Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/3FimOljJosTayAtjbZa6x1Z1MXs.roa
File: 3FimOljJosTayAtjbZa6x1Z1MXs.roa (raw, json)
Hash identifier: MeEGr+necOtlrJoGJSW1/wG4DV94jp5QrV4hS1BQHCg=
Subject key identifier: DC:58:A6:3A:58:C9:A2:C4:DA:C8:0B:63:6D:96:BA:C7:56:75:31:7B
Certificate issuer: /CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Certificate serial: 019C6BD4DEB34E82DB1F83D65657E5B20CFC
Authority key identifier: A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/3FimOljJosTayAtjbZa6x1Z1MXs.roa
Signing time: Tue 17 Feb 2026 13:40:38 +0000
ROA not before: Tue 17 Feb 2026 13:40:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51956
IP address blocks: 92.53.236.0/22 maxlen: 22
92.53.236.0/24 maxlen: 24
92.53.237.0/24 maxlen: 24
92.53.238.0/24 maxlen: 24
92.53.239.0/24 maxlen: 24
185.144.132.0/22 maxlen: 22
185.144.132.0/23 maxlen: 23
185.144.132.0/24 maxlen: 24
185.144.133.0/24 maxlen: 24
185.144.134.0/24 maxlen: 24
185.144.135.0/24 maxlen: 24
185.201.172.0/22 maxlen: 22
2a00:b8c0::/32 maxlen: 32
2a0c:5b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:d4:de:b3:4e:82:db:1f:83:d6:56:57:e5:b2:0c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Validity
Not Before: Feb 17 13:40:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc58a63a58c9a2c4dac80b636d96bac75675317b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:da:8f:88:01:1b:3c:81:60:93:62:b1:3b:17:
00:2c:1d:cf:51:da:84:84:20:86:27:b5:8c:9c:08:
51:cd:7b:3d:86:eb:1b:73:9d:78:63:6e:ef:2f:f5:
26:61:30:46:94:88:24:f3:de:bf:89:03:b0:ba:70:
f6:12:ae:d4:2a:ae:f7:d9:b9:46:0f:42:7a:4e:e7:
72:eb:37:a5:ce:81:05:21:7d:65:fd:55:4a:78:89:
6f:08:82:d4:a4:52:76:99:7a:f3:20:6d:9e:88:5e:
d9:57:c1:77:cd:58:05:26:ce:65:19:c7:3e:93:06:
28:3d:49:c5:61:08:6c:8a:b2:78:13:a5:39:8a:44:
57:b2:a6:63:a0:4d:67:f4:bb:c0:e7:35:b1:e5:8f:
d5:4c:52:f4:ff:ca:94:61:c5:5c:46:aa:7b:28:15:
0c:95:3a:09:3b:fc:4f:d4:cf:3b:c6:22:82:ba:97:
e4:2e:42:93:ea:7a:0d:d1:ff:4a:0e:b1:9c:8d:33:
5d:16:a6:59:81:15:9b:49:75:fc:06:7b:96:f5:ab:
86:42:2c:fc:c0:b4:d7:58:6b:ee:31:dd:1b:46:fa:
6d:63:4b:75:96:67:be:cb:42:9c:e4:14:0f:b3:59:
35:7a:af:9d:73:60:0f:60:dd:d1:55:e2:e9:bf:ec:
1f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:58:A6:3A:58:C9:A2:C4:DA:C8:0B:63:6D:96:BA:C7:56:75:31:7B
X509v3 Authority Key Identifier:
keyid:A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/3FimOljJosTayAtjbZa6x1Z1MXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.236.0/22
185.144.132.0/22
185.201.172.0/22
IPv6:
2a00:b8c0::/32
2a0c:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
09:cd:36:f0:e9:24:66:17:b8:0a:0b:6a:7c:78:25:41:7b:74:
7f:3c:38:ab:ec:fa:16:af:9d:66:a4:ed:21:71:49:26:9a:7b:
0a:55:a7:9f:65:bf:a4:57:df:e6:11:f5:3b:2c:0a:90:f1:56:
40:0e:44:11:3f:a2:2c:3a:ea:96:0a:eb:ef:3a:7b:3b:44:af:
27:ac:df:9e:0e:61:58:8f:f8:28:d2:41:5a:56:7c:78:45:fc:
0e:d7:d3:d8:b5:b1:ea:69:4a:8e:2f:79:45:a3:1d:15:d3:ad:
84:8e:50:aa:ac:0b:d3:92:af:5c:f6:f1:d2:7e:fc:9a:3e:13:
53:a0:bf:0b:84:ed:69:bd:5b:a9:b9:04:1a:04:1b:76:ae:3d:
e7:32:ef:fb:e4:f6:89:95:70:bd:a0:55:86:0b:fb:72:8c:9f:
56:15:db:b3:f7:7e:c3:7d:11:f8:a1:9d:1e:7c:c8:0c:3e:89:
eb:45:a9:8c:5a:e7:b9:3a:7f:71:22:6e:00:9d:7b:6b:8d:51:
f8:06:ad:4e:3d:2e:87:da:df:a4:8d:6b:8b:c3:93:89:d6:6e:
27:21:d5:e3:01:8b:e8:80:3d:1a:59:69:6e:25:da:26:91:20:
ae:cc:68:25:ed:0b:af:ab:65:be:a3:44:01:80:9e:fa:5b:42:
d1:f4:34:0f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZxr1N6zToLbH4PWVlflsgz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZGZmMDFmNTZlMzQxOWQwMjdiZTc1OTFjZWVmNjI4NTFj
ZTBmNmIwHhcNMjYwMjE3MTM0MDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU4YTYzYTU4YzlhMmM0ZGFjODBiNjM2ZDk2YmFjNzU2NzUzMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9qPiAEbPIFgk2KxOxcALB3PUdqE
hCCGJ7WMnAhRzXs9husbc514Y27vL/UmYTBGlIgk896/iQOwunD2Eq7UKq732blG
D0J6Tudy6zelzoEFIX1l/VVKeIlvCILUpFJ2mXrzIG2eiF7ZV8F3zVgFJs5lGcc+
kwYoPUnFYQhsirJ4E6U5ikRXsqZjoE1n9LvA5zWx5Y/VTFL0/8qUYcVcRqp7KBUM
lToJO/xP1M87xiKCupfkLkKT6noN0f9KDrGcjTNdFqZZgRWbSXX8BnuW9auGQiz8
wLTXWGvuMd0bRvptY0t1lme+y0Kc5BQPs1k1eq+dc2APYN3RVeLpv+wfrQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNxYpjpYyaLE2sgLY22WusdWdTF7MB8GA1UdIwQY
MBaAFKjf8B9W40GdAnvnWRzu9ihRzg9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUt
ODgyYzQ0OGUyZWY2LzEvM0ZpbU9sakpvc1RheUF0amJaYTZ4MVoxTVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUtODgyYzQ0OGUyZWY2
LzEvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCXDXsAwQC
uZCEAwQCucmsMBQEAgACMA4DBQAqALjAAwUDKgxbQDANBgkqhkiG9w0BAQsFAAOC
AQEACc028OkkZhe4CgtqfHglQXt0fzw4q+z6Fq+dZqTtIXFJJpp7ClWnn2W/pFff
5hH1OywKkPFWQA5EET+iLDrqlgrr7zp7O0SvJ6zfng5hWI/4KNJBWlZ8eEX8DtfT
2LWx6mlKji95RaMdFdOthI5QqqwL05KvXPbx0n78mj4TU6C/C4Ttab1bqbkEGgQb
dq495zLv++T2iZVwvaBVhgv7coyfVhXbs/d+w30R+KGdHnzIDD6J60WpjFrnuTp/
cSJuAJ17a41R+AatTj0uh9rfpI1ri8OTidZuJyHV4wGL6IA9GllpbiXaJpEgrsxo
Je0Lr6tlvqNEAYCe+ltC0fQ0Dw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:54:42 2026 by rpki-client