Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/D3nq83ikd9c0pXlVtbBwEPlHb0A.roa
File: D3nq83ikd9c0pXlVtbBwEPlHb0A.roa (raw, json)
Hash identifier: PQZpr7vE2U7ktPVrNV3Vo+4+rpfhAqmJVO4cr9eT0HI=
Subject key identifier: 0F:79:EA:F3:78:A4:77:D7:34:A5:79:55:B5:B0:70:10:F9:47:6F:40
Certificate issuer: /CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Certificate serial: 019C79DD0163BEDBCEAAC04E4B20461C2CB0
Authority key identifier: C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/D3nq83ikd9c0pXlVtbBwEPlHb0A.roa
Signing time: Fri 20 Feb 2026 07:04:12 +0000
ROA not before: Fri 20 Feb 2026 07:04:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62336
IP address blocks: 5.63.32.0/19 maxlen: 20
37.228.144.0/22 maxlen: 22
91.191.176.0/22 maxlen: 22
91.198.32.0/24 maxlen: 24
91.200.108.0/22 maxlen: 22
91.211.8.0/22 maxlen: 22
185.39.84.0/22 maxlen: 22
195.230.108.0/24 maxlen: 24
213.244.48.0/20 maxlen: 20
2a01:41e0::/32 maxlen: 32
2a01:41e1::/32 maxlen: 32
2a01:41e3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:79:dd:01:63:be:db:ce:aa:c0:4e:4b:20:46:1c:2c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Validity
Not Before: Feb 20 07:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f79eaf378a477d734a57955b5b07010f9476f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2e:cf:1b:90:d8:d0:b5:08:4e:7e:74:ed:49:
3d:2e:5d:a3:39:fb:dd:0c:26:8b:81:21:db:e2:34:
d2:5e:fd:92:33:3c:cb:59:43:b0:de:8d:f1:d4:4b:
10:28:db:70:b1:54:e4:bb:c7:be:19:35:6f:61:90:
8d:49:07:a2:4a:65:e3:3e:d6:7e:05:83:55:26:f7:
66:84:57:b6:37:1d:1b:fe:45:f7:c9:5d:9d:e2:a4:
eb:a6:a7:ee:43:25:fe:6e:aa:24:ed:d6:24:f6:db:
ce:d8:8c:23:65:01:82:a9:19:c8:be:a2:f7:30:ba:
d6:41:16:89:b5:25:e3:86:15:f1:45:56:48:be:3a:
7e:6a:a3:c1:92:13:16:95:23:80:66:cc:8c:66:34:
34:cb:15:ef:4f:c4:69:f2:e1:7b:b3:c8:93:6c:e0:
e9:8f:27:bb:bf:ba:4c:18:af:b9:3a:9e:76:6a:af:
64:82:54:16:37:83:56:07:1d:32:4a:2c:fa:c9:0b:
01:30:27:39:30:0b:dd:b6:71:fb:b5:b4:25:b3:1e:
a4:b2:e0:23:89:86:65:70:68:86:50:99:12:97:af:
bd:cc:10:66:10:c2:69:88:de:4d:cc:00:49:38:f1:
d1:c3:cc:29:7b:ff:08:cd:a8:21:e9:41:3c:dd:e1:
63:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:79:EA:F3:78:A4:77:D7:34:A5:79:55:B5:B0:70:10:F9:47:6F:40
X509v3 Authority Key Identifier:
keyid:C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/D3nq83ikd9c0pXlVtbBwEPlHb0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.32.0/19
37.228.144.0/22
91.191.176.0/22
91.198.32.0/24
91.200.108.0/22
91.211.8.0/22
185.39.84.0/22
195.230.108.0/24
213.244.48.0/20
IPv6:
2a01:41e0::/31
2a01:41e3::/32
Signature Algorithm: sha256WithRSAEncryption
3a:57:f2:10:b2:08:d5:c2:24:aa:2a:a3:13:82:13:41:d1:f3:
06:fd:30:dc:21:43:03:b9:2b:93:de:ab:f4:93:d6:d7:18:26:
6d:5a:ef:46:7f:81:c3:15:61:1c:6d:be:67:79:4a:b8:5d:4a:
1d:e2:77:47:e5:7f:27:04:79:5e:82:c4:92:82:01:5a:39:27:
2d:1a:24:7d:bc:dc:ab:06:c8:64:53:f7:db:64:bc:b5:e7:c4:
82:b7:ab:42:f2:2c:18:ac:ff:33:b5:43:84:a5:b2:09:a8:28:
43:5c:6a:f9:5d:4c:a7:a9:ec:e2:c9:9e:38:56:2e:5c:6e:0c:
76:ab:6f:ed:50:25:96:cc:c1:60:e8:48:fa:04:9c:74:e4:3b:
ac:13:7c:fa:52:61:f4:16:28:de:b3:58:b7:8f:75:5e:8e:23:
88:7f:02:59:41:ef:3e:13:3b:e9:a3:20:5c:40:ef:b6:bb:0f:
9c:76:be:40:83:95:2b:6a:2a:1c:35:4d:fb:9b:db:4b:5c:1d:
f6:3c:3b:d8:69:f4:d1:8c:70:b4:97:2e:1a:e6:8f:15:70:52:
53:fe:d0:50:af:f6:4d:b6:5a:fa:08:d8:1b:e3:ca:a5:68:65:
b5:e3:7b:47:2f:2b:ec:89:47:b0:d3:f5:eb:d0:a2:5d:c6:03:
88:30:4b:d4
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZx53QFjvtvOqsBOSyBGHCywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzFmZGJhZjlhYzBlNWFkZWVjNjBhMDkyM2M0ZGQ0YTAx
ZTkyZGMwHhcNMjYwMjIwMDcwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc5ZWFmMzc4YTQ3N2Q3MzRhNTc5NTViNWIwNzAxMGY5NDc2ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i7PG5DY0LUITn507Uk9Ll2jOfvd
DCaLgSHb4jTSXv2SMzzLWUOw3o3x1EsQKNtwsVTku8e+GTVvYZCNSQeiSmXjPtZ+
BYNVJvdmhFe2Nx0b/kX3yV2d4qTrpqfuQyX+bqok7dYk9tvO2IwjZQGCqRnIvqL3
MLrWQRaJtSXjhhXxRVZIvjp+aqPBkhMWlSOAZsyMZjQ0yxXvT8Rp8uF7s8iTbODp
jye7v7pMGK+5Op52aq9kglQWN4NWBx0ySiz6yQsBMCc5MAvdtnH7tbQlsx6ksuAj
iYZlcGiGUJkSl6+9zBBmEMJpiN5NzABJOPHRw8wpe/8Izagh6UE83eFjRQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFA956vN4pHfXNKV5VbWwcBD5R29AMB8GA1UdIwQY
MBaAFMfB/br5rA5a3uxgoJI8TdSgHpLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjkt
ZjAwMjk4MTYwOTdlLzEvRDNucTgzaWtkOWMwcFhsVnRiQndFUGxIYjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjktZjAwMjk4MTYwOTdl
LzEveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQFBT8gAwQC
JeSQAwQCW7+wAwQAW8YgAwQCW8hsAwQCW9MIAwQCuSdUAwQAw+ZsAwQE1fQwMBQE
AgACMA4DBQEqAUHgAwUAKgFB4zANBgkqhkiG9w0BAQsFAAOCAQEAOlfyELII1cIk
qiqjE4ITQdHzBv0w3CFDA7krk96r9JPW1xgmbVrvRn+BwxVhHG2+Z3lKuF1KHeJ3
R+V/JwR5XoLEkoIBWjknLRokfbzcqwbIZFP322S8tefEgrerQvIsGKz/M7VDhKWy
CagoQ1xq+V1Mp6ns4smeOFYuXG4Mdqtv7VAllszBYOhI+gScdOQ7rBN8+lJh9BYo
3rNYt491Xo4jiH8CWUHvPhM76aMgXEDvtrsPnHa+QIOVK2oqHDVN+5vbS1wd9jw7
2Gn00YxwtJcuGuaPFXBSU/7QUK/2TbZa+gjYG+PKpWhlteN7Ry8r7IlHsNP169Ci
XcYDiDBL1A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:41:44 2026 by rpki-client