Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/C3bpuH1Ln3wZcltqgWV-QdyZXWo.roa
File: C3bpuH1Ln3wZcltqgWV-QdyZXWo.roa (raw, json)
Hash identifier: SgEa2GcTojmgl93R0bbvqmF29F3iGkaifhHxCRpsADM=
Subject key identifier: 0B:76:E9:B8:7D:4B:9F:7C:19:72:5B:6A:81:65:7E:41:DC:99:5D:6A
Certificate issuer: /CN=b760caacf777699a8c43237b8926c68e4d12c4fe
Certificate serial: 019B7EA6DD1DF5AA454EE13C386DE9C53C50
Authority key identifier: B7:60:CA:AC:F7:77:69:9A:8C:43:23:7B:89:26:C6:8E:4D:12:C4:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t2DKrPd3aZqMQyN7iSbGjk0SxP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/C3bpuH1Ln3wZcltqgWV-QdyZXWo.roa
Signing time: Fri 02 Jan 2026 12:20:23 +0000
ROA not before: Fri 02 Jan 2026 12:20:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206481
IP address blocks: 45.128.200.0/22 maxlen: 22
86.107.40.0/23 maxlen: 23
89.32.189.0/24 maxlen: 24
93.114.247.0/24 maxlen: 24
185.218.96.0/22 maxlen: 22
185.219.120.0/22 maxlen: 22
188.214.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/t2DKrPd3aZqMQyN7iSbGjk0SxP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/t2DKrPd3aZqMQyN7iSbGjk0SxP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/t2DKrPd3aZqMQyN7iSbGjk0SxP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a6:dd:1d:f5:aa:45:4e:e1:3c:38:6d:e9:c5:3c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b760caacf777699a8c43237b8926c68e4d12c4fe
Validity
Not Before: Jan 2 12:20:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0b76e9b87d4b9f7c19725b6a81657e41dc995d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:46:ec:14:c6:51:3a:17:6f:da:26:89:17:
fd:17:8f:42:0a:49:56:e9:de:6a:02:53:91:47:40:
7a:02:9f:0c:8c:f3:e0:96:55:4d:8e:0c:27:5f:cc:
f7:d9:99:1b:91:64:89:88:c1:27:53:70:e5:35:37:
d0:9c:ea:ec:fb:78:90:a6:f7:d3:f4:29:8c:f2:0a:
40:9a:21:f7:2d:46:00:3d:0e:d7:ff:fc:b3:e0:1a:
ad:7e:a1:72:5b:f8:1a:82:be:c7:08:52:73:90:df:
49:d9:d4:fa:d7:1d:00:57:4e:49:36:52:06:99:9a:
4c:6b:7f:ab:4a:29:ef:50:8b:97:e9:85:9d:82:02:
df:5b:b4:9f:7b:ce:cf:5e:39:41:8d:6a:ad:82:2a:
ae:6e:b0:71:1a:ae:e1:ea:7d:19:1c:d3:06:02:bc:
19:de:ed:7c:32:e8:f7:34:40:e8:c4:d4:93:7a:a4:
c2:0e:97:37:3e:cd:6a:95:4c:71:c8:77:7b:83:94:
25:2b:f3:43:53:37:12:72:b8:f8:7c:c1:a2:8c:ff:
7a:46:92:3c:1e:30:63:40:75:a1:76:3b:56:39:a1:
68:05:28:6e:2f:34:a6:e6:ed:76:81:4d:dd:26:4e:
3a:41:cf:ab:0a:c9:c8:42:99:a3:a9:4b:a2:3a:71:
b1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:76:E9:B8:7D:4B:9F:7C:19:72:5B:6A:81:65:7E:41:DC:99:5D:6A
X509v3 Authority Key Identifier:
keyid:B7:60:CA:AC:F7:77:69:9A:8C:43:23:7B:89:26:C6:8E:4D:12:C4:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t2DKrPd3aZqMQyN7iSbGjk0SxP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/C3bpuH1Ln3wZcltqgWV-QdyZXWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d4122-5a56-47d9-bc56-c62be8a703ce/1/t2DKrPd3aZqMQyN7iSbGjk0SxP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.200.0/22
86.107.40.0/23
89.32.189.0/24
93.114.247.0/24
185.218.96.0/22
185.219.120.0/22
188.214.212.0/23
Signature Algorithm: sha256WithRSAEncryption
48:95:26:e1:c8:7c:d4:ec:a1:a8:88:67:c2:3c:24:11:05:0d:
84:14:e2:46:89:d0:27:e9:7e:02:93:71:e0:2a:94:d9:37:d2:
f0:c6:7d:31:63:b1:ea:bc:39:95:0f:dd:c6:f8:5b:14:e1:ab:
1d:48:bf:15:fc:83:79:4e:00:da:69:54:f3:7d:b8:fb:36:09:
26:cf:e4:d5:14:d3:0f:4e:e1:da:f4:6e:4c:19:07:3c:f7:2b:
84:22:47:f0:40:4c:82:8b:04:84:bb:47:3b:50:b3:ce:f6:18:
b1:fc:2f:b4:27:e6:3b:ab:3b:15:01:42:d0:13:61:92:7c:6c:
ca:49:81:63:9a:88:4f:cc:7f:f1:78:99:c2:98:00:03:e9:38:
56:c9:3f:9f:b5:49:8d:d8:d6:a0:b3:ac:20:f6:57:68:8a:b1:
f0:5e:e0:8f:2d:91:90:fd:99:87:b5:63:5d:11:46:bf:b0:15:
95:95:f7:33:eb:2b:55:79:f8:1c:42:6c:a7:09:b5:9b:57:ab:
ea:54:e2:48:51:c2:8e:18:ec:02:56:ca:e6:1f:d9:a9:9f:b1:
3a:4c:79:6d:9d:ee:12:85:3c:f7:fe:77:c0:59:80:48:a1:fd:
81:1a:48:cd:63:d7:bc:94:77:d1:db:97:77:65:39:7f:c1:58:
8c:b1:fa:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZt+pt0d9apFTuE8OG3pxTxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NjBjYWFjZjc3NzY5OWE4YzQzMjM3Yjg5MjZjNjhlNGQx
MmM0ZmUwHhcNMjYwMTAyMTIyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc2ZTliODdkNGI5ZjdjMTk3MjViNmE4MTY1N2U0MWRjOTk1ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFpG7BTGUToXb9omiRf9F49CCklW
6d5qAlORR0B6Ap8MjPPgllVNjgwnX8z32ZkbkWSJiMEnU3DlNTfQnOrs+3iQpvfT
9CmM8gpAmiH3LUYAPQ7X//yz4BqtfqFyW/gagr7HCFJzkN9J2dT61x0AV05JNlIG
mZpMa3+rSinvUIuX6YWdggLfW7Sfe87PXjlBjWqtgiqubrBxGq7h6n0ZHNMGArwZ
3u18Muj3NEDoxNSTeqTCDpc3Ps1qlUxxyHd7g5QlK/NDUzcScrj4fMGijP96RpI8
HjBjQHWhdjtWOaFoBShuLzSm5u12gU3dJk46Qc+rCsnIQpmjqUuiOnGx3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAt26bh9S598GXJbaoFlfkHcmV1qMB8GA1UdIwQY
MBaAFLdgyqz3d2majEMje4kmxo5NEsT+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDJES3JQZDNhWnFNUXlON2lTYkdqazBTeFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84ZDQxMjItNWE1Ni00N2Q5LWJjNTYt
YzYyYmU4YTcwM2NlLzEvQzNicHVIMUxuM3daY2x0cWdXVi1RZHlaWFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84ZDQxMjItNWE1Ni00N2Q5LWJjNTYtYzYyYmU4YTcwM2Nl
LzEvdDJES3JQZDNhWnFNUXlON2lTYkdqazBTeFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYDIAwQB
VmsoAwQAWSC9AwQAXXL3AwQCudpgAwQCudt4AwQBvNbUMA0GCSqGSIb3DQEBCwUA
A4IBAQBIlSbhyHzU7KGoiGfCPCQRBQ2EFOJGidAn6X4Ck3HgKpTZN9Lwxn0xY7Hq
vDmVD93G+FsU4asdSL8V/IN5TgDaaVTzfbj7Ngkmz+TVFNMPTuHa9G5MGQc89yuE
IkfwQEyCiwSEu0c7ULPO9hix/C+0J+Y7qzsVAULQE2GSfGzKSYFjmohPzH/xeJnC
mAAD6ThWyT+ftUmN2Nags6wg9ldoirHwXuCPLZGQ/ZmHtWNdEUa/sBWVlfcz6ytV
efgcQmynCbWbV6vqVOJIUcKOGOwCVsrmH9mpn7E6THltne4ShTz3/nfAWYBIof2B
GkjNY9e8lHfR25d3ZTl/wViMsfpC
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:55:14 2026 by rpki-client