Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/DmISyAPsUJZUF8-fiFzrEXhy69M.roa
File: DmISyAPsUJZUF8-fiFzrEXhy69M.roa (raw, json)
Hash identifier: TEVgv9r0sVnxKS36YRt3J8jYs1KrjVhAbf7djSDQraI=
Subject key identifier: 0E:62:12:C8:03:EC:50:96:54:17:CF:9F:88:5C:EB:11:78:72:EB:D3
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 019E1BA71ACCF150647D8FBCE41AC3734655
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/DmISyAPsUJZUF8-fiFzrEXhy69M.roa
Signing time: Tue 12 May 2026 10:06:36 +0000
ROA not before: Tue 12 May 2026 10:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212330
IP address blocks: 31.223.185.0/24 maxlen: 24
45.113.239.0/24 maxlen: 24
86.105.220.0/24 maxlen: 24
86.111.150.0/24 maxlen: 24
86.111.151.0/24 maxlen: 24
93.115.252.0/24 maxlen: 24
94.176.40.0/24 maxlen: 24
103.229.80.0/24 maxlen: 24
185.16.25.0/24 maxlen: 24
185.96.160.0/24 maxlen: 24
185.113.104.0/24 maxlen: 24
185.113.106.0/24 maxlen: 24
193.3.137.0/24 maxlen: 24
2a10:fa42::/32 maxlen: 32
2a10:fa43::/32 maxlen: 32
2a10:fa44:a00::/40 maxlen: 40
2a10:fa45::/32 maxlen: 32
2a10:fa46::/32 maxlen: 32
2a10:fa46:5::/48 maxlen: 48
2a10:fa47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:a7:1a:cc:f1:50:64:7d:8f:bc:e4:1a:c3:73:46:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: May 12 10:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e6212c803ec50965417cf9f885ceb117872ebd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:85:27:10:60:44:ce:b6:12:b2:13:80:7a:f3:
46:93:07:83:3a:c7:68:9e:07:38:4c:65:83:3a:0a:
73:85:af:89:82:8f:ed:5b:ca:ff:07:d9:76:f9:74:
e0:aa:e7:69:e8:87:2a:e9:1f:d1:65:84:df:c7:39:
85:20:6b:87:54:c0:00:2a:9a:32:4f:62:8e:74:1c:
9e:a1:08:ec:19:9b:a6:23:da:cc:eb:00:a1:12:7d:
fb:3e:a7:85:bf:d1:da:58:6a:0d:8f:1e:d2:35:5d:
e6:b5:f8:32:cc:3d:a4:76:14:87:5f:c0:78:b0:5b:
04:69:19:cd:16:01:0e:1d:3e:93:42:08:ee:7f:d8:
d8:97:27:9d:6a:8f:4c:d4:ef:8c:7c:4f:2e:24:be:
d1:0f:4d:11:7f:3e:d9:0a:66:06:38:62:13:19:b5:
65:76:d8:01:75:08:ea:cb:b0:1e:6d:0e:a1:c8:1c:
39:07:96:56:cb:18:e9:41:9d:a2:37:74:98:7f:68:
bd:6a:1d:28:c1:67:80:ac:3c:a2:b8:a4:9a:bc:c2:
c5:b3:1a:8f:f6:ec:88:3e:7b:dc:d8:69:7f:93:2d:
76:1f:73:37:f5:06:8a:1e:0d:68:63:89:64:d2:26:
0d:1d:d9:26:0c:f6:df:2b:6d:1c:31:7c:5e:93:f7:
c3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:62:12:C8:03:EC:50:96:54:17:CF:9F:88:5C:EB:11:78:72:EB:D3
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/DmISyAPsUJZUF8-fiFzrEXhy69M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
45.113.239.0/24
86.105.220.0/24
86.111.150.0/23
93.115.252.0/24
94.176.40.0/24
103.229.80.0/24
185.16.25.0/24
185.96.160.0/24
185.113.104.0/24
185.113.106.0/24
193.3.137.0/24
IPv6:
2a10:fa42::/31
2a10:fa44:a00::/40
2a10:fa45::-2a10:fa47:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cd:73:bc:29:b6:6a:e3:82:26:73:3f:6e:89:43:13:8a:71:96:
78:d3:eb:e3:04:0f:ea:e7:cd:f2:36:73:61:60:b2:92:a7:6d:
c8:84:02:33:60:36:aa:f0:fd:72:b0:a2:7e:8e:c8:c9:f2:3f:
d8:96:9d:a3:af:87:b6:68:23:18:4b:19:73:23:ed:26:7a:10:
e1:c6:44:34:78:40:97:f3:ad:49:f3:17:1a:7d:aa:62:f9:c4:
b2:05:cf:f4:a0:79:8c:13:a1:5b:4f:bb:1c:01:3d:c0:37:f9:
0f:a0:a6:e4:3a:cc:f7:88:6b:29:9e:d6:8e:7a:ac:1c:9e:8f:
c0:e5:da:d1:95:7d:76:34:94:9d:a8:d6:08:4c:bd:f6:49:92:
1a:cd:df:e9:a6:fc:1e:a2:00:7b:7b:24:d6:43:6c:26:b0:76:
43:5c:89:89:3c:38:1b:d4:c9:39:a4:7a:5f:9b:0d:41:d1:56:
3d:9d:73:36:f3:a7:ac:19:a3:ca:81:b9:5a:67:a6:e2:f9:04:
e9:0e:22:28:4d:cb:80:29:f3:48:00:35:50:ab:6d:ca:fe:25:
ec:b5:0c:ad:2a:99:0f:1c:c3:4c:f5:0f:3d:41:8c:c1:33:7b:
10:92:eb:87:3e:79:52:c8:3d:83:16:de:20:05:e6:2b:a0:7a:
19:c1:a6:86
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZ4bpxrM8VBkfY+85BrDc0ZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjYwNTEyMTAwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTYyMTJjODAzZWM1MDk2NTQxN2NmOWY4ODVjZWIxMTc4NzJlYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4UnEGBEzrYSshOAevNGkweDOsdo
ngc4TGWDOgpzha+Jgo/tW8r/B9l2+XTgqudp6Icq6R/RZYTfxzmFIGuHVMAAKpoy
T2KOdByeoQjsGZumI9rM6wChEn37PqeFv9HaWGoNjx7SNV3mtfgyzD2kdhSHX8B4
sFsEaRnNFgEOHT6TQgjuf9jYlyedao9M1O+MfE8uJL7RD00Rfz7ZCmYGOGITGbVl
dtgBdQjqy7AebQ6hyBw5B5ZWyxjpQZ2iN3SYf2i9ah0owWeArDyiuKSavMLFsxqP
9uyIPnvc2Gl/ky12H3M39QaKHg1oY4lk0iYNHdkmDPbfK20cMXxek/fDAQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFA5iEsgD7FCWVBfPn4hc6xF4cuvTMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvRG1JU3lBUHNVSlpVRjgtZmlGenJFWGh5NjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwTgQCAAEwSAMEAB/fuQME
AC1x7wMEAFZp3AMEAVZvlgMEAF1z/AMEAF6wKAMEAGflUAMEALkQGQMEALlgoAME
ALlxaAMEALlxagMEAMEDiTAlBAIAAjAfAwUBKhD6QgMGACoQ+kQKMA4DBQAqEPpF
AwUDKhD6QDANBgkqhkiG9w0BAQsFAAOCAQEAzXO8KbZq44Imcz9uiUMTinGWeNPr
4wQP6ufN8jZzYWCykqdtyIQCM2A2qvD9crCifo7IyfI/2Jado6+HtmgjGEsZcyPt
JnoQ4cZENHhAl/OtSfMXGn2qYvnEsgXP9KB5jBOhW0+7HAE9wDf5D6Cm5DrM94hr
KZ7WjnqsHJ6PwOXa0ZV9djSUnajWCEy99kmSGs3f6ab8HqIAe3sk1kNsJrB2Q1yJ
iTw4G9TJOaR6X5sNQdFWPZ1zNvOnrBmjyoG5Wmem4vkE6Q4iKE3LgCnzSAA1UKtt
yv4l7LUMrSqZDxzDTPUPPUGMwTN7EJLrhz55Usg9gxbeIAXmK6B6GcGmhg==
-----END CERTIFICATE-----
Generated at Wed May 13 05:25:51 2026 by rpki-client