3d:be:7a:f5:0b:5f:97:be:96:70:f2:d4:81:ab:
ed:50:90:4b:1b:e2:1a:9c:f5:5f:39:c9:ec:f5:8a:
87:44:64:eb:64:2d:48:bd:7c:b7:22:17:4e:a7:c9:
bd:94:2e:b3:90:2f:cc:6a:06:a0:10:a8:2b:e3:b7:
01:4c:47:fe:b0:00:50:fc:5e:b6:ba:f8:ae:85:5b:
7b:b5:ed:70:6c:3f:64:04:c7:a0:fe:7e:3b:83:cd:
98:30:69:d3:6a:7d:ab:10:a4:d3:ab:db:86:0a:ac:
d8:6a:76:ad:26:2a:82:e6:e7:17:f8:86:5d:8c:79:
6c:e7:ab:c0:1e:a3:93:e1:9c:06:43:17:f4:1f:c7:
ef:04:9b:97:36:ee:9e:8b:88:e7:23:b3:1c:e0:e5:
bf:f4:9a:c1:61:8d:33:46:6c:5a:7a:29:63:8f:06:
ab:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BD:38:8D:BB:75:8E:E1:F4:EB:44:99:0E:29:05:E0:B0:DD:30:47
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/db04jbt1juH060SZDikF4LDdMEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.57.0-185.120.58.255
212.22.75.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
8a:51:ae:bd:09:95:49:f9:16:4e:e7:f2:dc:b1:f8:62:94:bb:
85:63:84:0b:7a:2e:da:71:56:38:33:3b:4e:b9:24:c5:ac:f1:
fe:9d:15:97:ca:95:76:c0:04:86:ed:ac:79:30:de:56:cc:97:
ed:d9:b1:80:8a:90:cb:a9:c8:a6:cb:37:a5:ef:5b:c3:dc:ae:
45:b0:89:6e:e4:03:d4:8f:78:3e:09:d5:b3:17:44:69:c4:cc:
f5:96:86:e3:cc:8c:eb:ec:7f:1b:2e:1a:79:aa:bb:5e:24:45:
44:21:cc:bf:33:84:a1:56:9a:6b:b0:4d:ac:59:63:0f:64:c3:
05:36:79:a1:42:09:28:e8:51:1e:e3:b2:49:52:f2:0c:15:39:
9d:c2:30:50:40:84:51:15:89:a4:96:b7:f6:2f:18:6a:32:27:
e1:ba:e7:4a:ae:fa:89:00:5b:80:5e:6f:45:c9:c2:00:dd:88:
ab:76:be:34:7a:2a:7e:c5:aa:b2:00:68:65:8f:e0:87:1d:b0:
d4:fe:13:36:3b:ba:70:07:74:74:77:3f:c1:6f:72:46:2d:a5:
f6:b5:24:58:04:b5:e3:82:c4:80:b5:23:eb:67:15:f8:27:fc:
b7:de:da:f7:8c:c5:d8:37:b1:1b:ab:27:84:6c:50:9f:07:76:
c7:0e:0a:8f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZyu2pdmAyrJIPAaiDmgmq1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjYwMzAyMTQwMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJkMzg4ZGJiNzU4ZWUxZjRlYjQ0OTkwZTI5MDVlMGIwZGQzMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu23RvcFtqqjBsxwbJrLV9i2hj1a
KWyNVRoB+apFhJsKYgKHNnbz19iLSGEKiZAuc/qniA3/MCLprDxTU1C4rRWdTGWe
wuN+uq8VCyUmFSTLBBzmw3AP/fK0Pb569Qtfl76WcPLUgavtUJBLG+IanPVfOcns
9YqHRGTrZC1IvXy3IhdOp8m9lC6zkC/MagagEKgr47cBTEf+sABQ/F62uviuhVt7
te1wbD9kBMeg/n47g82YMGnTan2rEKTTq9uGCqzYanatJiqC5ucX+IZdjHls56vA
HqOT4ZwGQxf0H8fvBJuXNu6ei4jnI7Mc4OW/9JrBYY0zRmxaeiljjwarGQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHW9OI27dY7h9OtEmQ4pBeCw3TBHMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvZGIwNGpidDFqdUgwNjBTWkRpa0Y0TERkTUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAC5eDkD
BAC5eDoDBADUFksDBADUFk0wDwQCAAIwCQMHACoGw8AAATANBgkqhkiG9w0BAQsF
AAOCAQEAilGuvQmVSfkWTufy3LH4YpS7hWOEC3ou2nFWODM7Trkkxazx/p0Vl8qV
dsAEhu2seTDeVsyX7dmxgIqQy6nIpss3pe9bw9yuRbCJbuQD1I94PgnVsxdEacTM
9ZaG48yM6+x/Gy4aeaq7XiRFRCHMvzOEoVaaa7BNrFljD2TDBTZ5oUIJKOhRHuOy
SVLyDBU5ncIwUECEURWJpJa39i8YajIn4brnSq76iQBbgF5vRcnCAN2Iq3a+NHoq
fsWqsgBoZY/ghx2w1P4TNju6cAd0dHc/wW9yRi2l9rUkWAS144LEgLUj62cV+Cf8
t97a94zF2DexG6snhGxQnwd2xw4Kjw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:37:10 2026 by rpki-client