Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/s55zHCzNMC4X4QQ0gfIRtbtqZjU.roa
File: s55zHCzNMC4X4QQ0gfIRtbtqZjU.roa (raw, json)
Hash identifier: 9nhiyEisGeMymoRhUOba/EfX42NHPpIQli/ys4wWBPU=
Subject key identifier: B3:9E:73:1C:2C:CD:30:2E:17:E1:04:34:81:F2:11:B5:BB:6A:66:35
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019CAE0BAF7449707FD6CBBD799761899C1A
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/s55zHCzNMC4X4QQ0gfIRtbtqZjU.roa
Signing time: Mon 02 Mar 2026 10:15:27 +0000
ROA not before: Mon 02 Mar 2026 10:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 81.18.48.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.239.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:0b:af:74:49:70:7f:d6:cb:bd:79:97:61:89:9c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 2 10:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b39e731c2ccd302e17e1043481f211b5bb6a6635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:5d:47:b4:60:d7:18:22:a4:d6:31:03:ab:
00:fe:ee:98:1b:39:fe:48:3b:d4:fe:68:1b:7a:7e:
8c:61:88:fa:c5:56:55:ac:45:35:99:ac:d9:c4:c6:
86:9a:cc:f5:ef:8f:f1:89:b0:3b:ab:4c:38:bc:c3:
79:b9:40:d0:82:23:22:e9:1e:7e:8d:f4:a8:6b:06:
1a:52:b1:7a:8a:1c:00:b5:78:42:0d:ad:54:d1:91:
fe:34:21:71:56:2e:67:08:96:7b:0a:73:3d:b0:44:
d1:31:e5:59:5e:af:51:1d:a3:3a:f5:97:c6:81:fb:
02:93:f5:79:f5:6c:8b:a7:16:51:45:15:42:ad:79:
b7:b0:6d:46:ac:4e:fe:4b:e9:1f:77:df:e9:f9:fe:
44:a8:9b:98:ba:c2:f9:4e:fe:7f:9f:0d:cc:2d:a0:
0c:b9:1e:96:4a:4e:0d:a6:2a:3d:58:d6:22:0c:23:
17:b1:f0:af:58:aa:6f:3e:3e:bf:6a:05:09:11:44:
c7:7d:f9:65:df:10:3e:be:32:c0:cd:0a:bf:7e:ae:
47:be:6a:c8:b7:14:88:f3:60:4e:b6:90:ba:e3:9b:
b2:0a:a6:cd:68:56:a6:89:da:80:0f:e4:28:8a:42:
83:57:e6:9a:12:d4:94:5f:53:06:b7:b2:c8:43:f9:
2f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9E:73:1C:2C:CD:30:2E:17:E1:04:34:81:F2:11:B5:BB:6A:66:35
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/s55zHCzNMC4X4QQ0gfIRtbtqZjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
109.121.45.0/24
178.219.6.0/24
178.253.239.0/24
185.47.91.0/24
188.255.198.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:9f:58:65:82:b7:e9:9f:ce:50:d4:94:c5:8d:af:0e:22:c3:
41:b3:18:17:4d:47:0e:fd:c9:3c:e0:2d:e2:4b:12:12:3b:4a:
2f:e1:fb:71:db:86:fd:90:a1:18:8b:40:35:fb:bd:0e:24:49:
b9:0f:34:02:44:fd:25:fe:d4:72:97:9c:c7:19:41:d9:cd:32:
ef:7c:37:a6:2b:5c:d3:97:e6:a8:3d:b0:fe:19:ec:53:aa:93:
db:d4:90:a7:76:00:7f:89:1b:e0:f2:31:c8:e9:67:c1:b0:f9:
f8:de:25:bd:d6:e1:cc:4d:8c:ac:ee:81:44:72:09:42:bd:44:
30:c0:ad:30:42:a2:10:a6:d8:43:a3:71:8d:81:2e:2a:3e:5a:
cf:4b:8d:1b:67:ea:c8:34:26:df:49:f0:21:9a:d7:90:68:4f:
e5:2d:f1:bc:dd:18:24:af:01:22:00:e1:03:60:73:56:f2:4b:
2f:b0:a1:af:a2:82:63:70:c2:4c:96:06:b5:bf:d1:e1:58:15:
83:82:0f:03:8b:ce:42:79:e1:26:7d:54:03:c9:3f:e1:29:9a:
07:a8:86:97:94:d4:d3:98:54:bc:59:9e:f8:2d:80:b4:ae:db:
3a:b5:de:f5:d8:7f:cc:66:b5:c1:53:cd:51:e8:34:b8:f6:29:
cd:e6:6c:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyuC690SXB/1su9eZdhiZwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwMzAyMTAxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzllNzMxYzJjY2QzMDJlMTdlMTA0MzQ4MWYyMTFiNWJiNmE2NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQNdR7Rg1xgipNYxA6sA/u6YGzn+
SDvU/mgben6MYYj6xVZVrEU1mazZxMaGmsz174/xibA7q0w4vMN5uUDQgiMi6R5+
jfSoawYaUrF6ihwAtXhCDa1U0ZH+NCFxVi5nCJZ7CnM9sETRMeVZXq9RHaM69ZfG
gfsCk/V59WyLpxZRRRVCrXm3sG1GrE7+S+kfd9/p+f5EqJuYusL5Tv5/nw3MLaAM
uR6WSk4Npio9WNYiDCMXsfCvWKpvPj6/agUJEUTHffll3xA+vjLAzQq/fq5HvmrI
txSI82BOtpC645uyCqbNaFamidqAD+QoikKDV+aaEtSUX1MGt7LIQ/kv7wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLOecxwszTAuF+EENIHyEbW7amY1MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvczU1ekhDek5NQzRYNFFRMGdmSVJ0YnRxWmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAURIwAwQA
bXktAwQAstsGAwQAsv3vAwQAuS9bAwQAvP/GMA0GCSqGSIb3DQEBCwUAA4IBAQAd
n1hlgrfpn85Q1JTFja8OIsNBsxgXTUcO/ck84C3iSxISO0ov4ftx24b9kKEYi0A1
+70OJEm5DzQCRP0l/tRyl5zHGUHZzTLvfDemK1zTl+aoPbD+GexTqpPb1JCndgB/
iRvg8jHI6WfBsPn43iW91uHMTYys7oFEcglCvUQwwK0wQqIQpthDo3GNgS4qPlrP
S40bZ+rINCbfSfAhmteQaE/lLfG83RgkrwEiAOEDYHNW8ksvsKGvooJjcMJMlga1
v9HhWBWDgg8Di85CeeEmfVQDyT/hKZoHqIaXlNTTmFS8WZ74LYC0rts6td712H/M
ZrXBU81R6DS49inN5my4
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:18:40 2026 by rpki-client