Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/dq5CDSDynme_I6tx9l_wxsIV2U0.roa
File: dq5CDSDynme_I6tx9l_wxsIV2U0.roa (raw, json)
Hash identifier: WMzruvQFZXWiXvDSQTooQX87fCzt7f6WZXrH0D61P7E=
Subject key identifier: 76:AE:42:0D:20:F2:9E:67:BF:23:AB:71:F6:5F:F0:C6:C2:15:D9:4D
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 019DBE64BECFBBCAEC46068FCF285E43E280
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/dq5CDSDynme_I6tx9l_wxsIV2U0.roa
Signing time: Fri 24 Apr 2026 07:29:26 +0000
ROA not before: Fri 24 Apr 2026 07:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41952
IP address blocks: 91.149.192.0/24 maxlen: 24
91.149.200.0/24 maxlen: 24
91.149.231.0/24 maxlen: 24
185.228.206.0/24 maxlen: 24
193.32.193.0/24 maxlen: 24
193.32.194.0/24 maxlen: 24
193.32.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:be:64:be:cf:bb:ca:ec:46:06:8f:cf:28:5e:43:e2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Apr 24 07:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76ae420d20f29e67bf23ab71f65ff0c6c215d94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:d3:f4:39:98:8e:0a:a8:6b:86:fb:98:c5:
03:15:74:3a:b3:1f:fa:a6:2f:6d:3e:51:62:41:45:
66:79:8f:ff:d4:47:74:80:9b:9b:51:34:3f:3f:63:
ba:2e:dd:51:37:38:23:c7:b4:d1:fb:ea:9a:04:fc:
79:04:3b:2d:2a:67:55:f3:58:ad:c3:48:fb:01:f3:
18:db:45:ff:eb:3c:6c:7c:51:6c:35:6c:76:61:55:
fb:45:22:05:16:15:a6:d3:9f:74:ee:19:8f:0e:a2:
6e:d2:24:7b:4c:09:a8:7b:4d:32:7a:66:9b:2a:42:
db:86:2d:30:98:9f:06:46:12:af:5f:76:d0:6c:23:
0e:eb:cf:14:a0:c4:64:0a:38:fa:37:41:ae:b6:46:
0f:e9:3f:6b:64:dd:9d:bf:dd:45:00:57:9e:aa:10:
9a:f5:c4:81:da:80:f5:05:f6:d0:df:db:d1:f8:ae:
72:89:38:89:21:ad:a1:bb:3e:a4:ab:43:8f:83:cf:
27:d0:bb:c3:28:22:ab:eb:01:7a:41:1e:c0:00:4c:
d4:ed:e5:93:9a:29:d1:cf:0f:de:a9:5e:b9:d9:9e:
51:03:05:e7:0d:ec:19:27:f3:8c:bf:ab:d6:39:32:
28:7d:e3:c3:2a:2c:23:8e:84:c1:fc:3a:40:80:b9:
52:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AE:42:0D:20:F2:9E:67:BF:23:AB:71:F6:5F:F0:C6:C2:15:D9:4D
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/dq5CDSDynme_I6tx9l_wxsIV2U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.192.0/24
91.149.200.0/24
91.149.231.0/24
185.228.206.0/24
193.32.193.0-193.32.195.255
Signature Algorithm: sha256WithRSAEncryption
9e:b2:a2:7f:33:75:5a:51:e4:cc:47:c7:0a:23:c8:02:e9:83:
ad:89:a1:5c:05:4c:9f:29:86:fc:07:d7:da:f5:fa:c4:71:38:
6e:5d:a8:71:32:01:42:1f:cb:04:ac:9d:8a:dd:4a:7b:8a:7c:
0f:be:81:55:b6:ec:00:19:d4:91:45:1f:4c:5b:a1:9f:63:6a:
c8:8d:04:8e:f9:25:6c:29:52:72:29:47:4a:6d:91:70:30:0c:
d2:13:15:24:5b:e6:93:1b:8c:08:0f:ec:37:bf:31:9d:f1:d9:
f1:91:44:aa:4f:53:3d:55:ef:4c:0c:37:86:7a:a4:3d:02:9b:
7d:e9:94:fc:4b:c2:26:68:ff:96:7b:d4:3a:ee:8b:21:72:86:
b9:aa:c3:67:71:aa:eb:4a:f7:db:0e:ee:4d:4b:c2:00:54:3c:
66:46:2a:6a:14:29:21:56:3d:71:e2:64:dd:f4:76:3a:cc:fd:
82:31:77:ae:a0:ef:09:3c:8d:8a:4d:b6:ee:ca:1d:cb:1a:31:
08:2b:19:b4:60:8b:87:c7:0b:bc:af:a8:ca:04:34:dd:d0:8f:
27:1b:99:6b:a6:ad:7e:ad:36:cb:e4:d1:94:32:f3:ed:ba:74:
49:e0:2e:9d:85:d8:56:c2:8c:1a:2f:db:43:1e:e7:ff:d3:72:
35:c5:76:ec
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2+ZL7Pu8rsRgaPzyheQ+KAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjYwNDI0MDcyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFlNDIwZDIwZjI5ZTY3YmYyM2FiNzFmNjVmZjBjNmMyMTVkOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWfT9DmYjgqoa4b7mMUDFXQ6sx/6
pi9tPlFiQUVmeY//1Ed0gJubUTQ/P2O6Lt1RNzgjx7TR++qaBPx5BDstKmdV81it
w0j7AfMY20X/6zxsfFFsNWx2YVX7RSIFFhWm05907hmPDqJu0iR7TAmoe00yemab
KkLbhi0wmJ8GRhKvX3bQbCMO688UoMRkCjj6N0GutkYP6T9rZN2dv91FAFeeqhCa
9cSB2oD1BfbQ39vR+K5yiTiJIa2huz6kq0OPg88n0LvDKCKr6wF6QR7AAEzU7eWT
minRzw/eqV652Z5RAwXnDewZJ/OMv6vWOTIofePDKiwjjoTB/DpAgLlSxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHauQg0g8p5nvyOrcfZf8MbCFdlNMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvZHE1Q0RTRHlubWVfSTZ0eDlsX3d4c0lWMlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW5XAAwQA
W5XIAwQAW5XnAwQAueTOMAwDBADBIMEDBALBIMAwDQYJKoZIhvcNAQELBQADggEB
AJ6yon8zdVpR5MxHxwojyALpg62JoVwFTJ8phvwH19r1+sRxOG5dqHEyAUIfywSs
nYrdSnuKfA++gVW27AAZ1JFFH0xboZ9jasiNBI75JWwpUnIpR0ptkXAwDNITFSRb
5pMbjAgP7De/MZ3x2fGRRKpPUz1V70wMN4Z6pD0Cm33plPxLwiZo/5Z71DruiyFy
hrmqw2dxqutK99sO7k1LwgBUPGZGKmoUKSFWPXHiZN30djrM/YIxd66g7wk8jYpN
tu7KHcsaMQgrGbRgi4fHC7yvqMoENN3QjycbmWumrX6tNsvk0ZQy8+26dEngLp2F
2FbCjBov20Me5//TcjXFduw=
-----END CERTIFICATE-----
Generated at Wed May 13 07:14:28 2026 by rpki-client