Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/DPMVT21xt_FxJ1sn3UX-_U68dhM.roa
File: DPMVT21xt_FxJ1sn3UX-_U68dhM.roa (raw, json)
Hash identifier: W+9Q7HyRT/GtNJeWW1rH3dBewR4z6axBBAIPrMJ0PUU=
Subject key identifier: 0C:F3:15:4F:6D:71:B7:F1:71:27:5B:27:DD:45:FE:FD:4E:BC:76:13
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 019D160A576D7256EBE3BD5FBE19D7B0572B
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/DPMVT21xt_FxJ1sn3UX-_U68dhM.roa
Signing time: Sun 22 Mar 2026 14:54:29 +0000
ROA not before: Sun 22 Mar 2026 14:54:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207567
IP address blocks: 81.90.17.0/24 maxlen: 24
81.90.21.0/24 maxlen: 24
81.90.22.0/24 maxlen: 24
81.90.25.0/24 maxlen: 24
81.90.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:16:0a:57:6d:72:56:eb:e3:bd:5f:be:19:d7:b0:57:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Mar 22 14:54:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0cf3154f6d71b7f171275b27dd45fefd4ebc7613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:10:3f:b0:90:4a:25:fc:55:0a:5a:48:8b:2b:
e3:2c:6a:16:48:d3:f6:0c:13:8c:93:66:ce:7c:05:
2f:9b:bc:46:61:52:c2:62:c3:77:05:e7:bc:be:0e:
78:c4:1d:7a:de:f0:90:a4:a7:9f:7f:17:fd:2f:6e:
56:8a:54:34:76:5b:54:a4:80:82:8d:b0:95:80:2b:
72:ed:49:a9:e5:d0:20:74:02:d1:91:0a:59:32:51:
16:72:9a:73:dc:d7:2b:d8:5c:5a:c7:b7:5b:dc:7c:
63:51:66:ea:30:3f:42:20:a5:b1:f7:0a:74:3e:6d:
60:09:9f:59:33:2a:3a:9f:27:ab:61:c0:6f:97:db:
86:32:59:f5:65:b1:26:1a:c8:e0:3d:5b:72:63:4f:
9e:ca:c9:88:c8:a8:6f:40:54:e3:ca:3a:88:b0:b8:
54:e8:ac:dd:80:0d:ac:9d:1a:6e:fb:28:be:97:e2:
a9:d5:33:15:97:bf:40:de:6a:c6:23:3f:ac:65:f7:
f9:f1:a6:d3:77:ae:ff:a1:f2:bf:bd:c4:2f:11:09:
63:a0:d2:ee:8b:c0:a3:e5:4e:41:3a:f2:15:c9:7d:
83:09:03:38:3d:a8:30:f3:e7:b8:7e:02:40:7b:1d:
a3:4c:70:9d:53:b2:60:d1:5c:f6:51:d4:50:c5:4a:
ca:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F3:15:4F:6D:71:B7:F1:71:27:5B:27:DD:45:FE:FD:4E:BC:76:13
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/DPMVT21xt_FxJ1sn3UX-_U68dhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.17.0/24
81.90.21.0-81.90.22.255
81.90.25.0/24
81.90.28.0/24
Signature Algorithm: sha256WithRSAEncryption
68:44:ad:e1:cd:3e:f1:3f:ff:53:d8:33:b3:40:9b:c5:77:ff:
e2:a6:d0:a6:dd:8b:23:23:eb:81:30:e1:7f:63:33:f9:ba:9b:
7c:4c:2c:df:a8:98:5c:92:e5:a0:7e:89:66:52:bc:79:e4:92:
6c:d4:0c:a2:29:ba:ea:d3:2d:f7:b6:de:2e:bd:19:87:c0:bb:
e0:d0:71:d1:e0:a9:5e:06:51:52:5b:e8:e6:cd:47:5b:0f:4e:
a2:12:0c:79:ba:75:0f:5a:78:94:f5:c4:7e:67:a9:7b:ea:ad:
1a:de:41:55:66:0c:9a:7f:9c:e6:f9:bd:b6:d3:f3:f8:ca:fc:
55:8b:e9:14:aa:ac:47:51:f2:92:d1:23:7a:b6:08:ee:52:37:
da:59:61:c0:c9:f4:ba:d6:1e:18:b5:94:6b:68:a7:8b:04:51:
d5:fc:65:f5:18:b8:fe:46:ce:2b:e4:35:06:86:fc:3b:ba:99:
40:de:60:37:a1:ca:87:be:ad:44:20:be:1e:f9:01:d6:3d:c6:
5c:bb:07:00:ec:25:c6:fa:5f:12:e9:1e:23:82:54:70:af:a8:
a2:0d:19:fb:8d:25:52:67:62:60:0d:e9:84:73:bb:70:6a:1e:
ec:8d:81:74:58:3f:44:a4:0a:de:3b:8e:a3:4d:2d:5a:a9:c2:
02:42:f0:99
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0WCldtclbr471fvhnXsFcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjYwMzIyMTQ1NDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2YzMTU0ZjZkNzFiN2YxNzEyNzViMjdkZDQ1ZmVmZDRlYmM3NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRA/sJBKJfxVClpIiyvjLGoWSNP2
DBOMk2bOfAUvm7xGYVLCYsN3Bee8vg54xB163vCQpKeffxf9L25WilQ0dltUpICC
jbCVgCty7Ump5dAgdALRkQpZMlEWcppz3Ncr2Fxax7db3HxjUWbqMD9CIKWx9wp0
Pm1gCZ9ZMyo6nyerYcBvl9uGMln1ZbEmGsjgPVtyY0+eysmIyKhvQFTjyjqIsLhU
6KzdgA2snRpu+yi+l+Kp1TMVl79A3mrGIz+sZff58abTd67/ofK/vcQvEQljoNLu
i8Cj5U5BOvIVyX2DCQM4Pagw8+e4fgJAex2jTHCdU7Jg0Vz2UdRQxUrKqwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAzzFU9tcbfxcSdbJ91F/v1OvHYTMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvRFBNVlQyMXh0X0Z4SjFzbjNVWC1fVTY4ZGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUVoRMAwD
BABRWhUDBABRWhYDBABRWhkDBABRWhwwDQYJKoZIhvcNAQELBQADggEBAGhEreHN
PvE//1PYM7NAm8V3/+Km0KbdiyMj64Ew4X9jM/m6m3xMLN+omFyS5aB+iWZSvHnk
kmzUDKIpuurTLfe23i69GYfAu+DQcdHgqV4GUVJb6ObNR1sPTqISDHm6dQ9aeJT1
xH5nqXvqrRreQVVmDJp/nOb5vbbT8/jK/FWL6RSqrEdR8pLRI3q2CO5SN9pZYcDJ
9LrWHhi1lGtop4sEUdX8ZfUYuP5GzivkNQaG/Du6mUDeYDehyoe+rUQgvh75AdY9
xly7BwDsJcb6XxLpHiOCVHCvqKINGfuNJVJnYmAN6YRzu3BqHuyNgXRYP0SkCt47
jqNNLVqpwgJC8Jk=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:17:18 2026 by rpki-client