Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iIc2NYZ-cMS_mTazwU3FUdKGRjY.roa
File: iIc2NYZ-cMS_mTazwU3FUdKGRjY.roa (raw, json)
Hash identifier: LBqEZGkLVgBx+bB48TERYSc5eOzAgXmx+WiKZwyfp5k=
Subject key identifier: 88:87:36:35:86:7E:70:C4:BF:99:36:B3:C1:4D:C5:51:D2:86:46:36
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019DC8CCF0AB7BDE6EADEA61D596F8F90F7A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iIc2NYZ-cMS_mTazwU3FUdKGRjY.roa
Signing time: Sun 26 Apr 2026 07:59:27 +0000
ROA not before: Sun 26 Apr 2026 07:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.114.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.232.0/24 maxlen: 24
88.209.233.0/24 maxlen: 24
88.209.234.0/24 maxlen: 24
88.209.235.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c8:cc:f0:ab:7b:de:6e:ad:ea:61:d5:96:f8:f9:0f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 26 07:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88873635867e70c4bf9936b3c14dc551d2864636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:43:c7:ba:16:70:c0:16:6c:23:41:7b:a4:3a:
d3:6e:93:00:9a:9d:ce:b2:8f:74:ea:d5:5d:23:8b:
0b:5b:53:82:14:b0:9e:2b:e9:02:43:0b:63:cf:e4:
5f:de:ab:e3:1d:7a:09:14:fa:9d:48:eb:29:d8:4f:
a0:8f:b3:53:ab:fa:ae:ec:a7:09:f3:4e:2f:c2:df:
68:09:92:2b:76:ec:3b:f1:ff:98:79:5f:11:d4:23:
ab:2a:e7:9a:9b:6a:af:03:6d:7c:dd:44:af:09:19:
86:4b:8b:fa:d6:d3:09:8c:bf:fa:d4:f9:8d:eb:69:
7e:32:f7:6d:56:c7:8b:12:da:8a:d5:03:11:7b:cd:
68:5e:de:6d:66:63:a2:0a:dc:e4:19:b1:89:fd:7e:
8d:6d:bf:44:d7:db:fa:1d:88:3a:d9:a4:46:6b:df:
4a:a4:fa:3c:a8:d7:c9:dc:b1:6d:5d:29:4b:10:9d:
b3:79:b3:c4:4a:6f:44:90:d3:0d:7f:96:96:4c:09:
d6:ce:82:eb:17:e0:e5:49:e4:e0:89:52:9d:96:41:
9d:45:86:5c:27:84:3e:3a:e0:59:84:29:2b:b6:2e:
45:33:8a:06:d6:3d:11:4b:92:8b:c8:cd:9b:ab:aa:
22:f3:5b:4e:f3:75:1f:21:d2:b0:dd:7d:bc:1f:cf:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:87:36:35:86:7E:70:C4:BF:99:36:B3:C1:4D:C5:51:D2:86:46:36
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iIc2NYZ-cMS_mTazwU3FUdKGRjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
88.209.203.0/24
88.209.229.0-88.209.230.255
88.209.232.0/22
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
34:91:b8:c5:d9:74:91:c4:ce:b0:5a:38:41:54:ba:e9:f2:df:
9f:af:13:07:40:41:7c:68:4c:86:f6:2e:8e:86:60:8b:bd:36:
69:d0:f0:8a:b5:e0:d1:07:f2:ad:91:01:e6:2a:73:34:fd:d8:
1c:8c:a4:60:bd:7b:e7:4b:03:28:d8:2e:03:d5:5d:c4:83:77:
8a:f5:8a:1d:cf:44:61:23:40:7e:c0:87:42:e7:3f:88:7a:42:
94:f8:30:46:01:cf:9d:cc:82:51:49:5e:f8:b3:46:0e:84:01:
41:c5:ed:f3:24:67:e8:fb:a6:6f:54:9e:8b:d5:a5:9f:d4:ee:
4e:77:73:5a:d8:0c:36:73:b0:18:5d:b4:92:68:17:2a:53:bb:
ff:a4:ef:63:fb:89:7a:ea:b0:99:33:be:b5:6a:11:63:11:92:
8d:17:52:f2:ea:35:24:11:96:4b:f4:f1:e6:6c:2f:be:79:03:
19:35:7a:61:a9:09:a1:0c:8c:29:b7:c0:f5:dc:1a:9e:78:3a:
e3:20:50:5e:f9:cb:be:31:94:25:7d:3d:44:2b:5f:2f:b2:05:
8d:d8:3e:b8:fb:de:a1:bb:f0:77:fb:17:fa:fe:25:96:77:6c:
1b:c5:45:5c:09:27:c8:87:43:bd:e0:d6:de:46:ab:21:4b:ff:
f9:24:32:cb
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ3IzPCre95ureph1Zb4+Q96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNDI2MDc1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg3MzYzNTg2N2U3MGM0YmY5OTM2YjNjMTRkYzU1MWQyODY0NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0PHuhZwwBZsI0F7pDrTbpMAmp3O
so906tVdI4sLW1OCFLCeK+kCQwtjz+Rf3qvjHXoJFPqdSOsp2E+gj7NTq/qu7KcJ
804vwt9oCZIrduw78f+YeV8R1COrKueam2qvA2183USvCRmGS4v61tMJjL/61PmN
62l+MvdtVseLEtqK1QMRe81oXt5tZmOiCtzkGbGJ/X6Nbb9E19v6HYg62aRGa99K
pPo8qNfJ3LFtXSlLEJ2zebPESm9EkNMNf5aWTAnWzoLrF+DlSeTgiVKdlkGdRYZc
J4Q+OuBZhCkrti5FM4oG1j0RS5KLyM2bq6oi81tO83UfIdKw3X28H896cwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIiHNjWGfnDEv5k2s8FNxVHShkY2MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaUljMk5ZWi1jTVNfbVRhendVM0ZVZEtHUmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABbZyAwQA
WNHLMAwDBABY0eUDBABY0eYDBAJY0egDBABY0f8DBABcNNYwDQYJKoZIhvcNAQEL
BQADggEBADSRuMXZdJHEzrBaOEFUuuny35+vEwdAQXxoTIb2Lo6GYIu9NmnQ8Iq1
4NEH8q2RAeYqczT92ByMpGC9e+dLAyjYLgPVXcSDd4r1ih3PRGEjQH7Ah0LnP4h6
QpT4MEYBz53MglFJXvizRg6EAUHF7fMkZ+j7pm9UnovVpZ/U7k53c1rYDDZzsBhd
tJJoFypTu/+k72P7iXrqsJkzvrVqEWMRko0XUvLqNSQRlkv08eZsL755Axk1emGp
CaEMjCm3wPXcGp54OuMgUF75y74xlCV9PUQrXy+yBY3YPrj73qG78Hf7F/r+JZZ3
bBvFRVwJJ8iHQ73g1t5GqyFL//kkMss=
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:00 2026 by rpki-client