Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/3qSxEChw9irCAsBnGL1aglJvISA.roa
File: 3qSxEChw9irCAsBnGL1aglJvISA.roa (raw, json)
Hash identifier: PyfhVozNUlB/gwxv8UQUKYpkAaFNLcXzJNjNAFwRNlQ=
Subject key identifier: DE:A4:B1:10:28:70:F6:2A:C2:02:C0:67:18:BD:5A:82:52:6F:21:20
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019C2E1F0E7CF71336A3CE0DF29A5969F158
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/3qSxEChw9irCAsBnGL1aglJvISA.roa
Signing time: Thu 05 Feb 2026 14:05:13 +0000
ROA not before: Thu 05 Feb 2026 14:05:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 45.142.46.0/24 maxlen: 24
45.142.47.0/24 maxlen: 24
45.153.229.0/24 maxlen: 24
80.64.30.0/24 maxlen: 24
92.119.228.0/24 maxlen: 24
188.119.66.0/24 maxlen: 24
213.166.80.0/24 maxlen: 24
2a0d:1ac3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2e:1f:0e:7c:f7:13:36:a3:ce:0d:f2:9a:59:69:f1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Feb 5 14:05:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dea4b1102870f62ac202c06718bd5a82526f2120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:e7:a3:47:36:66:dd:91:d8:c8:29:aa:65:
6e:ef:2e:58:7b:0c:04:2b:ab:56:23:6c:d2:b7:21:
51:8c:23:76:aa:db:e3:50:31:ac:af:08:1f:82:25:
f2:96:c4:43:68:c7:d4:0b:3c:2e:f1:ec:de:b0:2c:
14:77:d1:07:96:0b:00:84:b6:47:9d:a8:14:94:32:
96:06:c7:29:4a:26:66:ea:8a:a5:b7:31:31:d3:1e:
dc:72:b0:21:fd:6b:40:97:a3:e6:5b:ff:6d:48:f0:
f3:60:2a:f2:20:23:fc:f1:84:74:2b:75:9d:37:15:
d5:4e:e9:f6:a1:c3:cb:cc:7c:44:f5:b0:3a:c8:19:
ba:99:34:0d:c8:c5:f6:70:3e:74:4d:47:47:be:0d:
4f:8d:db:9b:f8:68:b1:6e:b7:c7:d4:58:ff:84:ea:
fa:bc:d8:43:63:58:46:56:e1:9f:b9:eb:e8:4b:76:
e9:dd:96:bd:97:ae:c2:f0:99:2d:37:b1:0d:21:d4:
bb:f4:af:c3:df:f9:41:c7:0a:e9:cc:14:c5:9e:8d:
12:a1:7f:60:86:95:9d:18:1f:61:5b:75:ee:e8:d7:
8b:1d:f4:fb:9d:6a:46:a5:4c:2f:38:e6:a7:fc:d2:
6f:be:1e:4d:3d:ba:df:c2:d0:64:bf:0b:3c:98:b2:
fc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A4:B1:10:28:70:F6:2A:C2:02:C0:67:18:BD:5A:82:52:6F:21:20
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/3qSxEChw9irCAsBnGL1aglJvISA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.46.0/23
45.153.229.0/24
80.64.30.0/24
92.119.228.0/24
188.119.66.0/24
213.166.80.0/24
IPv6:
2a0d:1ac3::/32
Signature Algorithm: sha256WithRSAEncryption
3c:e6:6f:62:ee:41:fb:16:5e:95:ee:2d:37:d8:06:cb:e7:43:
61:a6:75:95:ac:48:c7:2a:92:c3:42:23:0a:56:5a:c3:a2:ca:
c7:6d:b6:10:3f:02:13:ed:3a:e6:9c:9a:c8:e2:d2:ff:8d:bf:
c9:c8:f0:52:08:ad:c7:82:8e:d1:d6:b6:a1:ae:19:55:42:12:
90:90:21:ee:6a:75:69:f3:88:85:6d:77:80:d8:a8:17:0c:c4:
59:fa:7c:e9:21:af:ca:e2:4a:d3:c7:5d:1f:3a:4e:f1:af:59:
83:b8:9b:dc:80:a3:38:cd:48:64:3f:5c:80:3e:5f:6d:cb:4e:
c4:63:41:a1:66:80:4f:72:94:9d:88:6b:ab:5e:cc:3e:6f:81:
7b:89:dd:a8:7e:0f:df:c9:9e:a5:95:98:79:e0:0f:45:2e:df:
98:a0:2f:1e:b7:9f:8d:57:8d:ec:ba:23:d0:ea:6f:5f:b0:2f:
e1:af:95:8d:e8:92:1d:cc:08:5a:08:7d:5d:5a:ae:4e:8f:2b:
4d:5c:fd:ab:1c:4c:03:37:d2:88:2d:03:86:15:3e:e5:79:ef:
e9:b4:14:04:a8:f1:26:b8:76:d7:6a:2b:4f:ea:cf:f8:22:8d:
d7:4d:85:8c:42:8f:93:c1:42:86:a0:13:98:60:b3:93:49:25:
c5:d7:9e:94
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZwuHw589xM2o84N8ppZafFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjYwMjA1MTQwNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE0YjExMDI4NzBmNjJhYzIwMmMwNjcxOGJkNWE4MjUyNmYyMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQLno0c2Zt2R2MgpqmVu7y5YewwE
K6tWI2zStyFRjCN2qtvjUDGsrwgfgiXylsRDaMfUCzwu8ezesCwUd9EHlgsAhLZH
nagUlDKWBscpSiZm6oqltzEx0x7ccrAh/WtAl6PmW/9tSPDzYCryICP88YR0K3Wd
NxXVTun2ocPLzHxE9bA6yBm6mTQNyMX2cD50TUdHvg1Pjdub+GixbrfH1Fj/hOr6
vNhDY1hGVuGfuevoS3bp3Za9l67C8JktN7ENIdS79K/D3/lBxwrpzBTFno0SoX9g
hpWdGB9hW3Xu6NeLHfT7nWpGpUwvOOan/NJvvh5NPbrfwtBkvws8mLL8yQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN6ksRAocPYqwgLAZxi9WoJSbyEgMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvM3FTeEVDaHc5aXJDQXNCbkdMMWFnbEp2SVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBLY4uAwQA
LZnlAwQAUEAeAwQAXHfkAwQAvHdCAwQA1aZQMA0EAgACMAcDBQAqDRrDMA0GCSqG
SIb3DQEBCwUAA4IBAQA85m9i7kH7Fl6V7i032AbL50NhpnWVrEjHKpLDQiMKVlrD
osrHbbYQPwIT7TrmnJrI4tL/jb/JyPBSCK3Hgo7R1rahrhlVQhKQkCHuanVp84iF
bXeA2KgXDMRZ+nzpIa/K4krTx10fOk7xr1mDuJvcgKM4zUhkP1yAPl9ty07EY0Gh
ZoBPcpSdiGurXsw+b4F7id2ofg/fyZ6llZh54A9FLt+YoC8et5+NV43suiPQ6m9f
sC/hr5WN6JIdzAhaCH1dWq5OjytNXP2rHEwDN9KILQOGFT7lee/ptBQEqPEmuHbX
aitP6s/4Io3XTYWMQo+TwUKGoBOYYLOTSSXF156U
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:19:04 2026 by rpki-client