Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DNcUxbZHbtcTZGDlmJSRAX4EBWc.roa
File: DNcUxbZHbtcTZGDlmJSRAX4EBWc.roa (raw, json)
Hash identifier: DmfYhdqZy91qxbfKlRUePcu7BE7fbhFYP2wXzIDXSyY=
Subject key identifier: 0C:D7:14:C5:B6:47:6E:D7:13:64:60:E5:98:94:91:01:7E:04:05:67
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019C4D2716E124095C91C562CE496CF61984
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DNcUxbZHbtcTZGDlmJSRAX4EBWc.roa
Signing time: Wed 11 Feb 2026 14:42:13 +0000
ROA not before: Wed 11 Feb 2026 14:42:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35645
IP address blocks: 62.76.212.0/22 maxlen: 24
193.232.8.0/24 maxlen: 24
194.85.202.0/23 maxlen: 24
194.85.204.0/23 maxlen: 24
194.85.232.0/22 maxlen: 24
194.190.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:27:16:e1:24:09:5c:91:c5:62:ce:49:6c:f6:19:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Feb 11 14:42:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0cd714c5b6476ed7136460e5989491017e040567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:21:5a:39:c9:3d:3a:94:4e:02:a5:10:eb:e3:
1f:17:52:da:14:ec:e9:fe:f7:66:64:af:4c:38:ab:
25:2c:18:a2:f7:7c:76:4a:5b:77:cb:1d:76:3c:31:
cf:b6:24:80:98:c6:c0:bc:c0:01:c3:b4:60:27:42:
36:f2:8f:2d:f9:30:33:1e:af:17:45:38:9e:d6:3c:
d8:5e:ed:13:46:14:fc:13:4f:1a:49:90:b8:f4:3e:
e5:f2:37:41:a8:4b:5b:44:f0:6a:06:01:cd:83:d4:
19:c1:ba:6a:e2:65:33:c6:bc:ee:93:5a:84:1d:ed:
bc:71:83:2d:2b:aa:3a:73:ba:c7:d6:ae:9a:57:98:
c7:f6:4d:0b:b6:88:73:27:86:c8:fe:3f:8f:ea:fb:
fd:9d:18:67:94:91:0a:44:b3:1a:de:94:5a:75:0d:
96:51:e5:f9:01:cb:12:41:27:9e:a4:e9:3d:31:15:
0b:91:10:9c:5a:8a:71:b0:75:1a:4d:c3:de:06:2c:
ae:4f:14:67:d6:0b:05:32:cb:79:69:5c:7e:22:63:
5b:18:da:f5:9f:6c:03:99:18:e7:5c:c4:a5:2c:dd:
a3:a8:72:6d:fb:6b:e9:09:7b:a5:a2:28:b9:b2:e0:
55:50:9b:a8:c0:48:fa:f7:e6:84:12:05:87:56:46:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D7:14:C5:B6:47:6E:D7:13:64:60:E5:98:94:91:01:7E:04:05:67
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DNcUxbZHbtcTZGDlmJSRAX4EBWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.212.0/22
193.232.8.0/24
194.85.202.0-194.85.205.255
194.85.232.0/22
194.190.90.0/23
Signature Algorithm: sha256WithRSAEncryption
78:eb:94:3f:07:1d:69:25:1d:61:8c:fe:18:75:65:25:12:46:
cf:f5:53:b6:6b:1d:4e:51:e0:bf:e1:ce:11:16:ab:17:4e:d0:
1d:a5:e2:22:7d:c1:6b:01:35:15:47:f2:a7:10:bd:8d:03:91:
eb:39:a3:d3:37:bc:1e:0c:4e:e8:04:c0:c7:b2:37:15:be:db:
c4:40:41:55:cd:67:68:d7:43:06:09:64:ca:dd:b3:27:d2:87:
89:8b:74:f8:df:cc:39:3f:af:10:36:8b:c7:d5:58:13:3c:64:
7b:ec:8a:5a:67:9a:70:5d:45:c0:98:99:bb:6c:16:f5:83:b0:
2a:f9:2c:8e:44:b2:06:69:e7:b4:0d:bb:00:98:3a:fc:ea:12:
2b:b8:0f:a3:8c:38:24:eb:83:8f:78:ef:b7:bb:cd:aa:59:bc:
01:92:9f:8d:e3:83:38:3e:23:25:f0:63:80:d6:03:6b:77:b2:
5d:67:d2:9f:4c:a8:07:c0:65:ec:ad:06:30:e4:b6:88:d9:47:
4e:9a:93:02:56:d1:51:7a:58:8b:58:9a:db:17:cf:9b:b5:35:
85:03:1a:4e:a3:00:8c:a2:77:c0:b5:85:45:85:47:ee:ba:fe:
2c:73:70:af:a6:85:39:d8:e0:83:5b:a3:77:7e:1d:fc:0b:d2:
da:8c:dc:16
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZxNJxbhJAlckcVizkls9hmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjYwMjExMTQ0MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Q3MTRjNWI2NDc2ZWQ3MTM2NDYwZTU5ODk0OTEwMTdlMDQwNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iFaOck9OpROAqUQ6+MfF1LaFOzp
/vdmZK9MOKslLBii93x2Slt3yx12PDHPtiSAmMbAvMABw7RgJ0I28o8t+TAzHq8X
RTie1jzYXu0TRhT8E08aSZC49D7l8jdBqEtbRPBqBgHNg9QZwbpq4mUzxrzuk1qE
He28cYMtK6o6c7rH1q6aV5jH9k0LtohzJ4bI/j+P6vv9nRhnlJEKRLMa3pRadQ2W
UeX5AcsSQSeepOk9MRULkRCcWopxsHUaTcPeBiyuTxRn1gsFMst5aVx+ImNbGNr1
n2wDmRjnXMSlLN2jqHJt+2vpCXuloii5suBVUJuowEj69+aEEgWHVkaMVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAzXFMW2R27XE2Rg5ZiUkQF+BAVnMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvRE5jVXhiWkhidGNUWkdEbG1KU1JBWDRFQldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCPkzUAwQA
wegIMAwDBAHCVcoDBAHCVcwDBALCVegDBAHCvlowDQYJKoZIhvcNAQELBQADggEB
AHjrlD8HHWklHWGM/hh1ZSUSRs/1U7ZrHU5R4L/hzhEWqxdO0B2l4iJ9wWsBNRVH
8qcQvY0Dkes5o9M3vB4MTugEwMeyNxW+28RAQVXNZ2jXQwYJZMrdsyfSh4mLdPjf
zDk/rxA2i8fVWBM8ZHvsilpnmnBdRcCYmbtsFvWDsCr5LI5EsgZp57QNuwCYOvzq
Eiu4D6OMOCTrg49477e7zapZvAGSn43jgzg+IyXwY4DWA2t3sl1n0p9MqAfAZeyt
BjDktojZR06akwJW0VF6WItYmtsXz5u1NYUDGk6jAIyid8C1hUWFR+66/ixzcK+m
hTnY4INbo3d+HfwL0tqM3BY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:56:58 2026 by rpki-client