Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/3Hua7wKmQfp9JEgzSI5kFZ9qKuY.roa
File: 3Hua7wKmQfp9JEgzSI5kFZ9qKuY.roa (raw, json)
Hash identifier: b4NMrJHTU6u3cjIt8gqKKQ1+s/2nFZTA+L4AbUR1Vzk=
Subject key identifier: DC:7B:9A:EF:02:A6:41:FA:7D:24:48:33:48:8E:64:15:9F:6A:2A:E6
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019D3F7EF4C28C4DC3C6F1D972411CF31EF9
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/3Hua7wKmQfp9JEgzSI5kFZ9qKuY.roa
Signing time: Mon 30 Mar 2026 16:06:17 +0000
ROA not before: Mon 30 Mar 2026 16:06:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 80.174.96.0/21 maxlen: 24
80.174.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:7e:f4:c2:8c:4d:c3:c6:f1:d9:72:41:1c:f3:1e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Mar 30 16:06:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc7b9aef02a641fa7d244833488e64159f6a2ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:46:77:7a:04:8b:f1:b7:d6:d8:8f:b9:cd:
8d:e7:78:2f:ee:06:93:21:17:93:3d:24:c2:3f:36:
68:85:8f:7f:5a:f2:9b:d9:1b:81:19:dc:a2:2e:b0:
4f:fb:d9:78:f4:fe:91:5f:6f:4b:35:b8:57:bd:1d:
8a:a1:3a:4c:b5:be:7c:52:75:e8:d7:b8:17:70:40:
c6:5b:1a:8b:c1:95:41:e1:22:8d:e2:0e:82:8f:87:
a8:97:07:a3:98:24:71:37:8a:9f:1b:8f:2f:b5:72:
97:ae:56:2f:3d:db:58:09:45:d6:fd:27:7d:fd:5b:
1b:d3:b9:7b:64:25:c4:21:83:a1:6a:24:a9:1e:3c:
85:6b:58:bc:52:05:64:97:79:f4:99:8d:c6:e2:25:
c9:7a:48:78:ff:0d:66:cd:9c:8c:6b:ee:ca:74:f6:
2b:06:99:97:7c:bf:9f:ae:e8:2b:5e:3d:02:fd:85:
71:5c:a2:5a:d7:f0:1e:02:f0:fb:a6:2d:54:89:74:
8e:6d:7e:2a:ae:60:64:04:12:de:c5:35:8d:75:8d:
cc:61:5d:a0:19:e2:88:18:a2:ed:50:fd:ab:07:38:
68:24:c0:b9:1d:4d:ed:0f:92:45:a7:37:74:37:2b:
06:7e:dd:cf:f6:03:a5:b0:b6:4c:7f:2f:84:d1:2b:
ba:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7B:9A:EF:02:A6:41:FA:7D:24:48:33:48:8E:64:15:9F:6A:2A:E6
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/3Hua7wKmQfp9JEgzSI5kFZ9qKuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.96.0-80.174.107.255
Signature Algorithm: sha256WithRSAEncryption
8e:0a:bb:ef:22:b9:65:ba:33:05:e6:0c:5a:46:cf:bb:4d:1b:
4c:77:42:6a:73:22:ec:62:ed:dd:a2:47:c7:7b:b6:2f:17:53:
86:97:86:26:9f:f7:8f:37:80:af:e6:7d:60:30:28:23:e4:26:
db:93:a0:6e:03:ed:89:ac:06:7b:de:85:ac:84:ea:5f:2d:d7:
71:6a:d5:c3:c3:e6:72:88:4c:cd:25:56:97:3e:2f:13:df:ac:
c3:3e:af:65:62:a0:02:e1:af:19:ae:09:db:5c:e2:c7:17:89:
47:17:f6:cc:8a:5a:24:b8:0f:42:b6:dd:bd:23:a4:b8:27:80:
16:fd:9d:43:35:1b:5e:1a:42:ab:5a:de:4f:06:03:94:e8:84:
58:6e:7d:54:e6:d0:00:ad:e2:05:d2:b7:10:e6:2f:3a:c9:97:
88:2f:cb:91:16:b9:bc:b8:4d:df:56:f9:2b:f9:00:ba:74:64:
03:ad:8a:75:09:40:76:13:b4:69:ae:bf:a2:16:2f:18:84:f5:
6f:44:be:7b:97:3c:58:ae:6d:92:09:5e:11:11:7a:0d:c0:8d:
1a:96:80:b8:0d:bc:f2:1c:81:b6:0b:8a:d6:6e:2e:dc:63:19:
63:dd:9c:f3:9c:ef:96:b2:90:57:35:92:5e:65:5f:4c:a8:e7:
99:30:21:3b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ0/fvTCjE3DxvHZckEc8x75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwMzMwMTYwNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdiOWFlZjAyYTY0MWZhN2QyNDQ4MzM0ODhlNjQxNTlmNmEyYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1VGd3oEi/G31tiPuc2N53gv7gaT
IReTPSTCPzZohY9/WvKb2RuBGdyiLrBP+9l49P6RX29LNbhXvR2KoTpMtb58UnXo
17gXcEDGWxqLwZVB4SKN4g6Cj4eolwejmCRxN4qfG48vtXKXrlYvPdtYCUXW/Sd9
/Vsb07l7ZCXEIYOhaiSpHjyFa1i8UgVkl3n0mY3G4iXJekh4/w1mzZyMa+7KdPYr
BpmXfL+frugrXj0C/YVxXKJa1/AeAvD7pi1UiXSObX4qrmBkBBLexTWNdY3MYV2g
GeKIGKLtUP2rBzhoJMC5HU3tD5JFpzd0NysGft3P9gOlsLZMfy+E0Su6qwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNx7mu8CpkH6fSRIM0iOZBWfairmMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvM0h1YTd3S21RZnA5SkVnelNJNWtGWjlxS3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVQrmAD
BAJQrmgwDQYJKoZIhvcNAQELBQADggEBAI4Ku+8iuWW6MwXmDFpGz7tNG0x3Qmpz
Iuxi7d2iR8d7ti8XU4aXhiaf9483gK/mfWAwKCPkJtuToG4D7YmsBnvehayE6l8t
13Fq1cPD5nKITM0lVpc+LxPfrMM+r2VioALhrxmuCdtc4scXiUcX9syKWiS4D0K2
3b0jpLgngBb9nUM1G14aQqta3k8GA5TohFhufVTm0ACt4gXStxDmLzrJl4gvy5EW
uby4Td9W+Sv5ALp0ZAOtinUJQHYTtGmuv6IWLxiE9W9EvnuXPFiubZIJXhEReg3A
jRqWgLgNvPIcgbYLitZuLtxjGWPdnPOc75aykFc1kl5lX0yo55kwITs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:50:21 2026 by rpki-client