Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/cxpnqAln6hhdNSSyG6qFvgqIbyw.roa
File: cxpnqAln6hhdNSSyG6qFvgqIbyw.roa (raw, json)
Hash identifier: iyYEFth/WwaalutGJ5J/GHoRvV6KCxdd9XrPvperx+Y=
Subject key identifier: 73:1A:67:A8:09:67:EA:18:5D:35:24:B2:1B:AA:85:BE:0A:88:6F:2C
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 019C9E8D9D6F0BFDF7E602593CB5A024F351
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/cxpnqAln6hhdNSSyG6qFvgqIbyw.roa
Signing time: Fri 27 Feb 2026 10:03:26 +0000
ROA not before: Fri 27 Feb 2026 10:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 31.14.38.0/23 maxlen: 23
45.132.25.0/24 maxlen: 24
185.155.53.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:8d:9d:6f:0b:fd:f7:e6:02:59:3c:b5:a0:24:f3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Feb 27 10:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=731a67a80967ea185d3524b21baa85be0a886f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:39:05:e1:64:17:04:95:51:47:ee:82:2b:87:
e2:ab:3f:09:09:e0:55:ae:09:29:7f:f4:15:00:ee:
3d:65:e5:c5:c2:a4:6f:f2:2d:4b:4b:24:c7:e8:11:
1e:79:fd:40:7e:eb:63:2a:a6:85:fe:f4:85:5c:e6:
c3:d9:ed:6b:8a:f2:51:30:33:ad:6e:08:c3:4a:f7:
47:8d:3f:fc:8c:2e:53:5b:1b:0a:b1:62:ae:cc:5d:
0c:36:98:bb:99:8e:fc:06:b7:19:a5:73:51:d6:79:
01:0a:2e:a0:7e:62:be:19:f8:e8:87:cc:e8:59:6b:
c8:4b:35:85:19:0f:0a:17:d4:e7:3a:e1:89:64:7a:
12:97:2d:df:f9:19:bf:87:9c:e3:54:72:2e:3c:90:
17:a3:13:59:68:7c:14:30:a6:fb:d0:e4:9d:73:e2:
f0:d9:d3:21:28:d1:b2:82:31:69:de:90:77:29:94:
b0:7b:b1:6b:84:f6:3a:2a:fd:87:15:28:6b:c2:50:
ce:5e:87:28:17:1e:bf:d5:2a:bf:48:6a:e2:68:38:
d1:fd:98:61:b9:c8:26:37:c5:17:70:b4:b8:ad:05:
a4:98:a3:30:59:b1:1e:52:d3:3e:d5:8f:3d:86:f7:
88:2d:f3:43:0d:03:3b:22:87:8d:cb:46:5a:44:e1:
08:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1A:67:A8:09:67:EA:18:5D:35:24:B2:1B:AA:85:BE:0A:88:6F:2C
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/cxpnqAln6hhdNSSyG6qFvgqIbyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.38.0/23
45.132.25.0/24
185.155.53.0-185.155.55.255
Signature Algorithm: sha256WithRSAEncryption
69:c1:da:c4:10:7b:4b:fd:58:87:66:0c:f6:0d:18:ed:2c:40:
43:d5:63:06:6e:e1:a1:4b:2d:fb:07:2e:d9:78:a0:8a:38:38:
c0:49:7c:4c:d1:bc:fb:7c:24:63:bc:ac:7d:82:ad:fc:42:29:
09:72:49:ee:d8:fe:dc:b3:ec:21:1d:8f:58:70:f5:bd:f1:df:
10:20:93:ca:14:04:99:46:64:88:72:4d:73:5c:87:a2:a1:ee:
bf:a7:a3:51:0c:55:08:ce:ca:d7:f8:3a:b5:14:65:0c:c9:8e:
62:92:b6:40:3e:cd:71:66:79:d9:b9:5c:ce:23:83:bb:bb:ad:
81:4a:59:50:15:20:b6:b0:2f:82:b9:18:08:2f:1d:14:ba:d1:
90:ae:86:11:d9:34:dd:9f:ec:d2:62:2f:10:ff:00:6c:df:b6:
77:8b:47:47:02:f9:5d:cf:dc:d1:fb:34:41:81:c2:12:5e:f7:
18:bc:e7:44:73:08:6c:78:8c:29:e1:44:74:28:a3:c3:47:aa:
1d:c3:66:b8:ca:b8:db:2e:32:1d:19:24:79:a3:98:f6:59:95:
52:1a:d1:7b:c1:ac:eb:3f:de:b0:02:3a:e9:61:e8:50:c1:39:
40:7e:a0:06:cb:0e:be:cf:bd:77:9e:cf:d6:e2:9d:9f:0f:f6:
d3:e5:70:08
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZyejZ1vC/335gJZPLWgJPNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjYwMjI3MTAwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFhNjdhODA5NjdlYTE4NWQzNTI0YjIxYmFhODViZTBhODg2ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzkF4WQXBJVRR+6CK4fiqz8JCeBV
rgkpf/QVAO49ZeXFwqRv8i1LSyTH6BEeef1AfutjKqaF/vSFXObD2e1rivJRMDOt
bgjDSvdHjT/8jC5TWxsKsWKuzF0MNpi7mY78BrcZpXNR1nkBCi6gfmK+Gfjoh8zo
WWvISzWFGQ8KF9TnOuGJZHoSly3f+Rm/h5zjVHIuPJAXoxNZaHwUMKb70OSdc+Lw
2dMhKNGygjFp3pB3KZSwe7FrhPY6Kv2HFShrwlDOXocoFx6/1Sq/SGriaDjR/Zhh
ucgmN8UXcLS4rQWkmKMwWbEeUtM+1Y89hveILfNDDQM7IoeNy0ZaROEIbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHMaZ6gJZ+oYXTUkshuqhb4KiG8sMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvY3hwbnFBbG42aGhkTlNTeUc2cUZ2Z3FJYnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBHw4mAwQA
LYQZMAwDBAC5mzUDBAO5mzAwDQYJKoZIhvcNAQELBQADggEBAGnB2sQQe0v9WIdm
DPYNGO0sQEPVYwZu4aFLLfsHLtl4oIo4OMBJfEzRvPt8JGO8rH2CrfxCKQlySe7Y
/tyz7CEdj1hw9b3x3xAgk8oUBJlGZIhyTXNch6Kh7r+no1EMVQjOytf4OrUUZQzJ
jmKStkA+zXFmedm5XM4jg7u7rYFKWVAVILawL4K5GAgvHRS60ZCuhhHZNN2f7NJi
LxD/AGzftneLR0cC+V3P3NH7NEGBwhJe9xi850RzCGx4jCnhRHQoo8NHqh3DZrjK
uNsuMh0ZJHmjmPZZlVIa0XvBrOs/3rACOulh6FDBOUB+oAbLDr7PvXeez9binZ8P
9tPlcAg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:42:41 2026 by rpki-client