Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/0AzcAjUT9N1QB5cI07RUAHonZOs.roa
File: 0AzcAjUT9N1QB5cI07RUAHonZOs.roa (raw, json)
Hash identifier: g0trIEnIrBs+QaX8y9UPsVa9Dhsva7/upARrEo7U33o=
Subject key identifier: D0:0C:DC:02:35:13:F4:DD:50:07:97:08:D3:B4:54:00:7A:27:64:EB
Certificate issuer: /CN=d803a2c0cb253cf9b3335f0e35a708d9ae9fc986
Certificate serial: 019B7B3640FB69477DBEA7180F519B795346
Authority key identifier: D8:03:A2:C0:CB:25:3C:F9:B3:33:5F:0E:35:A7:08:D9:AE:9F:C9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AOiwMslPPmzM18ONacI2a6fyYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/0AzcAjUT9N1QB5cI07RUAHonZOs.roa
Signing time: Thu 01 Jan 2026 20:18:31 +0000
ROA not before: Thu 01 Jan 2026 20:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61373
IP address blocks: 185.9.32.0/22 maxlen: 22
185.9.32.0/23 maxlen: 23
185.9.32.0/24 maxlen: 24
185.9.33.0/24 maxlen: 24
185.9.34.0/23 maxlen: 23
185.9.34.0/24 maxlen: 24
185.9.35.0/24 maxlen: 24
185.50.20.0/22 maxlen: 22
185.50.20.0/23 maxlen: 23
185.50.20.0/24 maxlen: 24
185.50.21.0/24 maxlen: 24
185.50.22.0/23 maxlen: 23
185.50.22.0/24 maxlen: 24
185.50.23.0/24 maxlen: 24
185.119.60.0/22 maxlen: 22
185.119.60.0/23 maxlen: 23
185.119.60.0/24 maxlen: 24
185.119.61.0/24 maxlen: 24
185.119.62.0/23 maxlen: 23
185.119.62.0/24 maxlen: 24
185.119.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/2AOiwMslPPmzM18ONacI2a6fyYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/2AOiwMslPPmzM18ONacI2a6fyYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2AOiwMslPPmzM18ONacI2a6fyYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:36:40:fb:69:47:7d:be:a7:18:0f:51:9b:79:53:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d803a2c0cb253cf9b3335f0e35a708d9ae9fc986
Validity
Not Before: Jan 1 20:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d00cdc023513f4dd50079708d3b454007a2764eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cd:25:33:65:e9:62:b1:ec:af:a6:9b:3e:74:
17:ed:24:3c:af:5c:bc:e6:85:e2:11:0f:e0:2a:54:
53:5b:a6:6f:74:08:7d:f1:99:26:9e:49:f1:6e:e9:
7f:bd:13:55:05:fc:6f:d0:d1:ae:82:9b:94:77:bc:
98:4b:29:f2:78:6a:e6:13:cd:c0:04:dc:fb:16:3a:
46:04:fb:03:18:70:98:71:17:89:bb:3a:49:2f:0a:
ed:c4:39:a4:e3:13:77:ce:d3:a2:78:b8:4c:3f:9e:
ff:ab:7c:34:da:47:c0:de:e3:ac:a1:64:8a:e9:19:
56:1e:f0:57:d0:4b:5e:c7:af:d7:61:cf:41:3a:4a:
51:0b:87:f4:79:45:a5:ad:c3:7d:f9:ab:96:ff:e3:
a7:84:96:b6:08:bd:a8:5e:cd:8a:5d:17:e7:0d:b0:
f4:16:02:8b:b2:85:7d:a2:4d:df:c4:0f:5c:19:a5:
71:89:9e:01:6d:b9:ce:67:cc:24:e5:3d:60:5d:5e:
ad:cc:bb:65:cf:bf:b4:d6:6a:2b:f8:de:c7:86:39:
df:fe:1b:05:f3:eb:ea:98:31:d9:77:ea:8d:78:6d:
6e:ee:e9:3b:70:01:52:d5:eb:b3:b7:33:56:3f:57:
69:6f:d3:4a:5a:d5:75:a4:2b:c3:30:d7:4a:ac:f1:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0C:DC:02:35:13:F4:DD:50:07:97:08:D3:B4:54:00:7A:27:64:EB
X509v3 Authority Key Identifier:
keyid:D8:03:A2:C0:CB:25:3C:F9:B3:33:5F:0E:35:A7:08:D9:AE:9F:C9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AOiwMslPPmzM18ONacI2a6fyYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/0AzcAjUT9N1QB5cI07RUAHonZOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ddcfd9-d419-40dd-a0f0-8e2d212cefef/1/2AOiwMslPPmzM18ONacI2a6fyYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.32.0/22
185.50.20.0/22
185.119.60.0/22
Signature Algorithm: sha256WithRSAEncryption
96:ba:b6:ff:77:68:c2:d6:60:71:54:ea:f3:e4:af:17:d5:a0:
59:5b:4e:8e:ce:b1:0b:2e:fa:39:d3:44:3e:ce:45:1c:7d:0e:
ca:1f:18:c3:99:b3:45:6d:72:1a:b8:71:9e:e7:0c:90:0e:b7:
60:76:df:37:03:64:04:73:4a:64:11:26:a6:3d:75:a2:45:39:
ea:fd:ff:a8:a0:a0:c1:e0:2d:a3:bd:b9:81:98:fd:60:d8:02:
65:72:ed:f7:22:85:9b:ae:45:a7:2c:87:40:44:d8:b4:54:f9:
2d:14:9d:9a:41:4b:0a:88:04:60:44:79:8a:5b:48:23:ae:24:
16:32:40:93:b3:8b:56:92:3b:85:1f:d6:fa:57:05:00:d1:75:
81:50:21:e7:15:c4:16:7f:99:34:9c:5c:b9:44:22:15:0c:7f:
72:9f:de:02:b1:09:7c:ae:33:76:00:b4:2d:c3:33:37:52:ad:
88:39:6c:8b:dd:90:e0:05:4b:3c:89:64:ad:03:a3:66:1c:76:
02:7c:1c:9e:7e:b3:e2:cf:d7:89:a5:4e:dc:ca:2b:3f:27:8c:
dd:78:17:4a:8c:52:4b:88:1c:37:aa:f1:af:d4:e9:1a:d7:ab:
1e:a0:0b:b7:b0:30:84:27:2c:f6:cd:ac:3a:6a:2d:cc:be:b3:
1c:fa:eb:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt7NkD7aUd9vqcYD1GbeVNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDNhMmMwY2IyNTNjZjliMzMzNWYwZTM1YTcwOGQ5YWU5
ZmM5ODYwHhcNMjYwMTAxMjAxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBjZGMwMjM1MTNmNGRkNTAwNzk3MDhkM2I0NTQwMDdhMjc2NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA080lM2XpYrHsr6abPnQX7SQ8r1y8
5oXiEQ/gKlRTW6ZvdAh98Zkmnknxbul/vRNVBfxv0NGugpuUd7yYSynyeGrmE83A
BNz7FjpGBPsDGHCYcReJuzpJLwrtxDmk4xN3ztOieLhMP57/q3w02kfA3uOsoWSK
6RlWHvBX0Etex6/XYc9BOkpRC4f0eUWlrcN9+auW/+OnhJa2CL2oXs2KXRfnDbD0
FgKLsoV9ok3fxA9cGaVxiZ4BbbnOZ8wk5T1gXV6tzLtlz7+01mor+N7Hhjnf/hsF
8+vqmDHZd+qNeG1u7uk7cAFS1euztzNWP1dpb9NKWtV1pCvDMNdKrPGnrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNAM3AI1E/TdUAeXCNO0VAB6J2TrMB8GA1UdIwQY
MBaAFNgDosDLJTz5szNfDjWnCNmun8mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFPaXdNc2xQUG16TTE4T05hY0kyYTZmeVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kZGNmZDktZDQxOS00MGRkLWEwZjAt
OGUyZDIxMmNlZmVmLzEvMEF6Y0FqVVQ5TjFRQjVjSTA3UlVBSG9uWk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kZGNmZDktZDQxOS00MGRkLWEwZjAtOGUyZDIxMmNlZmVm
LzEvMkFPaXdNc2xQUG16TTE4T05hY0kyYTZmeVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQkgAwQC
uTIUAwQCuXc8MA0GCSqGSIb3DQEBCwUAA4IBAQCWurb/d2jC1mBxVOrz5K8X1aBZ
W06OzrELLvo500Q+zkUcfQ7KHxjDmbNFbXIauHGe5wyQDrdgdt83A2QEc0pkESam
PXWiRTnq/f+ooKDB4C2jvbmBmP1g2AJlcu33IoWbrkWnLIdARNi0VPktFJ2aQUsK
iARgRHmKW0gjriQWMkCTs4tWkjuFH9b6VwUA0XWBUCHnFcQWf5k0nFy5RCIVDH9y
n94CsQl8rjN2ALQtwzM3Uq2IOWyL3ZDgBUs8iWStA6NmHHYCfByefrPiz9eJpU7c
yis/J4zdeBdKjFJLiBw3qvGv1Oka16seoAu3sDCEJyz2zaw6ai3MvrMc+uuB
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:48:21 2026 by rpki-client