Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/D3zo566csEJxsSuOjYFYuiagAus.roa
File: D3zo566csEJxsSuOjYFYuiagAus.roa (raw, json)
Hash identifier: hZemx0XbhR2p5mQq1jR04oMUitubYwSob8P7B6vzNuo=
Subject key identifier: 0F:7C:E8:E7:AE:9C:B0:42:71:B1:2B:8E:8D:81:58:BA:26:A0:02:EB
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 019D72134A968E58ACA828679B964B5C36AD
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/D3zo566csEJxsSuOjYFYuiagAus.roa
Signing time: Thu 09 Apr 2026 11:49:20 +0000
ROA not before: Thu 09 Apr 2026 11:49:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207253
IP address blocks: 88.218.208.0/22 maxlen: 22
185.160.200.0/22 maxlen: 22
185.210.8.0/22 maxlen: 22
185.244.200.0/22 maxlen: 22
193.31.20.0/22 maxlen: 22
193.31.44.0/22 maxlen: 22
193.84.240.0/22 maxlen: 22
193.106.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:13:4a:96:8e:58:ac:a8:28:67:9b:96:4b:5c:36:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Apr 9 11:49:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f7ce8e7ae9cb04271b12b8e8d8158ba26a002eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:68:5e:2c:28:ca:9a:bd:0e:c6:1c:db:ab:
30:5e:19:9f:c1:34:1c:e5:aa:f2:36:22:d9:c2:74:
a2:d4:e5:4c:8e:45:c2:8e:25:8d:c0:46:09:4b:8e:
f3:00:c2:76:29:62:b1:d5:a7:2a:2c:f1:08:45:ac:
ff:6d:8b:91:28:ae:c6:2b:a0:e3:c4:53:54:e2:2c:
92:44:d2:e2:a7:ee:50:0a:51:5c:17:d8:a2:8a:d5:
0b:18:a5:50:79:40:ea:e0:54:fb:a8:6e:d1:34:3e:
35:ef:ab:c9:a4:fc:15:21:e2:12:46:3d:41:e5:8f:
78:4c:ae:01:46:f9:36:34:2b:ff:34:f7:f4:22:03:
5c:45:1d:cb:8b:e7:08:f5:ee:67:90:9f:af:d6:04:
bf:a9:dc:bd:3c:c1:f2:62:81:96:ea:8f:a0:20:e6:
81:7b:9a:b1:83:f6:15:47:cc:5e:cf:70:99:6f:17:
05:50:8e:5e:78:dc:ce:d4:05:0e:61:ed:a1:71:ad:
94:94:61:de:fe:3a:ff:33:2e:61:8b:a7:13:4b:12:
70:82:a5:f2:28:d1:4b:5e:34:03:0c:e7:20:bc:1c:
91:8e:8e:d5:12:9e:fb:7f:04:3c:c4:28:a2:e5:3f:
c2:2d:91:0a:62:63:1d:ba:3e:03:87:9c:a8:24:57:
43:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7C:E8:E7:AE:9C:B0:42:71:B1:2B:8E:8D:81:58:BA:26:A0:02:EB
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/D3zo566csEJxsSuOjYFYuiagAus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.208.0/22
185.160.200.0/22
185.210.8.0/22
185.244.200.0/22
193.31.20.0/22
193.31.44.0/22
193.84.240.0/22
193.106.32.0/22
Signature Algorithm: sha256WithRSAEncryption
31:63:4f:45:82:5a:23:72:18:47:86:11:d2:32:89:15:09:73:
f2:d7:5d:f3:79:f7:7e:49:dc:68:79:25:2d:8f:5a:4e:2a:72:
09:de:b4:ca:2c:47:15:b6:a3:5d:17:c1:85:de:17:d3:c4:31:
2c:87:e3:56:87:f2:3a:10:a5:38:61:d3:dc:4f:76:f6:46:6b:
e8:9f:c8:66:50:86:5e:5c:13:a2:23:b8:34:8d:a5:04:18:6c:
59:0b:51:c2:dd:45:6c:29:c7:bd:3d:35:63:27:cf:6d:b0:55:
af:e1:da:f8:26:98:cb:fd:18:c3:09:d0:82:6a:87:c5:b1:6d:
3f:53:2e:e7:0e:50:71:c3:76:ec:ed:3f:da:26:32:77:3a:68:
21:dd:98:01:e4:2f:87:8d:f0:83:b2:14:71:6a:72:9f:53:fd:
e8:43:86:8c:72:51:2d:c6:5f:ee:f4:4b:62:ca:e8:41:ff:51:
4a:63:77:a8:06:21:bf:b0:8e:8c:b0:1b:63:be:d7:c9:27:18:
51:44:56:ed:fd:c5:73:67:a3:a9:e4:92:69:13:61:60:88:00:
cc:52:0b:cb:5f:bf:21:33:2d:64:bd:1b:8e:99:a9:11:e5:30:
d8:97:a6:5b:ac:ff:c4:aa:c1:1e:ba:a9:5b:af:3a:f7:30:f9:
61:cd:ad:90
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ1yE0qWjlisqChnm5ZLXDatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjYwNDA5MTE0OTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdjZThlN2FlOWNiMDQyNzFiMTJiOGU4ZDgxNThiYTI2YTAwMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRFoXiwoypq9DsYc26swXhmfwTQc
5aryNiLZwnSi1OVMjkXCjiWNwEYJS47zAMJ2KWKx1acqLPEIRaz/bYuRKK7GK6Dj
xFNU4iySRNLip+5QClFcF9iiitULGKVQeUDq4FT7qG7RND4176vJpPwVIeISRj1B
5Y94TK4BRvk2NCv/NPf0IgNcRR3Li+cI9e5nkJ+v1gS/qdy9PMHyYoGW6o+gIOaB
e5qxg/YVR8xez3CZbxcFUI5eeNzO1AUOYe2hca2UlGHe/jr/My5hi6cTSxJwgqXy
KNFLXjQDDOcgvByRjo7VEp77fwQ8xCii5T/CLZEKYmMduj4Dh5yoJFdDrQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA986OeunLBCcbErjo2BWLomoALrMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvRDN6bzU2NmNzRUp4c1N1T2pZRll1aWFnQXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCWNrQAwQC
uaDIAwQCudIIAwQCufTIAwQCwR8UAwQCwR8sAwQCwVTwAwQCwWogMA0GCSqGSIb3
DQEBCwUAA4IBAQAxY09FglojchhHhhHSMokVCXPy113zefd+SdxoeSUtj1pOKnIJ
3rTKLEcVtqNdF8GF3hfTxDEsh+NWh/I6EKU4YdPcT3b2Rmvon8hmUIZeXBOiI7g0
jaUEGGxZC1HC3UVsKce9PTVjJ89tsFWv4dr4JpjL/RjDCdCCaofFsW0/Uy7nDlBx
w3bs7T/aJjJ3Omgh3ZgB5C+HjfCDshRxanKfU/3oQ4aMclEtxl/u9EtiyuhB/1FK
Y3eoBiG/sI6MsBtjvtfJJxhRRFbt/cVzZ6Op5JJpE2FgiADMUgvLX78hMy1kvRuO
makR5TDYl6ZbrP/EqsEeuqlbrzr3MPlhza2Q
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:31 2026 by rpki-client