Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PGTvnKftZ3xr9Q25JC3_7Csxgkk.roa
File: PGTvnKftZ3xr9Q25JC3_7Csxgkk.roa (raw, json)
Hash identifier: 1/pX7y8YREMA40M22dLhjms8EaR4btTppA9kA42/s9E=
Subject key identifier: 3C:64:EF:9C:A7:ED:67:7C:6B:F5:0D:B9:24:2D:FF:EC:2B:31:82:49
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E20843CC2ABBB6F85C268439B23063EDC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PGTvnKftZ3xr9Q25JC3_7Csxgkk.roa
Signing time: Wed 13 May 2026 08:46:37 +0000
ROA not before: Wed 13 May 2026 08:46:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214668
IP address blocks: 45.8.92.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:84:3c:c2:ab:bb:6f:85:c2:68:43:9b:23:06:3e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 13 08:46:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c64ef9ca7ed677c6bf50db9242dffec2b318249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:24:d7:c1:39:50:43:72:22:7a:d6:e0:53:
0a:02:16:1e:3a:7c:53:e3:a1:4b:3d:f3:24:9f:f7:
82:67:e1:2d:b7:c9:7a:78:ae:66:42:5a:e1:41:2d:
ae:22:bc:4b:ef:03:2b:ea:a0:51:21:eb:56:88:fc:
26:cc:87:f6:f7:61:c8:48:55:3d:e5:1e:14:f6:3a:
f5:ef:41:ca:cd:35:bb:45:3c:30:6e:60:5f:0f:12:
c6:9a:e5:e2:1a:d5:29:21:b1:a1:27:a9:71:48:90:
77:61:56:39:9c:ca:35:4f:7a:78:21:1e:fa:b3:3c:
28:b2:8d:c3:d0:0c:9b:66:7c:73:ee:8a:9f:a2:fd:
0e:6e:85:a5:b2:74:55:7c:ad:69:78:d1:77:4f:de:
d2:0b:ca:2e:97:a5:f2:87:09:00:39:9d:96:f5:07:
d3:68:22:2d:61:30:52:59:57:fc:50:34:83:d8:84:
ad:da:86:6d:33:05:d4:c0:c3:ac:08:11:3d:fc:22:
da:03:7a:fb:ed:ef:da:fe:79:bc:2f:0d:c4:e9:7e:
1e:85:5b:43:99:99:91:82:b5:eb:f1:ed:f8:8b:18:
1a:9c:5b:7f:05:7a:6a:11:a4:37:2d:2b:e1:79:f5:
7b:2c:22:5c:36:94:ef:bc:ce:a0:6c:46:ea:3d:19:
cf:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:64:EF:9C:A7:ED:67:7C:6B:F5:0D:B9:24:2D:FF:EC:2B:31:82:49
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PGTvnKftZ3xr9Q25JC3_7Csxgkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.92.0/24
81.161.238.0/24
185.222.160.0/24
193.37.41.0/24
193.37.44.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f3:7e:d2:4e:4f:df:4d:8e:8a:dc:4e:8e:fd:8f:c9:de:12:
0e:43:45:bf:2d:a7:89:65:f0:81:42:9d:1a:9f:77:8f:af:eb:
35:68:e6:e9:db:28:2b:34:e2:24:2a:f0:bb:cf:54:c3:77:b3:
ad:67:94:7a:53:b8:3b:4f:83:d3:f3:be:c6:7b:5b:51:4b:31:
16:ef:82:e9:5f:98:16:50:56:99:0e:23:0f:9b:96:44:a8:13:
1b:bd:2c:88:e8:55:fa:c4:bc:e0:2d:5a:45:57:0e:44:b7:89:
4c:a9:d1:53:24:61:b2:af:cf:2a:e5:65:d4:b5:01:14:b4:c5:
18:ed:fb:42:3f:44:cb:9e:cf:76:15:ef:ec:05:39:c8:fc:9b:
bb:cc:18:bc:f3:cc:23:c1:0a:11:b9:25:b4:86:a3:9b:ae:c1:
a6:01:f7:34:bd:f9:80:bf:9c:3c:04:da:3c:f7:93:64:0a:44:
74:02:84:37:5d:46:be:56:ec:04:f3:45:2e:3e:56:b4:9d:b6:
75:02:93:58:f1:ba:5f:8c:3e:12:fa:df:94:20:2a:a8:27:d3:
43:c0:0f:14:a6:1a:21:e4:71:99:e4:69:6d:a8:bd:7a:d8:b5:
5b:98:2f:aa:72:e0:63:cc:b6:39:2a:46:fe:6f:c6:3b:8f:2e:
fa:71:ab:8e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4ghDzCq7tvhcJoQ5sjBj7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTEzMDg0NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY0ZWY5Y2E3ZWQ2NzdjNmJmNTBkYjkyNDJkZmZlYzJiMzE4MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl4k18E5UENyInrW4FMKAhYeOnxT
46FLPfMkn/eCZ+Ett8l6eK5mQlrhQS2uIrxL7wMr6qBRIetWiPwmzIf292HISFU9
5R4U9jr170HKzTW7RTwwbmBfDxLGmuXiGtUpIbGhJ6lxSJB3YVY5nMo1T3p4IR76
szwoso3D0AybZnxz7oqfov0OboWlsnRVfK1peNF3T97SC8oul6XyhwkAOZ2W9QfT
aCItYTBSWVf8UDSD2ISt2oZtMwXUwMOsCBE9/CLaA3r77e/a/nm8Lw3E6X4ehVtD
mZmRgrXr8e34ixganFt/BXpqEaQ3LSvhefV7LCJcNpTvvM6gbEbqPRnP6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxk75yn7Wd8a/UNuSQt/+wrMYJJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUEdUdm5LZnRaM3hyOVEyNUpDM183Q3N4Z2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQhcAwQA
UaHuAwQAud6gAwQAwSUpAwQAwSUsMA0GCSqGSIb3DQEBCwUAA4IBAQCo837STk/f
TY6K3E6O/Y/J3hIOQ0W/LaeJZfCBQp0an3ePr+s1aObp2ygrNOIkKvC7z1TDd7Ot
Z5R6U7g7T4PT877Ge1tRSzEW74LpX5gWUFaZDiMPm5ZEqBMbvSyI6FX6xLzgLVpF
Vw5Et4lMqdFTJGGyr88q5WXUtQEUtMUY7ftCP0TLns92Fe/sBTnI/Ju7zBi888wj
wQoRuSW0hqObrsGmAfc0vfmAv5w8BNo895NkCkR0AoQ3XUa+VuwE80UuPla0nbZ1
ApNY8bpfjD4S+t+UICqoJ9NDwA8Uphoh5HGZ5GltqL162LVbmC+qcuBjzLY5Kkb+
b8Y7jy76cauO
-----END CERTIFICATE-----
Generated at Wed May 13 13:27:53 2026 by rpki-client