Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/O3fR56dqfHik9Xe0cH6HKim6TKY.roa
File: O3fR56dqfHik9Xe0cH6HKim6TKY.roa (raw, json)
Hash identifier: 5jIvT1o2gnH7JBF0Cx/Aj9BJ5CVIKBgiPASB9rf2KhU=
Subject key identifier: 3B:77:D1:E7:A7:6A:7C:78:A4:F5:77:B4:70:7E:87:2A:29:BA:4C:A6
Certificate issuer: /CN=d90155c51ff2394da784a384aa717c76e3032c24
Certificate serial: 019CF2B5D8E35AE6E6D8B2F9E9E8DFA66DD9
Authority key identifier: D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/O3fR56dqfHik9Xe0cH6HKim6TKY.roa
Signing time: Sun 15 Mar 2026 18:15:29 +0000
ROA not before: Sun 15 Mar 2026 18:15:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210967
IP address blocks: 185.19.200.0/24 maxlen: 24
213.217.30.0/24 maxlen: 24
2a11:1b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 00:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f2:b5:d8:e3:5a:e6:e6:d8:b2:f9:e9:e8:df:a6:6d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90155c51ff2394da784a384aa717c76e3032c24
Validity
Not Before: Mar 15 18:15:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b77d1e7a76a7c78a4f577b4707e872a29ba4ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d3:26:37:b4:20:1e:42:0a:a3:45:64:b2:19:
31:af:5b:02:df:f5:12:dd:92:ad:d5:69:11:5f:62:
61:3f:54:1d:c7:4d:70:5f:b2:f9:de:d8:fc:48:73:
55:c8:20:fb:01:48:b6:e8:8e:30:39:9c:25:4a:48:
21:86:28:cb:10:8f:46:0d:d6:6c:d1:f2:f6:74:3b:
08:5b:da:1d:ea:63:59:8a:15:f7:94:d6:1e:ba:19:
f8:a1:67:e3:90:41:38:73:a3:64:ed:4d:a7:db:9f:
6c:44:e5:e3:a1:f6:35:41:4c:26:05:28:18:c0:d6:
54:77:4c:b5:8f:17:dd:97:c2:ba:42:e1:8d:54:e5:
15:68:1d:3b:ba:bf:38:e5:8a:1a:0d:e5:84:99:e4:
9f:bc:2f:31:14:5a:7c:0c:1e:b9:c6:d6:32:e0:9c:
17:43:83:cb:08:00:4f:45:88:e9:0f:fa:44:17:03:
b0:a4:1d:8a:40:36:3b:5d:5e:a8:0c:c3:f5:e9:f2:
ae:eb:3a:05:cd:70:21:67:a0:33:9f:07:51:20:a6:
63:22:9a:9c:11:0a:db:60:36:ac:ef:72:d3:59:83:
da:d8:4a:c1:fc:87:76:44:5e:01:c6:44:43:8c:ad:
c4:0b:9a:08:49:27:3e:e4:48:26:e5:11:5f:55:13:
19:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:77:D1:E7:A7:6A:7C:78:A4:F5:77:B4:70:7E:87:2A:29:BA:4C:A6
X509v3 Authority Key Identifier:
keyid:D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/O3fR56dqfHik9Xe0cH6HKim6TKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.200.0/24
213.217.30.0/24
IPv6:
2a11:1b00::/29
Signature Algorithm: sha256WithRSAEncryption
97:4c:a0:8e:78:97:84:2b:24:18:1f:72:29:57:81:8b:62:2c:
6e:a7:6d:23:88:a7:ab:12:f6:33:16:be:41:05:27:5c:2e:29:
3c:d5:04:18:60:7a:27:aa:39:6e:3f:49:0a:20:c8:c2:ae:1b:
bb:54:05:51:2d:c2:98:c4:78:26:a4:fa:ee:62:71:61:af:19:
f4:94:aa:cb:26:13:a6:db:9f:0d:87:52:9a:36:5f:69:31:93:
13:c3:d3:8e:b4:40:11:52:1f:4e:be:f3:0f:2f:25:76:9c:9a:
8e:1e:c2:b0:68:de:36:b6:7b:38:99:62:4f:ec:67:cd:4e:b8:
50:9e:b5:ab:93:51:d1:1e:9e:0e:ee:bc:44:5d:c2:bd:1f:01:
1f:76:e7:c9:6f:00:f3:db:8a:2f:4d:46:a1:09:3d:c1:82:1c:
7f:63:93:35:d1:1c:ce:0a:22:20:22:b0:4c:20:39:c4:fa:8f:
4b:c7:d5:96:7f:ca:2b:72:b7:83:dc:c0:5b:da:03:91:84:60:
e3:03:bb:95:89:3d:1f:50:4b:65:56:b8:77:01:1c:6c:8c:10:
26:a0:3c:de:a5:aa:3f:07:7f:39:c8:76:2f:49:60:35:5d:a2:
28:95:84:05:ea:2c:c6:a2:87:38:b0:54:69:c6:36:f8:18:77:
ee:9e:b0:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZzytdjjWubm2LL56ejfpm3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDE1NWM1MWZmMjM5NGRhNzg0YTM4NGFhNzE3Yzc2ZTMw
MzJjMjQwHhcNMjYwMzE1MTgxNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc3ZDFlN2E3NmE3Yzc4YTRmNTc3YjQ3MDdlODcyYTI5YmE0Y2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9MmN7QgHkIKo0Vkshkxr1sC3/US
3ZKt1WkRX2JhP1Qdx01wX7L53tj8SHNVyCD7AUi26I4wOZwlSkghhijLEI9GDdZs
0fL2dDsIW9od6mNZihX3lNYeuhn4oWfjkEE4c6Nk7U2n259sROXjofY1QUwmBSgY
wNZUd0y1jxfdl8K6QuGNVOUVaB07ur845YoaDeWEmeSfvC8xFFp8DB65xtYy4JwX
Q4PLCABPRYjpD/pEFwOwpB2KQDY7XV6oDMP16fKu6zoFzXAhZ6AznwdRIKZjIpqc
EQrbYDas73LTWYPa2ErB/Id2RF4BxkRDjK3EC5oISSc+5Egm5RFfVRMZYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDt30eenanx4pPV3tHB+hyopukymMB8GA1UdIwQY
MBaAFNkBVcUf8jlNp4SjhKpxfHbjAywkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYt
NDIyYmI0Mzc1M2JlLzEvTzNmUjU2ZHFmSGlrOVhlMGNINkhLaW02VEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYtNDIyYmI0Mzc1M2Jl
LzEvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuRPIAwQA
1dkeMA0EAgACMAcDBQMqERsAMA0GCSqGSIb3DQEBCwUAA4IBAQCXTKCOeJeEKyQY
H3IpV4GLYixup20jiKerEvYzFr5BBSdcLik81QQYYHonqjluP0kKIMjCrhu7VAVR
LcKYxHgmpPruYnFhrxn0lKrLJhOm258Nh1KaNl9pMZMTw9OOtEARUh9OvvMPLyV2
nJqOHsKwaN42tns4mWJP7GfNTrhQnrWrk1HRHp4O7rxEXcK9HwEfdufJbwDz24ov
TUahCT3Bghx/Y5M10RzOCiIgIrBMIDnE+o9Lx9WWf8orcreD3MBb2gORhGDjA7uV
iT0fUEtlVrh3ARxsjBAmoDzepao/B385yHYvSWA1XaIolYQF6izGooc4sFRpxjb4
GHfunrBY
-----END CERTIFICATE-----
Generated at Fri Mar 27 06:39:31 2026 by rpki-client