Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/DszWoqmG0YIHoueHjWKPKymZuic.roa
File: DszWoqmG0YIHoueHjWKPKymZuic.roa (raw, json)
Hash identifier: a/AiCmPeqXPt0J3j9Logjd5trMJCl8VjFbnLjo6iufM=
Subject key identifier: 0E:CC:D6:A2:A9:86:D1:82:07:A2:E7:87:8D:62:8F:2B:29:99:BA:27
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 019EBC529E62FB85961788D3FCCE43135997
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/DszWoqmG0YIHoueHjWKPKymZuic.roa
Signing time: Fri 12 Jun 2026 14:53:11 +0000
ROA not before: Fri 12 Jun 2026 14:53:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219450
IP address blocks: 5.180.184.0/24 maxlen: 24
5.180.185.0/24 maxlen: 24
5.180.186.0/24 maxlen: 24
5.180.187.0/24 maxlen: 24
83.150.212.0/24 maxlen: 24
83.150.213.0/24 maxlen: 24
83.150.214.0/24 maxlen: 24
83.150.215.0/24 maxlen: 24
89.252.188.0/24 maxlen: 24
89.252.189.0/24 maxlen: 24
89.252.190.0/24 maxlen: 24
89.252.191.0/24 maxlen: 24
185.126.216.0/24 maxlen: 24
185.126.217.0/24 maxlen: 24
185.126.218.0/24 maxlen: 24
185.126.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:52:9e:62:fb:85:96:17:88:d3:fc:ce:43:13:59:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jun 12 14:53:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0eccd6a2a986d18207a2e7878d628f2b2999ba27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:58:bc:c9:d7:cd:51:a3:e2:ec:2e:e4:19:
84:0b:71:41:b9:42:5b:32:4d:e7:f6:e4:e1:41:5c:
71:03:62:71:11:f9:91:17:80:8c:d4:76:a6:13:b0:
a9:29:1b:66:76:b0:9a:89:9e:52:51:f8:41:dd:76:
4e:1d:0d:fc:9f:5c:cf:10:8e:28:ac:30:31:7e:a9:
0a:35:62:60:c3:6e:1a:cf:86:4c:21:e9:5d:39:1d:
2d:39:a8:0a:d4:7f:14:d6:93:71:3e:16:14:0a:35:
17:4f:54:93:71:87:e4:9d:1a:e5:84:35:3b:88:07:
e4:35:50:90:d4:bc:df:11:18:69:32:c6:b0:e6:ca:
5c:85:b6:28:76:36:ea:a8:87:bd:fb:71:27:e9:0e:
8a:aa:01:b2:b0:6e:32:dd:62:06:80:2f:c8:36:18:
28:13:61:5e:1a:83:7b:a4:50:e6:ab:e8:1f:ef:7d:
18:7e:3a:58:dc:0f:15:cd:7d:33:be:5d:7c:ad:6d:
a6:ec:e6:ab:3d:80:91:2d:97:00:84:5a:9f:7a:6d:
46:34:ed:0f:3f:9d:21:cd:ea:91:34:57:a0:97:a2:
c3:45:ee:fc:22:07:84:dc:00:a1:69:46:ed:c8:28:
60:5d:1c:7c:76:48:23:56:eb:05:1e:8f:86:c5:60:
f9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CC:D6:A2:A9:86:D1:82:07:A2:E7:87:8D:62:8F:2B:29:99:BA:27
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/DszWoqmG0YIHoueHjWKPKymZuic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.184.0/22
83.150.212.0/22
89.252.188.0/22
185.126.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:3d:91:68:54:2f:ac:bf:eb:b4:e4:fa:62:c1:42:b3:a9:db:
f9:ee:34:85:db:14:74:76:9f:82:53:ba:53:51:d9:6f:60:fc:
65:a4:44:07:13:dd:1c:be:ee:00:ef:72:53:d4:99:b7:97:98:
0a:37:e3:85:38:7f:18:01:6d:5d:ed:7d:3a:c6:d2:c3:19:2d:
62:fd:48:e5:87:6b:12:d6:bb:e7:96:ca:2c:40:0e:7d:21:51:
fb:7a:b3:d3:a9:ff:94:4e:ad:f0:ef:4c:ff:bc:8d:c5:85:0f:
9b:17:33:a7:6a:04:44:c7:8a:f1:0d:ea:43:d5:30:86:e6:3c:
39:27:66:2a:39:86:70:25:ab:ca:75:ed:94:ad:cf:fc:f7:e9:
fb:72:7e:9f:cb:22:3a:60:73:b3:3e:39:08:8e:99:68:d0:bc:
3d:d8:fd:f3:9d:2f:04:57:65:61:0b:41:0f:44:f5:a9:34:4b:
30:99:ea:bb:2f:0e:a8:ba:7f:73:67:b5:5f:8a:6e:4f:af:af:
ba:75:5e:d4:76:d5:cb:31:0f:8d:cc:10:91:40:21:23:8c:7f:
bc:3e:c5:10:f0:d0:28:cf:da:50:83:80:b1:5f:4b:1d:95:d3:
11:d6:3a:19:29:92:1f:2d:f8:6a:90:0b:78:a7:20:37:45:86:
39:51:2d:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ68Up5i+4WWF4jT/M5DE1mXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjYwNjEyMTQ1MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNjZDZhMmE5ODZkMTgyMDdhMmU3ODc4ZDYyOGYyYjI5OTliYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJNYvMnXzVGj4uwu5BmEC3FBuUJb
Mk3n9uThQVxxA2JxEfmRF4CM1HamE7CpKRtmdrCaiZ5SUfhB3XZOHQ38n1zPEI4o
rDAxfqkKNWJgw24az4ZMIeldOR0tOagK1H8U1pNxPhYUCjUXT1STcYfknRrlhDU7
iAfkNVCQ1LzfERhpMsaw5spchbYodjbqqIe9+3En6Q6KqgGysG4y3WIGgC/INhgo
E2FeGoN7pFDmq+gf730YfjpY3A8VzX0zvl18rW2m7OarPYCRLZcAhFqfem1GNO0P
P50hzeqRNFegl6LDRe78IgeE3AChaUbtyChgXRx8dkgjVusFHo+GxWD58QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA7M1qKphtGCB6Lnh41ijyspmbonMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvRHN6V29xbUcwWUlIb3VlSGpXS1BLeW1adWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbS4AwQC
U5bUAwQCWfy8AwQCuX7YMA0GCSqGSIb3DQEBCwUAA4IBAQBbPZFoVC+sv+u05Ppi
wUKzqdv57jSF2xR0dp+CU7pTUdlvYPxlpEQHE90cvu4A73JT1Jm3l5gKN+OFOH8Y
AW1d7X06xtLDGS1i/Ujlh2sS1rvnlsosQA59IVH7erPTqf+UTq3w70z/vI3FhQ+b
FzOnagREx4rxDepD1TCG5jw5J2YqOYZwJavKde2Urc/89+n7cn6fyyI6YHOzPjkI
jplo0Lw92P3znS8EV2VhC0EPRPWpNEswmeq7Lw6oun9zZ7Vfim5Pr6+6dV7UdtXL
MQ+NzBCRQCEjjH+8PsUQ8NAoz9pQg4CxX0sdldMR1joZKZIfLfhqkAt4pyA3RYY5
US2C
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:29:31 2026 by rpki-client