Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/c3J2WzKnBz8n6vexcL4R4WC_FbU.roa
File: c3J2WzKnBz8n6vexcL4R4WC_FbU.roa (raw, json)
Hash identifier: +v+CTa6TJGoOCG2ben4CXihFgljD0NuOUaaiNhNFVkc=
Subject key identifier: 73:72:76:5B:32:A7:07:3F:27:EA:F7:B1:70:BE:11:E1:60:BF:15:B5
Certificate issuer: /CN=0bfa7348d6c1d7186328328720730f684fa20edc
Certificate serial: 019C8E8ACC0FD382AA6AA8EAC46F7C6651BF
Authority key identifier: 0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/c3J2WzKnBz8n6vexcL4R4WC_FbU.roa
Signing time: Tue 24 Feb 2026 07:26:26 +0000
ROA not before: Tue 24 Feb 2026 07:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13208
IP address blocks: 81.20.176.0/20 maxlen: 24
185.57.212.0/22 maxlen: 22
213.133.193.0/24 maxlen: 24
213.133.194.0/24 maxlen: 24
213.133.195.0/24 maxlen: 24
213.133.196.0/24 maxlen: 24
213.133.197.0/24 maxlen: 24
213.133.198.0/24 maxlen: 24
213.133.199.0/24 maxlen: 24
213.133.201.0/24 maxlen: 24
213.133.202.0/24 maxlen: 24
213.133.203.0/24 maxlen: 24
213.133.207.0/24 maxlen: 24
213.133.208.0/22 maxlen: 22
213.133.213.0/24 maxlen: 24
213.133.214.0/24 maxlen: 24
213.133.215.0/24 maxlen: 24
213.133.216.0/24 maxlen: 24
213.133.217.0/24 maxlen: 24
213.133.218.0/24 maxlen: 24
213.133.219.0/24 maxlen: 24
213.133.220.0/24 maxlen: 24
213.133.221.0/24 maxlen: 24
213.133.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft
rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:8a:cc:0f:d3:82:aa:6a:a8:ea:c4:6f:7c:66:51:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfa7348d6c1d7186328328720730f684fa20edc
Validity
Not Before: Feb 24 07:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7372765b32a7073f27eaf7b170be11e160bf15b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c0:09:1b:d8:b4:0d:8e:52:c6:3d:4e:6d:5f:
7b:7d:e6:90:ca:f7:b8:38:70:ff:94:8e:e4:52:82:
0e:19:22:43:69:82:5c:cd:c5:af:87:b3:9e:4e:98:
bf:15:df:14:4f:19:93:a2:a8:34:4c:89:c7:4b:77:
3d:64:ca:1d:5c:16:2a:34:e1:b0:cc:d0:be:ab:96:
2c:79:b4:ee:47:c4:a9:d2:ca:29:dd:4f:4e:93:92:
63:9a:1d:e2:1b:39:84:57:91:f6:56:ce:74:08:fa:
90:6e:d6:6a:d3:0c:fa:80:2b:65:6f:32:80:37:8e:
d6:ea:85:79:8a:1e:8e:7b:d3:09:39:fa:5c:24:75:
82:96:31:f5:07:54:f6:e9:79:87:32:d4:81:87:d1:
b1:00:29:26:dc:6e:b3:7b:28:c7:47:dd:f9:6d:e1:
ed:ee:35:36:fc:e8:26:ae:63:9c:87:54:fe:fb:6b:
34:6e:e1:13:61:cd:a0:40:fd:e8:a7:e8:00:84:53:
80:9f:fc:b0:1d:97:c1:b3:40:48:41:73:0f:43:b8:
e7:a9:77:51:b4:09:49:ee:08:a6:54:72:78:62:42:
eb:66:a2:82:8e:bf:c4:03:82:95:9d:0a:26:8b:aa:
61:e0:ac:eb:7d:ec:31:ed:34:30:ba:a1:d0:08:00:
91:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:72:76:5B:32:A7:07:3F:27:EA:F7:B1:70:BE:11:E1:60:BF:15:B5
X509v3 Authority Key Identifier:
keyid:0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/c3J2WzKnBz8n6vexcL4R4WC_FbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.176.0/20
185.57.212.0/22
213.133.193.0-213.133.199.255
213.133.201.0-213.133.203.255
213.133.207.0-213.133.211.255
213.133.213.0-213.133.221.255
213.133.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:4e:8b:c5:9c:c2:fd:70:30:d3:f4:98:bc:db:f5:9f:98:c8:
76:4d:28:f7:fe:d9:fd:dd:f6:e9:db:2e:40:71:19:51:4e:c8:
8b:7e:8d:17:80:50:1d:6c:1b:2b:f0:d0:c2:e5:b4:b5:6c:8e:
87:83:25:9b:98:59:3f:64:3f:50:e0:11:ae:75:bc:2e:3a:e3:
65:c1:22:87:5d:be:87:b0:1e:2c:04:f2:65:b5:d7:38:9b:4d:
c8:68:ff:bb:12:04:ab:46:15:f7:22:f0:4a:c5:01:24:de:89:
bf:4e:91:40:a1:43:65:3f:73:49:e2:cc:c2:3f:9e:cf:ba:5c:
1b:4a:2a:19:e4:bf:a6:12:15:11:e9:a8:9e:a8:bb:3b:0e:19:
46:36:f5:a6:99:e5:00:6a:35:a2:aa:44:30:12:f8:fa:aa:bf:
ef:e2:ab:81:3b:c8:89:3e:52:a2:a5:63:15:0a:4e:a7:99:0e:
dd:02:d7:84:3f:8f:af:be:f1:91:d0:86:37:ab:51:01:96:a0:
8b:68:75:e2:ec:37:01:ae:1c:70:28:78:ec:3b:d7:5b:50:49:
63:9d:07:8f:52:14:92:6a:6a:28:2a:af:24:85:76:73:d4:3e:
e9:4d:ac:7e:b2:9e:48:ae:52:7b:f4:2e:b9:28:96:16:71:35:
ed:62:85:3e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZyOiswP04KqaqjqxG98ZlG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmE3MzQ4ZDZjMWQ3MTg2MzI4MzI4NzIwNzMwZjY4NGZh
MjBlZGMwHhcNMjYwMjI0MDcyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzcyNzY1YjMyYTcwNzNmMjdlYWY3YjE3MGJlMTFlMTYwYmYxNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sAJG9i0DY5Sxj1ObV97feaQyve4
OHD/lI7kUoIOGSJDaYJczcWvh7OeTpi/Fd8UTxmToqg0TInHS3c9ZModXBYqNOGw
zNC+q5YsebTuR8Sp0sop3U9Ok5Jjmh3iGzmEV5H2Vs50CPqQbtZq0wz6gCtlbzKA
N47W6oV5ih6Oe9MJOfpcJHWCljH1B1T26XmHMtSBh9GxACkm3G6zeyjHR935beHt
7jU2/OgmrmOch1T++2s0buETYc2gQP3op+gAhFOAn/ywHZfBs0BIQXMPQ7jnqXdR
tAlJ7gimVHJ4YkLrZqKCjr/EA4KVnQomi6ph4Kzrfewx7TQwuqHQCACRWQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHNydlsypwc/J+r3sXC+EeFgvxW1MB8GA1UdIwQY
MBaAFAv6c0jWwdcYYygyhyBzD2hPog7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2Qt
ODU3MDY2NDVlNzM0LzEvYzNKMld6S25CejhuNnZleGNMNFI0V0NfRmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2QtODU3MDY2NDVlNzM0
LzEvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQEURSwAwQC
uTnUMAwDBADVhcEDBAPVhcAwDAMEANWFyQMEAtWFyDAMAwQA1YXPAwQC1YXQMAwD
BADVhdUDBAHVhdwDBADVhd8wDQYJKoZIhvcNAQELBQADggEBAJ1Oi8Wcwv1wMNP0
mLzb9Z+YyHZNKPf+2f3d9unbLkBxGVFOyIt+jReAUB1sGyvw0MLltLVsjoeDJZuY
WT9kP1DgEa51vC4642XBIoddvoewHiwE8mW11zibTcho/7sSBKtGFfci8ErFASTe
ib9OkUChQ2U/c0nizMI/ns+6XBtKKhnkv6YSFRHpqJ6ouzsOGUY29aaZ5QBqNaKq
RDAS+Pqqv+/iq4E7yIk+UqKlYxUKTqeZDt0C14Q/j6++8ZHQhjerUQGWoItodeLs
NwGuHHAoeOw711tQSWOdB49SFJJqaigqrySFdnPUPulNrH6ynkiuUnv0LrkolhZx
Ne1ihT4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:43:00 2026 by rpki-client