Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/psZDdjJ8aVuqBo2PjS2zMnuI_sw.roa
File: psZDdjJ8aVuqBo2PjS2zMnuI_sw.roa (raw, json)
Hash identifier: d+Fo0+JxmFPHQ2PHXvtqqzaiCuNr46o9Qt8okNIOQEI=
Subject key identifier: A6:C6:43:76:32:7C:69:5B:AA:06:8D:8F:8D:2D:B3:32:7B:88:FE:CC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019E06E1D52BC2A329C23AB6F95F74D88C42
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/psZDdjJ8aVuqBo2PjS2zMnuI_sw.roa
Signing time: Fri 08 May 2026 09:18:43 +0000
ROA not before: Fri 08 May 2026 09:18:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.182.112.0/24 maxlen: 24
77.242.146.0/23 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.61.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.198.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.227.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.247.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:e1:d5:2b:c2:a3:29:c2:3a:b6:f9:5f:74:d8:8c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 8 09:18:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6c64376327c695baa068d8f8d2db3327b88fecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:99:f2:73:5f:c3:ee:f5:d7:bf:91:c2:e3:
89:92:83:f1:6f:90:c8:34:0f:09:4b:c4:32:9c:76:
8a:94:ab:3a:53:32:b7:5b:f7:76:db:27:14:9c:15:
24:4d:7f:ce:84:90:72:ec:e4:58:a4:88:5f:73:f2:
1f:c7:1b:ea:4a:3a:9f:84:bf:d2:f5:d3:fd:6b:d7:
d9:aa:85:88:76:18:a2:c1:50:5e:00:b0:81:66:ed:
74:2a:1a:2b:0e:fd:a4:7a:e6:c6:2a:46:d2:3a:dd:
fb:52:9b:ed:2a:95:62:f3:aa:5a:8a:c6:0c:e7:f9:
fb:21:7e:b0:ce:d7:ad:96:a5:8d:ac:e5:b3:f0:08:
28:8b:00:7b:2b:a8:1e:ed:8b:ea:df:af:03:b2:5a:
65:21:53:82:47:fa:c8:ef:5c:c1:1e:c9:11:77:bd:
6e:45:8f:b0:c6:00:ab:57:d8:fc:76:7c:7a:bd:86:
7f:60:f0:ea:68:96:be:8e:57:d7:6f:c5:7c:3c:80:
78:f1:fe:58:26:ce:e6:7a:e1:75:b7:ae:14:47:85:
4c:ec:49:01:e7:bb:70:16:1a:9f:64:4a:05:c6:96:
c4:ad:c0:9a:72:c3:c0:a4:dc:5b:16:c3:70:0f:13:
f6:07:af:64:6a:df:da:90:6a:01:5c:e2:95:56:bf:
fa:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C6:43:76:32:7C:69:5B:AA:06:8D:8F:8D:2D:B3:32:7B:88:FE:CC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/psZDdjJ8aVuqBo2PjS2zMnuI_sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
77.242.146.0/23
83.137.153.0/24
83.137.158.0/24
88.151.56.0/23
88.151.61.0-88.151.63.255
88.209.198.0/24
88.209.201.0/24
88.209.209.0/24
88.209.226.0/23
88.209.232.0/22
88.209.247.0/24
88.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
78:da:32:f2:5a:23:90:46:d9:d8:a7:54:9f:8f:aa:a3:c8:f1:
69:e5:99:37:ca:c7:ba:c3:75:bd:c7:40:6c:a9:f6:64:dc:4c:
7c:af:9c:a2:90:71:fc:4d:af:be:b0:c5:ce:29:8e:63:40:ee:
8d:4b:a0:35:d5:f9:90:d1:49:e9:c3:be:f4:d3:19:e6:28:8f:
83:d4:dd:4c:ae:c1:c9:67:2e:21:a0:cc:11:2e:f7:4b:0c:1e:
c0:79:b1:a8:5f:5c:81:c0:48:c0:91:eb:cb:5d:e8:03:d3:ca:
af:a3:53:23:fd:5d:52:90:8a:70:04:01:b0:50:10:69:03:14:
b3:a0:9c:b9:a0:53:19:6c:a3:3a:f0:5a:78:73:ca:e7:e5:4a:
56:37:84:9d:37:ee:4f:1e:1a:93:84:ae:66:a9:06:a9:63:dc:
ea:5b:7b:5e:59:39:7c:1b:01:51:d9:c3:d5:79:a5:02:83:e0:
f6:b3:64:c8:8a:9e:f1:e5:e0:94:25:f7:7a:5d:0f:36:c8:5a:
3a:ee:76:bc:2b:d8:11:b0:95:ce:54:a2:aa:d0:63:c0:eb:d6:
49:bc:84:a7:06:80:6a:31:2d:b0:d0:5d:41:19:74:cf:0b:3d:
3e:d8:de:f3:f1:37:6b:7c:e1:4c:f3:75:0f:a3:6b:df:10:ee:
89:0a:28:61
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ4G4dUrwqMpwjq2+V902IxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNTA4MDkxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmM2NDM3NjMyN2M2OTViYWEwNjhkOGY4ZDJkYjMzMjdiODhmZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YWZ8nNfw+7117+RwuOJkoPxb5DI
NA8JS8QynHaKlKs6UzK3W/d22ycUnBUkTX/OhJBy7ORYpIhfc/IfxxvqSjqfhL/S
9dP9a9fZqoWIdhiiwVBeALCBZu10KhorDv2keubGKkbSOt37UpvtKpVi86paisYM
5/n7IX6wztetlqWNrOWz8AgoiwB7K6ge7Yvq368DslplIVOCR/rI71zBHskRd71u
RY+wxgCrV9j8dnx6vYZ/YPDqaJa+jlfXb8V8PIB48f5YJs7meuF1t64UR4VM7EkB
57twFhqfZEoFxpbErcCacsPApNxbFsNwDxP2B69kat/akGoBXOKVVr/6TQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKbGQ3YyfGlbqgaNj40tszJ7iP7MMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcHNaRGRqSjhhVnVxQm8yUGpTMnpNbnVJX3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQABbZwAwQB
TfKSAwQAU4mZAwQAU4meAwQBWJc4MAwDBABYlz0DBAZYlwADBABY0cYDBABY0ckD
BABY0dEDBAFY0eIDBAJY0egDBABY0fcDBABY0f4wDQYJKoZIhvcNAQELBQADggEB
AHjaMvJaI5BG2dinVJ+PqqPI8WnlmTfKx7rDdb3HQGyp9mTcTHyvnKKQcfxNr76w
xc4pjmNA7o1LoDXV+ZDRSenDvvTTGeYoj4PU3UyuwclnLiGgzBEu90sMHsB5sahf
XIHASMCR68td6APTyq+jUyP9XVKQinAEAbBQEGkDFLOgnLmgUxlsozrwWnhzyufl
SlY3hJ037k8eGpOErmapBqlj3Opbe15ZOXwbAVHZw9V5pQKD4PazZMiKnvHl4JQl
93pdDzbIWjrudrwr2BGwlc5UoqrQY8Dr1km8hKcGgGoxLbDQXUEZdM8LPT7Y3vPx
N2t84UzzdQ+ja98Q7okKKGE=
-----END CERTIFICATE-----
Generated at Wed May 13 04:09:38 2026 by rpki-client