Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/3btPlVNt-9V3h0nDX1hmyNU-es4.roa
File: 3btPlVNt-9V3h0nDX1hmyNU-es4.roa (raw, json)
Hash identifier: UOOVRebO8hxwXhif146SOalpOHtKt+t/e0b3RTeySOk=
Subject key identifier: DD:BB:4F:95:53:6D:FB:D5:77:87:49:C3:5F:58:66:C8:D5:3E:7A:CE
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 019C2D48316F898636C98C81CF3535AF405D
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/3btPlVNt-9V3h0nDX1hmyNU-es4.roa
Signing time: Thu 05 Feb 2026 10:10:31 +0000
ROA not before: Thu 05 Feb 2026 10:10:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33908
IP address blocks: 94.125.8.0/24 maxlen: 24
94.125.13.0/24 maxlen: 24
185.42.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2d:48:31:6f:89:86:36:c9:8c:81:cf:35:35:af:40:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Feb 5 10:10:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ddbb4f95536dfbd5778749c35f5866c8d53e7ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d7:90:34:da:5c:4f:70:bf:07:e8:a4:9b:8b:
c0:a4:c1:0a:21:02:ce:93:c5:7d:af:ff:71:96:4e:
a5:4c:ba:11:e6:bf:d9:77:5d:bb:39:0d:c2:6b:91:
6c:3d:36:7f:2c:ef:ef:55:fa:92:dc:8e:11:e6:82:
2b:ec:09:8e:0a:fe:b5:4a:70:12:96:77:8f:be:1d:
4a:31:e3:c3:7b:18:f5:9f:70:39:8b:dc:c0:a1:bc:
4f:6f:07:ed:1e:01:14:59:ca:de:85:e6:c7:7e:f5:
4d:62:b0:9c:0f:45:57:9a:cf:4e:50:2e:ff:6c:b6:
96:19:0c:38:34:15:60:c9:00:32:34:4a:25:4d:b8:
71:e0:a5:b7:2d:32:7a:1f:ea:2f:d2:66:5d:43:24:
f5:c0:13:89:50:b4:ba:03:fe:1d:47:81:16:e5:f2:
5d:46:0e:1b:46:b1:f8:40:73:a1:2a:51:30:fc:4c:
b2:70:69:af:3c:26:af:03:b8:dd:e6:2c:08:8a:d5:
a9:f7:46:59:d9:c8:46:e0:6a:72:2b:d8:02:94:c5:
cb:6d:5c:00:4d:8e:97:68:91:72:cb:ed:64:da:d4:
79:98:9a:e9:fd:8a:72:19:51:7b:36:96:74:61:79:
e4:d1:7f:07:89:fa:9b:15:72:cf:0f:7c:4e:f4:3a:
3e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BB:4F:95:53:6D:FB:D5:77:87:49:C3:5F:58:66:C8:D5:3E:7A:CE
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/3btPlVNt-9V3h0nDX1hmyNU-es4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.8.0/24
94.125.13.0/24
185.42.62.0/24
Signature Algorithm: sha256WithRSAEncryption
65:cc:94:c6:26:85:89:da:69:b4:f5:79:79:98:07:20:0c:3a:
be:82:e9:9e:46:a2:bb:eb:d9:7f:91:d1:91:c9:9f:b2:3a:ae:
5b:e2:31:0c:f9:53:d2:5a:83:ab:55:d0:50:2e:ab:12:e1:41:
a5:49:dc:d8:5a:e9:38:32:6b:7c:b6:90:63:c4:e1:a6:3d:ba:
8a:8c:51:aa:9a:7f:a3:19:65:2d:d9:2e:7a:8e:57:49:36:1a:
9b:ee:6e:1b:c9:a5:25:b7:88:34:ec:f2:8d:b9:6f:b0:34:e4:
c9:39:b0:e0:f1:3a:01:7b:8c:e0:5e:0e:ab:c2:94:1c:ad:a3:
f2:77:0e:18:9b:0e:1b:18:50:e0:b6:a9:5b:bf:07:48:bf:6b:
2a:73:4e:a7:bf:5c:c8:3b:54:ac:54:cd:79:bc:a0:d4:3a:01:
63:26:e8:d9:fb:98:9c:b3:eb:21:68:1f:a9:fd:6e:26:85:ad:
9c:61:fd:c1:d8:c4:11:10:97:11:55:2a:c8:ca:d9:ad:88:3a:
43:8e:bf:f1:aa:e9:f7:98:6f:45:7e:1c:16:03:ef:d0:56:36:
08:2d:b6:d1:a2:4e:55:b9:f2:de:32:0f:91:58:fb:2e:84:4e:
72:7d:95:aa:89:1c:15:36:fb:d2:61:f0:4d:5c:a1:f2:88:ef:
a0:4b:43:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZwtSDFviYY2yYyBzzU1r0BdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjYwMjA1MTAxMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJiNGY5NTUzNmRmYmQ1Nzc4NzQ5YzM1ZjU4NjZjOGQ1M2U3YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29eQNNpcT3C/B+ikm4vApMEKIQLO
k8V9r/9xlk6lTLoR5r/Zd127OQ3Ca5FsPTZ/LO/vVfqS3I4R5oIr7AmOCv61SnAS
lnePvh1KMePDexj1n3A5i9zAobxPbwftHgEUWcrehebHfvVNYrCcD0VXms9OUC7/
bLaWGQw4NBVgyQAyNEolTbhx4KW3LTJ6H+ov0mZdQyT1wBOJULS6A/4dR4EW5fJd
Rg4bRrH4QHOhKlEw/EyycGmvPCavA7jd5iwIitWp90ZZ2chG4GpyK9gClMXLbVwA
TY6XaJFyy+1k2tR5mJrp/YpyGVF7NpZ0YXnk0X8HifqbFXLPD3xO9Do+qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN27T5VTbfvVd4dJw19YZsjVPnrOMB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvM2J0UGxWTnQtOVYzaDBuRFgxaG15TlUtZXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYtM2Q1MjIxODFhMmM0
LzEvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXn0IAwQA
Xn0NAwQAuSo+MA0GCSqGSIb3DQEBCwUAA4IBAQBlzJTGJoWJ2mm09Xl5mAcgDDq+
gumeRqK769l/kdGRyZ+yOq5b4jEM+VPSWoOrVdBQLqsS4UGlSdzYWuk4Mmt8tpBj
xOGmPbqKjFGqmn+jGWUt2S56jldJNhqb7m4byaUlt4g07PKNuW+wNOTJObDg8ToB
e4zgXg6rwpQcraPydw4Ymw4bGFDgtqlbvwdIv2sqc06nv1zIO1SsVM15vKDUOgFj
JujZ+5ics+shaB+p/W4mha2cYf3B2MQREJcRVSrIytmtiDpDjr/xqun3mG9FfhwW
A+/QVjYILbbRok5VufLeMg+RWPsuhE5yfZWqiRwVNvvSYfBNXKHyiO+gS0Mg
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:20:07 2026 by rpki-client