Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/d4n3tw3gDFUggG3YzvBlW0E4fSo.roa
File: d4n3tw3gDFUggG3YzvBlW0E4fSo.roa (raw, json)
Hash identifier: VpjIZnytENsCO28HlqlF6djLFl83iFyahAl9bafd1J8=
Subject key identifier: 77:89:F7:B7:0D:E0:0C:55:20:80:6D:D8:CE:F0:65:5B:41:38:7D:2A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D0AA66D5F246F5E82E88D2D80CB44C571
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/d4n3tw3gDFUggG3YzvBlW0E4fSo.roa
Signing time: Fri 20 Mar 2026 09:49:32 +0000
ROA not before: Fri 20 Mar 2026 09:49:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214902
IP address blocks: 5.83.147.0/24 maxlen: 24
5.231.28.0/24 maxlen: 24
5.231.45.0/24 maxlen: 24
77.90.6.0/24 maxlen: 24
77.90.19.0/24 maxlen: 24
77.90.43.0/24 maxlen: 24
77.90.45.0/24 maxlen: 24
85.93.9.0/24 maxlen: 24
89.144.8.0/24 maxlen: 24
89.144.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:51:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0a:a6:6d:5f:24:6f:5e:82:e8:8d:2d:80:cb:44:c5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 20 09:49:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7789f7b70de00c5520806dd8cef0655b41387d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:67:a7:e3:57:9b:71:ff:90:31:88:b5:b9:
f2:09:87:d9:18:f4:e5:e3:c4:7b:73:1c:c4:7b:16:
cf:b9:62:b6:98:34:73:a1:d9:99:89:0c:32:d1:a5:
07:e5:fd:eb:ba:19:d4:dc:84:db:d7:5c:e0:69:50:
c8:93:42:b3:26:82:6a:04:a9:82:34:4d:f6:63:a1:
af:61:74:40:cc:f0:ee:60:23:8c:fe:b7:14:c2:2e:
21:12:dc:a6:f4:7f:1f:5d:a5:a7:94:50:22:85:4f:
2e:b0:e7:fb:47:da:71:06:71:4a:4f:2d:d7:0e:9d:
c6:a4:e3:b5:8c:e7:95:d2:6a:4d:54:d8:ea:2e:20:
22:5d:a3:f7:1b:07:0f:88:35:e3:af:92:ba:fb:60:
82:c8:65:10:44:9f:f6:12:81:8b:25:97:15:cc:66:
a9:aa:e3:24:3f:89:eb:61:a4:34:f4:09:7e:e8:48:
3f:bc:16:a7:6c:18:84:7c:d5:03:71:ee:27:23:a2:
23:5f:8f:55:7e:9a:3f:7f:08:66:79:fa:d1:a1:24:
40:a4:15:42:3b:26:51:a2:32:73:44:6e:33:ce:9c:
38:7a:f4:58:fb:ff:f2:8f:d9:c8:cc:45:26:0b:b5:
e3:c3:c7:ce:8a:94:c8:26:f6:72:92:bb:21:fc:d6:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:89:F7:B7:0D:E0:0C:55:20:80:6D:D8:CE:F0:65:5B:41:38:7D:2A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/d4n3tw3gDFUggG3YzvBlW0E4fSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.147.0/24
5.231.28.0/24
5.231.45.0/24
77.90.6.0/24
77.90.19.0/24
77.90.43.0/24
77.90.45.0/24
85.93.9.0/24
89.144.8.0/24
89.144.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:bd:7d:fc:7e:09:74:26:1f:8e:02:a2:d7:2c:27:b5:98:60:
76:a4:42:d7:19:c8:c5:4e:e7:94:da:20:59:f4:aa:27:18:28:
23:ae:1d:ed:00:95:1a:30:04:9a:18:2c:89:19:59:e4:6d:eb:
24:1c:35:af:10:f7:04:03:78:51:f3:3d:b6:eb:36:77:af:a2:
03:3d:c1:8a:22:b7:e8:55:78:49:9b:5a:71:61:d7:93:3b:cf:
8f:65:5a:54:5f:a8:17:7d:da:52:eb:4c:ef:97:25:3a:76:8f:
6a:9d:40:3e:c4:3d:5c:77:43:a0:8d:b4:8e:c0:92:e8:14:81:
0f:7b:0b:9c:f5:09:38:8b:2c:aa:c6:9d:b1:fb:73:da:24:8c:
96:6f:d9:47:73:a1:f1:60:35:f1:7a:43:7a:9c:5b:c7:c7:86:
53:74:bc:94:d8:81:ff:1e:97:80:03:5d:02:37:1a:98:35:5b:
c0:87:0a:26:50:86:6d:f5:72:de:d9:1a:51:e8:f1:ea:c4:56:
f1:28:80:ab:54:76:8b:ca:2a:8d:be:9c:29:e5:3e:14:0d:95:
b4:a9:71:7b:40:8d:cf:06:14:68:3f:f0:9c:2b:b5:9c:68:da:
13:a8:1e:88:d6:2e:5c:4c:13:ed:93:95:ab:73:c0:07:1e:63:
ee:33:af:ef
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ0Kpm1fJG9eguiNLYDLRMVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzIwMDk0OTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzg5ZjdiNzBkZTAwYzU1MjA4MDZkZDhjZWYwNjU1YjQxMzg3ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf9np+NXm3H/kDGItbnyCYfZGPTl
48R7cxzEexbPuWK2mDRzodmZiQwy0aUH5f3ruhnU3ITb11zgaVDIk0KzJoJqBKmC
NE32Y6GvYXRAzPDuYCOM/rcUwi4hEtym9H8fXaWnlFAihU8usOf7R9pxBnFKTy3X
Dp3GpOO1jOeV0mpNVNjqLiAiXaP3GwcPiDXjr5K6+2CCyGUQRJ/2EoGLJZcVzGap
quMkP4nrYaQ09Al+6Eg/vBanbBiEfNUDce4nI6IjX49Vfpo/fwhmefrRoSRApBVC
OyZRojJzRG4zzpw4evRY+//yj9nIzEUmC7Xjw8fOipTIJvZykrsh/NaLBwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHeJ97cN4AxVIIBt2M7wZVtBOH0qMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZDRuM3R3M2dERlVnZ0czWXp2QmxXMEU0ZlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOTAwQA
BeccAwQABectAwQATVoGAwQATVoTAwQATVorAwQATVotAwQAVV0JAwQAWZAIAwQA
WZA1MA0GCSqGSIb3DQEBCwUAA4IBAQAavX38fgl0Jh+OAqLXLCe1mGB2pELXGcjF
TueU2iBZ9KonGCgjrh3tAJUaMASaGCyJGVnkbeskHDWvEPcEA3hR8z226zZ3r6ID
PcGKIrfoVXhJm1pxYdeTO8+PZVpUX6gXfdpS60zvlyU6do9qnUA+xD1cd0OgjbSO
wJLoFIEPewuc9Qk4iyyqxp2x+3PaJIyWb9lHc6HxYDXxekN6nFvHx4ZTdLyU2IH/
HpeAA10CNxqYNVvAhwomUIZt9XLe2RpR6PHqxFbxKICrVHaLyiqNvpwp5T4UDZW0
qXF7QI3PBhRoP/CcK7WcaNoTqB6I1i5cTBPtk5Wrc8AHHmPuM6/v
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:11:43 2026 by rpki-client