Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3KYapZkbEmWmGfpDM-8cD3SbYZk.roa
File: 3KYapZkbEmWmGfpDM-8cD3SbYZk.roa (raw, json)
Hash identifier: fp0ec217TkjQVkqiTsPLPgOHbubrIW7vvxApHpvWUhs=
Subject key identifier: DC:A6:1A:A5:99:1B:12:65:A6:19:FA:43:33:EF:1C:0F:74:9B:61:99
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D24E0170E5626DAF3DECB62F645CE18A4
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3KYapZkbEmWmGfpDM-8cD3SbYZk.roa
Signing time: Wed 25 Mar 2026 12:02:38 +0000
ROA not before: Wed 25 Mar 2026 12:02:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207569
IP address blocks: 46.243.1.0/24 maxlen: 24
46.243.4.0/24 maxlen: 24
46.243.6.0/24 maxlen: 24
89.44.86.0/24 maxlen: 24
95.81.79.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.126.0/24 maxlen: 24
95.81.127.0/24 maxlen: 24
103.71.22.0/24 maxlen: 24
103.71.23.0/24 maxlen: 24
103.85.114.0/24 maxlen: 24
103.85.115.0/24 maxlen: 24
104.128.132.0/24 maxlen: 24
104.128.133.0/24 maxlen: 24
104.128.134.0/24 maxlen: 24
104.128.135.0/24 maxlen: 24
104.128.136.0/24 maxlen: 24
104.128.137.0/24 maxlen: 24
104.128.138.0/24 maxlen: 24
104.128.139.0/24 maxlen: 24
104.128.140.0/24 maxlen: 24
104.128.141.0/24 maxlen: 24
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
135.136.176.0/24 maxlen: 24
135.136.177.0/24 maxlen: 24
135.136.186.0/24 maxlen: 24
135.136.187.0/24 maxlen: 24
185.37.195.0/24 maxlen: 24
2a0c:5d00:1002::/48 maxlen: 48
2a0c:5d00:2002::/48 maxlen: 48
2a0c:5d06:2002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:e0:17:0e:56:26:da:f3:de:cb:62:f6:45:ce:18:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 25 12:02:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dca61aa5991b1265a619fa4333ef1c0f749b6199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e4:01:df:ec:0a:7d:84:50:19:fe:83:60:ba:
e8:03:8c:0c:de:11:b5:de:28:0c:0b:10:e5:3a:7a:
25:4e:85:e1:80:f1:50:e9:1e:fb:97:6f:8b:b1:d3:
35:6b:55:55:6b:4d:16:16:43:bd:32:7f:33:6e:17:
6f:3b:2b:de:dc:7e:4d:79:88:48:5f:a0:d3:b8:c4:
ba:3d:a7:27:4a:75:0e:fc:2b:80:07:b1:02:32:c1:
17:32:e8:57:e1:a7:88:d7:2c:20:e5:c3:b8:c3:6a:
04:bc:b7:c1:51:59:25:e4:48:86:04:a6:a1:6c:c5:
b5:5a:f2:3a:7c:6e:73:44:1a:6b:5b:b1:8d:b0:42:
b8:45:61:a9:bb:b4:ee:6d:ea:7d:a1:ef:34:63:a3:
30:ae:b2:61:cb:2c:7b:d8:4a:5d:b2:9a:8f:f9:25:
09:19:b2:c9:f6:43:c6:e8:1a:a5:cf:65:1c:ad:1e:
9c:a9:af:19:c1:63:e6:b5:31:8c:0a:40:58:4f:8a:
89:f8:3f:b5:e8:b9:e1:ff:36:00:dd:e7:f9:dd:fa:
71:7f:f6:a4:ff:fe:c0:30:fa:1e:72:71:5e:cf:78:
59:23:06:4c:c2:97:e1:fa:ac:ba:df:2f:71:31:bd:
c8:b6:e4:3f:c9:9f:26:ac:4d:88:9f:1a:46:f5:9e:
81:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A6:1A:A5:99:1B:12:65:A6:19:FA:43:33:EF:1C:0F:74:9B:61:99
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3KYapZkbEmWmGfpDM-8cD3SbYZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.1.0/24
46.243.4.0/24
46.243.6.0/24
89.44.86.0/24
95.81.79.0/24
95.81.113.0/24
95.81.126.0/23
103.71.22.0/23
103.85.114.0/23
104.128.132.0-104.128.143.255
135.136.176.0/23
135.136.186.0/23
185.37.195.0/24
IPv6:
2a0c:5d00:1002::/48
2a0c:5d00:2002::/48
2a0c:5d06:2002::/48
Signature Algorithm: sha256WithRSAEncryption
4f:2c:50:40:ce:08:a1:a3:8f:5d:fc:64:47:fe:d8:72:af:3d:
94:65:f3:3a:f9:33:68:0c:c9:88:2d:a9:67:0d:4e:aa:5d:65:
8f:1d:25:14:70:10:b6:98:f2:0d:14:b0:bd:90:8d:e6:6d:21:
72:93:e7:c5:06:00:5d:11:a9:33:c8:63:b9:ef:f8:c0:c0:d2:
b9:34:7d:6c:e8:6c:2d:50:a7:6b:03:8c:51:51:7a:3e:54:29:
70:ec:8f:14:4f:e2:d9:a9:e6:4c:a7:f7:a9:b5:7d:82:40:d9:
43:1c:bb:61:36:5a:7c:8a:6d:19:ce:a3:a9:24:2c:55:ae:4e:
a4:e0:08:7f:74:d8:03:35:96:b7:9f:7e:aa:af:2f:da:69:e7:
0f:02:ea:9d:41:0c:86:ff:6d:96:cc:76:f3:9e:b0:2b:32:f8:
dd:c1:73:3a:9e:72:c4:c0:e6:5a:6d:3a:16:fd:7f:b5:2e:20:
73:2c:80:6d:ea:06:86:ed:10:dd:ee:db:1c:29:44:7b:4f:5a:
a4:22:be:61:d5:91:aa:f3:1e:4e:33:7e:d2:8e:c4:2b:f4:28:
a3:63:74:ab:e0:9f:a5:92:3c:51:dc:b2:11:7d:79:04:ca:15:
26:ca:6d:89:61:3e:e0:fb:f9:b3:38:0e:98:8d:2d:46:f6:83:
24:94:20:b1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZ0k4BcOViba897LYvZFzhikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMzI1MTIwMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E2MWFhNTk5MWIxMjY1YTYxOWZhNDMzM2VmMWMwZjc0OWI2MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseQB3+wKfYRQGf6DYLroA4wM3hG1
3igMCxDlOnolToXhgPFQ6R77l2+LsdM1a1VVa00WFkO9Mn8zbhdvOyve3H5NeYhI
X6DTuMS6PacnSnUO/CuAB7ECMsEXMuhX4aeI1ywg5cO4w2oEvLfBUVkl5EiGBKah
bMW1WvI6fG5zRBprW7GNsEK4RWGpu7Tubep9oe80Y6MwrrJhyyx72EpdspqP+SUJ
GbLJ9kPG6Bqlz2UcrR6cqa8ZwWPmtTGMCkBYT4qJ+D+16Lnh/zYA3ef53fpxf/ak
//7AMPoecnFez3hZIwZMwpfh+qy63y9xMb3ItuQ/yZ8mrE2InxpG9Z6BsQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNymGqWZGxJlphn6QzPvHA90m2GZMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvM0tZYXBaa2JFbVdtR2ZwRE0tOGNEM1NiWVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBcBAIAATBWAwQALvMB
AwQALvMEAwQALvMGAwQAWSxWAwQAX1FPAwQAX1FxAwQBX1F+AwQBZ0cWAwQBZ1Vy
MAwDBAJogIQDBARogIADBAGHiLADBAGHiLoDBAC5JcMwIQQCAAIwGwMHACoMXQAQ
AgMHACoMXQAgAgMHACoMXQYgAjANBgkqhkiG9w0BAQsFAAOCAQEATyxQQM4IoaOP
XfxkR/7Ycq89lGXzOvkzaAzJiC2pZw1Oql1ljx0lFHAQtpjyDRSwvZCN5m0hcpPn
xQYAXRGpM8hjue/4wMDSuTR9bOhsLVCnawOMUVF6PlQpcOyPFE/i2anmTKf3qbV9
gkDZQxy7YTZafIptGc6jqSQsVa5OpOAIf3TYAzWWt59+qq8v2mnnDwLqnUEMhv9t
lsx2856wKzL43cFzOp5yxMDmWm06Fv1/tS4gcyyAbeoGhu0Q3e7bHClEe09apCK+
YdWRqvMeTjN+0o7EK/Qoo2N0q+CfpZI8UdyyEX15BMoVJsptiWE+4Pv5szgOmI0t
RvaDJJQgsQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:24:51 2026 by rpki-client