Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/pDNCrYaJz93_0ruXQrWKPUYVC7w.roa
File: pDNCrYaJz93_0ruXQrWKPUYVC7w.roa (raw, json)
Hash identifier: dZXhJB4noMnp9QFyGzeSZGgePn7dhbkhRF5jupjuOF8=
Subject key identifier: A4:33:42:AD:86:89:CF:DD:FF:D2:BB:97:42:B5:8A:3D:46:15:0B:BC
Certificate issuer: /CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Certificate serial: 019B7F83B176A19BC7943C8C221091994DF6
Authority key identifier: A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/pDNCrYaJz93_0ruXQrWKPUYVC7w.roa
Signing time: Fri 02 Jan 2026 16:21:35 +0000
ROA not before: Fri 02 Jan 2026 16:21:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56828
IP address blocks: 31.25.216.0/21 maxlen: 21
83.118.128.0/18 maxlen: 18
91.186.64.0/19 maxlen: 19
185.84.36.0/22 maxlen: 22
2a05:ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:b1:76:a1:9b:c7:94:3c:8c:22:10:91:99:4d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Validity
Not Before: Jan 2 16:21:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a43342ad8689cfddffd2bb9742b58a3d46150bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4e:6e:b1:e7:34:3b:b7:d9:e5:c0:c4:ba:d0:
0b:8f:75:e8:55:e6:50:21:89:07:41:c2:da:ab:ef:
99:ca:dc:e8:eb:b4:83:bf:b6:d6:58:ea:f0:b1:b8:
fe:bf:8c:3b:ce:4f:36:fc:57:13:10:2c:38:dd:f1:
eb:81:fb:38:81:7a:11:12:71:16:ff:9e:97:ef:6b:
7e:5b:9c:8d:5b:7c:ed:de:8a:6f:6c:39:85:0d:ea:
07:d4:25:5c:c9:c5:06:78:6e:11:fc:16:c6:10:cf:
27:1d:a1:d6:e7:e2:26:5f:53:90:5f:43:29:44:b9:
53:bf:ee:d4:2f:ff:2f:40:61:60:fa:4e:ab:d6:fa:
04:82:49:7b:cf:ac:0e:3f:19:c7:7e:e0:63:89:bf:
cb:b6:5a:7e:a7:ad:54:8c:3c:be:5a:00:4e:f0:5b:
ce:6a:5c:2c:c2:b6:03:6e:db:77:d4:24:a6:6a:89:
b6:50:df:8c:24:17:8c:4e:5f:5e:20:58:c6:35:a5:
e3:7c:b5:4d:88:36:95:24:c9:a0:be:bd:94:b1:25:
cb:61:6d:73:35:3d:59:b4:0d:ec:7c:66:43:0e:dd:
27:ce:18:4d:8e:05:52:67:1d:be:01:31:70:df:25:
40:40:41:8b:e6:36:c8:a3:be:d1:f2:9f:4b:c2:c5:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:33:42:AD:86:89:CF:DD:FF:D2:BB:97:42:B5:8A:3D:46:15:0B:BC
X509v3 Authority Key Identifier:
keyid:A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/pDNCrYaJz93_0ruXQrWKPUYVC7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.216.0/21
83.118.128.0/18
91.186.64.0/19
185.84.36.0/22
IPv6:
2a05:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
46:dc:b4:7b:cb:5e:d2:29:6d:7d:fd:67:ba:d5:ff:3a:b0:9e:
6d:83:69:58:0b:2b:80:de:13:68:13:74:b8:3e:b4:96:3e:d2:
bf:68:27:45:b7:68:8e:af:ba:4a:96:e2:ff:4a:2e:91:64:68:
c2:60:f5:6a:10:cc:ec:6f:e3:57:e4:02:00:ee:4f:80:a3:53:
4d:de:a0:7d:dd:a9:f2:15:18:95:e5:bf:ce:e0:28:2a:20:d3:
23:16:7b:91:6a:02:ba:51:e8:81:43:80:2d:d6:75:ee:a9:71:
d8:05:1e:e2:5d:a4:82:d8:a2:aa:09:43:6e:85:5a:13:3d:6a:
e4:a6:09:09:6a:cc:cd:41:ee:25:82:45:fe:7b:95:a1:11:41:
77:d0:bc:be:73:01:be:4b:ff:6e:9a:b1:a0:07:89:e9:05:13:
c7:5e:02:59:3f:5e:65:bf:20:1c:35:8d:ca:11:51:62:43:71:
e3:f6:38:d1:c8:38:ab:3a:0b:f5:ca:cd:1b:0a:71:1b:9d:39:
7e:ed:ca:53:9c:22:f3:7f:48:93:60:1c:f5:12:e6:5f:e3:b8:
b9:9c:b5:7a:5c:9c:b0:29:f0:1a:47:b2:9e:69:6e:dc:85:c1:
c2:d0:8f:2e:26:17:78:04:28:a9:e5:04:be:e8:bb:da:85:3e:
b3:8b:97:89
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt/g7F2oZvHlDyMIhCRmU32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODY0ZWRmYTQxMmQ3N2EwM2NiZjU5MTMxZTNmY2MwM2E2
MGUxODgwHhcNMjYwMTAyMTYyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMzNDJhZDg2ODljZmRkZmZkMmJiOTc0MmI1OGEzZDQ2MTUwYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU5usec0O7fZ5cDEutALj3XoVeZQ
IYkHQcLaq++Zytzo67SDv7bWWOrwsbj+v4w7zk82/FcTECw43fHrgfs4gXoREnEW
/56X72t+W5yNW3zt3opvbDmFDeoH1CVcycUGeG4R/BbGEM8nHaHW5+ImX1OQX0Mp
RLlTv+7UL/8vQGFg+k6r1voEgkl7z6wOPxnHfuBjib/Ltlp+p61UjDy+WgBO8FvO
alwswrYDbtt31CSmaom2UN+MJBeMTl9eIFjGNaXjfLVNiDaVJMmgvr2UsSXLYW1z
NT1ZtA3sfGZDDt0nzhhNjgVSZx2+ATFw3yVAQEGL5jbIo77R8p9LwsV22wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKQzQq2Gic/d/9K7l0K1ij1GFQu8MB8GA1UdIwQY
MBaAFKGGTt+kEtd6A8v1kTHj/MA6YOGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTkt
MWE1NTc5ZThjNmMwLzEvcEROQ3JZYUp6OTNfMHJ1WFFyV0tQVVlWQzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTktMWE1NTc5ZThjNmMw
LzEvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxnYAwQG
U3aAAwQFW7pAAwQCuVQkMA0EAgACMAcDBQMqBQ7AMA0GCSqGSIb3DQEBCwUAA4IB
AQBG3LR7y17SKW19/We61f86sJ5tg2lYCyuA3hNoE3S4PrSWPtK/aCdFt2iOr7pK
luL/Si6RZGjCYPVqEMzsb+NX5AIA7k+Ao1NN3qB93anyFRiV5b/O4CgqINMjFnuR
agK6UeiBQ4At1nXuqXHYBR7iXaSC2KKqCUNuhVoTPWrkpgkJaszNQe4lgkX+e5Wh
EUF30Ly+cwG+S/9umrGgB4npBRPHXgJZP15lvyAcNY3KEVFiQ3Hj9jjRyDirOgv1
ys0bCnEbnTl+7cpTnCLzf0iTYBz1EuZf47i5nLV6XJywKfAaR7KeaW7chcHC0I8u
Jhd4BCip5QS+6LvahT6zi5eJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:56:01 2026 by rpki-client