Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/DyOCcgAv5D-uzn7WjreG_-yIw6k.roa
File: DyOCcgAv5D-uzn7WjreG_-yIw6k.roa (raw, json)
Hash identifier: G50a8YU+mQy2n/BSNcqw5qa7N7PvvorHs7UE1i40Fig=
Subject key identifier: 0F:23:82:72:00:2F:E4:3F:AE:CE:7E:D6:8E:B7:86:FF:EC:88:C3:A9
Certificate issuer: /CN=e27e1dd07466278036ba5cd943d7b0e021cf8628
Certificate serial: 019D44644F128F46EE96DEC84379544624FB
Authority key identifier: E2:7E:1D:D0:74:66:27:80:36:BA:5C:D9:43:D7:B0:E0:21:CF:86:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/DyOCcgAv5D-uzn7WjreG_-yIw6k.roa
Signing time: Tue 31 Mar 2026 14:55:17 +0000
ROA not before: Tue 31 Mar 2026 14:55:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213522
IP address blocks: 89.150.47.0/24 maxlen: 24
89.150.52.0/24 maxlen: 24
89.150.62.0/24 maxlen: 24
185.48.5.0/24 maxlen: 24
2a14:ec0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.mft
rsync://rpki.ripe.net/repository/DEFAULT/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:64:4f:12:8f:46:ee:96:de:c8:43:79:54:46:24:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e27e1dd07466278036ba5cd943d7b0e021cf8628
Validity
Not Before: Mar 31 14:55:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f238272002fe43faece7ed68eb786ffec88c3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e1:6f:e9:0c:4a:37:c8:89:c6:32:84:ba:e0:
3b:48:6c:04:f7:0b:67:b1:f6:4f:3b:4a:4d:f8:a8:
3a:bf:f3:44:03:58:d4:ab:08:cc:0c:44:b7:b9:66:
31:fe:af:71:da:66:f7:cb:3b:64:c5:84:10:bd:bf:
3c:f5:02:9e:3c:53:ab:18:05:31:98:c5:15:09:79:
6a:0c:5e:81:80:bb:83:03:bf:58:3f:e2:c1:7f:25:
17:12:55:06:00:2c:8f:34:66:60:98:86:23:00:56:
11:55:d1:55:c5:f1:60:02:f6:7f:27:05:22:6e:4e:
7d:8a:55:c0:86:be:23:61:cb:1e:18:9a:d3:0f:68:
31:79:1e:28:d8:9f:f3:ff:d1:d0:1f:ba:2a:88:15:
6c:ad:e0:2f:33:14:e5:93:e6:be:5f:cb:34:95:05:
09:1b:e9:56:22:c4:3e:12:03:4e:b4:cb:48:9b:a1:
65:18:91:f4:66:cc:6d:26:2a:b7:47:8f:a2:f1:a2:
68:18:e2:eb:4d:12:78:4e:4c:65:1e:23:f6:ab:48:
79:b0:b7:c0:92:95:80:42:d5:76:a3:10:0b:90:61:
1d:b1:9a:7d:6f:c3:da:da:d3:76:a6:0d:ed:7f:6b:
97:f1:d9:5e:a9:50:8f:45:c9:6b:ad:e4:b0:e3:db:
cc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:23:82:72:00:2F:E4:3F:AE:CE:7E:D6:8E:B7:86:FF:EC:88:C3:A9
X509v3 Authority Key Identifier:
keyid:E2:7E:1D:D0:74:66:27:80:36:BA:5C:D9:43:D7:B0:E0:21:CF:86:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/DyOCcgAv5D-uzn7WjreG_-yIw6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.47.0/24
89.150.52.0/24
89.150.62.0/24
185.48.5.0/24
IPv6:
2a14:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:78:b3:84:78:6b:93:d4:f6:ff:ca:99:33:c0:15:d6:be:80:
59:94:db:2b:40:4e:c2:ac:64:ed:ae:69:80:be:56:19:08:d7:
6f:8f:97:d3:c8:6c:85:1b:07:36:cc:45:e0:af:21:dc:f9:8e:
74:7f:6f:ef:4d:89:ad:4f:44:ff:c9:7d:3b:c0:5f:14:e9:eb:
c3:76:b4:34:cf:fb:71:b8:5e:e9:79:85:6f:2f:4b:bd:98:0e:
97:26:6a:6c:0e:a3:8b:ec:fc:a0:8c:47:51:f4:2b:fb:ac:fd:
21:07:9a:ac:44:44:e7:b9:61:2c:f4:65:f2:03:c6:45:04:cc:
f9:79:e6:25:4e:01:f2:ae:9a:7e:bb:a9:13:cf:8d:46:9f:a8:
f3:6c:33:6e:6d:27:3c:43:19:d0:89:18:11:e5:54:bb:ab:3f:
63:3e:2a:5e:05:a6:b4:f2:8b:10:16:fb:a3:4c:44:66:2b:95:
69:31:a9:0b:22:b3:9a:a3:d7:c9:a1:e3:4e:e1:a7:51:02:d9:
db:f3:24:51:0e:bf:85:1f:ff:15:86:3b:c0:df:35:80:68:95:
d8:3f:4f:af:be:20:76:40:67:4b:3b:39:7e:0c:d3:6b:ce:83:
5c:42:86:41:b0:2e:a4:db:b9:e7:b5:ba:50:f3:c4:11:e9:10:
df:b3:28:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ1EZE8Sj0bult7IQ3lURiT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyN2UxZGQwNzQ2NjI3ODAzNmJhNWNkOTQzZDdiMGUwMjFj
Zjg2MjgwHhcNMjYwMzMxMTQ1NTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIzODI3MjAwMmZlNDNmYWVjZTdlZDY4ZWI3ODZmZmVjODhjM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOFv6QxKN8iJxjKEuuA7SGwE9wtn
sfZPO0pN+Kg6v/NEA1jUqwjMDES3uWYx/q9x2mb3yztkxYQQvb889QKePFOrGAUx
mMUVCXlqDF6BgLuDA79YP+LBfyUXElUGACyPNGZgmIYjAFYRVdFVxfFgAvZ/JwUi
bk59ilXAhr4jYcseGJrTD2gxeR4o2J/z/9HQH7oqiBVsreAvMxTlk+a+X8s0lQUJ
G+lWIsQ+EgNOtMtIm6FlGJH0ZsxtJiq3R4+i8aJoGOLrTRJ4TkxlHiP2q0h5sLfA
kpWAQtV2oxALkGEdsZp9b8Pa2tN2pg3tf2uX8dleqVCPRclrreSw49vMJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA8jgnIAL+Q/rs5+1o63hv/siMOpMB8GA1UdIwQY
MBaAFOJ+HdB0ZieANrpc2UPXsOAhz4YoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG40ZDBIUm1KNEEydWx6WlE5ZXc0Q0hQaGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hZTBkOGItNDg1Ny00YmE3LWIzNDIt
NWVjMzM2YmY3NDNiLzEvRHlPQ2NnQXY1RC11em43V2pyZUdfLXlJdzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hZTBkOGItNDg1Ny00YmE3LWIzNDItNWVjMzM2YmY3NDNi
LzEvNG40ZDBIUm1KNEEydWx6WlE5ZXc0Q0hQaGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWZYvAwQA
WZY0AwQAWZY+AwQAuTAFMA0EAgACMAcDBQMqFA7AMA0GCSqGSIb3DQEBCwUAA4IB
AQAceLOEeGuT1Pb/ypkzwBXWvoBZlNsrQE7CrGTtrmmAvlYZCNdvj5fTyGyFGwc2
zEXgryHc+Y50f2/vTYmtT0T/yX07wF8U6evDdrQ0z/txuF7peYVvL0u9mA6XJmps
DqOL7PygjEdR9Cv7rP0hB5qsRETnuWEs9GXyA8ZFBMz5eeYlTgHyrpp+u6kTz41G
n6jzbDNubSc8QxnQiRgR5VS7qz9jPipeBaa08osQFvujTERmK5VpMakLIrOao9fJ
oeNO4adRAtnb8yRRDr+FH/8VhjvA3zWAaJXYP0+vviB2QGdLOzl+DNNrzoNcQoZB
sC6k27nntbpQ88QR6RDfsyjl
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:50:48 2026 by rpki-client