Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/dlNg4jKyuvWtkOqh3BoUDhRtRF8.roa
File: dlNg4jKyuvWtkOqh3BoUDhRtRF8.roa (raw, json)
Hash identifier: jwm/3oScvLPEeGbSo2Jnt2w09tQTXUvo49okZJ+us7o=
Subject key identifier: 76:53:60:E2:32:B2:BA:F5:AD:90:EA:A1:DC:1A:14:0E:14:6D:44:5F
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 019C8F78D63B1E0F2C8C987E633D06E1EB5E
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/dlNg4jKyuvWtkOqh3BoUDhRtRF8.roa
Signing time: Tue 24 Feb 2026 11:46:26 +0000
ROA not before: Tue 24 Feb 2026 11:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 80.255.192.0/19 maxlen: 19
82.47.0.0/16 maxlen: 16
84.19.104.0/21 maxlen: 21
84.19.122.0/23 maxlen: 23
84.19.124.0/22 maxlen: 22
185.228.252.0/22 maxlen: 22
193.39.32.0/20 maxlen: 20
193.39.65.0/24 maxlen: 24
193.193.96.0/20 maxlen: 20
194.145.148.0/23 maxlen: 23
195.182.160.0/19 maxlen: 19
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:78:d6:3b:1e:0f:2c:8c:98:7e:63:3d:06:e1:eb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Feb 24 11:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=765360e232b2baf5ad90eaa1dc1a140e146d445f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:b5:db:99:e8:65:91:fe:07:1e:e2:8b:ea:
0a:33:a0:ae:c8:2c:3f:a1:56:b9:0c:ae:97:50:91:
4b:3f:c2:23:29:1b:f4:3f:a9:19:1b:33:2b:fa:7a:
8c:fb:dc:d1:cf:50:2c:21:06:eb:50:ad:29:4b:7c:
9a:6a:77:c0:02:ee:c6:e4:9c:30:17:fd:e8:7b:4f:
98:f8:d9:ba:f5:51:98:3e:71:cb:14:0d:06:7d:f0:
99:85:2a:f2:f5:a0:02:3e:73:71:93:ce:8c:04:32:
79:8e:58:f7:74:18:f6:61:76:10:d2:59:0f:7f:78:
0d:b1:75:3f:d4:92:aa:02:ff:96:9b:16:9e:71:da:
66:f5:91:30:11:05:61:92:d3:f8:fe:f7:ea:bd:b9:
5d:6c:e1:40:ac:d7:1f:4f:28:ae:0a:0c:fa:db:25:
36:51:4a:90:c6:49:12:52:94:f9:f9:ea:cd:6e:a7:
a1:cb:17:76:a5:69:1b:ba:a0:2e:99:d9:84:b4:02:
54:c0:6c:02:1f:27:8c:57:69:e1:01:e5:9b:ce:e4:
3f:a3:63:3e:05:84:d0:82:f0:d2:9e:4c:02:c9:cc:
af:05:00:86:98:b8:9b:d3:03:50:06:46:96:4e:5d:
fb:93:9d:9d:15:ba:bf:be:62:ff:97:6f:6a:22:02:
7f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:53:60:E2:32:B2:BA:F5:AD:90:EA:A1:DC:1A:14:0E:14:6D:44:5F
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/dlNg4jKyuvWtkOqh3BoUDhRtRF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.192.0/19
82.47.0.0/16
84.19.104.0/21
84.19.122.0-84.19.127.255
185.228.252.0/22
193.39.32.0/20
193.39.65.0/24
193.193.96.0/20
194.145.148.0/23
195.182.160.0/19
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
52:42:bd:59:17:1a:b8:1b:3b:21:22:b7:ec:e8:ee:4c:d8:ad:
8b:fb:0e:a4:be:2b:a7:18:ba:cd:e8:14:4a:f4:ab:b8:1e:72:
c3:31:83:ca:ee:fd:d8:2e:a0:12:47:c8:ed:e4:16:81:ff:03:
a8:ae:05:73:84:cd:4c:e6:4c:fe:07:85:21:79:03:88:23:93:
0d:c2:59:fe:fd:44:6d:ab:81:c3:2c:32:44:bc:bf:58:d8:e9:
3d:c0:e9:73:34:6d:6e:f9:f4:23:81:1e:63:4b:14:cc:ff:b0:
d3:8e:1b:b6:2b:34:fc:37:fa:c3:02:78:9b:57:9c:e6:02:d6:
0f:bc:8f:0a:8e:00:9c:2b:b8:01:3d:90:2b:a2:cf:58:92:6e:
3a:6b:57:b3:4f:4d:1c:27:79:69:34:69:e3:b5:d1:b9:04:89:
d7:a8:af:95:fb:55:96:03:cc:30:94:75:77:de:24:38:64:dc:
47:4c:49:30:af:e7:1b:2f:2e:0a:c5:4f:c0:d1:e6:67:9b:16:
f0:f3:77:83:ce:f4:8f:84:ce:fb:e0:66:b3:51:3c:75:7b:ba:
bb:d0:6d:e7:bf:43:fa:f4:f9:01:62:03:6b:fe:f0:e0:39:96:
4a:9f:a5:45:a5:fa:5e:ea:50:65:03:9f:1e:52:82:b9:93:30:
d5:e3:d3:47
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZyPeNY7Hg8sjJh+Yz0G4eteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjYwMjI0MTE0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUzNjBlMjMyYjJiYWY1YWQ5MGVhYTFkYzFhMTQwZTE0NmQ0NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6i125noZZH+Bx7ii+oKM6CuyCw/
oVa5DK6XUJFLP8IjKRv0P6kZGzMr+nqM+9zRz1AsIQbrUK0pS3yaanfAAu7G5Jww
F/3oe0+Y+Nm69VGYPnHLFA0GffCZhSry9aACPnNxk86MBDJ5jlj3dBj2YXYQ0lkP
f3gNsXU/1JKqAv+Wmxaecdpm9ZEwEQVhktP4/vfqvbldbOFArNcfTyiuCgz62yU2
UUqQxkkSUpT5+erNbqehyxd2pWkbuqAumdmEtAJUwGwCHyeMV2nhAeWbzuQ/o2M+
BYTQgvDSnkwCycyvBQCGmLib0wNQBkaWTl37k52dFbq/vmL/l29qIgJ/hwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFHZTYOIysrr1rZDqodwaFA4UbURfMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvZGxOZzRqS3l1dld0a09xaDNCb1VEaFJ0UkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPAwQFUP/AAwMA
Ui8DBANUE2gwDAMEAVQTegMEB1QTAAMEArnk/AMEBMEnIAMEAMEnQQMEBMHBYAME
AcKRlAMEBcO2oAMEBdQroAMEBdWT4DANBgkqhkiG9w0BAQsFAAOCAQEAUkK9WRca
uBs7ISK37OjuTNiti/sOpL4rpxi6zegUSvSruB5ywzGDyu792C6gEkfI7eQWgf8D
qK4Fc4TNTOZM/geFIXkDiCOTDcJZ/v1EbauBwywyRLy/WNjpPcDpczRtbvn0I4Ee
Y0sUzP+w044btis0/Df6wwJ4m1ec5gLWD7yPCo4AnCu4AT2QK6LPWJJuOmtXs09N
HCd5aTRp47XRuQSJ16ivlftVlgPMMJR1d94kOGTcR0xJMK/nGy8uCsVPwNHmZ5sW
8PN3g870j4TO++Bms1E8dXu6u9Bt579D+vT5AWIDa/7w4DmWSp+lRaX6XupQZQOf
HlKCuZMw1ePTRw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:27 2026 by rpki-client