Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jD6mM0pl55Gkfup6YBb23hzuzk0.roa
File: jD6mM0pl55Gkfup6YBb23hzuzk0.roa (raw, json)
Hash identifier: gYpmzgS3WeGkMeLq1vK2W75gJCmA3gbQBsEJ6rVnTeg=
Subject key identifier: 8C:3E:A6:33:4A:65:E7:91:A4:7E:EA:7A:60:16:F6:DE:1C:EE:CE:4D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019C94EC682B33F740EB57C453E1020E81A6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jD6mM0pl55Gkfup6YBb23hzuzk0.roa
Signing time: Wed 25 Feb 2026 13:10:46 +0000
ROA not before: Wed 25 Feb 2026 13:10:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.182.112.0/24 maxlen: 24
77.242.146.0/23 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.198.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.227.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.247.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:ec:68:2b:33:f7:40:eb:57:c4:53:e1:02:0e:81:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 25 13:10:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8c3ea6334a65e791a47eea7a6016f6de1ceece4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cd:85:f2:ae:2c:56:4b:a5:17:b4:e7:c8:4d:
cf:c1:f6:93:db:0b:89:08:06:42:7c:f6:b5:f8:dd:
18:3f:95:07:11:56:f2:89:dc:2b:52:13:69:45:33:
c0:07:54:7f:6f:eb:e8:48:e9:44:a5:9a:6d:57:83:
be:cc:ac:94:f2:47:ad:ac:d0:ae:67:22:65:08:45:
ca:f6:cc:8c:db:b1:27:29:0b:22:55:1b:5c:cb:53:
21:4e:06:a2:9d:fd:a3:a9:34:6b:0e:c5:69:21:b1:
a1:56:35:92:fe:70:b0:db:23:ec:17:88:a0:c7:52:
8d:3f:bd:af:49:19:39:48:c1:30:bc:98:88:3a:73:
dd:16:c2:fe:ef:35:8a:10:a9:50:d5:80:84:9f:71:
dd:ff:85:3e:d1:14:fa:e4:38:4f:3e:d3:4c:13:fd:
e0:68:e6:19:8a:dd:1c:cb:0f:22:fa:8f:11:f5:ce:
77:25:fe:eb:79:1e:ba:75:d2:65:2e:5c:07:4c:2b:
b7:01:ea:b2:47:6a:81:4a:fb:28:70:eb:88:48:c6:
af:1a:ab:e0:ae:6a:61:0f:6d:33:dc:34:99:ec:51:
fa:f4:03:2c:1c:ec:15:87:c9:90:bc:0a:b4:58:b3:
6e:e1:47:94:68:e6:64:8e:6e:9b:e1:53:df:07:7a:
aa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3E:A6:33:4A:65:E7:91:A4:7E:EA:7A:60:16:F6:DE:1C:EE:CE:4D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jD6mM0pl55Gkfup6YBb23hzuzk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
77.242.146.0/23
83.137.153.0/24
83.137.158.0/24
88.151.56.0/23
88.151.61.0/24
88.209.198.0/24
88.209.201.0/24
88.209.209.0/24
88.209.226.0/23
88.209.232.0/22
88.209.247.0/24
88.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
20:57:07:1f:1f:7c:6b:44:28:9f:a4:3e:8c:1a:83:08:ee:a4:
3e:41:9e:34:0d:99:87:27:6f:f1:7b:6c:b2:6a:e8:18:9d:c7:
34:f0:2f:80:fb:a8:0f:94:42:ad:09:a6:37:63:67:1b:87:ab:
5f:81:65:e0:30:e7:91:d9:d7:87:c9:db:86:85:97:3f:6a:66:
68:78:12:19:9a:6a:b3:3a:8a:6b:cf:ba:f4:26:13:40:d1:11:
cb:04:01:15:66:c1:76:67:59:0f:ee:5d:11:ac:34:0c:4c:80:
6c:5c:50:ef:c3:04:ee:59:3a:ce:32:2f:8d:6a:34:63:95:71:
06:4f:05:2c:80:04:52:a7:49:da:48:e7:68:ea:27:a2:61:7a:
6d:28:60:b1:45:7b:c0:ad:02:3e:61:54:f4:03:35:b7:04:b4:
b3:eb:d6:93:92:56:7a:a2:61:7b:45:00:4c:83:c4:5f:42:fb:
6f:b2:d1:fd:d7:be:d1:5a:3b:e9:24:b0:b3:81:d0:87:22:32:
5d:6b:e2:7a:c3:02:21:df:e1:37:3f:b6:52:ab:39:9a:6b:10:
b4:ff:02:25:e7:27:69:22:49:50:72:03:da:a3:9c:f1:18:9b:
0e:d8:20:5a:55:81:66:d7:ff:88:2e:8f:55:3d:36:9b:71:f6:
0c:bb:f0:19
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZyU7GgrM/dA61fEU+ECDoGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwMjI1MTMxMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNlYTYzMzRhNjVlNzkxYTQ3ZWVhN2E2MDE2ZjZkZTFjZWVjZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA682F8q4sVkulF7TnyE3PwfaT2wuJ
CAZCfPa1+N0YP5UHEVbyidwrUhNpRTPAB1R/b+voSOlEpZptV4O+zKyU8ketrNCu
ZyJlCEXK9syM27EnKQsiVRtcy1MhTgainf2jqTRrDsVpIbGhVjWS/nCw2yPsF4ig
x1KNP72vSRk5SMEwvJiIOnPdFsL+7zWKEKlQ1YCEn3Hd/4U+0RT65DhPPtNME/3g
aOYZit0cyw8i+o8R9c53Jf7reR66ddJlLlwHTCu3AeqyR2qBSvsocOuISMavGqvg
rmphD20z3DSZ7FH69AMsHOwVh8mQvAq0WLNu4UeUaOZkjm6b4VPfB3qqewIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIw+pjNKZeeRpH7qemAW9t4c7s5NMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvakQ2bU0wcGw1NUdrZnVwNllCYjIzaHp1emswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABbZwAwQB
TfKSAwQAU4mZAwQAU4meAwQBWJc4AwQAWJc9AwQAWNHGAwQAWNHJAwQAWNHRAwQB
WNHiAwQCWNHoAwQAWNH3AwQAWNH+MA0GCSqGSIb3DQEBCwUAA4IBAQAgVwcfH3xr
RCifpD6MGoMI7qQ+QZ40DZmHJ2/xe2yyaugYncc08C+A+6gPlEKtCaY3Y2cbh6tf
gWXgMOeR2deHyduGhZc/amZoeBIZmmqzOoprz7r0JhNA0RHLBAEVZsF2Z1kP7l0R
rDQMTIBsXFDvwwTuWTrOMi+NajRjlXEGTwUsgARSp0naSOdo6ieiYXptKGCxRXvA
rQI+YVT0AzW3BLSz69aTklZ6omF7RQBMg8RfQvtvstH9177RWjvpJLCzgdCHIjJd
a+J6wwIh3+E3P7ZSqzmaaxC0/wIl5ydpIklQcgPao5zxGJsO2CBaVYFm1/+ILo9V
PTabcfYMu/AZ
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:14:09 2026 by rpki-client