Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/3d480J-0prT3T1JWUdnzPc2zMXc.roa
File: 3d480J-0prT3T1JWUdnzPc2zMXc.roa (raw, json)
Hash identifier: kpOOiDT79qXgOV592RAw6zGcrdS71XzWHuahfllbPzE=
Subject key identifier: DD:DE:3C:D0:9F:B4:A6:B4:F7:4F:52:56:51:D9:F3:3D:CD:B3:31:77
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019C90699F1BD80484A1211F7FDA181095A5
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/3d480J-0prT3T1JWUdnzPc2zMXc.roa
Signing time: Tue 24 Feb 2026 16:09:26 +0000
ROA not before: Tue 24 Feb 2026 16:09:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16003
IP address blocks: 31.172.74.0/24 maxlen: 24
31.172.78.0/24 maxlen: 24
79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
81.85.76.0/24 maxlen: 24
103.75.125.0/24 maxlen: 24
103.75.126.0/24 maxlen: 24
162.248.161.0/24 maxlen: 24
185.18.52.0/22 maxlen: 22
185.18.52.0/24 maxlen: 24
185.21.9.0/24 maxlen: 24
185.21.10.0/24 maxlen: 24
217.177.73.0/24 maxlen: 24
217.194.148.0/24 maxlen: 24
2a02:6b40:8002::/48 maxlen: 48
2a02:6b40:8003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:69:9f:1b:d8:04:84:a1:21:1f:7f:da:18:10:95:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Feb 24 16:09:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ddde3cd09fb4a6b4f74f525651d9f33dcdb33177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:2f:a6:56:13:23:d9:32:26:93:95:8d:89:
ac:d8:04:ed:a8:c9:ab:c2:e6:36:24:24:7e:72:57:
e1:29:19:28:f8:a3:85:28:2c:c3:e7:70:cc:4b:63:
78:75:5d:29:91:0c:99:ea:33:43:a9:df:29:05:8c:
5b:ab:3c:35:1a:8a:cc:94:17:5b:54:a3:e7:d4:b4:
14:65:c8:b5:06:ef:e5:5c:d1:69:c9:4f:d9:c5:ab:
21:e8:3d:bd:df:9d:72:32:41:e9:f4:3c:73:9e:b0:
0f:b1:b0:6f:7a:cb:be:c8:7b:03:82:a9:4d:fd:7a:
d3:64:72:34:90:f2:e0:9d:a5:26:0c:88:eb:b5:a0:
a9:c9:26:83:74:97:a8:da:bf:2d:5a:e8:a5:26:d5:
14:41:d9:c1:5d:fa:27:69:41:cb:a7:2e:1a:a8:68:
9c:c0:d0:8c:ea:86:d3:11:f5:a5:9f:cc:30:b1:74:
db:53:ff:1a:b6:26:94:36:93:f2:19:ec:d5:f6:df:
1a:ce:41:e1:65:71:a7:13:b7:1d:30:a9:54:a2:cc:
6f:08:71:e0:a5:f5:dc:94:4b:1d:be:00:49:0e:94:
57:cb:dc:d6:97:3b:af:b3:10:2d:07:d2:99:32:b5:
16:07:dc:8d:91:c0:03:05:cf:12:4e:02:b6:60:67:
d8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DE:3C:D0:9F:B4:A6:B4:F7:4F:52:56:51:D9:F3:3D:CD:B3:31:77
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/3d480J-0prT3T1JWUdnzPc2zMXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.74.0/24
31.172.78.0/24
79.132.137.0/24
79.132.139.0/24
81.85.76.0/24
103.75.125.0-103.75.126.255
162.248.161.0/24
185.18.52.0/22
185.21.9.0-185.21.10.255
217.177.73.0/24
217.194.148.0/24
IPv6:
2a02:6b40:8002::/47
Signature Algorithm: sha256WithRSAEncryption
6f:93:c3:d1:83:a2:26:5d:b9:10:43:f5:6a:4f:af:d5:d2:12:
19:a6:b1:66:b4:d6:45:0e:ef:21:14:66:1d:b2:9f:c4:d4:e5:
90:9d:e8:21:5f:2e:59:cd:3d:2b:7c:82:fc:3f:7c:4b:94:66:
6e:b2:99:9c:e3:5f:ae:5e:88:f8:e3:86:3a:04:b3:c7:7d:55:
0d:17:96:87:db:d3:12:78:f2:a7:4d:b0:a1:3b:34:dd:c8:37:
12:28:41:db:c3:af:7b:27:d2:19:c3:31:38:03:fa:76:9e:ec:
5e:00:d8:eb:dd:8b:53:48:bb:74:ab:d9:01:c7:c8:f6:90:fe:
cf:be:b2:78:0f:31:50:2f:aa:e9:84:cb:6f:9e:45:6e:55:2d:
ec:c8:11:ad:cd:82:54:c4:a9:32:9d:0e:57:76:2a:cc:ba:b4:
01:5c:0c:06:12:8d:67:93:b3:00:b0:30:1a:e8:7e:34:9c:57:
61:d3:d1:73:6b:08:e8:68:83:d6:26:d1:6a:f7:63:83:5c:b3:
fb:42:89:f0:f9:c2:23:29:8c:34:99:a9:a5:d2:b1:77:de:f7:
55:0c:12:e7:2a:4d:31:13:f3:a6:85:1d:e6:86:f0:64:7d:54:
eb:9e:c6:2a:12:21:0d:72:66:b2:55:a1:6d:c7:36:b4:19:23:
64:e6:ad:e8
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZyQaZ8b2ASEoSEff9oYEJWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwMjI0MTYwOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGRlM2NkMDlmYjRhNmI0Zjc0ZjUyNTY1MWQ5ZjMzZGNkYjMzMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJMvplYTI9kyJpOVjYms2ATtqMmr
wuY2JCR+clfhKRko+KOFKCzD53DMS2N4dV0pkQyZ6jNDqd8pBYxbqzw1GorMlBdb
VKPn1LQUZci1Bu/lXNFpyU/Zxash6D29351yMkHp9DxznrAPsbBvesu+yHsDgqlN
/XrTZHI0kPLgnaUmDIjrtaCpySaDdJeo2r8tWuilJtUUQdnBXfonaUHLpy4aqGic
wNCM6obTEfWln8wwsXTbU/8atiaUNpPyGezV9t8azkHhZXGnE7cdMKlUosxvCHHg
pfXclEsdvgBJDpRXy9zWlzuvsxAtB9KZMrUWB9yNkcADBc8STgK2YGfYHwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFN3ePNCftKa0909SVlHZ8z3NszF3MB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvM2Q0ODBKLTBwclQzVDFKV1VkbnpQYzJ6TVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBYBAIAATBSAwQAH6xKAwQA
H6xOAwQAT4SJAwQAT4SLAwQAUVVMMAwDBABnS30DBABnS34DBACi+KEDBAK5EjQw
DAMEALkVCQMEALkVCgMEANmxSQMEANnClDAPBAIAAjAJAwcBKgJrQIACMA0GCSqG
SIb3DQEBCwUAA4IBAQBvk8PRg6ImXbkQQ/VqT6/V0hIZprFmtNZFDu8hFGYdsp/E
1OWQneghXy5ZzT0rfIL8P3xLlGZuspmc41+uXoj444Y6BLPHfVUNF5aH29MSePKn
TbChOzTdyDcSKEHbw697J9IZwzE4A/p2nuxeANjr3YtTSLt0q9kBx8j2kP7PvrJ4
DzFQL6rphMtvnkVuVS3syBGtzYJUxKkynQ5XdirMurQBXAwGEo1nk7MAsDAa6H40
nFdh09FzawjoaIPWJtFq92ODXLP7Qonw+cIjKYw0maml0rF33vdVDBLnKk0xE/Om
hR3mhvBkfVTrnsYqEiENcmayVaFtxza0GSNk5q3o
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:10:04 2026 by rpki-client