Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3FLJS_yRN2ma4LftunXw1H0RwYQ.roa
File: 3FLJS_yRN2ma4LftunXw1H0RwYQ.roa (raw, json)
Hash identifier: WdS91TIfLxE4oSIwEK2fRZ7HNBIwlQZVjvUqp01YTtQ=
Subject key identifier: DC:52:C9:4B:FC:91:37:69:9A:E0:B7:ED:BA:75:F0:D4:7D:11:C1:84
Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Certificate serial: 019C489D48229D906A468B819CD58351870D
Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3FLJS_yRN2ma4LftunXw1H0RwYQ.roa
Signing time: Tue 10 Feb 2026 17:33:13 +0000
ROA not before: Tue 10 Feb 2026 17:33:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48014
IP address blocks: 31.41.33.0/24 maxlen: 24
45.88.89.0/24 maxlen: 24
46.183.20.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
2001:3781::/32 maxlen: 32
2001:3783::/32 maxlen: 32
2001:3787::/32 maxlen: 32
2a12:4040::/32 maxlen: 32
2a12:4045::/32 maxlen: 32
2a12:4047::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:48:9d:48:22:9d:90:6a:46:8b:81:9c:d5:83:51:87:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Validity
Not Before: Feb 10 17:33:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc52c94bfc9137699ae0b7edba75f0d47d11c184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:6b:96:4a:86:34:eb:c2:94:3c:d8:ee:b5:
a8:4a:11:33:da:78:61:ca:95:96:c5:34:cb:56:4c:
e5:78:b9:ab:c8:27:b0:ec:50:d3:4e:fe:81:61:b0:
c2:dd:c1:02:c6:8e:69:c0:2d:d1:fa:77:b3:37:2d:
a8:f8:cc:fd:05:0e:fd:fd:57:4e:81:d2:ed:61:19:
7d:90:73:6d:6c:cd:4c:fc:8c:73:f0:a1:82:ca:56:
44:dd:35:16:9d:48:cc:da:a2:a3:d4:45:b4:9d:ae:
e6:65:f6:76:d2:a9:a8:c2:eb:ed:63:ea:f5:ee:c7:
c1:00:15:0f:a2:55:6f:0d:8d:f0:85:4f:47:36:13:
a7:30:42:21:60:d8:67:c9:78:7c:d3:a9:52:a3:2d:
7c:bb:d0:46:41:f8:8f:49:d3:03:ec:c8:8a:94:43:
06:45:13:06:a5:bf:90:4d:6d:61:26:c3:ae:1c:e9:
98:b4:e2:ea:e3:62:76:c5:db:b0:93:a9:e5:ec:24:
78:19:85:e0:73:f4:b2:a3:e4:00:dc:22:c2:ea:90:
2f:79:0d:f1:db:f5:d6:04:ce:a6:ac:c6:7d:32:07:
0c:d3:da:be:8e:f3:99:72:f2:82:73:9f:45:52:53:
3c:c3:74:a4:08:b2:22:a0:9b:62:63:4c:b7:fc:dc:
81:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:52:C9:4B:FC:91:37:69:9A:E0:B7:ED:BA:75:F0:D4:7D:11:C1:84
X509v3 Authority Key Identifier:
keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3FLJS_yRN2ma4LftunXw1H0RwYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
45.88.89.0/24
46.183.20.0/24
84.54.48.0/24
IPv6:
2001:3781::/32
2001:3783::/32
2001:3787::/32
2a12:4040::/32
2a12:4045::/32
2a12:4047::/32
Signature Algorithm: sha256WithRSAEncryption
4a:6c:b1:80:b1:c7:8b:04:de:4c:6f:d0:89:6c:3d:ba:89:36:
d2:cb:c5:e8:50:72:78:63:3c:42:67:6a:d1:65:35:49:1f:cd:
97:bf:f9:bb:28:7c:b8:12:86:3c:e0:c1:ab:8b:00:b4:f7:74:
93:3a:f4:ef:dc:bb:a3:94:3e:79:c7:18:81:ce:a7:a8:78:b7:
19:24:bf:db:c7:b6:8f:d1:41:6b:4a:a4:74:17:0e:7b:b2:46:
a7:10:90:62:84:ec:fc:d8:90:59:40:bb:79:b9:b3:97:e0:92:
88:15:39:48:30:ae:5c:bb:de:df:43:3a:b8:74:5f:18:a0:c8:
e0:a1:e7:f2:4d:31:cb:14:d1:8a:d2:c3:c0:3c:c9:af:36:cf:
3b:ff:36:38:3d:02:6d:1a:85:8a:e2:39:3a:35:07:fa:2b:c5:
51:a5:6d:69:50:e2:63:b7:e8:c5:89:2a:8d:80:f2:e4:99:5e:
bf:8f:14:2e:59:b2:ee:b0:3d:bd:ea:b4:33:aa:0d:12:fd:ce:
e9:3e:5b:da:47:e8:50:0b:f4:4c:ac:7e:78:f7:3e:c6:ce:0a:
e8:7d:ef:90:2c:9f:97:e2:c9:56:28:bb:e9:a6:8e:d7:5b:39:
02:6a:47:5a:77:5b:02:26:11:e9:20:1e:e0:1b:1d:8f:42:65:
60:e3:dc:e3
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZxInUginZBqRouBnNWDUYcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh
NTc2ZDEwHhcNMjYwMjEwMTczMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUyYzk0YmZjOTEzNzY5OWFlMGI3ZWRiYTc1ZjBkNDdkMTFjMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs51rlkqGNOvClDzY7rWoShEz2nhh
ypWWxTTLVkzleLmryCew7FDTTv6BYbDC3cECxo5pwC3R+nezNy2o+Mz9BQ79/VdO
gdLtYRl9kHNtbM1M/Ixz8KGCylZE3TUWnUjM2qKj1EW0na7mZfZ20qmowuvtY+r1
7sfBABUPolVvDY3whU9HNhOnMEIhYNhnyXh806lSoy18u9BGQfiPSdMD7MiKlEMG
RRMGpb+QTW1hJsOuHOmYtOLq42J2xduwk6nl7CR4GYXgc/Syo+QA3CLC6pAveQ3x
2/XWBM6mrMZ9MgcM09q+jvOZcvKCc59FUlM8w3SkCLIioJtiY0y3/NyBHQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFNxSyUv8kTdpmuC37bp18NR9EcGEMB8GA1UdIwQY
MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt
YzgzMDJlODJlYTIyLzEvM0ZMSlNfeVJOMm1hNExmdHVuWHcxSDBSd1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy
LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAeBAIAATAYAwQAHykhAwQA
LVhZAwQALrcUAwQAVDYwMDAEAgACMCoDBQAgATeBAwUAIAE3gwMFACABN4cDBQAq
EkBAAwUAKhJARQMFACoSQEcwDQYJKoZIhvcNAQELBQADggEBAEpssYCxx4sE3kxv
0IlsPbqJNtLLxehQcnhjPEJnatFlNUkfzZe/+bsofLgShjzgwauLALT3dJM69O/c
u6OUPnnHGIHOp6h4txkkv9vHto/RQWtKpHQXDnuyRqcQkGKE7PzYkFlAu3m5s5fg
kogVOUgwrly73t9DOrh0XxigyOCh5/JNMcsU0YrSw8A8ya82zzv/Njg9Am0ahYri
OTo1B/orxVGlbWlQ4mO36MWJKo2A8uSZXr+PFC5Zsu6wPb3qtDOqDRL9zuk+W9pH
6FAL9Eysfnj3PsbOCuh975Asn5fiyVYou+mmjtdbOQJqR1p3WwImEekgHuAbHY9C
ZWDj3OM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:21 2026 by rpki-client