Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/rVArIBA7c1EQ5lf2j5Tvez2PtHY.roa
File: rVArIBA7c1EQ5lf2j5Tvez2PtHY.roa (raw, json)
Hash identifier: cst+4x1gJZFg3aLrODDuAkaxoUmbFxOd2UVrjyQWI8Q=
Subject key identifier: AD:50:2B:20:10:3B:73:51:10:E6:57:F6:8F:94:EF:7B:3D:8F:B4:76
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 019E11A3A1A17B14BC2AC097B0CF6904D400
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/rVArIBA7c1EQ5lf2j5Tvez2PtHY.roa
Signing time: Sun 10 May 2026 11:26:36 +0000
ROA not before: Sun 10 May 2026 11:26:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211970
IP address blocks: 185.234.245.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.2.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.51.0/24 maxlen: 24
188.72.52.0/24 maxlen: 24
188.72.56.0/24 maxlen: 24
188.72.57.0/24 maxlen: 24
2a10:e880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:11:a3:a1:a1:7b:14:bc:2a:c0:97:b0:cf:69:04:d4:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: May 10 11:26:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad502b20103b735110e657f68f94ef7b3d8fb476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:88:71:72:7b:6b:eb:3f:9c:24:88:02:27:62:
ec:31:93:8d:a8:92:d0:0a:96:12:06:41:50:c3:3f:
00:49:c2:e9:1e:96:9b:d0:21:fc:10:29:0e:23:fd:
4d:c2:9b:8a:56:9d:77:72:59:54:12:1e:2f:70:70:
43:c2:69:60:98:83:b0:53:c0:5e:f1:f0:93:74:64:
5d:cf:bb:76:41:8c:1d:5c:7e:b1:df:0d:8e:c5:53:
ea:d8:d8:d8:12:c7:03:dc:bd:27:3c:a3:7b:3d:6c:
62:70:7f:f2:fe:92:f4:40:53:73:68:c4:9e:66:b5:
d7:06:3c:9b:44:32:4d:2f:d0:1f:02:cc:4f:2a:2c:
af:dc:c6:6d:36:83:e4:b7:0a:b0:e8:35:69:60:d7:
9b:70:a6:68:e9:4c:c5:d4:9e:a4:78:52:20:1d:ac:
83:3f:06:e7:47:57:91:99:9e:2e:cf:a8:94:f0:ae:
30:c3:91:9b:d1:4e:f4:7c:57:c2:9f:27:e1:17:aa:
e7:3e:df:79:bf:70:5d:4f:fd:3c:6f:9b:a6:5a:da:
28:6e:7f:fa:20:67:f1:b4:cd:5f:f1:96:c1:f4:61:
a6:8d:48:22:d4:3b:20:e6:63:d4:9b:c8:6f:9f:da:
d0:6c:49:18:6c:83:d2:34:10:0a:b7:c5:20:d2:c3:
c3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:50:2B:20:10:3B:73:51:10:E6:57:F6:8F:94:EF:7B:3D:8F:B4:76
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/rVArIBA7c1EQ5lf2j5Tvez2PtHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.245.0/24
188.72.0.0/22
188.72.51.0-188.72.52.255
188.72.56.0/23
IPv6:
2a10:e880::/48
Signature Algorithm: sha256WithRSAEncryption
06:01:2b:ae:77:8a:69:53:fa:d4:3b:f1:bb:e1:ad:12:94:3f:
ce:9d:b8:da:bd:0c:1a:bf:a4:e2:9f:6c:ab:f6:f3:6e:cc:03:
30:69:44:ab:0e:34:64:25:8c:7b:b0:e9:9f:51:fa:b3:7e:da:
86:3e:98:af:d6:3f:91:34:a9:a0:10:3e:96:69:04:d5:88:a8:
8d:47:cb:fa:80:c9:2a:7c:89:60:2a:c5:29:6d:d7:78:bb:9d:
07:90:b3:0b:5a:a8:8a:46:57:b0:f6:32:4c:63:42:4e:d9:a7:
d9:2a:c5:80:00:24:65:62:e7:b0:fe:0e:c9:2b:b2:40:33:6e:
c7:ad:cc:b8:1a:3b:30:e1:b7:b8:03:0b:c3:02:6a:40:26:d7:
1f:18:70:9f:c0:e8:d3:a9:35:78:78:fa:f7:97:ed:b8:d4:2a:
ac:9b:04:90:3c:5e:58:47:bb:91:cb:09:db:5d:5a:a1:03:b6:
7d:d3:19:72:04:ad:91:d7:bb:02:4f:40:55:30:ba:5e:95:96:
f4:17:6d:49:48:9d:55:bc:20:d8:79:04:6f:b7:af:9b:31:42:
1e:ea:c8:93:37:e3:53:23:b0:92:9d:46:d2:cd:67:97:d8:fb:
9e:ba:eb:8f:56:53:f5:0b:9f:96:23:80:8f:2b:6f:21:2a:ab:
f9:cf:ff:a9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ4Ro6GhexS8KsCXsM9pBNQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjYwNTEwMTEyNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDUwMmIyMDEwM2I3MzUxMTBlNjU3ZjY4Zjk0ZWY3YjNkOGZiNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYhxcntr6z+cJIgCJ2LsMZONqJLQ
CpYSBkFQwz8AScLpHpab0CH8ECkOI/1NwpuKVp13cllUEh4vcHBDwmlgmIOwU8Be
8fCTdGRdz7t2QYwdXH6x3w2OxVPq2NjYEscD3L0nPKN7PWxicH/y/pL0QFNzaMSe
ZrXXBjybRDJNL9AfAsxPKiyv3MZtNoPktwqw6DVpYNebcKZo6UzF1J6keFIgHayD
PwbnR1eRmZ4uz6iU8K4ww5Gb0U70fFfCnyfhF6rnPt95v3BdT/08b5umWtoobn/6
IGfxtM1f8ZbB9GGmjUgi1Dsg5mPUm8hvn9rQbEkYbIPSNBAKt8Ug0sPDMQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFK1QKyAQO3NREOZX9o+U73s9j7R2MB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvclZBcklCQTdjMUVRNWxmMmo1VHZlejJQdEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQAuer1AwQC
vEgAMAwDBAC8SDMDBAC8SDQDBAG8SDgwDwQCAAIwCQMHACoQ6IAAADANBgkqhkiG
9w0BAQsFAAOCAQEABgErrneKaVP61Dvxu+GtEpQ/zp242r0MGr+k4p9sq/bzbswD
MGlEqw40ZCWMe7Dpn1H6s37ahj6Yr9Y/kTSpoBA+lmkE1YiojUfL+oDJKnyJYCrF
KW3XeLudB5CzC1qoikZXsPYyTGNCTtmn2SrFgAAkZWLnsP4OySuyQDNux63MuBo7
MOG3uAMLwwJqQCbXHxhwn8Do06k1eHj695ftuNQqrJsEkDxeWEe7kcsJ211aoQO2
fdMZcgStkde7Ak9AVTC6XpWW9BdtSUidVbwg2HkEb7evmzFCHurIkzfjUyOwkp1G
0s1nl9j7nrrrj1ZT9QufliOAjytvISqr+c//qQ==
-----END CERTIFICATE-----
Generated at Wed May 13 03:52:53 2026 by rpki-client