Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/H3x0T_83rlo2BTe5d7dbAF2ptxg.roa
File: H3x0T_83rlo2BTe5d7dbAF2ptxg.roa (raw, json)
Hash identifier: PQJVU6JoM83KwjANErOepQ3bz3i1NBfWfLmiBsgEm0c=
Subject key identifier: 1F:7C:74:4F:FF:37:AE:5A:36:05:37:B9:77:B7:5B:00:5D:A9:B7:18
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 019D207A11FE56C8780437A78402553953CA
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/H3x0T_83rlo2BTe5d7dbAF2ptxg.roa
Signing time: Tue 24 Mar 2026 15:32:44 +0000
ROA not before: Tue 24 Mar 2026 15:32:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198193
IP address blocks: 31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.86.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:7a:11:fe:56:c8:78:04:37:a7:84:02:55:39:53:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Mar 24 15:32:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f7c744fff37ae5a360537b977b75b005da9b718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:cc:3c:0e:f6:2a:78:da:16:a2:79:a1:29:
49:e5:0e:a7:df:bc:10:9c:67:fd:4d:85:aa:e0:72:
69:bb:1d:73:8a:ee:06:66:7a:f6:3d:9e:57:43:f9:
53:d7:43:90:4e:8c:f5:85:41:68:e0:07:a2:cb:9e:
3e:1c:60:88:62:ee:59:66:ae:db:7a:4a:91:10:cb:
dd:a3:bb:af:87:19:5c:08:5c:ce:52:2e:ed:cb:de:
77:ee:6e:cf:09:9f:54:0b:bf:d1:31:c5:d3:7b:0e:
25:16:56:f1:08:5b:1f:57:53:76:fc:8a:6a:55:25:
a6:82:a2:7c:e2:04:7f:79:af:f7:e4:c2:62:fa:99:
c2:b8:5f:ab:96:74:fe:62:aa:82:b8:a8:cb:c0:1d:
68:54:24:eb:34:fe:f2:63:22:69:6b:07:40:c0:12:
24:42:f2:5a:34:a6:12:66:c1:f4:3f:99:a2:67:33:
96:cc:ad:e2:57:f6:43:79:8b:67:9b:ba:67:ba:41:
79:50:ab:d8:29:e4:4e:ff:5c:ff:bc:f7:a8:55:e9:
33:51:28:7c:65:ce:33:c7:df:5e:e9:93:70:5b:5c:
47:2b:d0:b9:06:ad:69:ed:a8:37:d9:73:88:23:50:
6c:3e:de:0a:e2:e1:6d:3f:f8:97:cd:dd:a8:86:dd:
c8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7C:74:4F:FF:37:AE:5A:36:05:37:B9:77:B7:5B:00:5D:A9:B7:18
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/H3x0T_83rlo2BTe5d7dbAF2ptxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
89.32.64.0/22
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.86.208.0/23
Signature Algorithm: sha256WithRSAEncryption
68:6e:81:ae:0c:85:11:35:f0:3e:ab:14:51:ca:83:5f:35:88:
23:45:2a:72:ae:84:a2:d4:66:79:96:76:97:22:c7:e6:59:de:
1a:a4:ec:a8:4c:5b:2c:0a:b6:3e:79:71:17:65:24:0c:17:0e:
95:37:d9:77:39:49:b8:02:57:94:c7:8f:e2:5f:46:0f:46:1a:
ee:51:d8:f9:dc:a3:2d:e6:14:75:30:0d:39:e5:44:45:f8:5a:
b8:20:75:b8:77:dc:7f:b3:d9:79:d8:cb:6e:cf:75:d7:60:44:
4d:8f:a6:24:45:40:82:24:b5:4d:0d:69:e8:1a:f1:08:e2:10:
e2:67:1a:10:24:69:bf:b5:ef:25:7d:ce:0c:40:b9:d7:ff:6d:
c6:95:77:aa:5c:7b:f9:bf:5b:85:88:97:41:53:44:c4:72:fa:
03:4c:a4:94:a4:dc:ba:40:69:ce:eb:eb:38:13:b7:b4:14:1e:
eb:5f:0d:3f:5b:0f:a2:4e:65:c3:e1:82:59:22:30:76:55:27:
e4:fc:0e:ef:3b:9b:38:b0:77:41:c0:5f:9c:8b:0c:14:b3:bb:
a0:96:ad:a3:40:5a:43:4c:7e:1b:4b:86:ee:90:b9:7e:1b:dd:
64:35:df:77:4f:23:5c:56:2a:50:69:ee:2e:91:75:dc:62:b6:
51:34:5e:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0gehH+Vsh4BDenhAJVOVPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjYwMzI0MTUzMjQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdjNzQ0ZmZmMzdhZTVhMzYwNTM3Yjk3N2I3NWIwMDVkYTliNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EHMPA72KnjaFqJ5oSlJ5Q6n37wQ
nGf9TYWq4HJpux1ziu4GZnr2PZ5XQ/lT10OQToz1hUFo4Aeiy54+HGCIYu5ZZq7b
ekqREMvdo7uvhxlcCFzOUi7ty9537m7PCZ9UC7/RMcXTew4lFlbxCFsfV1N2/Ipq
VSWmgqJ84gR/ea/35MJi+pnCuF+rlnT+YqqCuKjLwB1oVCTrNP7yYyJpawdAwBIk
QvJaNKYSZsH0P5miZzOWzK3iV/ZDeYtnm7pnukF5UKvYKeRO/1z/vPeoVekzUSh8
Zc4zx99e6ZNwW1xHK9C5Bq1p7ag32XOII1BsPt4K4uFtP/iXzd2oht3I/wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB98dE//N65aNgU3uXe3WwBdqbcYMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvSDN4MFRfODNybG8yQlRlNWQ3ZGJBRjJwdHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAH9abAwQA
JfxiAwQBJfxkAwQCWSBAAwQAnv/vAwQDoiHIAwQAuUKsAwQAuUKuAwQBuVbQMA0G
CSqGSIb3DQEBCwUAA4IBAQBoboGuDIURNfA+qxRRyoNfNYgjRSpyroSi1GZ5lnaX
IsfmWd4apOyoTFssCrY+eXEXZSQMFw6VN9l3OUm4AleUx4/iX0YPRhruUdj53KMt
5hR1MA055URF+Fq4IHW4d9x/s9l52Mtuz3XXYERNj6YkRUCCJLVNDWnoGvEI4hDi
ZxoQJGm/te8lfc4MQLnX/23GlXeqXHv5v1uFiJdBU0TEcvoDTKSUpNy6QGnO6+s4
E7e0FB7rXw0/Ww+iTmXD4YJZIjB2VSfk/A7vO5s4sHdBwF+ciwwUs7uglq2jQFpD
TH4bS4bukLl+G91kNd93TyNcVipQae4ukXXcYrZRNF5h
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:18:35 2026 by rpki-client