Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/0n_03Dj5AW36ZZDavaaJH9fKBco.roa
File: 0n_03Dj5AW36ZZDavaaJH9fKBco.roa (raw, json)
Hash identifier: ZZO0rbuY9EtWgQnWOuRAYlrzfJbNdlRI89FyzHlX6sU=
Subject key identifier: D2:7F:F4:DC:38:F9:01:6D:FA:65:90:DA:BD:A6:89:1F:D7:CA:05:CA
Certificate issuer: /CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Certificate serial: 019B7CEE48B814750D67FED47E47D4EC3F55
Authority key identifier: D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/0n_03Dj5AW36ZZDavaaJH9fKBco.roa
Signing time: Fri 02 Jan 2026 04:19:09 +0000
ROA not before: Fri 02 Jan 2026 04:19:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16197
IP address blocks: 80.68.152.0/24 maxlen: 24
185.85.88.0/24 maxlen: 24
185.85.89.0/24 maxlen: 24
185.85.90.0/24 maxlen: 24
185.85.91.0/24 maxlen: 24
2a12:cb80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ee:48:b8:14:75:0d:67:fe:d4:7e:47:d4:ec:3f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Validity
Not Before: Jan 2 04:19:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d27ff4dc38f9016dfa6590dabda6891fd7ca05ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:63:c5:d8:60:a3:6d:ba:b6:d0:77:62:83:21:
65:65:fe:2a:de:be:c1:f6:7a:c2:39:1b:f6:94:f1:
9f:43:48:f1:a3:c4:fc:34:ac:16:80:7b:d5:f0:2b:
39:d5:da:4c:e5:23:25:b6:64:1e:63:ba:be:38:52:
3f:cf:92:77:b0:48:1a:f5:97:70:c5:02:70:46:97:
f0:aa:a7:08:fe:49:6c:bb:a3:37:da:01:04:bf:04:
be:ba:b0:c3:2c:c0:27:7b:96:ae:0a:3d:77:55:c4:
f6:69:38:b4:5b:aa:3f:39:2e:e7:66:98:46:6a:54:
06:51:9a:2b:9e:bd:0f:18:c3:c9:00:15:4a:87:11:
2c:d1:58:b0:73:13:eb:86:98:29:81:fe:c7:a7:7a:
b1:9b:ea:81:0a:63:b6:be:b0:f8:1b:d5:93:8f:d9:
24:b8:40:20:4a:b8:66:7e:25:73:1e:09:25:47:c7:
bb:e2:69:08:38:f3:9d:c8:56:67:14:35:71:a7:c9:
e8:bf:d6:33:7c:f9:6d:78:ea:51:52:05:6d:fb:9d:
33:71:79:52:b6:12:c6:fa:83:25:74:d8:3d:6f:e7:
ed:e3:2f:f0:a1:e2:18:14:9e:67:ce:8d:80:5f:bd:
ef:20:73:8b:a9:ea:e0:0c:fd:e1:4c:d0:c6:fd:e9:
da:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7F:F4:DC:38:F9:01:6D:FA:65:90:DA:BD:A6:89:1F:D7:CA:05:CA
X509v3 Authority Key Identifier:
keyid:D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/0n_03Dj5AW36ZZDavaaJH9fKBco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.152.0/24
185.85.88.0/22
IPv6:
2a12:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
15:6b:7a:b6:73:58:46:ef:50:43:7a:d7:b1:29:3a:b6:53:3d:
c1:6f:b3:13:0d:64:a2:21:ce:dc:5d:04:0b:8e:4d:67:ec:1f:
62:6c:78:c0:c2:13:82:6a:77:23:2e:42:9f:d7:23:00:9f:6f:
08:a9:a6:2f:b6:4c:b3:11:a7:49:7c:08:66:62:59:c2:50:a0:
65:a2:5b:8c:41:ed:64:a3:2b:8f:80:b1:6d:07:48:7a:e4:9e:
91:ad:89:8f:dc:84:3d:61:ff:7e:ce:d2:42:ee:b0:b5:fc:1c:
53:b3:9c:0e:57:92:ae:03:de:f1:8b:99:17:58:14:3c:27:44:
6c:4b:38:96:ac:a8:c3:cc:f6:52:4c:5e:c3:b6:ef:6d:89:b1:
4a:81:0e:5b:a7:d8:37:f2:4b:94:7e:d7:61:12:a9:84:95:e4:
4f:e1:0a:43:90:bf:38:0f:8e:2a:b2:50:c1:95:00:dc:f0:d9:
36:da:c5:6d:be:2d:d7:19:19:64:b9:2f:4f:f9:5d:5d:bf:5d:
43:93:93:17:ab:63:1a:ad:7d:1f:32:7e:58:c2:2f:ed:a1:e3:
04:ee:ee:cf:c3:ea:bd:66:ca:a3:c4:a8:25:19:19:16:5e:d7:
ff:c4:82:e3:3c:c7:2b:09:18:2a:2e:9f:af:02:35:51:ea:30:
97:5f:03:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt87ki4FHUNZ/7UfkfU7D9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDY0OTE4OGFhYTQzOWQ4NTExZjcwZWJlODJiYTVlNzY2
Yzg1ZDIwHhcNMjYwMTAyMDQxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdmZjRkYzM4ZjkwMTZkZmE2NTkwZGFiZGE2ODkxZmQ3Y2EwNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWPF2GCjbbq20HdigyFlZf4q3r7B
9nrCORv2lPGfQ0jxo8T8NKwWgHvV8Cs51dpM5SMltmQeY7q+OFI/z5J3sEga9Zdw
xQJwRpfwqqcI/klsu6M32gEEvwS+urDDLMAne5auCj13VcT2aTi0W6o/OS7nZphG
alQGUZornr0PGMPJABVKhxEs0ViwcxPrhpgpgf7Hp3qxm+qBCmO2vrD4G9WTj9kk
uEAgSrhmfiVzHgklR8e74mkIOPOdyFZnFDVxp8nov9YzfPlteOpRUgVt+50zcXlS
thLG+oMldNg9b+ft4y/woeIYFJ5nzo2AX73vIHOLqergDP3hTNDG/enaiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNJ/9Nw4+QFt+mWQ2r2miR/XygXKMB8GA1UdIwQY
MBaAFNnWSRiKqkOdhRH3Dr6Cul52bIXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMt
MWNjNmEzMWIxNGJmLzEvMG5fMDNEajVBVzM2WlpEYXZhYUpIOWZLQmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMtMWNjNmEzMWIxNGJm
LzEvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUESYAwQC
uVVYMA0EAgACMAcDBQMqEsuAMA0GCSqGSIb3DQEBCwUAA4IBAQAVa3q2c1hG71BD
etexKTq2Uz3Bb7MTDWSiIc7cXQQLjk1n7B9ibHjAwhOCancjLkKf1yMAn28IqaYv
tkyzEadJfAhmYlnCUKBloluMQe1koyuPgLFtB0h65J6RrYmP3IQ9Yf9+ztJC7rC1
/BxTs5wOV5KuA97xi5kXWBQ8J0RsSziWrKjDzPZSTF7Dtu9tibFKgQ5bp9g38kuU
ftdhEqmEleRP4QpDkL84D44qslDBlQDc8Nk22sVtvi3XGRlkuS9P+V1dv11Dk5MX
q2MarX0fMn5Ywi/toeME7u7Pw+q9ZsqjxKglGRkWXtf/xILjPMcrCRgqLp+vAjVR
6jCXXwMP
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:18:57 2026 by rpki-client