Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/DKzQQ-3c9fOllLADXKp3F81W6-A.roa
File: DKzQQ-3c9fOllLADXKp3F81W6-A.roa (raw, json)
Hash identifier: jw/mwS4Ak7mqrGqRDzGrcRqXeDj4kvRniZLDaz5MSF8=
Subject key identifier: 0C:AC:D0:43:ED:DC:F5:F3:A5:94:B0:03:5C:AA:77:17:CD:56:EB:E0
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 019E28DA510AF098C1F301874DBD1381B070
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/DKzQQ-3c9fOllLADXKp3F81W6-A.roa
Signing time: Thu 14 May 2026 23:37:36 +0000
ROA not before: Thu 14 May 2026 23:37:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50437
IP address blocks: 31.131.164.0/22 maxlen: 22
46.151.224.0/22 maxlen: 22
46.151.228.0/22 maxlen: 22
85.255.116.0/22 maxlen: 22
91.228.145.0/24 maxlen: 24
176.116.128.0/24 maxlen: 24
176.116.129.0/24 maxlen: 24
176.116.130.0/24 maxlen: 24
176.116.131.0/24 maxlen: 24
176.116.132.0/22 maxlen: 22
193.242.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:da:51:0a:f0:98:c1:f3:01:87:4d:bd:13:81:b0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 14 23:37:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0cacd043eddcf5f3a594b0035caa7717cd56ebe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b0:41:5d:3e:73:13:2f:b1:59:6b:e3:f9:44:
e8:a5:14:2e:98:4d:d1:13:f5:d4:7a:68:4c:97:a6:
e0:19:5c:c4:01:09:be:10:e9:59:c0:f5:bd:22:7a:
64:89:2b:ce:9c:42:18:dc:f2:34:f6:ef:1a:d0:2a:
ba:dc:ad:c7:32:47:36:53:f2:1c:e7:31:9c:c2:0d:
7e:bf:52:f5:9c:bf:4b:d7:b6:4f:10:27:83:0a:49:
5a:66:13:3a:fc:e8:3b:73:19:19:38:86:42:1c:cb:
a3:26:a5:13:07:f3:12:71:ff:5d:fa:80:ff:a5:b6:
39:0b:30:b7:94:47:90:b0:26:fd:07:f1:ac:73:b5:
90:51:d0:71:51:ff:58:89:06:bd:b4:f7:61:02:3a:
03:63:68:67:61:e0:46:4c:d2:49:5d:65:44:eb:8a:
ee:96:74:29:c9:35:09:8d:c5:7f:e1:23:a9:b9:07:
55:95:cd:50:c6:01:ba:5d:e5:17:6e:6f:0e:63:2a:
f7:77:8c:2a:5c:b0:bc:46:a2:42:b7:3e:cd:b9:2b:
65:5b:8c:b0:13:81:bb:8f:f7:f3:74:a1:df:59:e9:
4b:47:f3:58:df:15:08:e3:93:1b:28:20:18:43:7f:
b0:60:31:85:ed:35:9e:c2:c4:cf:4e:53:c4:5b:55:
87:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AC:D0:43:ED:DC:F5:F3:A5:94:B0:03:5C:AA:77:17:CD:56:EB:E0
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/DKzQQ-3c9fOllLADXKp3F81W6-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.164.0/22
46.151.224.0/21
85.255.116.0/22
91.228.145.0/24
176.116.128.0/21
193.242.196.0/22
Signature Algorithm: sha256WithRSAEncryption
20:b8:64:b9:47:c1:8d:2c:8d:de:51:d9:0e:65:d2:85:c8:83:
7a:e4:0a:0e:54:ac:59:27:f6:83:ec:fd:5e:da:30:ef:c2:a0:
bc:94:76:a9:fd:58:42:cf:bd:c5:89:7c:55:cc:66:1a:2b:27:
20:f4:b8:33:90:2f:32:cf:67:7f:0d:9f:66:e6:fc:f1:6e:4c:
45:35:d8:e3:16:e3:ed:aa:87:70:0c:8d:83:5a:b0:e4:fd:a7:
1a:3e:52:8a:47:ef:67:7e:cf:69:85:18:f3:1a:54:22:d1:3b:
62:85:92:4d:1c:3f:20:85:ec:34:8b:ec:5d:e0:8d:9f:f0:4b:
16:d7:72:83:6f:73:5d:2f:b8:dd:2f:9a:4b:06:59:93:69:7b:
78:ec:d5:34:0b:08:f5:cd:d0:41:96:e7:69:71:9c:a6:b6:2f:
94:67:9c:74:ae:99:a5:ae:5f:7a:3e:b1:94:d9:1a:34:40:b1:
b2:df:a6:04:c3:24:a5:b6:d8:96:b2:b4:94:a2:3f:d2:4d:ef:
72:da:18:52:d9:c8:a7:7f:62:f2:ec:17:3d:ca:53:60:69:70:
c0:a4:02:57:29:03:30:e5:3a:54:0d:b0:90:86:a7:83:58:59:
b7:3d:8f:a6:9a:90:cf:2f:8a:2b:b3:ba:5d:61:57:4c:eb:4e:
c9:87:b3:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4o2lEK8JjB8wGHTb0TgbBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjYwNTE0MjMzNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2FjZDA0M2VkZGNmNWYzYTU5NGIwMDM1Y2FhNzcxN2NkNTZlYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbBBXT5zEy+xWWvj+UTopRQumE3R
E/XUemhMl6bgGVzEAQm+EOlZwPW9InpkiSvOnEIY3PI09u8a0Cq63K3HMkc2U/Ic
5zGcwg1+v1L1nL9L17ZPECeDCklaZhM6/Og7cxkZOIZCHMujJqUTB/MScf9d+oD/
pbY5CzC3lEeQsCb9B/Gsc7WQUdBxUf9YiQa9tPdhAjoDY2hnYeBGTNJJXWVE64ru
lnQpyTUJjcV/4SOpuQdVlc1QxgG6XeUXbm8OYyr3d4wqXLC8RqJCtz7NuStlW4yw
E4G7j/fzdKHfWelLR/NY3xUI45MbKCAYQ3+wYDGF7TWewsTPTlPEW1WHAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAys0EPt3PXzpZSwA1yqdxfNVuvgMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvREt6UVEtM2M5Zk9sbExBRFhLcDNGODFXNi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH4OkAwQD
LpfgAwQCVf90AwQAW+SRAwQDsHSAAwQCwfLEMA0GCSqGSIb3DQEBCwUAA4IBAQAg
uGS5R8GNLI3eUdkOZdKFyIN65AoOVKxZJ/aD7P1e2jDvwqC8lHap/VhCz73FiXxV
zGYaKycg9LgzkC8yz2d/DZ9m5vzxbkxFNdjjFuPtqodwDI2DWrDk/acaPlKKR+9n
fs9phRjzGlQi0TtihZJNHD8ghew0i+xd4I2f8EsW13KDb3NdL7jdL5pLBlmTaXt4
7NU0Cwj1zdBBludpcZymti+UZ5x0rpmlrl96PrGU2Ro0QLGy36YEwySlttiWsrSU
oj/STe9y2hhS2cinf2Ly7Bc9ylNgaXDApAJXKQMw5TpUDbCQhqeDWFm3PY+mmpDP
L4ors7pdYVdM607Jh7NN
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:37:09 2026 by rpki-client