Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/z82FEt3pcMufgW4WCxzJHceETKc.roa
File: z82FEt3pcMufgW4WCxzJHceETKc.roa (raw, json)
Hash identifier: 5ZwxV3wn8Z4Xkli1EfsKloCex1LXSENEzKtm05iJtlY=
Subject key identifier: CF:CD:85:12:DD:E9:70:CB:9F:81:6E:16:0B:1C:C9:1D:C7:84:4C:A7
Certificate issuer: /CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
Certificate serial: 019CFC2B6A5666DED35BBDFB3F106FBB08CF
Authority key identifier: 2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/z82FEt3pcMufgW4WCxzJHceETKc.roa
Signing time: Tue 17 Mar 2026 14:20:29 +0000
ROA not before: Tue 17 Mar 2026 14:20:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8455
IP address blocks: 31.14.45.0/24 maxlen: 24
45.82.104.0/23 maxlen: 23
91.242.244.0/24 maxlen: 24
185.194.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/LO_eMLilizIqQx8IKe1P8ztarBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/LO_eMLilizIqQx8IKe1P8ztarBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fc:2b:6a:56:66:de:d3:5b:bd:fb:3f:10:6f:bb:08:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
Validity
Not Before: Mar 17 14:20:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cfcd8512dde970cb9f816e160b1cc91dc7844ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:21:2f:58:b8:f6:a1:56:9e:87:c6:19:e9:
f5:c2:ec:ca:27:ad:96:89:8e:43:28:2e:96:1d:36:
5a:de:ea:89:01:7b:f5:b2:c5:e2:94:f3:f4:b4:05:
7b:75:3a:6f:0d:48:67:08:59:43:48:24:6e:26:7a:
e5:93:eb:af:29:77:c1:c6:67:64:55:00:e7:10:77:
a8:b5:5e:82:52:f6:cb:7d:15:1a:ac:94:2f:1a:88:
2e:f1:e0:a3:93:4a:f1:68:a0:ea:c9:97:89:b7:f4:
84:21:6e:1d:eb:93:23:27:59:c1:da:de:6a:64:4c:
b4:4e:a7:f9:15:65:63:cd:d9:99:b5:63:94:5a:8e:
0d:67:c4:4a:d5:fd:50:8f:df:60:a0:97:c7:5c:f7:
66:b7:5d:3e:67:2b:50:26:0d:b6:ce:70:6b:2a:4e:
f9:b4:cc:9a:4f:5f:aa:b2:07:4e:cd:f4:37:03:fa:
53:ed:d8:53:ba:74:60:d5:e8:83:17:07:74:be:48:
17:c3:f9:db:19:ce:c5:85:26:14:20:7d:a0:00:8d:
c1:54:be:58:c2:4a:3b:6b:0f:e0:00:7a:8e:a8:0d:
83:d5:10:7e:1b:53:ab:17:75:9a:ae:7d:90:a8:3e:
de:df:2c:6f:b5:b6:e8:c5:c7:36:a8:13:55:9c:fe:
f2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CD:85:12:DD:E9:70:CB:9F:81:6E:16:0B:1C:C9:1D:C7:84:4C:A7
X509v3 Authority Key Identifier:
keyid:2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/z82FEt3pcMufgW4WCxzJHceETKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/LO_eMLilizIqQx8IKe1P8ztarBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.45.0/24
45.82.104.0/23
91.242.244.0/24
185.194.0.0/22
Signature Algorithm: sha256WithRSAEncryption
11:ad:9f:f3:37:22:3d:06:79:52:26:b9:20:df:3a:0a:6b:88:
cb:e0:e9:f4:1b:58:b7:c2:be:12:cf:23:63:37:69:9c:75:6b:
95:f4:75:dd:67:86:a2:80:e7:35:e1:a6:e0:73:f6:4e:9f:6b:
7a:53:52:c1:2e:34:6e:1a:a2:5f:cd:e0:26:8c:ad:b4:fb:26:
76:e0:9b:26:7a:28:fe:b5:d3:ca:30:3d:cd:2e:b0:1b:f8:e1:
d9:85:54:46:7e:a2:b3:da:23:c7:be:77:6b:e2:0b:e7:30:d2:
da:19:85:50:2d:3d:f0:d4:1c:f7:e8:10:ad:c5:05:80:53:56:
c7:8a:72:54:ee:55:b0:a1:4d:35:da:66:80:16:14:60:e4:5b:
75:0a:03:1b:d3:a0:ee:26:9b:a3:97:a4:05:4f:be:c5:d6:15:
eb:eb:a3:13:9f:e6:5d:f7:ea:e5:42:ca:32:15:a4:de:18:a3:
0f:b7:6f:41:25:ae:c2:26:57:73:db:37:e9:91:01:2a:ad:23:
b1:87:46:d0:07:38:cd:1e:a7:3d:5d:ef:d4:f8:04:82:f0:22:
5a:22:ba:b9:05:d4:7b:c4:e5:dc:2e:10:a0:45:55:3a:a5:4d:
58:dc:f3:b8:93:c8:6e:f3:9f:8d:d9:08:6c:55:01:cb:00:1a:
d1:30:b0:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZz8K2pWZt7TW737PxBvuwjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWZkZTMwYjhhNThiMzIyYTQzMWYwODI5ZWQ0ZmYzM2I1
YWFjMTgwHhcNMjYwMzE3MTQyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNkODUxMmRkZTk3MGNiOWY4MTZlMTYwYjFjYzkxZGM3ODQ0Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTwhL1i49qFWnofGGen1wuzKJ62W
iY5DKC6WHTZa3uqJAXv1ssXilPP0tAV7dTpvDUhnCFlDSCRuJnrlk+uvKXfBxmdk
VQDnEHeotV6CUvbLfRUarJQvGogu8eCjk0rxaKDqyZeJt/SEIW4d65MjJ1nB2t5q
ZEy0Tqf5FWVjzdmZtWOUWo4NZ8RK1f1Qj99goJfHXPdmt10+ZytQJg22znBrKk75
tMyaT1+qsgdOzfQ3A/pT7dhTunRg1eiDFwd0vkgXw/nbGc7FhSYUIH2gAI3BVL5Y
wko7aw/gAHqOqA2D1RB+G1OrF3Warn2QqD7e3yxvtbboxcc2qBNVnP7yswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM/NhRLd6XDLn4FuFgscyR3HhEynMB8GA1UdIwQY
MBaAFCzv3jC4pYsyKkMfCCntT/M7WqwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQt
ZmY3NjVmODUzMWQ1LzEvejgyRkV0M3BjTXVmZ1c0V0N4ekpIY2VFVEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQtZmY3NjVmODUzMWQ1
LzEvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHw4tAwQB
LVJoAwQAW/L0AwQCucIAMA0GCSqGSIb3DQEBCwUAA4IBAQARrZ/zNyI9BnlSJrkg
3zoKa4jL4On0G1i3wr4SzyNjN2mcdWuV9HXdZ4aigOc14abgc/ZOn2t6U1LBLjRu
GqJfzeAmjK20+yZ24Jsmeij+tdPKMD3NLrAb+OHZhVRGfqKz2iPHvndr4gvnMNLa
GYVQLT3w1Bz36BCtxQWAU1bHinJU7lWwoU012maAFhRg5Ft1CgMb06DuJpujl6QF
T77F1hXr66MTn+Zd9+rlQsoyFaTeGKMPt29BJa7CJldz2zfpkQEqrSOxh0bQBzjN
Hqc9Xe/U+ASC8CJaIrq5BdR7xOXcLhCgRVU6pU1Y3PO4k8hu85+N2QhsVQHLABrR
MLCg
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:42 2026 by rpki-client