Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/N3w35B6tJjZBnG0TN049ln5pJ7s.roa
File: N3w35B6tJjZBnG0TN049ln5pJ7s.roa (raw, json)
Hash identifier: s8TVxsDKxlSUH4tgci4aH3x9HRphwx/toiD82zV03+I=
Subject key identifier: 37:7C:37:E4:1E:AD:26:36:41:9C:6D:13:37:4E:3D:96:7E:69:27:BB
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 019C00690CD07006575D1B5B4BF1B47D90D6
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/N3w35B6tJjZBnG0TN049ln5pJ7s.roa
Signing time: Tue 27 Jan 2026 17:03:30 +0000
ROA not before: Tue 27 Jan 2026 17:03:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49418
IP address blocks: 194.153.135.0/24 maxlen: 24
2a01:ecc0:3::/48 maxlen: 48
2a01:ecc0:4::/48 maxlen: 48
2a01:ecc0:280::/42 maxlen: 42
2a01:ecc0:640::/42 maxlen: 42
2a01:ecc0:740::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:00:69:0c:d0:70:06:57:5d:1b:5b:4b:f1:b4:7d:90:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Jan 27 17:03:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=377c37e41ead2636419c6d13374e3d967e6927bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7b:f6:8a:31:1f:99:e8:39:58:ae:23:14:da:
d4:cd:6a:96:9d:9a:6d:7e:1f:33:50:2e:da:cc:42:
35:6f:63:4a:61:a4:a4:25:38:72:4e:32:f3:6b:b3:
40:fb:9b:15:3e:35:3c:81:58:10:3d:97:a9:62:fc:
27:6c:82:57:c6:e4:ee:80:e2:3a:40:a3:53:40:c7:
b0:8f:d0:f4:ce:ad:e9:48:49:d2:ef:cf:f2:0d:6f:
d0:a6:a9:ca:85:db:12:ce:98:36:cc:2f:a1:ed:ec:
ef:a2:5b:62:8a:67:69:da:89:97:3e:47:a7:e3:28:
a1:8d:88:8c:e5:d4:a0:78:82:62:4e:e1:09:13:e8:
71:12:95:62:bd:0c:5f:10:bc:79:cf:99:0d:b0:c7:
58:c3:31:4a:8f:ff:6b:73:03:9a:13:d0:66:ec:85:
ad:5d:a3:22:a2:94:0f:b4:d7:84:8d:9d:09:c7:2e:
c1:f6:fa:54:6b:c9:8f:db:a6:53:d2:75:aa:b3:ea:
2b:8b:c9:f9:a5:1b:ca:df:64:26:9a:05:1f:b0:37:
23:cc:3f:30:83:7c:74:47:4b:bd:cc:6c:ce:54:a1:
81:20:08:65:7e:26:7e:7a:c4:a2:30:9b:20:21:b4:
77:66:c8:c2:f9:0e:91:f0:03:a6:55:88:44:f1:9e:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7C:37:E4:1E:AD:26:36:41:9C:6D:13:37:4E:3D:96:7E:69:27:BB
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/N3w35B6tJjZBnG0TN049ln5pJ7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.135.0/24
IPv6:
2a01:ecc0:3::-2a01:ecc0:4:ffff:ffff:ffff:ffff:ffff
2a01:ecc0:280::/42
2a01:ecc0:640::/42
2a01:ecc0:740::/42
Signature Algorithm: sha256WithRSAEncryption
24:fe:a6:90:aa:15:7d:18:b4:db:4f:51:90:5f:db:bd:00:a1:
e2:d3:80:48:c7:59:8a:f6:00:54:df:3f:10:71:7c:10:49:e4:
32:a0:c5:e6:35:22:62:89:3a:ff:3a:0f:a5:a8:08:54:14:29:
e0:92:74:43:4b:89:e0:c1:f7:e3:b3:de:4e:4a:e7:67:e9:d8:
10:5d:a1:95:16:8b:4d:c2:63:65:fd:9f:8f:98:29:61:cd:23:
69:0f:53:56:33:ca:72:2f:e0:da:69:fe:a4:aa:c1:02:73:18:
b1:db:ab:de:42:01:5b:81:60:ff:c3:f2:d3:a7:ea:2e:f4:69:
c6:f6:16:60:b1:87:1a:ce:69:75:e4:65:b3:fd:8a:62:62:9e:
6b:b5:6e:7e:c4:e0:9b:3a:fa:c4:95:e3:30:68:d2:92:32:5b:
a3:43:5b:1c:35:fe:c3:45:c3:33:90:34:79:e0:f9:0c:a5:b9:
67:e6:eb:c8:7a:0e:1a:ad:f9:63:7d:30:93:15:59:06:be:10:
f5:16:b0:d7:2e:2c:16:df:9c:14:28:6e:89:17:b1:7c:46:83:
e3:52:5a:c8:40:23:b6:96:d8:f6:53:43:f6:12:fe:97:0c:f3:
99:1b:55:89:b9:41:0f:33:6f:83:c3:90:af:98:67:f8:e0:d8:
47:b1:23:48
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZwAaQzQcAZXXRtbS/G0fZDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjYwMTI3MTcwMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzdjMzdlNDFlYWQyNjM2NDE5YzZkMTMzNzRlM2Q5NjdlNjkyN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHv2ijEfmeg5WK4jFNrUzWqWnZpt
fh8zUC7azEI1b2NKYaSkJThyTjLza7NA+5sVPjU8gVgQPZepYvwnbIJXxuTugOI6
QKNTQMewj9D0zq3pSEnS78/yDW/QpqnKhdsSzpg2zC+h7ezvoltiimdp2omXPken
4yihjYiM5dSgeIJiTuEJE+hxEpVivQxfELx5z5kNsMdYwzFKj/9rcwOaE9Bm7IWt
XaMiopQPtNeEjZ0Jxy7B9vpUa8mP26ZT0nWqs+ori8n5pRvK32QmmgUfsDcjzD8w
g3x0R0u9zGzOVKGBIAhlfiZ+esSiMJsgIbR3ZsjC+Q6R8AOmVYhE8Z4MuQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFDd8N+QerSY2QZxtEzdOPZZ+aSe7MB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvTjN3MzVCNnRKalpCbkcwVE4wNDlsbjVwSjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAMBAIAATAGAwQAwpmHMDUE
AgACMC8wEgMHACoB7MAAAwMHACoB7MAABAMHBioB7MACgAMHBioB7MAGQAMHBioB
7MAHQDANBgkqhkiG9w0BAQsFAAOCAQEAJP6mkKoVfRi0209RkF/bvQCh4tOASMdZ
ivYAVN8/EHF8EEnkMqDF5jUiYok6/zoPpagIVBQp4JJ0Q0uJ4MH347PeTkrnZ+nY
EF2hlRaLTcJjZf2fj5gpYc0jaQ9TVjPKci/g2mn+pKrBAnMYsdur3kIBW4Fg/8Py
06fqLvRpxvYWYLGHGs5pdeRls/2KYmKea7VufsTgmzr6xJXjMGjSkjJbo0NbHDX+
w0XDM5A0eeD5DKW5Z+bryHoOGq35Y30wkxVZBr4Q9Raw1y4sFt+cFChuiRexfEaD
41JayEAjtpbY9lND9hL+lwzzmRtViblBDzNvg8OQr5hn+ODYR7EjSA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:26:03 2026 by rpki-client