Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/Pq9ZuZBzVIXXjgHCRmaDImbQg2Y.roa
File: Pq9ZuZBzVIXXjgHCRmaDImbQg2Y.roa (raw, json)
Hash identifier: 11bzHyr21wFIMkaSiukQigkPWPjefTdm2bknAq+/9g4=
Subject key identifier: 3E:AF:59:B9:90:73:54:85:D7:8E:01:C2:46:66:83:22:66:D0:83:66
Certificate issuer: /CN=acb8385d0857080cfc013aa521bde6a3a93e4812
Certificate serial: 019B7DCAF61C3359F60CB5298728EB5CA9E4
Authority key identifier: AC:B8:38:5D:08:57:08:0C:FC:01:3A:A5:21:BD:E6:A3:A9:3E:48:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLg4XQhXCAz8ATqlIb3mo6k-SBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/Pq9ZuZBzVIXXjgHCRmaDImbQg2Y.roa
Signing time: Fri 02 Jan 2026 08:20:11 +0000
ROA not before: Fri 02 Jan 2026 08:20:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 194.147.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/rLg4XQhXCAz8ATqlIb3mo6k-SBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/rLg4XQhXCAz8ATqlIb3mo6k-SBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rLg4XQhXCAz8ATqlIb3mo6k-SBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:ca:f6:1c:33:59:f6:0c:b5:29:87:28:eb:5c:a9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb8385d0857080cfc013aa521bde6a3a93e4812
Validity
Not Before: Jan 2 08:20:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3eaf59b990735485d78e01c24666832266d08366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c3:6b:37:59:98:34:9f:c8:aa:75:f2:63:9c:
e8:7a:8c:4c:82:74:1f:98:58:57:be:90:f7:19:36:
50:ed:41:52:f8:ac:8d:5b:b7:a5:64:ea:0e:30:71:
60:5d:c0:c8:ed:4d:e2:29:a3:c8:34:45:e4:84:63:
b7:03:27:c8:b2:7a:a0:f2:c8:02:31:9d:4a:21:b5:
a8:f0:df:58:27:3c:82:05:41:59:cd:91:ea:28:ae:
78:09:c6:48:80:fe:63:26:f6:cb:4b:2e:56:e4:fb:
ef:2a:e9:4b:6e:28:81:af:ff:f4:d0:80:e0:b0:2d:
4c:2f:24:f4:e1:35:c5:39:eb:5d:54:53:eb:f0:8f:
b1:17:ef:17:c9:60:72:be:f8:cb:3b:8d:df:97:3d:
87:58:90:9a:8a:35:14:5d:0c:9c:54:31:3c:6a:80:
e7:60:04:00:8f:3b:3a:1b:f9:bc:2e:9c:fe:28:3f:
31:d1:05:ed:69:8a:e9:f1:70:38:0b:4d:3b:52:c8:
a3:92:3a:3e:0b:c0:97:7d:42:61:fe:02:c3:9e:40:
8c:76:c0:a2:11:49:da:3b:4b:f8:b5:8b:5d:a6:d4:
2c:1a:4b:a7:b7:6a:20:87:8d:d2:56:ab:66:ce:33:
89:4c:1e:e3:04:a9:37:6b:fe:8f:0c:27:e4:0a:6b:
f6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AF:59:B9:90:73:54:85:D7:8E:01:C2:46:66:83:22:66:D0:83:66
X509v3 Authority Key Identifier:
keyid:AC:B8:38:5D:08:57:08:0C:FC:01:3A:A5:21:BD:E6:A3:A9:3E:48:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLg4XQhXCAz8ATqlIb3mo6k-SBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/Pq9ZuZBzVIXXjgHCRmaDImbQg2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/rLg4XQhXCAz8ATqlIb3mo6k-SBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.171.0/24
Signature Algorithm: sha256WithRSAEncryption
04:b9:40:73:04:83:db:28:fc:69:05:04:94:d7:46:15:20:69:
83:78:39:0f:21:07:3b:96:97:71:24:cc:0b:62:a7:ac:66:bd:
32:8d:12:e2:62:50:a9:53:c1:49:ca:6d:bb:a0:8c:c2:26:f9:
d3:e6:d5:8b:6d:5d:2d:f6:26:3b:6b:bf:ef:63:e4:ef:31:2c:
e6:2c:45:1a:db:7c:d4:39:68:99:bf:f4:ba:85:96:ab:00:a0:
4a:12:b2:c0:be:9b:21:3d:fa:8b:1b:17:d8:64:6c:e8:f4:9b:
8c:05:42:43:ba:be:5e:21:4a:b4:4a:4c:1a:27:ad:3a:c7:69:
f8:e4:b6:2d:cc:63:94:7c:3e:f6:b9:56:34:87:d6:64:99:d7:
b7:2c:8d:5d:f3:dd:ac:78:12:0c:51:cc:cc:6f:c0:49:17:02:
90:bf:13:c6:21:6f:72:08:61:44:fc:35:78:4f:ad:42:cd:ba:
86:3e:2e:95:1e:fd:c8:9b:4d:14:f8:8c:46:36:51:d9:f0:76:
c9:e3:e4:68:ba:68:b4:b8:17:eb:af:a2:53:25:64:77:5d:9f:
1a:5e:36:bb:05:22:ff:07:4e:a2:74:b0:fb:04:01:56:06:c7:
34:26:2e:f7:61:82:cf:fb:c7:80:2e:bf:f7:64:0c:9e:e3:e4:
53:65:20:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yvYcM1n2DLUphyjrXKnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjgzODVkMDg1NzA4MGNmYzAxM2FhNTIxYmRlNmEzYTkz
ZTQ4MTIwHhcNMjYwMTAyMDgyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFmNTliOTkwNzM1NDg1ZDc4ZTAxYzI0NjY2ODMyMjY2ZDA4MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMNrN1mYNJ/IqnXyY5zoeoxMgnQf
mFhXvpD3GTZQ7UFS+KyNW7elZOoOMHFgXcDI7U3iKaPINEXkhGO3AyfIsnqg8sgC
MZ1KIbWo8N9YJzyCBUFZzZHqKK54CcZIgP5jJvbLSy5W5PvvKulLbiiBr//00IDg
sC1MLyT04TXFOetdVFPr8I+xF+8XyWByvvjLO43flz2HWJCaijUUXQycVDE8aoDn
YAQAjzs6G/m8Lpz+KD8x0QXtaYrp8XA4C007Usijkjo+C8CXfUJh/gLDnkCMdsCi
EUnaO0v4tYtdptQsGkunt2ogh43SVqtmzjOJTB7jBKk3a/6PDCfkCmv2KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6vWbmQc1SF144BwkZmgyJm0INmMB8GA1UdIwQY
MBaAFKy4OF0IVwgM/AE6pSG95qOpPkgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxnNFhRaFhDQXo4QVRxbEliM21vNmstU0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYWE0NGQtM2JmMy00MjBiLWFlM2Ut
ZThhNmExNDQxOWQ5LzEvUHE5WnVaQnpWSVhYamdIQ1JtYURJbWJRZzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYWE0NGQtM2JmMy00MjBiLWFlM2UtZThhNmExNDQxOWQ5
LzEvckxnNFhRaFhDQXo4QVRxbEliM21vNmstU0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpOrMA0G
CSqGSIb3DQEBCwUAA4IBAQAEuUBzBIPbKPxpBQSU10YVIGmDeDkPIQc7lpdxJMwL
YqesZr0yjRLiYlCpU8FJym27oIzCJvnT5tWLbV0t9iY7a7/vY+TvMSzmLEUa23zU
OWiZv/S6hZarAKBKErLAvpshPfqLGxfYZGzo9JuMBUJDur5eIUq0SkwaJ606x2n4
5LYtzGOUfD72uVY0h9Zkmde3LI1d892seBIMUczMb8BJFwKQvxPGIW9yCGFE/DV4
T61CzbqGPi6VHv3Im00U+IxGNlHZ8HbJ4+Roumi0uBfrr6JTJWR3XZ8aXja7BSL/
B06idLD7BAFWBsc0Ji73YYLP+8eALr/3ZAye4+RTZSCN
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:01 2026 by rpki-client