Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/r3n82DH_kgDzSCiIox4JVvtuuKs.roa
File: r3n82DH_kgDzSCiIox4JVvtuuKs.roa (raw, json)
Hash identifier: GscB1Y7vMXzC56pZeD7dY6Lb7cyydY/SgoKF16qKY1A=
Subject key identifier: AF:79:FC:D8:31:FF:92:00:F3:48:28:88:A3:1E:09:56:FB:6E:B8:AB
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 019E28D81205F70E05B365A9423940A5FFF0
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/r3n82DH_kgDzSCiIox4JVvtuuKs.roa
Signing time: Thu 14 May 2026 23:35:09 +0000
ROA not before: Thu 14 May 2026 23:35:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56887
IP address blocks: 31.131.44.0/23 maxlen: 24
176.113.99.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
176.113.108.0/22 maxlen: 22
176.124.72.0/22 maxlen: 22
176.124.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:d8:12:05:f7:0e:05:b3:65:a9:42:39:40:a5:ff:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 14 23:35:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af79fcd831ff9200f3482888a31e0956fb6eb8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:70:66:59:ca:dd:91:41:04:e7:56:30:bd:
24:1a:94:e7:a8:5e:75:19:1e:6a:0a:71:7c:30:1a:
33:3f:3f:a8:18:2f:c4:e9:45:46:46:a3:7a:cb:4e:
69:dc:97:86:bf:09:57:89:e4:de:65:12:22:c9:74:
0e:8b:73:08:09:5b:39:eb:c5:90:f3:29:36:84:c4:
25:70:1d:8f:ca:96:90:61:a5:d1:10:74:c5:a2:01:
b9:7c:57:8c:49:a3:cb:68:b6:54:3e:30:82:d2:c9:
96:37:84:f5:e4:b5:fc:58:aa:53:dc:da:73:13:dc:
87:c6:e2:ad:2a:5f:33:90:8a:01:a2:a0:b5:28:0f:
3f:8c:54:c6:ca:3a:f6:ca:e6:b1:86:26:f5:66:fe:
8e:a6:1a:7a:ac:26:d5:79:d9:35:11:c6:9a:ca:95:
3e:d7:60:6c:fc:79:57:a4:32:bb:10:f1:ac:79:a9:
c6:12:48:5a:79:cc:74:59:55:cf:5a:be:d3:51:08:
d5:b3:fd:40:31:c9:f1:d9:69:66:4d:c8:03:cf:6b:
96:cf:72:30:9e:2f:48:88:a8:ce:c4:76:81:39:e0:
64:34:27:2e:07:69:83:40:35:65:c8:ea:9b:06:79:
14:c8:b6:99:79:96:b4:14:94:ae:42:24:2c:59:57:
12:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:79:FC:D8:31:FF:92:00:F3:48:28:88:A3:1E:09:56:FB:6E:B8:AB
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/r3n82DH_kgDzSCiIox4JVvtuuKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.44.0/23
176.113.99.0/24
176.113.104.0/21
176.124.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:5c:f9:76:d6:dd:d6:e6:75:6d:e8:16:76:ce:9a:84:06:d1:
c5:c0:b8:e7:96:66:04:61:a4:95:17:57:54:5f:e4:4a:0c:33:
88:a0:e5:63:ae:71:f5:0c:b6:7f:3f:ac:ae:ef:2d:32:26:4f:
dd:8a:45:7e:43:9d:9a:b1:68:1d:35:24:72:cd:95:71:dc:44:
fe:78:d4:3a:67:0d:e4:8b:1d:f7:73:36:69:2c:3d:6c:5f:ca:
0b:24:e1:29:e5:ab:d7:ab:26:18:52:53:c5:4c:f8:92:a1:af:
be:0d:82:21:0d:3e:2b:27:65:2a:f2:a3:a7:89:63:52:74:f3:
e2:6d:a4:e0:27:f7:7a:ed:24:4a:ec:75:42:cb:ad:e6:df:9d:
7e:cc:60:f4:0f:57:9e:ce:bc:81:be:99:89:d1:e6:8d:47:95:
a6:e4:cf:76:06:3c:5d:4c:d6:76:92:e3:9f:e9:e9:4e:b0:2d:
c9:63:80:ca:9d:02:90:9f:4d:96:f1:e3:60:cf:bb:73:9f:ef:
33:60:be:82:9a:7a:6c:7f:f0:26:e6:ed:e0:93:e1:93:0b:71:
9a:af:01:26:18:ec:c2:32:f0:d0:cb:8a:ff:9e:ed:0a:6c:a2:
1d:69:b5:8a:41:f7:06:d8:65:5e:71:d0:b6:1c:09:7f:c1:a3:
a4:5b:6f:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4o2BIF9w4Fs2WpQjlApf/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjYwNTE0MjMzNTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc5ZmNkODMxZmY5MjAwZjM0ODI4ODhhMzFlMDk1NmZiNmViOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2xwZlnK3ZFBBOdWML0kGpTnqF51
GR5qCnF8MBozPz+oGC/E6UVGRqN6y05p3JeGvwlXieTeZRIiyXQOi3MICVs568WQ
8yk2hMQlcB2PypaQYaXREHTFogG5fFeMSaPLaLZUPjCC0smWN4T15LX8WKpT3Npz
E9yHxuKtKl8zkIoBoqC1KA8/jFTGyjr2yuaxhib1Zv6Ophp6rCbVedk1EcaaypU+
12Bs/HlXpDK7EPGseanGEkhaecx0WVXPWr7TUQjVs/1AMcnx2WlmTcgDz2uWz3Iw
ni9IiKjOxHaBOeBkNCcuB2mDQDVlyOqbBnkUyLaZeZa0FJSuQiQsWVcSJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK95/Ngx/5IA80goiKMeCVb7brirMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvcjNuODJESF9rZ0R6U0NpSW94NEpWdnR1dUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH4MsAwQA
sHFjAwQDsHFoAwQDsHxIMA0GCSqGSIb3DQEBCwUAA4IBAQA/XPl21t3W5nVt6BZ2
zpqEBtHFwLjnlmYEYaSVF1dUX+RKDDOIoOVjrnH1DLZ/P6yu7y0yJk/dikV+Q52a
sWgdNSRyzZVx3ET+eNQ6Zw3kix33czZpLD1sX8oLJOEp5avXqyYYUlPFTPiSoa++
DYIhDT4rJ2Uq8qOniWNSdPPibaTgJ/d67SRK7HVCy63m351+zGD0D1eezryBvpmJ
0eaNR5Wm5M92BjxdTNZ2kuOf6elOsC3JY4DKnQKQn02W8eNgz7tzn+8zYL6Cmnps
f/Am5u3gk+GTC3GarwEmGOzCMvDQy4r/nu0KbKIdabWKQfcG2GVecdC2HAl/waOk
W2+c
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:41:24 2026 by rpki-client