Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/V2KSUUK3NKjzpMrOniGAS6f0lYc.roa
File: V2KSUUK3NKjzpMrOniGAS6f0lYc.roa (raw, json)
Hash identifier: HcEBW9Swj6mWiXzSBMZMgQ58umIWR03BqrfbmgIYn1s=
Subject key identifier: 57:62:92:51:42:B7:34:A8:F3:A4:CA:CE:9E:21:80:4B:A7:F4:95:87
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019CD675CFD94A0F7CFBDE946CC0BF99D970
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/V2KSUUK3NKjzpMrOniGAS6f0lYc.roa
Signing time: Tue 10 Mar 2026 06:36:11 +0000
ROA not before: Tue 10 Mar 2026 06:36:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33659
IP address blocks: 31.132.55.0/24 maxlen: 24
45.248.54.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
2a0c:3ac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d6:75:cf:d9:4a:0f:7c:fb:de:94:6c:c0:bf:99:d9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 10 06:36:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5762925142b734a8f3a4cace9e21804ba7f49587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:31:be:4e:a5:65:70:15:cd:40:f3:0c:9f:84:
f9:65:c9:59:7f:b1:c1:7c:d1:e1:97:e6:55:6a:3b:
35:b3:75:a6:4c:5a:aa:aa:f4:39:d0:19:bd:a9:75:
f4:ad:83:dc:26:0c:db:28:08:56:f6:d8:4a:41:45:
20:4a:3d:ea:fb:c6:a5:79:fd:bd:4d:e7:a2:01:53:
16:67:23:04:2b:ec:0b:7e:b2:fe:89:ed:bc:86:fe:
fb:88:44:3f:8f:1b:78:34:96:4b:df:0e:69:01:bc:
f8:8c:9b:9d:a4:fa:2e:1b:68:6c:43:27:07:74:0d:
1e:d2:49:ac:3b:23:91:20:fa:b1:7c:c9:1f:9c:55:
7b:10:12:97:7b:5d:91:ba:98:ef:d9:12:c0:3f:2c:
b5:0d:80:ca:27:9a:11:6b:75:b2:f5:c6:6e:7b:ce:
02:fc:45:52:22:cd:da:13:c3:25:25:b8:25:37:3f:
62:6e:3d:91:72:86:c8:1b:a5:1e:f6:3e:43:77:77:
de:87:2a:07:83:85:db:12:6e:2d:12:06:b0:92:d9:
0e:07:9d:57:66:5c:24:fc:38:7b:71:91:35:91:e5:
9b:2b:50:6e:ea:63:73:a0:3c:8e:86:7b:e6:5b:65:
0f:8e:54:1a:08:ad:ab:9a:fc:7f:5e:38:15:0a:55:
03:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:62:92:51:42:B7:34:A8:F3:A4:CA:CE:9E:21:80:4B:A7:F4:95:87
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/V2KSUUK3NKjzpMrOniGAS6f0lYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.55.0/24
45.248.54.0/24
63.246.150.0/24
78.31.205.0/24
185.205.204.0/24
IPv6:
2a0c:3ac0::/29
Signature Algorithm: sha256WithRSAEncryption
55:bb:9c:f3:7a:f7:6b:47:a4:7d:d5:40:4b:11:6e:65:1c:20:
b4:c2:02:38:56:9e:57:d4:ba:47:4b:e1:bd:72:ac:68:c0:91:
1c:a3:97:2c:00:c4:70:a3:a4:ea:c6:c9:6e:cc:33:d6:62:6d:
c4:35:85:e1:07:cb:87:8c:46:5f:13:d9:24:0a:e2:31:1f:0a:
b2:07:77:18:9a:48:3b:4e:13:77:bc:67:bd:a9:34:1d:e8:59:
df:8d:19:28:12:ec:b4:ff:15:18:fb:81:12:bb:a8:7b:06:6c:
f5:3b:94:01:89:29:b5:32:8f:55:2b:55:ca:dd:51:db:a8:44:
5f:40:f5:30:2f:c4:7b:23:72:f8:01:bd:d2:33:b6:49:e7:11:
ed:6b:db:4c:b5:33:9f:45:2d:c5:2d:6a:4e:a2:e5:88:b0:6d:
22:83:f8:df:12:a6:d2:2e:d2:46:70:3a:bc:cc:06:3b:ba:fb:
68:77:95:6c:99:6d:57:a6:73:5c:5d:16:29:6f:31:57:6b:61:
a9:38:0a:0b:ea:2d:de:99:cc:d1:e7:08:21:e6:90:bf:f0:cf:
fb:3b:81:8c:dd:d6:ab:3f:a9:2a:ff:2a:73:62:0f:7b:a0:ce:
9f:8a:e8:81:03:20:aa:51:8a:07:cd:87:6e:a9:63:e9:45:c5:
92:0f:f2:28
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZzWdc/ZSg98+96UbMC/mdlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjYwMzEwMDYzNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzYyOTI1MTQyYjczNGE4ZjNhNGNhY2U5ZTIxODA0YmE3ZjQ5NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzG+TqVlcBXNQPMMn4T5ZclZf7HB
fNHhl+ZVajs1s3WmTFqqqvQ50Bm9qXX0rYPcJgzbKAhW9thKQUUgSj3q+8alef29
TeeiAVMWZyMEK+wLfrL+ie28hv77iEQ/jxt4NJZL3w5pAbz4jJudpPouG2hsQycH
dA0e0kmsOyORIPqxfMkfnFV7EBKXe12Rupjv2RLAPyy1DYDKJ5oRa3Wy9cZue84C
/EVSIs3aE8MlJbglNz9ibj2RcobIG6Ue9j5Dd3fehyoHg4XbEm4tEgawktkOB51X
Zlwk/Dh7cZE1keWbK1Bu6mNzoDyOhnvmW2UPjlQaCK2rmvx/XjgVClUDOQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFdiklFCtzSo86TKzp4hgEun9JWHMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvVjJLU1VVSzNOS2p6cE1yT25pR0FTNmYwbFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAH4Q3AwQA
Lfg2AwQAP/aWAwQATh/NAwQAuc3MMA0EAgACMAcDBQMqDDrAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVu5zzevdrR6R91UBLEW5lHCC0wgI4Vp5X1LpHS+G9cqxowJEco5cs
AMRwo6TqxsluzDPWYm3ENYXhB8uHjEZfE9kkCuIxHwqyB3cYmkg7ThN3vGe9qTQd
6FnfjRkoEuy0/xUY+4ESu6h7Bmz1O5QBiSm1Mo9VK1XK3VHbqERfQPUwL8R7I3L4
Ab3SM7ZJ5xHta9tMtTOfRS3FLWpOouWIsG0ig/jfEqbSLtJGcDq8zAY7uvtod5Vs
mW1XpnNcXRYpbzFXa2GpOAoL6i3emczR5wgh5pC/8M/7O4GM3darP6kq/ypzYg97
oM6fiuiBAyCqUYoHzYduqWPpRcWSD/Io
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:26:54 2026 by rpki-client