Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/3ch1Jb7sFGYOGbilPvREcxXxE6k.roa
File: 3ch1Jb7sFGYOGbilPvREcxXxE6k.roa (raw, json)
Hash identifier: J6u00YHUjiuGwv/53UMv+yM4klhV4JggG1AUNdLNZVQ=
Subject key identifier: DD:C8:75:25:BE:EC:14:66:0E:19:B8:A5:3E:F4:44:73:15:F1:13:A9
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 019E4FA1619F6738067A506E448078667F30
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/3ch1Jb7sFGYOGbilPvREcxXxE6k.roa
Signing time: Fri 22 May 2026 12:20:36 +0000
ROA not before: Fri 22 May 2026 12:20:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
78.140.253.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
2a06:4800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:a1:61:9f:67:38:06:7a:50:6e:44:80:78:66:7f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: May 22 12:20:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ddc87525beec14660e19b8a53ef4447315f113a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:eb:84:a0:d7:d2:e3:47:c5:28:00:fb:c0:0a:
02:10:26:8b:d3:8b:3c:a9:32:bd:65:07:33:b8:00:
be:3a:f4:95:49:10:15:a3:42:44:3c:da:c3:8d:06:
24:6d:43:43:fc:81:31:35:fd:52:6b:36:3d:a3:c7:
b3:8d:65:22:77:66:56:92:18:5b:96:07:3e:04:63:
8e:e2:90:5a:9b:2f:10:c3:e4:f5:81:94:94:49:97:
66:96:49:88:d9:72:1c:c6:ba:1f:e0:3d:f6:db:a5:
f3:77:9c:2a:4c:2a:a7:5e:aa:dc:c2:65:4c:dc:9f:
3e:28:c9:8b:3f:9e:13:a2:9c:38:d2:cc:5b:9e:f4:
5c:98:95:14:8d:32:c6:e0:03:6d:60:e9:f1:c7:e9:
ad:9b:d3:ad:ac:6e:0f:16:e2:16:09:9a:73:e1:5a:
03:72:8f:9c:c9:4e:db:b0:7e:47:ef:ac:8c:ae:e1:
d6:77:7a:b5:19:58:c3:31:6a:ed:76:21:11:6a:51:
cd:fa:09:a7:27:f5:42:c5:51:46:50:9c:bd:b6:1b:
9d:8d:c4:77:59:17:e9:42:f9:f2:0e:f8:6b:4a:7f:
ca:5a:01:16:6e:2a:d7:09:81:54:9c:0c:e4:e8:6d:
c5:b7:5b:6a:f7:fc:44:97:ba:94:d7:bb:dd:a9:84:
aa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:75:25:BE:EC:14:66:0E:19:B8:A5:3E:F4:44:73:15:F1:13:A9
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/3ch1Jb7sFGYOGbilPvREcxXxE6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/23
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
22:6c:e3:bc:20:9e:74:fa:ee:84:ab:a2:ae:14:b7:85:40:43:
1e:cf:f2:34:61:57:f9:a7:0d:1f:e1:9c:d3:d6:b1:fb:24:24:
35:45:01:11:6b:12:fe:34:6a:0a:1e:b5:d5:6b:bf:02:12:b3:
65:a8:19:a5:2a:61:3f:e6:59:36:ce:b6:a3:18:4d:80:a4:c1:
27:e1:3b:ee:64:f8:60:72:ee:bc:f8:43:a2:25:0a:6a:5d:67:
9c:58:e0:06:d0:fd:7f:61:84:78:43:c1:e3:b9:f7:3e:17:ba:
87:a9:eb:55:8c:26:85:8a:e7:ea:41:c8:05:88:cf:92:d2:ca:
80:74:62:dc:4e:29:52:13:2a:04:6d:9a:65:8e:fd:0d:d8:28:
3b:74:0a:ca:67:a5:b9:63:5c:24:41:d8:bf:57:39:d8:bd:51:
d5:1d:f1:3a:4c:fd:70:a7:3e:30:a0:ca:7a:1b:f7:e9:2c:bf:
90:ff:5f:d7:67:7d:74:4e:32:19:62:97:55:cb:e4:9f:c6:0d:
52:3e:6d:52:64:5c:4d:09:ba:c6:81:fa:3e:0a:34:63:a4:01:
08:33:5c:45:93:55:31:bf:65:17:56:a3:0e:4f:65:c4:60:c3:
30:23:cf:1f:5c:23:16:b0:dc:0e:d0:fc:3a:9c:af:32:dd:85:
a1:24:ed:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ5PoWGfZzgGelBuRIB4Zn8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjYwNTIyMTIyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM4NzUyNWJlZWMxNDY2MGUxOWI4YTUzZWY0NDQ3MzE1ZjExM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuuEoNfS40fFKAD7wAoCECaL04s8
qTK9ZQczuAC+OvSVSRAVo0JEPNrDjQYkbUND/IExNf1SazY9o8ezjWUid2ZWkhhb
lgc+BGOO4pBamy8Qw+T1gZSUSZdmlkmI2XIcxrof4D3226Xzd5wqTCqnXqrcwmVM
3J8+KMmLP54Topw40sxbnvRcmJUUjTLG4ANtYOnxx+mtm9OtrG4PFuIWCZpz4VoD
co+cyU7bsH5H76yMruHWd3q1GVjDMWrtdiERalHN+gmnJ/VCxVFGUJy9thudjcR3
WRfpQvnyDvhrSn/KWgEWbirXCYFUnAzk6G3Ft1tq9/xEl7qU17vdqYSqZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN3IdSW+7BRmDhm4pT70RHMV8ROpMB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvM2NoMUpiN3NGR1lPR2JpbFB2UkVjeFh4RTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQAibOO8IJ50+u6E
q6KuFLeFQEMez/I0YVf5pw0f4ZzT1rH7JCQ1RQERaxL+NGoKHrXVa78CErNlqBml
KmE/5lk2zrajGE2ApMEn4TvuZPhgcu68+EOiJQpqXWecWOAG0P1/YYR4Q8Hjufc+
F7qHqetVjCaFiufqQcgFiM+S0sqAdGLcTilSEyoEbZpljv0N2Cg7dArKZ6W5Y1wk
Qdi/VznYvVHVHfE6TP1wpz4woMp6G/fpLL+Q/1/XZ310TjIZYpdVy+Sfxg1SPm1S
ZFxNCbrGgfo+CjRjpAEIM1xFk1Uxv2UXVqMOT2XEYMMwI88fXCMWsNwO0Pw6nK8y
3YWhJO3x
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:48 2026 by rpki-client