Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3Qr0L0RQ_Z8R5Cc74oenvNgwB5I.roa
File: 3Qr0L0RQ_Z8R5Cc74oenvNgwB5I.roa (raw, json)
Hash identifier: pkT85WzVKfS8+6maKuMZ3/z/S227uMf4I4OAK0s81z8=
Subject key identifier: DD:0A:F4:2F:44:50:FD:9F:11:E4:27:3B:E2:87:A7:BC:D8:30:07:92
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019C6123F925CBCF7F88458351B1D6E6C6E5
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3Qr0L0RQ_Z8R5Cc74oenvNgwB5I.roa
Signing time: Sun 15 Feb 2026 11:51:13 +0000
ROA not before: Sun 15 Feb 2026 11:51:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 213.145.75.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:61:23:f9:25:cb:cf:7f:88:45:83:51:b1:d6:e6:c6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Feb 15 11:51:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd0af42f4450fd9f11e4273be287a7bcd8300792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:60:86:ad:2f:c4:45:37:a2:02:a3:f2:b2:
15:88:27:c6:45:bd:73:93:96:4d:5d:bb:62:a3:e4:
29:69:aa:d1:d2:4b:1c:61:b5:f5:8a:3e:20:ce:45:
00:6e:eb:26:9c:56:df:63:56:38:50:5c:2b:6e:e5:
3d:7b:69:02:2f:4f:a6:e4:a0:ed:b1:6e:6e:47:64:
d0:4e:a2:19:44:91:d5:17:b7:7a:10:9e:e8:14:43:
6e:ab:27:04:0b:3f:85:17:5c:09:f8:90:e0:40:80:
2f:1f:15:54:0d:cb:82:e5:58:b5:05:ef:25:15:0e:
b0:a4:8b:f7:54:43:88:fc:66:40:55:67:4d:2c:45:
df:9a:63:9a:45:70:a7:19:8a:26:8e:e6:63:ed:53:
6c:bc:8f:d1:10:04:d4:ca:4a:f1:10:e7:4e:fe:f5:
f0:09:43:d9:98:3c:45:8a:99:b7:96:84:e0:ec:eb:
af:03:7c:d4:bb:39:73:f9:48:b7:1f:8d:93:35:09:
56:a9:a1:dc:6e:4c:d3:9b:2a:c7:4c:ca:93:3c:56:
cf:f3:bc:76:ef:53:0e:fd:c5:7d:dc:c7:e3:00:d1:
50:8c:7a:28:49:82:54:9f:78:a9:fd:c8:3a:fa:2f:
64:25:f6:82:36:0b:b3:2c:12:b0:db:6d:c9:a4:1e:
af:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0A:F4:2F:44:50:FD:9F:11:E4:27:3B:E2:87:A7:BC:D8:30:07:92
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3Qr0L0RQ_Z8R5Cc74oenvNgwB5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.75.0/24
213.145.95.0/24
Signature Algorithm: sha256WithRSAEncryption
65:11:ba:ca:18:e2:4a:a5:c9:bd:12:8c:6e:75:7c:54:94:fd:
40:3a:5a:32:b4:7d:60:29:e1:83:59:19:6e:59:58:a2:4f:15:
7f:cd:bb:61:d6:1a:fa:c4:cb:7b:df:4a:b7:e6:b7:3e:3e:c0:
ec:62:3f:6e:42:28:bd:c9:94:cc:8d:78:a7:17:ea:31:73:58:
53:6f:38:b6:dc:fc:77:22:61:2d:ef:e6:4b:b6:10:69:05:44:
57:24:0d:5e:12:87:df:1b:96:88:67:f1:e3:5d:76:14:fe:20:
65:c2:c9:9f:39:ea:a8:82:2f:d9:44:e3:95:fc:31:0f:2d:88:
3f:37:17:2e:8d:ce:80:3d:99:92:a4:0c:91:12:77:b1:ae:92:
df:2e:a1:cf:81:cd:f6:60:0e:31:9e:80:09:75:04:a8:90:9e:
a2:cf:5f:24:21:4d:6c:58:01:16:9a:77:c4:5c:43:4c:ee:08:
29:bb:58:ea:d0:b7:2f:82:ce:1b:99:a0:1c:16:ac:0e:e6:f7:
ca:51:e3:62:6a:52:8f:08:d4:f4:ae:5f:fb:f7:dc:8c:63:40:
ed:10:bd:4d:d6:b2:67:d4:d5:2f:8b:f3:b7:b9:fa:54:b9:78:
06:66:99:b7:2d:05:b5:ec:7e:c2:79:d2:73:b9:6a:af:1b:11:
38:91:71:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZxhI/kly89/iEWDUbHW5sblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjYwMjE1MTE1MTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBhZjQyZjQ0NTBmZDlmMTFlNDI3M2JlMjg3YTdiY2Q4MzAwNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC9ghq0vxEU3ogKj8rIViCfGRb1z
k5ZNXbtio+QpaarR0kscYbX1ij4gzkUAbusmnFbfY1Y4UFwrbuU9e2kCL0+m5KDt
sW5uR2TQTqIZRJHVF7d6EJ7oFENuqycECz+FF1wJ+JDgQIAvHxVUDcuC5Vi1Be8l
FQ6wpIv3VEOI/GZAVWdNLEXfmmOaRXCnGYomjuZj7VNsvI/REATUykrxEOdO/vXw
CUPZmDxFipm3loTg7OuvA3zUuzlz+Ui3H42TNQlWqaHcbkzTmyrHTMqTPFbP87x2
71MO/cV93MfjANFQjHooSYJUn3ip/cg6+i9kJfaCNguzLBKw223JpB6vtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0K9C9EUP2fEeQnO+KHp7zYMAeSMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvM1FyMEwwUlFfWjhSNUNjNzRvZW52Tmd3QjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1ZFLAwQA
1ZFfMA0GCSqGSIb3DQEBCwUAA4IBAQBlEbrKGOJKpcm9EoxudXxUlP1AOloytH1g
KeGDWRluWViiTxV/zbth1hr6xMt730q35rc+PsDsYj9uQii9yZTMjXinF+oxc1hT
bzi23Px3ImEt7+ZLthBpBURXJA1eEoffG5aIZ/HjXXYU/iBlwsmfOeqogi/ZROOV
/DEPLYg/Nxcujc6APZmSpAyREnexrpLfLqHPgc32YA4xnoAJdQSokJ6iz18kIU1s
WAEWmnfEXENM7ggpu1jq0Lcvgs4bmaAcFqwO5vfKUeNialKPCNT0rl/799yMY0Dt
EL1N1rJn1NUvi/O3ufpUuXgGZpm3LQW17H7CedJzuWqvGxE4kXHA
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:05:14 2026 by rpki-client