Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/3RCjNuMxUkfSYyNOUlggwRfWfc4.roa
File: 3RCjNuMxUkfSYyNOUlggwRfWfc4.roa (raw, json)
Hash identifier: UnwrsssJDeDLbtzFhokPg+3DUFYJBO3poSSiUsMCOJk=
Subject key identifier: DD:10:A3:36:E3:31:52:47:D2:63:23:4E:52:58:20:C1:17:D6:7D:CE
Certificate issuer: /CN=27bb32aa8c9f8d05c517be2ad6652f66550a8d57
Certificate serial: 019C4C364CC7FEA5AAC38457DAA6FA791394
Authority key identifier: 27:BB:32:AA:8C:9F:8D:05:C5:17:BE:2A:D6:65:2F:66:55:0A:8D:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/3RCjNuMxUkfSYyNOUlggwRfWfc4.roa
Signing time: Wed 11 Feb 2026 10:19:12 +0000
ROA not before: Wed 11 Feb 2026 10:19:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61049
IP address blocks: 80.252.124.0/24 maxlen: 24
185.20.52.0/24 maxlen: 24
185.20.53.0/24 maxlen: 24
185.20.54.0/24 maxlen: 24
185.20.55.0/24 maxlen: 24
185.159.191.0/24 maxlen: 24
185.195.116.0/24 maxlen: 24
185.195.117.0/24 maxlen: 24
185.195.118.0/24 maxlen: 24
185.195.119.0/24 maxlen: 24
185.231.216.0/24 maxlen: 24
185.231.217.0/24 maxlen: 24
185.231.218.0/24 maxlen: 24
2a04:13c0::/32 maxlen: 32
2a04:13c1::/32 maxlen: 32
2a04:13c3::/32 maxlen: 32
2a04:13c5::/32 maxlen: 32
2a0c:8301::/32 maxlen: 32
2a0c:8305::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:36:4c:c7:fe:a5:aa:c3:84:57:da:a6:fa:79:13:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27bb32aa8c9f8d05c517be2ad6652f66550a8d57
Validity
Not Before: Feb 11 10:19:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd10a336e3315247d263234e525820c117d67dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:ad:c8:ee:20:7a:75:39:04:2e:5f:96:cc:
01:6e:7f:68:6d:ea:2d:b2:f8:1d:3b:9c:81:72:26:
4d:40:68:6e:1e:ef:e5:c1:ba:bb:57:49:a3:48:f5:
74:0c:b8:36:b9:e1:bc:d0:0b:28:55:10:0f:3a:06:
c6:c3:67:6c:0c:fb:b8:a7:1b:3f:b6:f4:25:f0:41:
ff:a5:fa:d5:21:bd:d9:be:b8:d7:70:78:f5:bf:b1:
81:99:90:dc:29:16:78:ef:c7:34:10:01:d1:39:63:
6f:bf:e0:d5:8c:4a:0d:26:5a:b4:65:df:6a:08:9a:
0d:9a:44:82:dd:1e:01:4e:b2:34:b7:ec:03:4f:cb:
44:b8:4e:23:ee:06:81:81:59:88:62:7e:cd:d2:79:
ce:33:d8:3c:f8:89:39:e8:81:ec:c3:b4:08:3e:ba:
ca:79:5e:72:a6:86:64:3f:56:a4:ea:d0:b9:17:b5:
d2:75:4e:6d:eb:fe:2d:e7:e3:3a:5a:7c:cf:e5:2f:
b2:ff:0a:26:37:05:13:db:49:84:d3:27:f2:b4:ad:
4d:e1:3d:9b:35:38:15:4f:7b:38:04:0c:29:0f:87:
d1:c2:f5:0b:bc:f5:a0:91:2d:11:01:b7:b4:f1:30:
1b:3f:76:76:f8:e4:ca:98:d2:18:b7:05:27:a4:a0:
02:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:10:A3:36:E3:31:52:47:D2:63:23:4E:52:58:20:C1:17:D6:7D:CE
X509v3 Authority Key Identifier:
keyid:27:BB:32:AA:8C:9F:8D:05:C5:17:BE:2A:D6:65:2F:66:55:0A:8D:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/3RCjNuMxUkfSYyNOUlggwRfWfc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.124.0/24
185.20.52.0/22
185.159.191.0/24
185.195.116.0/22
185.231.216.0-185.231.218.255
IPv6:
2a04:13c0::/31
2a04:13c3::/32
2a04:13c5::/32
2a0c:8301::/32
2a0c:8305::/32
Signature Algorithm: sha256WithRSAEncryption
9a:e8:62:0b:7a:62:68:2e:2b:93:3e:90:3e:2c:60:dd:9d:fc:
df:a6:26:23:ed:08:2f:b8:6e:06:48:1e:33:47:f6:ff:de:03:
53:c7:15:3f:af:2d:88:02:4a:84:54:44:3e:14:79:7c:c7:92:
62:5c:55:6d:ee:b2:62:8a:3f:ae:9f:fc:d7:f1:91:56:f3:e3:
35:28:28:0e:b6:a2:13:ea:32:78:03:6b:1d:bc:ce:fe:61:39:
52:bf:4f:68:47:e3:e3:21:62:21:70:bd:65:b3:80:30:3c:58:
56:80:f9:68:e2:0b:8f:ae:46:d6:0d:01:25:36:b5:3d:b6:45:
c3:3a:63:c2:58:4c:4e:df:32:cb:4f:68:14:9e:d1:c0:5d:11:
1b:85:0e:dc:a7:83:af:49:59:85:fa:a7:af:d2:34:ba:a6:78:
7a:10:bd:09:11:f1:5e:71:44:43:09:88:38:cd:7c:a3:27:5e:
d4:38:bb:a8:a4:c9:f4:6c:af:f3:52:b8:bb:15:81:43:b1:7b:
37:de:86:f7:bf:6e:06:fa:4e:ac:9c:b6:68:c2:82:01:ff:f2:
8f:9c:60:68:d4:22:84:82:f0:63:b5:c4:6e:66:7d:f3:65:62:
14:ce:f2:0b:27:1e:a9:dc:fd:f0:b9:9f:25:7a:05:00:17:92:
c8:ef:20:57
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZxMNkzH/qWqw4RX2qb6eROUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YmIzMmFhOGM5ZjhkMDVjNTE3YmUyYWQ2NjUyZjY2NTUw
YThkNTcwHhcNMjYwMjExMTAxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEwYTMzNmUzMzE1MjQ3ZDI2MzIzNGU1MjU4MjBjMTE3ZDY3ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH2tyO4genU5BC5flswBbn9obeot
svgdO5yBciZNQGhuHu/lwbq7V0mjSPV0DLg2ueG80AsoVRAPOgbGw2dsDPu4pxs/
tvQl8EH/pfrVIb3ZvrjXcHj1v7GBmZDcKRZ478c0EAHROWNvv+DVjEoNJlq0Zd9q
CJoNmkSC3R4BTrI0t+wDT8tEuE4j7gaBgVmIYn7N0nnOM9g8+Ik56IHsw7QIPrrK
eV5ypoZkP1ak6tC5F7XSdU5t6/4t5+M6WnzP5S+y/womNwUT20mE0yfytK1N4T2b
NTgVT3s4BAwpD4fRwvULvPWgkS0RAbe08TAbP3Z2+OTKmNIYtwUnpKACTwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFN0QozbjMVJH0mMjTlJYIMEX1n3OMB8GA1UdIwQY
MBaAFCe7MqqMn40FxRe+KtZlL2ZVCo1XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdzeXFveWZqUVhGRjc0cTFtVXZabFVLalZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hN2RjZWItZmY1NC00MzZhLTk0MTUt
NDg0MjIxYTFmMjg1LzEvM1JDak51TXhVa2ZTWXlOT1VsZ2d3UmZXZmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hN2RjZWItZmY1NC00MzZhLTk0MTUtNDg0MjIxYTFmMjg1
LzEvSjdzeXFveWZqUVhGRjc0cTFtVXZabFVLalZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAsBAIAATAmAwQAUPx8AwQC
uRQ0AwQAuZ+/AwQCucN0MAwDBAO559gDBAC559owKQQCAAIwIwMFASoEE8ADBQAq
BBPDAwUAKgQTxQMFACoMgwEDBQAqDIMFMA0GCSqGSIb3DQEBCwUAA4IBAQCa6GIL
emJoLiuTPpA+LGDdnfzfpiYj7QgvuG4GSB4zR/b/3gNTxxU/ry2IAkqEVEQ+FHl8
x5JiXFVt7rJiij+un/zX8ZFW8+M1KCgOtqIT6jJ4A2sdvM7+YTlSv09oR+PjIWIh
cL1ls4AwPFhWgPlo4guPrkbWDQElNrU9tkXDOmPCWExO3zLLT2gUntHAXREbhQ7c
p4OvSVmF+qev0jS6pnh6EL0JEfFecURDCYg4zXyjJ17UOLuopMn0bK/zUri7FYFD
sXs33ob3v24G+k6snLZowoIB//KPnGBo1CKEgvBjtcRuZn3zZWIUzvILJx6p3P3w
uZ8legUAF5LI7yBX
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:04:42 2026 by rpki-client