Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PBImkGn-IyBVaBeNLGUuFC_GgmQ.roa
File: PBImkGn-IyBVaBeNLGUuFC_GgmQ.roa (raw, json)
Hash identifier: RMaTm+QHPcXlU8CoxFIFwdO+he570gGc+NP5F38BxFY=
Subject key identifier: 3C:12:26:90:69:FE:23:20:55:68:17:8D:2C:65:2E:14:2F:C6:82:64
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D2AECD76A789A27B0A64477CE8C58E6B2
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PBImkGn-IyBVaBeNLGUuFC_GgmQ.roa
Signing time: Thu 26 Mar 2026 16:14:17 +0000
ROA not before: Thu 26 Mar 2026 16:14:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 37.148.128.0/22 maxlen: 24
93.88.153.0/24 maxlen: 24
93.88.157.0/24 maxlen: 24
93.88.158.0/24 maxlen: 24
95.155.128.0/23 maxlen: 24
95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.133.0/24 maxlen: 24
95.155.137.0/24 maxlen: 24
95.155.145.0/24 maxlen: 24
95.155.146.0/23 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/23 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.152.0/22 maxlen: 24
95.155.160.0/20 maxlen: 24
95.155.176.0/21 maxlen: 24
152.89.84.0/24 maxlen: 24
152.89.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:14:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:ec:d7:6a:78:9a:27:b0:a6:44:77:ce:8c:58:e6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 26 16:14:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c12269069fe23205568178d2c652e142fc68264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e6:71:bf:f0:ab:46:6d:15:ba:f8:56:e9:61:
85:5d:57:fe:15:07:ce:d2:b5:5b:d1:93:64:52:e6:
27:3e:23:1b:ba:81:64:f5:1e:f6:1c:82:b3:6f:e4:
b6:fe:bb:7d:db:50:0c:c4:9f:a1:c7:60:fa:fc:9d:
be:43:81:13:b9:d7:6e:32:90:2b:11:30:ec:80:d8:
bb:97:e0:aa:74:9f:fd:2e:8f:45:22:d3:79:a7:c1:
4c:43:d3:3f:f5:44:d9:9e:87:3e:0d:e4:52:3b:80:
75:7c:c8:70:f9:bb:b7:aa:5e:09:3b:ae:0b:06:6b:
cd:3e:73:c5:89:81:65:ec:7d:58:4a:a2:d9:a4:47:
17:ac:7c:ce:9a:b1:9b:83:c6:f8:66:06:6a:4e:be:
5b:6d:c7:a6:d4:01:24:b5:fa:d0:e4:ad:2f:81:43:
40:a1:f4:9c:16:15:b9:93:b7:a3:92:76:72:64:03:
d3:0e:c5:4a:96:b0:d4:ed:5f:a4:39:5a:c6:e1:38:
ca:f4:94:fc:ca:1a:3f:47:19:72:24:6c:33:4d:f4:
15:d7:91:fa:b9:41:72:de:ca:52:6b:b0:e4:0e:56:
67:14:a7:c9:8a:0b:68:f2:ab:2d:bf:59:cc:a7:5f:
b2:56:d5:6d:6c:23:bf:95:a1:82:42:93:ea:30:af:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:12:26:90:69:FE:23:20:55:68:17:8D:2C:65:2E:14:2F:C6:82:64
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PBImkGn-IyBVaBeNLGUuFC_GgmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.128.0/22
93.88.153.0/24
93.88.157.0-93.88.158.255
95.155.128.0/23
95.155.133.0/24
95.155.137.0/24
95.155.145.0-95.155.150.255
95.155.152.0/22
95.155.160.0-95.155.183.255
152.89.84.0/24
152.89.87.0/24
Signature Algorithm: sha256WithRSAEncryption
77:e4:9c:1e:6b:54:9e:59:a3:12:0b:05:cd:f8:09:84:29:72:
15:d0:32:01:24:85:a5:23:f0:75:55:db:d0:1e:c8:99:ca:48:
e7:5f:fe:19:ee:c3:8d:8a:98:3b:2c:33:d5:f0:7a:da:d7:1f:
fe:00:06:8a:e4:e1:78:2f:b7:96:4c:5d:40:bf:7b:66:c7:c3:
18:36:93:32:75:93:db:89:96:3a:c3:96:b9:35:fe:0a:4f:23:
92:88:9e:6e:bd:17:8b:05:e2:f3:5c:9b:97:10:fe:40:d6:a6:
5e:88:44:4a:13:8c:dd:e8:d6:0a:42:0f:d2:e7:c2:4c:70:2b:
2d:7c:80:d2:6a:ad:61:ac:98:45:ff:cd:2b:57:7a:60:9d:46:
29:be:10:96:d7:ad:94:de:67:9f:f2:6f:99:73:84:e6:b7:48:
17:46:17:bf:33:04:48:9b:28:4e:f4:a1:8b:44:48:cd:8f:43:
e4:80:1e:7d:a3:92:76:32:39:fe:b2:ea:91:45:d4:0e:c8:ad:
10:3c:96:58:9e:3d:7d:fa:af:9c:66:0b:f7:61:82:68:5b:19:
62:10:e6:70:17:d1:fb:e9:90:02:82:35:d5:85:d8:c1:fd:95:
c9:f4:5b:52:2b:65:fa:6f:c8:29:7a:c6:7f:97:3e:53:73:56:
81:a8:60:5f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ0q7NdqeJonsKZEd86MWOayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzI2MTYxNDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzEyMjY5MDY5ZmUyMzIwNTU2ODE3OGQyYzY1MmUxNDJmYzY4MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeZxv/CrRm0VuvhW6WGFXVf+FQfO
0rVb0ZNkUuYnPiMbuoFk9R72HIKzb+S2/rt921AMxJ+hx2D6/J2+Q4ETudduMpAr
ETDsgNi7l+CqdJ/9Lo9FItN5p8FMQ9M/9UTZnoc+DeRSO4B1fMhw+bu3ql4JO64L
BmvNPnPFiYFl7H1YSqLZpEcXrHzOmrGbg8b4ZgZqTr5bbcem1AEktfrQ5K0vgUNA
ofScFhW5k7ejknZyZAPTDsVKlrDU7V+kOVrG4TjK9JT8yho/RxlyJGwzTfQV15H6
uUFy3spSa7DkDlZnFKfJigto8qstv1nMp1+yVtVtbCO/laGCQpPqMK8UJwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDwSJpBp/iMgVWgXjSxlLhQvxoJkMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvUEJJbWtHbi1JeUJWYUJlTkxHVXVGQ19HZ21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCJZSAAwQA
XViZMAwDBABdWJ0DBABdWJ4DBAFfm4ADBABfm4UDBABfm4kwDAMEAF+bkQMEAF+b
lgMEAl+bmDAMAwQFX5ugAwQDX5uwAwQAmFlUAwQAmFlXMA0GCSqGSIb3DQEBCwUA
A4IBAQB35Jwea1SeWaMSCwXN+AmEKXIV0DIBJIWlI/B1VdvQHsiZykjnX/4Z7sON
ipg7LDPV8Hra1x/+AAaK5OF4L7eWTF1Av3tmx8MYNpMydZPbiZY6w5a5Nf4KTyOS
iJ5uvReLBeLzXJuXEP5A1qZeiERKE4zd6NYKQg/S58JMcCstfIDSaq1hrJhF/80r
V3pgnUYpvhCW162U3mef8m+Zc4Tmt0gXRhe/MwRImyhO9KGLREjNj0PkgB59o5J2
Mjn+suqRRdQOyK0QPJZYnj19+q+cZgv3YYJoWxliEOZwF9H76ZACgjXVhdjB/ZXJ
9FtSK2X6b8gpesZ/lz5Tc1aBqGBf
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:28:59 2026 by rpki-client