Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/m3UA_nkf1VwU3ag8qI5g5Qt-9tA.roa
File: m3UA_nkf1VwU3ag8qI5g5Qt-9tA.roa (raw, json)
Hash identifier: lDuAUkNMZFlM3dVZhNno1BqGdq4IWHifd59bAym6MAM=
Subject key identifier: 9B:75:00:FE:79:1F:D5:5C:14:DD:A8:3C:A8:8E:60:E5:0B:7E:F6:D0
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: 019B7BA4ED0761AFCB0402E177E698C9180D
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/m3UA_nkf1VwU3ag8qI5g5Qt-9tA.roa
Signing time: Thu 01 Jan 2026 22:19:24 +0000
ROA not before: Thu 01 Jan 2026 22:19:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29031
IP address blocks: 91.201.108.0/22 maxlen: 22
91.201.108.0/23 maxlen: 23
91.201.108.0/24 maxlen: 24
91.201.109.0/24 maxlen: 24
91.201.110.0/24 maxlen: 24
91.201.111.0/24 maxlen: 24
193.239.24.0/24 maxlen: 24
193.239.25.0/24 maxlen: 24
193.239.26.0/24 maxlen: 24
193.239.27.0/24 maxlen: 24
195.3.132.0/23 maxlen: 23
195.3.134.0/23 maxlen: 23
195.3.134.0/24 maxlen: 24
195.3.135.0/24 maxlen: 24
195.69.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a4:ed:07:61:af:cb:04:02:e1:77:e6:98:c9:18:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Jan 1 22:19:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b7500fe791fd55c14dda83ca88e60e50b7ef6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:64:d0:87:48:3d:58:4a:90:df:6a:c1:3a:6d:
19:ba:eb:96:b8:57:9f:b8:7a:d2:4f:dd:3d:78:06:
dd:62:67:07:14:08:23:67:ba:39:fa:62:48:27:49:
ca:02:c9:2f:76:d0:e6:19:cc:84:64:a8:dd:0d:d7:
35:79:6e:e3:d5:9e:61:38:4a:d6:7a:e2:22:fc:8d:
2f:13:35:30:4b:00:21:ba:8c:82:2d:36:bc:95:7f:
74:da:01:e5:70:ea:7f:2b:58:0a:eb:f2:fb:9b:67:
e5:74:0d:ab:16:4f:58:80:47:b0:b3:cb:ad:ef:10:
9d:11:5a:e4:dd:b6:d7:1d:7b:bb:97:ea:c3:82:a1:
ee:5c:c5:99:6d:c3:5b:45:36:9f:bb:66:5d:b6:d9:
31:a2:4d:b6:31:4f:e8:9a:a4:4a:6b:7f:a3:34:0c:
ee:2b:d1:a1:c1:a9:8a:c2:91:6b:15:58:56:a4:f1:
94:f0:33:38:4f:1e:71:18:0c:c7:81:fc:44:ce:83:
37:1d:db:8e:99:9e:91:bc:93:c7:00:97:a9:e7:03:
cd:b8:b2:44:ab:66:65:df:07:4a:d3:0a:67:ee:04:
34:8c:c3:00:bc:65:6c:b6:65:31:dd:b6:4e:e8:dc:
91:be:b2:a1:51:07:a9:f7:08:fb:07:f1:e0:e2:d6:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:75:00:FE:79:1F:D5:5C:14:DD:A8:3C:A8:8E:60:E5:0B:7E:F6:D0
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/m3UA_nkf1VwU3ag8qI5g5Qt-9tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.108.0/22
193.239.24.0/22
195.3.132.0/22
195.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
63:b4:0e:1e:a8:14:73:77:1a:52:57:95:d3:45:39:6f:34:55:
8e:2d:01:71:27:dc:ed:40:29:3e:0a:92:d0:72:aa:b8:80:5f:
fc:c7:61:be:23:71:67:b6:89:af:f6:93:6e:0c:25:a0:8e:00:
76:7d:25:af:2c:55:39:1b:9a:1a:0a:4e:84:0c:1f:20:55:3d:
57:ce:6c:06:6e:82:6e:bb:0f:63:42:2f:ec:88:fc:39:44:39:
5d:64:24:8f:c0:24:c2:96:55:75:1f:3b:1a:87:95:aa:66:55:
f7:bd:6c:5e:a2:09:ed:98:11:69:e3:0d:96:ab:b0:85:e5:c9:
9e:c3:80:d3:7b:6b:49:7b:3f:c0:ea:da:be:87:fa:b6:9c:30:
7a:27:b5:48:eb:8e:fb:22:fe:9e:62:60:6b:32:1c:8b:9e:21:
e1:9c:be:71:b3:47:11:e9:1a:eb:ba:6c:6c:ea:9d:80:9f:24:
4f:51:bb:b0:d7:9c:4d:ad:7d:a8:34:f9:a0:39:ba:67:02:c5:
18:e4:bc:d4:55:07:fc:f9:c6:ad:23:7e:40:af:26:07:eb:84:
85:88:d8:94:76:74:9a:24:3e:02:0f:44:ee:85:4b:e6:e3:ab:
cb:01:13:c2:40:da:80:84:81:8d:82:d4:a8:fa:d3:5f:c1:09:
34:99:04:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZt7pO0HYa/LBALhd+aYyRgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlk
NTA1ZjMwHhcNMjYwMTAxMjIxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc1MDBmZTc5MWZkNTVjMTRkZGE4M2NhODhlNjBlNTBiN2VmNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2TQh0g9WEqQ32rBOm0ZuuuWuFef
uHrST909eAbdYmcHFAgjZ7o5+mJIJ0nKAskvdtDmGcyEZKjdDdc1eW7j1Z5hOErW
euIi/I0vEzUwSwAhuoyCLTa8lX902gHlcOp/K1gK6/L7m2fldA2rFk9YgEews8ut
7xCdEVrk3bbXHXu7l+rDgqHuXMWZbcNbRTafu2Zdttkxok22MU/omqRKa3+jNAzu
K9GhwamKwpFrFVhWpPGU8DM4Tx5xGAzHgfxEzoM3HduOmZ6RvJPHAJep5wPNuLJE
q2Zl3wdK0wpn7gQ0jMMAvGVstmUx3bZO6NyRvrKhUQep9wj7B/Hg4tYASwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJt1AP55H9VcFN2oPKiOYOULfvbQMB8GA1UdIwQY
MBaAFB5H4r85dHIer7+4wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQt
ZTM2OWQ2NjAyZTZmLzEvbTNVQV9ua2YxVndVM2FnOHFJNWc1UXQtOXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZm
LzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8lsAwQC
we8YAwQCwwOEAwQCw0XIMA0GCSqGSIb3DQEBCwUAA4IBAQBjtA4eqBRzdxpSV5XT
RTlvNFWOLQFxJ9ztQCk+CpLQcqq4gF/8x2G+I3Fntomv9pNuDCWgjgB2fSWvLFU5
G5oaCk6EDB8gVT1XzmwGboJuuw9jQi/siPw5RDldZCSPwCTCllV1Hzsah5WqZlX3
vWxeogntmBFp4w2Wq7CF5cmew4DTe2tJez/A6tq+h/q2nDB6J7VI6477Iv6eYmBr
MhyLniHhnL5xs0cR6Rrrumxs6p2AnyRPUbuw15xNrX2oNPmgObpnAsUY5LzUVQf8
+catI35AryYH64SFiNiUdnSaJD4CD0TuhUvm46vLARPCQNqAhIGNgtSo+tNfwQk0
mQS1
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:28:23 2026 by rpki-client