Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/3I2pFK8nGTJ_uDMRMRqBf5vHxXU.roa
File: 3I2pFK8nGTJ_uDMRMRqBf5vHxXU.roa (raw, json)
Hash identifier: EmVEL6YBB+Z3ZH5Yd/KsUbz2nNCU2trzuyKPxrF9c3s=
Subject key identifier: DC:8D:A9:14:AF:27:19:32:7F:B8:33:11:31:1A:81:7F:9B:C7:C5:75
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 019E96E59A1BB5855A31F40DB6083F6082D5
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/3I2pFK8nGTJ_uDMRMRqBf5vHxXU.roa
Signing time: Fri 05 Jun 2026 08:28:10 +0000
ROA not before: Fri 05 Jun 2026 08:28:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31035
IP address blocks: 31.172.142.0/24 maxlen: 32
92.60.188.0/24 maxlen: 32
128.0.175.0/24 maxlen: 32
217.20.164.0/24 maxlen: 32
217.20.188.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:e5:9a:1b:b5:85:5a:31:f4:0d:b6:08:3f:60:82:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jun 5 08:28:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc8da914af2719327fb83311311a817f9bc7c575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:48:1f:0d:73:97:84:26:2f:86:29:0b:0e:
e6:4e:2d:a7:8e:90:23:78:cd:2e:99:58:1c:ef:80:
b2:d3:76:c6:93:c1:0b:c4:c7:56:11:3d:a2:89:26:
62:72:17:8e:28:b2:5c:99:4a:e2:40:06:0a:9a:74:
ab:99:71:f1:0f:f4:d4:ad:f2:10:6c:cb:e2:c1:0c:
db:cd:a1:d3:d2:f5:08:c2:23:3f:81:11:85:11:cb:
5c:3b:a7:1e:07:b7:99:8c:27:15:6f:9b:2f:39:12:
31:3a:58:85:5e:eb:1a:3b:09:c1:f3:0f:64:c4:f1:
60:90:8c:44:99:e5:10:0c:59:55:b1:24:98:79:ab:
f6:b9:ad:64:9c:dd:8b:a6:39:81:96:82:81:48:eb:
0a:55:c5:cc:66:cd:f6:70:3e:50:98:0d:2f:02:61:
54:04:8c:8d:23:e3:7e:f0:2a:30:87:4b:38:24:2f:
da:ca:d2:ea:e1:1b:e6:2b:3b:57:be:3e:aa:3a:56:
03:86:b9:10:b7:ee:14:d7:0a:21:75:1d:44:71:7d:
bf:e5:d1:04:40:5a:a4:d1:e0:03:61:6b:ac:28:6b:
c3:7a:0f:33:e6:85:7e:98:6e:a8:04:a2:79:4c:96:
89:d6:31:72:17:1b:f8:3c:38:77:76:91:1e:6e:1c:
ae:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8D:A9:14:AF:27:19:32:7F:B8:33:11:31:1A:81:7F:9B:C7:C5:75
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/3I2pFK8nGTJ_uDMRMRqBf5vHxXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.142.0/24
92.60.188.0/24
128.0.175.0/24
217.20.164.0/24
217.20.188.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ef:dc:fb:c5:7b:9b:05:cc:68:ea:08:d1:ae:24:2d:93:ea:
75:07:ae:4c:cf:1b:f2:ab:9f:1f:db:b2:c2:8e:29:0b:85:77:
4d:63:a2:ba:2f:89:64:1b:97:b4:f1:bd:45:df:56:a9:f7:67:
b6:98:b0:72:1a:d6:97:6f:2f:7b:60:26:f0:ae:a4:3c:9e:19:
e1:c9:fe:21:d6:cd:b0:64:53:b8:39:1c:7f:17:7d:ab:32:d7:
9f:28:15:8f:83:9c:6c:a7:e7:66:0a:92:d0:4d:df:bf:c3:a0:
0b:73:3a:6b:16:f5:1a:6d:a4:27:b0:98:ff:54:4b:40:f6:4a:
89:94:9f:5b:5d:95:a6:e0:ff:bf:92:61:43:46:b8:1f:4f:06:
7d:1d:7b:e2:92:63:40:e5:dd:4f:04:f5:8e:83:22:c0:13:0b:
06:02:3c:08:3f:0e:1f:ea:9f:eb:ed:b7:de:28:e4:39:9a:41:
39:fa:ca:6f:fa:54:44:9e:d5:d1:79:10:f2:9f:d3:8d:d5:f8:
e1:67:ed:4e:cb:2b:50:07:57:58:3f:35:93:59:22:99:68:23:
28:4a:3c:65:d1:ed:52:c3:5d:3c:84:f6:9b:2c:f8:f5:06:3d:
7f:70:2b:d7:28:cf:45:ac:f3:39:d0:fe:d8:65:47:ba:29:af:
67:01:81:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6W5ZobtYVaMfQNtgg/YILVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjYwNjA1MDgyODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzhkYTkxNGFmMjcxOTMyN2ZiODMzMTEzMTFhODE3ZjliYzdjNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra9IHw1zl4QmL4YpCw7mTi2njpAj
eM0umVgc74Cy03bGk8ELxMdWET2iiSZicheOKLJcmUriQAYKmnSrmXHxD/TUrfIQ
bMviwQzbzaHT0vUIwiM/gRGFEctcO6ceB7eZjCcVb5svORIxOliFXusaOwnB8w9k
xPFgkIxEmeUQDFlVsSSYeav2ua1knN2LpjmBloKBSOsKVcXMZs32cD5QmA0vAmFU
BIyNI+N+8Cowh0s4JC/aytLq4RvmKztXvj6qOlYDhrkQt+4U1wohdR1EcX2/5dEE
QFqk0eADYWusKGvDeg8z5oV+mG6oBKJ5TJaJ1jFyFxv4PDh3dpEebhyuzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNyNqRSvJxkyf7gzETEagX+bx8V1MB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvM0kycEZLOG5HVEpfdURNUk1ScUJmNXZIeFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH6yOAwQA
XDy8AwQAgACvAwQA2RSkAwQA2RS8MA0GCSqGSIb3DQEBCwUAA4IBAQC379z7xXub
Bcxo6gjRriQtk+p1B65Mzxvyq58f27LCjikLhXdNY6K6L4lkG5e08b1F31ap92e2
mLByGtaXby97YCbwrqQ8nhnhyf4h1s2wZFO4ORx/F32rMtefKBWPg5xsp+dmCpLQ
Td+/w6ALczprFvUabaQnsJj/VEtA9kqJlJ9bXZWm4P+/kmFDRrgfTwZ9HXvikmNA
5d1PBPWOgyLAEwsGAjwIPw4f6p/r7bfeKOQ5mkE5+spv+lREntXReRDyn9ON1fjh
Z+1OyytQB1dYPzWTWSKZaCMoSjxl0e1Sw108hPabLPj1Bj1/cCvXKM9FrPM50P7Y
ZUe6Ka9nAYEi
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:24 2026 by rpki-client