Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/DRiTAPDF2xW4Cnr5WD7jOyCgpVU.roa
File: DRiTAPDF2xW4Cnr5WD7jOyCgpVU.roa (raw, json)
Hash identifier: 85mXUp42nU1HdKjC1kde1s7WFJRgutSos2YP8UM06Vw=
Subject key identifier: 0D:18:93:00:F0:C5:DB:15:B8:0A:7A:F9:58:3E:E3:3B:20:A0:A5:55
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 019D8894B5FCD2C31626BB614ACD973568A9
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/DRiTAPDF2xW4Cnr5WD7jOyCgpVU.roa
Signing time: Mon 13 Apr 2026 20:42:20 +0000
ROA not before: Mon 13 Apr 2026 20:42:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199967
IP address blocks: 5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
45.66.133.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
152.89.208.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:88:94:b5:fc:d2:c3:16:26:bb:61:4a:cd:97:35:68:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Apr 13 20:42:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d189300f0c5db15b80a7af9583ee33b20a0a555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:13:d7:2c:35:0d:75:a1:0e:ce:9f:4c:c4:
91:c2:92:9d:2a:c5:54:34:ec:95:5d:e8:32:41:e3:
22:aa:7f:2e:b0:30:80:98:b7:94:b3:57:87:66:57:
bd:6f:f9:b3:57:87:2b:5d:b6:92:69:17:0d:cb:6e:
c4:65:bc:9e:36:d0:f7:74:a8:99:68:db:78:2e:63:
27:8c:20:f5:21:21:d5:b0:1c:93:99:e7:d7:d3:d5:
4c:c2:fa:c4:c1:9c:05:bc:4e:43:cc:1c:82:ec:e0:
6f:db:ec:24:f0:6f:01:56:a2:b1:a7:dd:20:3b:58:
97:25:d2:53:30:b3:da:67:8a:18:1c:19:c8:d3:9e:
2d:c0:6d:3f:46:90:e4:31:c4:2c:96:73:31:c6:89:
b8:ce:ba:d9:09:d1:c2:74:59:7c:4e:21:5d:00:89:
82:29:f8:b5:7a:f5:b0:c1:33:35:c0:6c:e1:aa:00:
f0:0a:ab:ba:37:70:d3:9a:52:58:0c:47:41:80:d5:
e3:f1:06:1e:7f:3e:00:03:f5:79:22:a5:69:28:04:
7b:f9:d6:13:e3:09:a1:0c:55:d4:4a:a4:af:71:f8:
b3:87:84:3d:93:99:0b:c5:f2:9d:a4:ba:38:1a:6e:
f7:65:c5:45:23:77:9a:d2:0e:13:34:af:5a:c7:a2:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:18:93:00:F0:C5:DB:15:B8:0A:7A:F9:58:3E:E3:3B:20:A0:A5:55
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/DRiTAPDF2xW4Cnr5WD7jOyCgpVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/24
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.208.0/23
185.105.189.0-185.105.190.255
185.120.18.0/24
185.126.69.0-185.126.71.255
185.126.118.0/24
185.126.138.0/24
185.159.68.0-185.159.70.255
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.238.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
6d:a4:c0:52:4a:c5:4c:69:6a:f3:0c:b8:3f:20:01:7d:7d:d5:
ff:6c:02:5f:08:bf:9a:82:41:2a:c3:cb:09:7a:f8:25:38:43:
ea:8e:d8:d9:d6:fa:73:fa:3c:13:5b:bc:5e:87:1a:2c:f9:d4:
97:f3:13:95:63:75:50:7a:ca:eb:33:3d:58:2f:d7:81:fd:00:
7d:92:06:3f:c1:20:8b:e8:d1:1b:4d:e7:c3:61:8c:47:97:15:
6e:7e:35:8a:f5:de:04:29:c7:d6:e3:43:8f:74:42:a6:ee:a3:
9c:9e:e2:14:f9:0f:cc:ab:f1:67:15:5c:50:c8:ff:ea:4f:9b:
44:9e:e2:de:6e:29:61:14:f0:41:1b:72:b5:24:83:2a:e0:eb:
12:c6:2b:3c:3a:71:f6:4f:92:b5:70:f8:7e:0c:b3:13:3d:8b:
08:c0:94:44:ec:0f:3b:1a:b9:a8:26:c5:4d:bd:8a:59:2f:bf:
14:16:e7:81:f0:06:75:c2:54:06:3a:cd:de:a7:83:18:80:33:
e6:36:5d:f7:b3:18:ab:0d:23:6a:2d:69:1f:24:a1:c9:dc:7e:
68:9b:a9:e7:10:15:57:87:90:dd:59:d3:d8:00:f6:5b:ca:ba:
56:a6:59:6b:d0:db:24:1e:c3:e2:05:01:ee:b8:96:67:20:42:
e0:e8:c6:04
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAZ2IlLX80sMWJrthSs2XNWipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjYwNDEzMjA0MjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE4OTMwMGYwYzVkYjE1YjgwYTdhZjk1ODNlZTMzYjIwYTBhNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuAT1yw1DXWhDs6fTMSRwpKdKsVU
NOyVXegyQeMiqn8usDCAmLeUs1eHZle9b/mzV4crXbaSaRcNy27EZbyeNtD3dKiZ
aNt4LmMnjCD1ISHVsByTmefX09VMwvrEwZwFvE5DzByC7OBv2+wk8G8BVqKxp90g
O1iXJdJTMLPaZ4oYHBnI054twG0/RpDkMcQslnMxxom4zrrZCdHCdFl8TiFdAImC
Kfi1evWwwTM1wGzhqgDwCqu6N3DTmlJYDEdBgNXj8QYefz4AA/V5IqVpKAR7+dYT
4wmhDFXUSqSvcfizh4Q9k5kLxfKdpLo4Gm73ZcVFI3ea0g4TNK9ax6K62wIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFA0YkwDwxdsVuAp6+Vg+4zsgoKVVMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvRFJpVEFQREYyeFc0Q25yNVdEN2pPeUNncFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBxQQCAAEwgb4DBAEF
tQYDBAAFt7IDBAAtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBABRWr8DBAFb
2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEALl4EjAMAwQAuX5FAwQDuX5A
AwQAuX52AwQAuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBswDAMEALmoFQMEA7moEAME
ALmreQMEAbmvjDAMAwQAubvtAwQAubvuAwQBvHdkAwQAwpzkAwQA2cWjMA8EAgAC
MAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAG2kwFJKxUxpavMMuD8gAX19
1f9sAl8Iv5qCQSrDywl6+CU4Q+qO2NnW+nP6PBNbvF6HGiz51JfzE5VjdVB6yusz
PVgv14H9AH2SBj/BIIvo0RtN58NhjEeXFW5+NYr13gQpx9bjQ490Qqbuo5ye4hT5
D8yr8WcVXFDI/+pPm0Se4t5uKWEU8EEbcrUkgyrg6xLGKzw6cfZPkrVw+H4MsxM9
iwjAlETsDzsauagmxU29ilkvvxQW54HwBnXCVAY6zd6ngxiAM+Y2XfezGKsNI2ot
aR8kocncfmibqecQFVeHkN1Z09gA9lvKulamWWvQ2yQew+IFAe64lmcgQuDoxgQ=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:00 2026 by rpki-client