Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/3Di0TiYSzCwjXYoQpgJAcHSZM5o.roa
File: 3Di0TiYSzCwjXYoQpgJAcHSZM5o.roa (raw, json)
Hash identifier: 0bUN5W9Pn7GoJ8kUA2RuGBKMaH2eDvE67B8+hFkWRdk=
Subject key identifier: DC:38:B4:4E:26:12:CC:2C:23:5D:8A:10:A6:02:40:70:74:99:33:9A
Certificate issuer: /CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Certificate serial: 019D2593480455604DF7D5E2DAB69C6344E6
Authority key identifier: E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/3Di0TiYSzCwjXYoQpgJAcHSZM5o.roa
Signing time: Wed 25 Mar 2026 15:18:22 +0000
ROA not before: Wed 25 Mar 2026 15:18:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58323
IP address blocks: 31.193.108.0/22 maxlen: 24
130.255.20.0/22 maxlen: 24
164.138.192.0/21 maxlen: 24
195.177.244.0/23 maxlen: 24
2a00:bac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:93:48:04:55:60:4d:f7:d5:e2:da:b6:9c:63:44:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Validity
Not Before: Mar 25 15:18:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc38b44e2612cc2c235d8a10a60240707499339a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ec:b1:1c:d9:0a:7b:6a:8b:19:33:ea:d7:22:
00:f8:ff:3e:96:4f:51:d4:cc:63:1c:c0:bf:2e:97:
12:4b:62:9a:47:a2:89:91:f4:9e:44:aa:a4:15:2e:
9b:39:0b:7b:f4:8d:28:79:c2:da:be:3d:de:bf:db:
23:73:7f:c1:f6:9a:5c:b3:51:72:3e:6f:2d:03:bc:
9e:ed:da:76:58:e1:59:b3:42:48:0d:bc:5a:aa:b7:
81:0d:d6:34:34:d9:18:5a:28:70:26:ff:f3:07:b3:
77:ae:3f:0b:94:f5:52:ef:89:d7:f2:43:18:5f:55:
38:98:0b:89:f7:fc:72:1c:b6:07:e1:b1:7e:d7:af:
1c:70:ad:63:96:88:c7:08:a5:ce:a2:a5:b5:49:3c:
1b:21:31:10:ad:0a:67:3e:2c:fa:ab:34:2a:30:4f:
38:b7:36:eb:cc:b1:6d:83:4c:47:20:02:aa:4c:b5:
2e:f6:ad:a1:33:fa:6c:a9:33:c9:70:a1:dc:61:97:
7d:4d:dc:40:26:d3:5f:55:46:a1:5c:bc:94:3d:3c:
37:b5:87:8d:5f:fe:cd:ce:9f:5b:08:d0:38:a8:53:
51:be:7f:dc:8b:09:92:c1:9b:d8:0c:07:a5:1f:58:
b7:66:ab:30:be:ac:9b:1d:a1:1f:9c:76:de:79:03:
3c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:38:B4:4E:26:12:CC:2C:23:5D:8A:10:A6:02:40:70:74:99:33:9A
X509v3 Authority Key Identifier:
keyid:E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/3Di0TiYSzCwjXYoQpgJAcHSZM5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.108.0/22
130.255.20.0/22
164.138.192.0/21
195.177.244.0/23
IPv6:
2a00:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
69:97:8c:21:8f:46:3e:26:02:a0:aa:ea:00:a6:15:a8:f4:69:
26:83:f4:09:37:79:3e:23:3a:ee:ac:f0:02:5c:44:b3:ac:bb:
7a:7f:0d:7a:68:73:a9:51:81:ac:77:23:4a:9e:9c:fb:1b:3d:
e6:50:23:8c:8f:54:78:e9:18:35:05:72:00:13:59:cf:06:5a:
f2:78:9c:e1:4e:8b:76:0c:6f:34:91:05:bc:21:d9:c5:dc:82:
f3:10:5c:83:bb:69:05:ff:17:00:f9:cf:18:35:5e:23:bb:59:
d6:7b:f6:9d:e1:69:10:83:cf:70:f1:a5:f3:2e:2b:b8:32:00:
e2:63:6e:1d:23:a6:32:d6:6a:b1:67:23:b6:5a:7e:97:78:b9:
d8:39:86:35:7f:b0:df:b2:58:9a:c2:bd:3d:61:69:12:1d:c4:
8e:fc:d4:aa:72:2f:76:7d:5c:e2:3f:a6:33:98:bc:90:e3:d0:
a6:f8:68:18:05:87:fc:c3:c5:d0:9e:79:eb:d0:75:8d:9b:86:
c7:4c:39:76:91:7b:71:c4:f0:6a:f7:c0:65:7f:4c:6b:a8:97:
07:5b:60:65:c7:ac:ff:34:14:31:a6:a0:55:fc:d0:84:c3:2a:
18:6d:35:d6:aa:15:33:2a:e2:30:e0:89:f7:6e:77:2f:64:62:
d9:b4:de:d3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ0lk0gEVWBN99Xi2racY0TmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDU3NDcwZmQ1NmYxYjc3M2IyZTQwYWJhZWU3OWY5OTY2
ZTQ0MzYwHhcNMjYwMzI1MTUxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM4YjQ0ZTI2MTJjYzJjMjM1ZDhhMTBhNjAyNDA3MDc0OTkzMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OyxHNkKe2qLGTPq1yIA+P8+lk9R
1MxjHMC/LpcSS2KaR6KJkfSeRKqkFS6bOQt79I0oecLavj3ev9sjc3/B9ppcs1Fy
Pm8tA7ye7dp2WOFZs0JIDbxaqreBDdY0NNkYWihwJv/zB7N3rj8LlPVS74nX8kMY
X1U4mAuJ9/xyHLYH4bF+168ccK1jlojHCKXOoqW1STwbITEQrQpnPiz6qzQqME84
tzbrzLFtg0xHIAKqTLUu9q2hM/psqTPJcKHcYZd9TdxAJtNfVUahXLyUPTw3tYeN
X/7Nzp9bCNA4qFNRvn/ciwmSwZvYDAelH1i3ZqswvqybHaEfnHbeeQM8JQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNw4tE4mEswsI12KEKYCQHB0mTOaMB8GA1UdIwQY
MBaAFOkFdHD9VvG3c7LkCrruefmWbkQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGIt
OTIxOGY5MmYzMDM2LzEvM0RpMFRpWVN6Q3dqWFlvUXBnSkFjSFNaTTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGItOTIxOGY5MmYzMDM2
LzEvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCH8FsAwQC
gv8UAwQDpIrAAwQBw7H0MA0EAgACMAcDBQAqALrAMA0GCSqGSIb3DQEBCwUAA4IB
AQBpl4whj0Y+JgKgquoAphWo9Gkmg/QJN3k+IzrurPACXESzrLt6fw16aHOpUYGs
dyNKnpz7Gz3mUCOMj1R46Rg1BXIAE1nPBlryeJzhTot2DG80kQW8IdnF3ILzEFyD
u2kF/xcA+c8YNV4ju1nWe/ad4WkQg89w8aXzLiu4MgDiY24dI6Yy1mqxZyO2Wn6X
eLnYOYY1f7Dfsliawr09YWkSHcSO/NSqci92fVziP6YzmLyQ49Cm+GgYBYf8w8XQ
nnnr0HWNm4bHTDl2kXtxxPBq98Blf0xrqJcHW2Blx6z/NBQxpqBV/NCEwyoYbTXW
qhUzKuIw4In3bncvZGLZtN7T
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:31:36 2026 by rpki-client