Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/3rcuZ4abEXlTE-CNLhemdUhiHCw.roa
File: 3rcuZ4abEXlTE-CNLhemdUhiHCw.roa (raw, json)
Hash identifier: 94cQqitO6InS2XNykwfC1mslo6cJltglx0uNnOwTzxk=
Subject key identifier: DE:B7:2E:67:86:9B:11:79:53:13:E0:8D:2E:17:A6:75:48:62:1C:2C
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 019D29596B8F292FC8C52B4C7188FE4CA719
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/3rcuZ4abEXlTE-CNLhemdUhiHCw.roa
Signing time: Thu 26 Mar 2026 08:53:39 +0000
ROA not before: Thu 26 Mar 2026 08:53:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214783
IP address blocks: 45.154.33.0/24 maxlen: 32
86.105.224.0/24 maxlen: 24
146.19.172.0/24 maxlen: 24
185.234.13.0/24 maxlen: 24
193.29.182.0/24 maxlen: 24
2a11:1400:5000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:59:6b:8f:29:2f:c8:c5:2b:4c:71:88:fe:4c:a7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: Mar 26 08:53:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=deb72e67869b11795313e08d2e17a67548621c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:c0:af:5b:c0:ef:03:8e:37:fd:55:91:84:
0f:15:62:34:af:d0:a5:1c:5d:d8:5b:7c:89:f4:99:
fb:a9:ad:83:ac:d9:0d:5e:61:7a:82:96:55:fe:77:
55:7a:f4:7a:e2:cb:69:f8:dd:8a:6c:56:b9:36:9e:
9b:ed:05:a5:18:ae:23:cb:e7:85:79:48:39:77:9a:
b2:fb:e6:a0:d3:82:b4:54:a4:24:4f:52:01:88:e4:
db:cd:fc:b9:31:30:0a:e8:c7:aa:b1:a3:71:af:63:
f7:0c:7f:23:fc:fc:74:dc:5e:82:2b:f7:66:b9:25:
97:41:85:c2:9b:c1:b3:ee:3c:55:14:17:17:c5:d0:
d8:2c:d1:e3:98:4b:cf:4a:b2:8b:15:54:e1:1e:0c:
1e:f1:84:39:a8:7c:c0:82:74:69:59:08:27:ab:00:
f9:19:85:13:22:7d:e8:f9:d6:7d:8e:24:f7:8e:d2:
2b:df:ce:4d:e6:4d:a2:61:7f:3a:1b:f8:10:24:f6:
f4:d1:fb:00:b9:cc:94:f2:9c:ca:d0:7b:45:db:4e:
c3:1f:be:99:0c:ff:18:ce:82:70:cc:20:cc:d4:90:
0e:1f:be:57:3b:f9:aa:e4:e5:31:ee:69:90:76:26:
a2:cb:55:f9:83:26:04:b6:5f:08:9e:99:6c:d5:24:
c7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B7:2E:67:86:9B:11:79:53:13:E0:8D:2E:17:A6:75:48:62:1C:2C
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/3rcuZ4abEXlTE-CNLhemdUhiHCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.33.0/24
86.105.224.0/24
146.19.172.0/24
185.234.13.0/24
193.29.182.0/24
IPv6:
2a11:1400:5000::/44
Signature Algorithm: sha256WithRSAEncryption
3e:83:c0:14:db:71:0e:44:2b:cf:60:d9:fd:a2:8f:61:2f:05:
7d:3f:a4:d8:fa:48:00:80:17:f3:eb:1c:84:22:f6:14:d7:49:
c7:97:75:f7:8b:ed:56:91:81:46:db:0b:a1:37:fa:83:2e:96:
66:6b:25:6f:02:9d:77:42:b4:02:0a:c6:a5:8a:81:7b:10:99:
03:46:86:a0:70:3a:f5:52:05:79:36:da:93:05:ba:31:72:97:
33:62:c5:01:29:1f:ed:d2:2d:c4:98:cc:ea:73:5f:07:5e:42:
ab:95:66:0c:1c:8a:04:27:3a:37:47:72:8a:65:1d:a7:6a:22:
97:fa:7b:af:ca:b6:da:3b:ef:85:9f:e9:8f:70:9b:0c:8f:65:
a5:8c:67:35:24:c2:b7:f3:c4:83:d4:81:9c:ce:46:e8:89:89:
b5:36:42:56:01:d9:ce:8f:86:36:62:6f:d9:a1:cc:04:5e:b6:
2a:da:58:f2:36:3e:be:90:27:0c:b9:39:da:71:e6:f3:4d:f8:
8e:84:83:b3:d5:ce:d2:92:09:9a:60:63:94:55:10:e2:8a:56:
14:ca:52:5a:de:5b:7b:cd:f4:4a:08:b2:80:8e:e3:4a:5f:62:
ee:ed:93:5d:5a:5d:b0:6c:91:16:de:e9:40:8c:19:6d:61:e2:
b7:bd:ef:2a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ0pWWuPKS/IxStMcYj+TKcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjYwMzI2MDg1MzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI3MmU2Nzg2OWIxMTc5NTMxM2UwOGQyZTE3YTY3NTQ4NjIxYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIDAr1vA7wOON/1VkYQPFWI0r9Cl
HF3YW3yJ9Jn7qa2DrNkNXmF6gpZV/ndVevR64stp+N2KbFa5Np6b7QWlGK4jy+eF
eUg5d5qy++ag04K0VKQkT1IBiOTbzfy5MTAK6MeqsaNxr2P3DH8j/Px03F6CK/dm
uSWXQYXCm8Gz7jxVFBcXxdDYLNHjmEvPSrKLFVThHgwe8YQ5qHzAgnRpWQgnqwD5
GYUTIn3o+dZ9jiT3jtIr385N5k2iYX86G/gQJPb00fsAucyU8pzK0HtF207DH76Z
DP8YzoJwzCDM1JAOH75XO/mq5OUx7mmQdiaiy1X5gyYEtl8Inpls1STHpwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFN63LmeGmxF5UxPgjS4XpnVIYhwsMB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvM3JjdVo0YWJFWGxURS1DTkxoZW1kVWhpSEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALZohAwQA
VmngAwQAkhOsAwQAueoNAwQAwR22MA8EAgACMAkDBwQqERQAUAAwDQYJKoZIhvcN
AQELBQADggEBAD6DwBTbcQ5EK89g2f2ij2EvBX0/pNj6SACAF/PrHIQi9hTXSceX
dfeL7VaRgUbbC6E3+oMulmZrJW8CnXdCtAIKxqWKgXsQmQNGhqBwOvVSBXk22pMF
ujFylzNixQEpH+3SLcSYzOpzXwdeQquVZgwcigQnOjdHcoplHadqIpf6e6/Ktto7
74Wf6Y9wmwyPZaWMZzUkwrfzxIPUgZzORuiJibU2QlYB2c6PhjZib9mhzARetira
WPI2Pr6QJwy5Odpx5vNN+I6Eg7PVztKSCZpgY5RVEOKKVhTKUlreW3vN9EoIsoCO
40pfYu7tk11aXbBskRbe6UCMGW1h4re97yo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:52:03 2026 by rpki-client