Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/p38nf1_J-hf5pJoRzzg0ttvCGMc.roa
File: p38nf1_J-hf5pJoRzzg0ttvCGMc.roa (raw, json)
Hash identifier: VNYm4Y42SOlQ9dXOHkzUE+m/pzdyaj+7nbqcjEjzt8M=
Subject key identifier: A7:7F:27:7F:5F:C9:FA:17:F9:A4:9A:11:CF:38:34:B6:DB:C2:18:C7
Certificate issuer: /CN=2d3c3987e7c34b366aa0f09c40ea4c80bfed0e01
Certificate serial: 019D1C09D2C2D17779B096032C7D1F404A3E
Authority key identifier: 2D:3C:39:87:E7:C3:4B:36:6A:A0:F0:9C:40:EA:4C:80:BF:ED:0E:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/p38nf1_J-hf5pJoRzzg0ttvCGMc.roa
Signing time: Mon 23 Mar 2026 18:51:38 +0000
ROA not before: Mon 23 Mar 2026 18:51:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199458
IP address blocks: 194.150.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:09:d2:c2:d1:77:79:b0:96:03:2c:7d:1f:40:4a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d3c3987e7c34b366aa0f09c40ea4c80bfed0e01
Validity
Not Before: Mar 23 18:51:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a77f277f5fc9fa17f9a49a11cf3834b6dbc218c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:24:b9:a4:82:6d:91:39:40:ad:b8:f0:3d:
12:64:11:73:50:b0:c1:09:cc:09:9c:2c:09:24:ed:
a6:f5:9a:f1:cb:ff:9e:4f:9a:4d:c0:11:c8:4a:d1:
6e:62:b1:a8:fb:ef:8e:25:00:fe:22:9c:be:2c:8f:
f5:ef:cc:dc:79:a7:d4:8d:c6:2b:31:83:6c:d9:51:
15:2f:2b:fa:7e:14:c8:9b:26:5a:e9:e0:54:4f:68:
b9:6d:c4:32:be:f9:94:48:7b:c8:0c:06:a8:1c:18:
43:33:6c:8d:1f:11:48:21:88:9d:da:03:66:b9:bf:
47:9d:c2:6c:3a:7f:63:b6:f2:4a:ed:a2:b0:f1:11:
66:19:31:ca:83:59:bc:69:1c:3e:80:c6:83:8b:8f:
03:5d:0d:94:43:61:7d:b2:21:a3:7d:ec:3d:0b:6d:
2f:97:3e:7b:58:bb:c0:01:01:24:4d:7b:78:30:e5:
83:57:6e:08:fd:65:1a:c6:d9:fb:ea:80:51:f5:f2:
6b:c1:8e:0f:e5:db:f0:1a:34:09:75:f3:b0:e9:08:
ec:c2:03:37:48:29:3f:86:06:02:35:4f:0d:9e:f8:
06:5e:fa:60:9d:94:f7:87:05:e3:9c:53:65:5b:09:
ef:87:62:86:f0:a9:8c:f1:a8:1b:89:c2:82:33:80:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:7F:27:7F:5F:C9:FA:17:F9:A4:9A:11:CF:38:34:B6:DB:C2:18:C7
X509v3 Authority Key Identifier:
keyid:2D:3C:39:87:E7:C3:4B:36:6A:A0:F0:9C:40:EA:4C:80:BF:ED:0E:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/p38nf1_J-hf5pJoRzzg0ttvCGMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.75.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:0a:90:5e:dd:46:3c:58:a2:eb:d3:d6:2a:9a:ea:07:1f:db:
3e:7d:29:d4:c8:46:25:a9:1e:37:50:ba:12:81:3d:a8:d1:49:
2b:c1:37:5f:36:5d:66:7f:c4:d2:4d:a4:62:2a:82:5e:9b:77:
47:25:90:10:d6:ed:80:61:bb:f3:83:2c:75:bf:4c:60:36:d7:
74:fb:97:aa:8f:37:04:ad:a8:66:ab:0c:dd:5e:ec:16:03:56:
7e:62:6a:7f:1d:88:5d:c6:90:86:7d:bd:4b:8b:05:93:45:e0:
a0:54:61:38:27:a3:fb:71:91:01:41:b1:f9:9f:25:28:c9:c4:
a3:2a:b3:9e:27:9c:05:e2:9a:60:86:4d:55:fc:26:51:a8:b1:
e8:8c:81:4f:d6:6d:3c:67:eb:f7:4a:09:7c:84:f0:f5:d3:3b:
16:d4:14:98:a8:cd:e7:e7:0e:3b:7b:5a:ef:de:49:bc:57:ed:
65:de:4f:27:f4:40:fb:ae:11:46:aa:67:3a:25:61:a3:f3:02:
4f:ae:37:d2:6b:53:d6:5f:d9:fc:76:69:9e:34:44:da:e5:97:
08:87:10:76:f0:5c:e0:93:a4:00:c4:ec:10:82:ff:3b:9c:8b:
ea:ed:f5:18:7f:2b:27:5e:f5:5c:24:fc:73:92:d1:72:01:29:
c8:8a:4b:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0cCdLC0Xd5sJYDLH0fQEo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkM2MzOTg3ZTdjMzRiMzY2YWEwZjA5YzQwZWE0YzgwYmZl
ZDBlMDEwHhcNMjYwMzIzMTg1MTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdmMjc3ZjVmYzlmYTE3ZjlhNDlhMTFjZjM4MzRiNmRiYzIxOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZQkuaSCbZE5QK248D0SZBFzULDB
CcwJnCwJJO2m9Zrxy/+eT5pNwBHIStFuYrGo+++OJQD+Ipy+LI/178zceafUjcYr
MYNs2VEVLyv6fhTImyZa6eBUT2i5bcQyvvmUSHvIDAaoHBhDM2yNHxFIIYid2gNm
ub9HncJsOn9jtvJK7aKw8RFmGTHKg1m8aRw+gMaDi48DXQ2UQ2F9siGjfew9C20v
lz57WLvAAQEkTXt4MOWDV24I/WUaxtn76oBR9fJrwY4P5dvwGjQJdfOw6QjswgM3
SCk/hgYCNU8NnvgGXvpgnZT3hwXjnFNlWwnvh2KG8KmM8agbicKCM4D7ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKd/J39fyfoX+aSaEc84NLbbwhjHMB8GA1UdIwQY
MBaAFC08OYfnw0s2aqDwnEDqTIC/7Q4BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFR3NWgtZkRTelpxb1BDY1FPcE1nTF90RGdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNjhhNmMtOTIxYi00ZTBiLWJhN2Ut
M2E2ZGU5OWVkZTQ3LzEvcDM4bmYxX0otaGY1cEpvUnp6ZzB0dHZDR01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNjhhNmMtOTIxYi00ZTBiLWJhN2UtM2E2ZGU5OWVkZTQ3
LzEvTFR3NWgtZkRTelpxb1BDY1FPcE1nTF90RGdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpZLMA0G
CSqGSIb3DQEBCwUAA4IBAQA/CpBe3UY8WKLr09YqmuoHH9s+fSnUyEYlqR43ULoS
gT2o0UkrwTdfNl1mf8TSTaRiKoJem3dHJZAQ1u2AYbvzgyx1v0xgNtd0+5eqjzcE
rahmqwzdXuwWA1Z+Ymp/HYhdxpCGfb1LiwWTReCgVGE4J6P7cZEBQbH5nyUoycSj
KrOeJ5wF4ppghk1V/CZRqLHojIFP1m08Z+v3Sgl8hPD10zsW1BSYqM3n5w47e1rv
3km8V+1l3k8n9ED7rhFGqmc6JWGj8wJPrjfSa1PWX9n8dmmeNETa5ZcIhxB28Fzg
k6QAxOwQgv87nIvq7fUYfysnXvVcJPxzktFyASnIiktn
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:33 2026 by rpki-client