Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/DHr7JGtON15Cis6DyR54N2LbQu0.roa
File: DHr7JGtON15Cis6DyR54N2LbQu0.roa (raw, json)
Hash identifier: Hbp+JgUraGKes5zUXwpHdkwns9L2SkKZwHJUBgVjmZs=
Subject key identifier: 0C:7A:FB:24:6B:4E:37:5E:42:8A:CE:83:C9:1E:78:37:62:DB:42:ED
Certificate issuer: /CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Certificate serial: 019D3DFAC3F58DF64F52A02E462DB4FF2438
Authority key identifier: A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/DHr7JGtON15Cis6DyR54N2LbQu0.roa
Signing time: Mon 30 Mar 2026 09:02:17 +0000
ROA not before: Mon 30 Mar 2026 09:02:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44275
IP address blocks: 185.25.252.0/22 maxlen: 22
185.169.188.0/23 maxlen: 24
185.169.190.0/24 maxlen: 24
2a02:1300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:fa:c3:f5:8d:f6:4f:52:a0:2e:46:2d:b4:ff:24:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Validity
Not Before: Mar 30 09:02:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0c7afb246b4e375e428ace83c91e783762db42ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:61:9d:26:dc:16:ee:1b:a7:6b:a1:fb:24:5a:
0f:7c:32:e7:2c:19:9a:2a:8d:eb:e0:59:15:50:bb:
d9:d6:5b:d4:b5:66:8a:e0:0a:c7:c7:b0:2c:07:fb:
84:dc:da:c4:ef:e8:7b:9c:1b:20:3e:d5:f1:83:e1:
40:cd:ca:9e:b0:45:29:af:af:23:f8:72:87:b9:50:
4c:80:89:2a:9f:4a:9c:e9:b0:f4:8d:c5:41:e7:d6:
64:c0:69:b0:e1:7c:ff:3a:09:61:bc:ae:7d:e9:58:
5f:1a:f3:26:bf:c1:a3:6b:19:32:e7:3d:15:b9:bc:
65:a7:95:dc:f8:b6:9b:fb:21:6a:e8:78:3f:7c:64:
5f:e9:3e:c7:5a:a1:fc:cc:25:0d:51:a7:62:d9:66:
9d:0f:38:20:08:95:f5:05:34:fc:68:76:92:36:f5:
d9:30:7b:47:51:67:aa:9c:fb:4e:da:dc:ac:13:28:
59:61:6f:a7:8a:99:f0:fd:64:30:ac:80:9c:7a:c7:
46:9b:2d:d4:df:45:21:8c:6a:c1:17:b7:5e:38:4f:
08:b0:24:fc:3d:e5:9e:a1:6e:75:de:5b:4e:59:dd:
2f:8a:94:e6:0f:70:07:53:ba:1d:12:d6:e1:ee:e4:
33:be:c9:be:f0:fd:c2:b1:36:c9:5f:1f:9c:e1:11:
5a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7A:FB:24:6B:4E:37:5E:42:8A:CE:83:C9:1E:78:37:62:DB:42:ED
X509v3 Authority Key Identifier:
keyid:A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/DHr7JGtON15Cis6DyR54N2LbQu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.252.0/22
185.169.188.0-185.169.190.255
IPv6:
2a02:1300::/29
Signature Algorithm: sha256WithRSAEncryption
2f:38:8d:dd:a4:c4:f5:19:03:e5:b6:4c:a9:58:48:cc:7e:de:
c3:b4:cf:85:bf:98:5b:12:2c:99:96:c4:40:ec:73:86:8e:60:
5c:ac:e7:17:64:e4:99:42:6d:0b:e8:04:31:07:fd:6f:e0:a6:
dc:ae:f2:ea:42:46:54:4f:1a:ff:f9:74:b0:1b:00:21:8d:db:
8a:31:7f:23:88:a8:ba:29:aa:05:c9:63:54:59:4d:87:1e:eb:
b9:33:6e:79:d7:10:2c:48:3e:e7:ea:89:97:e3:22:68:2e:13:
8e:1f:3b:28:df:1c:17:33:e9:56:79:c0:6e:62:cc:13:b9:42:
5b:e4:29:e2:aa:80:35:bd:97:3a:f5:58:ee:9b:0e:f3:30:88:
de:6e:c6:ff:ce:4b:d5:31:8a:8c:3a:54:4e:75:db:6a:3f:37:
ec:33:85:c5:f3:38:54:92:de:4f:2a:fe:f7:1e:cd:5a:ed:ec:
8e:e3:de:c6:ca:65:e9:ee:b7:48:9f:01:e7:ba:11:81:56:59:
26:1b:01:0a:66:3d:cd:7d:0f:b8:10:a5:b3:bc:35:b7:a7:ee:
ee:75:0e:23:51:bf:d7:e0:f4:8b:a4:d6:35:2f:2c:35:f6:fb:
79:41:72:23:10:c9:d5:27:69:97:32:6d:98:31:f5:15:cf:8d:
6a:aa:b2:92
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ09+sP1jfZPUqAuRi20/yQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY2NmNiMGU1NDk2MTE2ZWI3YWU2NzE0ZDkwNTUzMDli
YTY5YWMwHhcNMjYwMzMwMDkwMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdhZmIyNDZiNGUzNzVlNDI4YWNlODNjOTFlNzgzNzYyZGI0MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGGdJtwW7huna6H7JFoPfDLnLBma
Ko3r4FkVULvZ1lvUtWaK4ArHx7AsB/uE3NrE7+h7nBsgPtXxg+FAzcqesEUpr68j
+HKHuVBMgIkqn0qc6bD0jcVB59ZkwGmw4Xz/OglhvK596VhfGvMmv8Gjaxky5z0V
ubxlp5Xc+Lab+yFq6Hg/fGRf6T7HWqH8zCUNUadi2WadDzggCJX1BTT8aHaSNvXZ
MHtHUWeqnPtO2tysEyhZYW+nipnw/WQwrICcesdGmy3U30UhjGrBF7deOE8IsCT8
PeWeoW513ltOWd0vipTmD3AHU7odEtbh7uQzvsm+8P3CsTbJXx+c4RFaGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAx6+yRrTjdeQorOg8keeDdi20LtMB8GA1UdIwQY
MBaAFKS2ZssOVJYRbreuZxTZBVMJummsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEt
YjUzNjgzMzBiYWYyLzEvREhyN0pHdE9OMTVDaXM2RHlSNTROMkxiUXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEtYjUzNjgzMzBiYWYy
LzEvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuRn8MAwD
BAK5qbwDBAC5qb4wDQQCAAIwBwMFAyoCEwAwDQYJKoZIhvcNAQELBQADggEBAC84
jd2kxPUZA+W2TKlYSMx+3sO0z4W/mFsSLJmWxEDsc4aOYFys5xdk5JlCbQvoBDEH
/W/gptyu8upCRlRPGv/5dLAbACGN24oxfyOIqLopqgXJY1RZTYce67kzbnnXECxI
PufqiZfjImguE44fOyjfHBcz6VZ5wG5izBO5QlvkKeKqgDW9lzr1WO6bDvMwiN5u
xv/OS9Uxiow6VE5122o/N+wzhcXzOFSS3k8q/vcezVrt7I7j3sbKZenut0ifAee6
EYFWWSYbAQpmPc19D7gQpbO8Nben7u51DiNRv9fg9Iuk1jUvLDX2+3lBciMQydUn
aZcybZgx9RXPjWqqspI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:20 2026 by rpki-client