Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/DiLoOspEZ-miVIlFnPiykV7JGvU.roa
File: DiLoOspEZ-miVIlFnPiykV7JGvU.roa (raw, json)
Hash identifier: 2IDQXBT0pmiOkj8NyXZhIUPtoHmvSFqSMYQziKEr2Pg=
Subject key identifier: 0E:22:E8:3A:CA:44:67:E9:A2:54:89:45:9C:F8:B2:91:5E:C9:1A:F5
Certificate issuer: /CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Certificate serial: 019951E91B7836C10CD67BF4FE9697F62B49
Authority key identifier: FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/DiLoOspEZ-miVIlFnPiykV7JGvU.roa
Signing time: Tue 16 Sep 2025 09:44:15 +0000
ROA not before: Tue 16 Sep 2025 09:44:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211873
IP address blocks: 81.27.224.0/22 maxlen: 22
185.105.40.0/22 maxlen: 24
185.105.40.0/24 maxlen: 24
185.105.41.0/24 maxlen: 24
185.105.42.0/23 maxlen: 23
185.149.28.0/22 maxlen: 22
185.149.28.0/24 maxlen: 24
185.149.29.0/24 maxlen: 24
185.149.30.0/24 maxlen: 24
185.149.31.0/24 maxlen: 24
2a06:34c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:e9:1b:78:36:c1:0c:d6:7b:f4:fe:96:97:f6:2b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Validity
Not Before: Sep 16 09:44:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e22e83aca4467e9a25489459cf8b2915ec91af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:92:9a:b1:3b:d1:91:ad:27:01:5e:0c:29:a7:
ed:dc:47:53:12:1d:34:d1:0a:3e:ce:83:f6:77:a9:
8c:be:74:a1:0a:14:49:fc:97:5e:a3:78:cd:0d:69:
2a:0f:22:05:5b:60:58:eb:e0:8a:c3:3f:51:5e:86:
d3:c4:77:ed:4c:45:e9:38:57:eb:69:f1:35:ba:6c:
f9:ce:42:a0:e1:48:22:e2:d1:d4:29:32:b5:84:43:
26:63:2b:82:cc:f6:c4:a2:60:0b:02:e5:7a:65:5f:
39:6f:60:1f:79:31:29:0f:e4:7c:32:1c:ee:75:23:
76:12:a5:3e:7a:df:d7:a9:cc:64:f9:75:5e:a0:df:
be:c7:92:6f:d3:99:8e:3c:0c:af:ca:29:89:74:92:
cc:ec:6b:37:1f:9d:4d:3c:fc:48:58:20:5d:b0:19:
66:20:6c:45:eb:95:ad:91:f3:94:c2:8d:58:61:1e:
cd:c1:4b:52:88:54:7b:d0:fa:83:58:a1:99:4e:6f:
c7:72:a8:9f:ae:61:df:e9:a4:79:15:eb:a3:82:5f:
99:12:5b:eb:79:de:68:42:ac:d3:4b:51:cf:76:a7:
69:1f:32:92:8a:18:ac:6a:95:66:18:ea:9f:c3:fa:
fa:82:4d:10:b4:87:ba:7a:83:4a:65:11:e4:e4:84:
77:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:22:E8:3A:CA:44:67:E9:A2:54:89:45:9C:F8:B2:91:5E:C9:1A:F5
X509v3 Authority Key Identifier:
keyid:FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/DiLoOspEZ-miVIlFnPiykV7JGvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.27.224.0/22
185.105.40.0/22
185.149.28.0/22
IPv6:
2a06:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
cc:23:c5:ff:30:9d:4a:a8:55:62:57:4a:62:cf:86:98:50:f6:
98:a4:8d:11:36:e3:63:4f:0e:e3:4e:bb:62:65:86:fd:48:da:
2a:ea:77:f2:40:88:81:d4:2a:92:a5:72:1c:c3:48:49:0e:f9:
f2:06:b4:20:6f:ba:41:ee:13:7e:b1:92:c3:70:f5:e1:d9:94:
49:cc:13:11:f4:49:3c:5d:65:2c:2d:5b:7b:5b:b8:fc:4c:bb:
5a:c0:65:91:42:26:7e:06:ed:dc:a1:bc:42:75:1b:06:29:c0:
5d:4b:22:9f:66:fb:c0:98:0c:22:7f:79:b0:62:e7:5f:9c:f0:
45:93:19:a0:26:c1:7e:57:25:c3:7b:ed:ec:a1:44:20:6d:0d:
c5:24:78:4d:15:a4:bb:ea:f3:2c:7d:bc:f0:95:11:90:df:d4:
dd:12:08:e2:00:85:f2:b4:6c:8e:fb:9e:f1:d4:0f:9e:bd:cb:
bf:e3:2c:39:2f:1f:3e:1f:2b:4b:e1:5f:8c:7a:67:ab:de:8e:
e8:b5:e2:78:be:65:e7:e6:06:62:e7:b3:af:64:15:9b:40:6f:
f1:98:98:da:24:79:c1:72:5b:6f:83:89:95:a8:e1:b1:79:b2:
4c:5b:89:e4:82:89:22:ad:15:d9:8a:9d:f6:29:88:0d:42:16:
76:51:be:bb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZlR6Rt4NsEM1nv0/paX9itJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZmNkNDUxNWI0OTMwMzkyMTY3NThkZTczOGU0ZjFhZThl
MzIyNGMwHhcNMjUwOTE2MDk0NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTIyZTgzYWNhNDQ2N2U5YTI1NDg5NDU5Y2Y4YjI5MTVlYzkxYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05KasTvRka0nAV4MKaft3EdTEh00
0Qo+zoP2d6mMvnShChRJ/Jdeo3jNDWkqDyIFW2BY6+CKwz9RXobTxHftTEXpOFfr
afE1umz5zkKg4Ugi4tHUKTK1hEMmYyuCzPbEomALAuV6ZV85b2AfeTEpD+R8Mhzu
dSN2EqU+et/Xqcxk+XVeoN++x5Jv05mOPAyvyimJdJLM7Gs3H51NPPxIWCBdsBlm
IGxF65WtkfOUwo1YYR7NwUtSiFR70PqDWKGZTm/HcqifrmHf6aR5Feujgl+ZElvr
ed5oQqzTS1HPdqdpHzKSihisapVmGOqfw/r6gk0QtIe6eoNKZRHk5IR3MQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA4i6DrKRGfpolSJRZz4spFeyRr1MB8GA1UdIwQY
MBaAFPv81FFbSTA5IWdY3nOOTxro4yJMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1felVVVnRKTURraFoxamVjNDVQR3Vqaklrdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2
LTA5OGQwNGNlNTFiMi8xL0RpTG9Pc3BFWi1taVZJbEZuUGl5a1Y3Skd2VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2LTA5OGQwNGNlNTFi
Mi8xLzEtX3pVVVZ0Sk1Ea2haMWplYzQ1UEd1ampJa3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJRG+AD
BAK5aSgDBAK5lRwwDQQCAAIwBwMFAyoGNMAwDQYJKoZIhvcNAQELBQADggEBAMwj
xf8wnUqoVWJXSmLPhphQ9pikjRE242NPDuNOu2Jlhv1I2irqd/JAiIHUKpKlchzD
SEkO+fIGtCBvukHuE36xksNw9eHZlEnMExH0STxdZSwtW3tbuPxMu1rAZZFCJn4G
7dyhvEJ1GwYpwF1LIp9m+8CYDCJ/ebBi51+c8EWTGaAmwX5XJcN77eyhRCBtDcUk
eE0VpLvq8yx9vPCVEZDf1N0SCOIAhfK0bI77nvHUD569y7/jLDkvHz4fK0vhX4x6
Z6vejui14ni+ZefmBmLns69kFZtAb/GYmNokecFyW2+DiZWo4bF5skxbieSCiSKt
FdmKnfYpiA1CFnZRvrs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:53:54 2025 by rpki-client