Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Dg9bacsnmRwjMXto7W-Z_VpAhj4.roa
File: Dg9bacsnmRwjMXto7W-Z_VpAhj4.roa (raw, json)
Hash identifier: jIrbwjlqaHyzGh0fUWHyHV0LKH+qivsn7KHBeW54+qc=
Subject key identifier: 0E:0F:5B:69:CB:27:99:1C:23:31:7B:68:ED:6F:99:FD:5A:40:86:3E
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019CFCFB3E1C8F0F867773B79AF4CC5D4CEF
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Dg9bacsnmRwjMXto7W-Z_VpAhj4.roa
Signing time: Tue 17 Mar 2026 18:07:29 +0000
ROA not before: Tue 17 Mar 2026 18:07:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205090
IP address blocks: 89.44.86.0/24 maxlen: 24
89.44.87.0/24 maxlen: 24
91.200.12.0/24 maxlen: 24
91.200.13.0/24 maxlen: 24
95.81.121.0/24 maxlen: 24
95.81.122.0/24 maxlen: 24
103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
104.128.130.0/24 maxlen: 24
104.128.133.0/24 maxlen: 24
104.128.134.0/24 maxlen: 24
104.128.135.0/24 maxlen: 24
109.69.62.0/24 maxlen: 24
109.69.63.0/24 maxlen: 24
135.136.178.0/24 maxlen: 24
135.136.179.0/24 maxlen: 24
135.136.190.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.128.104.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fc:fb:3e:1c:8f:0f:86:77:73:b7:9a:f4:cc:5d:4c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 17 18:07:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e0f5b69cb27991c23317b68ed6f99fd5a40863e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bf:49:d5:1d:8c:a2:c1:9c:a8:a7:95:cb:e7:
b0:ec:51:65:a1:00:d8:ac:f4:7c:f8:15:68:58:47:
e5:64:85:9c:48:81:66:23:f6:bd:29:fa:56:0e:a1:
7f:56:bc:71:65:3f:43:ed:47:0f:cb:9c:bb:c7:1d:
72:9e:d2:28:e9:ea:fc:1c:92:9b:bf:d6:f2:a2:9a:
1f:ca:7c:cd:bd:f2:09:8c:6a:6c:c3:a3:e3:63:58:
ad:05:88:8d:09:7d:69:8a:8a:c7:02:91:4e:99:09:
47:a5:13:6c:96:19:0f:dc:7b:88:39:56:e2:9e:60:
22:6b:e1:56:cf:d9:45:06:da:06:82:99:0f:e8:b9:
3b:42:dd:f1:a1:e1:e0:8b:ca:55:c8:ab:55:7a:3b:
57:3d:a2:40:22:f0:fe:6d:a5:cb:4c:23:6c:d5:ee:
db:f5:91:a5:e7:94:5d:22:6d:89:a7:8d:f2:f8:91:
b5:25:fe:5a:75:b2:c0:c1:e5:4b:ac:d2:90:5a:33:
90:d7:75:3c:eb:2a:8c:82:2a:e6:9c:dc:b6:cf:a8:
03:76:7b:f6:4b:a7:3f:67:cc:7c:65:c4:26:12:2a:
44:82:91:31:84:37:a1:fb:23:dd:ed:66:2e:09:5a:
4e:19:e2:7a:0e:e3:e7:a4:28:6d:48:0c:5d:02:85:
a4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0F:5B:69:CB:27:99:1C:23:31:7B:68:ED:6F:99:FD:5A:40:86:3E
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Dg9bacsnmRwjMXto7W-Z_VpAhj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.86.0/23
91.200.12.0/23
95.81.121.0-95.81.122.255
103.71.20.0/23
104.128.130.0/24
104.128.133.0-104.128.135.255
109.69.62.0/23
135.136.178.0/23
135.136.190.0/24
185.105.88.0/22
185.128.104.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:4b:e0:26:5c:d7:bb:f6:2a:54:fd:97:c1:f1:a0:52:a3:46:
fc:a7:62:a4:f5:34:3c:55:e5:5b:76:9a:86:82:b3:e3:c0:df:
e2:f0:8e:9c:3e:47:8f:d7:cb:92:c0:52:e4:99:61:17:71:82:
58:dd:ba:04:dc:e3:af:f8:14:66:39:94:d0:ab:e9:f6:5b:d1:
9a:83:c6:8c:0a:76:c2:99:e8:8f:54:ff:2a:75:ae:20:7d:9a:
c7:8c:f8:a4:2b:d7:c3:81:d4:60:2b:22:4e:17:12:be:2a:4a:
47:87:95:1e:27:cd:fe:15:27:62:44:96:dd:85:37:b7:e2:a6:
d4:32:e8:01:0a:80:30:27:12:2d:c5:81:02:5e:ce:77:da:80:
33:0d:17:41:b3:a5:80:16:b6:4b:6d:b1:c6:b7:eb:4f:11:0e:
c6:47:07:60:d8:18:d8:6a:3f:79:43:fd:a2:0f:4b:10:4b:ad:
a2:ad:72:cb:bc:ee:29:ac:7c:b0:4a:e4:96:15:63:96:71:a1:
d4:78:2d:7a:9d:cb:05:2b:eb:c3:8d:e2:66:36:61:36:0b:66:
c9:ed:b2:48:d6:a2:6a:66:9d:fe:7d:23:4d:20:fc:4a:5a:57:
5b:30:03:21:5e:c8:c6:67:c5:e8:79:c1:c7:60:cf:51:6e:36:
bc:58:86:95
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZz8+z4cjw+Gd3O3mvTMXUzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMzE3MTgwNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTBmNWI2OWNiMjc5OTFjMjMzMTdiNjhlZDZmOTlmZDVhNDA4NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA379J1R2MosGcqKeVy+ew7FFloQDY
rPR8+BVoWEflZIWcSIFmI/a9KfpWDqF/VrxxZT9D7UcPy5y7xx1yntIo6er8HJKb
v9byopofynzNvfIJjGpsw6PjY1itBYiNCX1piorHApFOmQlHpRNslhkP3HuIOVbi
nmAia+FWz9lFBtoGgpkP6Lk7Qt3xoeHgi8pVyKtVejtXPaJAIvD+baXLTCNs1e7b
9ZGl55RdIm2Jp43y+JG1Jf5adbLAweVLrNKQWjOQ13U86yqMgirmnNy2z6gDdnv2
S6c/Z8x8ZcQmEipEgpExhDeh+yPd7WYuCVpOGeJ6DuPnpChtSAxdAoWkWwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFA4PW2nLJ5kcIzF7aO1vmf1aQIY+MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvRGc5YmFjc25tUndqTVh0bzdXLVpfVnBBaGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBWSxWAwQB
W8gMMAwDBABfUXkDBABfUXoDBAFnRxQDBABogIIwDAMEAGiAhQMEA2iAgAMEAW1F
PgMEAYeIsgMEAIeIvgMEArlpWAMEArmAaDANBgkqhkiG9w0BAQsFAAOCAQEAHkvg
JlzXu/YqVP2XwfGgUqNG/KdipPU0PFXlW3aahoKz48Df4vCOnD5Hj9fLksBS5Jlh
F3GCWN26BNzjr/gUZjmU0Kvp9lvRmoPGjAp2wpnoj1T/KnWuIH2ax4z4pCvXw4HU
YCsiThcSvipKR4eVHifN/hUnYkSW3YU3t+Km1DLoAQqAMCcSLcWBAl7Od9qAMw0X
QbOlgBa2S22xxrfrTxEOxkcHYNgY2Go/eUP9og9LEEutoq1yy7zuKax8sErklhVj
lnGh1Hgtep3LBSvrw43iZjZhNgtmye2ySNaiamad/n0jTSD8SlpXWzADIV7IxmfF
6HnBx2DPUW42vFiGlQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:21:59 2026 by rpki-client