Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KNTQmoDm6dArpDULyNW6GI9NoM.roa
File: 0KNTQmoDm6dArpDULyNW6GI9NoM.roa (raw, json)
Hash identifier: 49n01hvFbHcfJF4Zq/5Hm76yRiEoXQ4gqkXkZjrUeew=
Subject key identifier: D0:A3:53:42:6A:03:9B:A7:40:AE:90:D4:2F:23:56:E8:62:3D:36:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E643642EE577369638786A7D6846DB2AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KNTQmoDm6dArpDULyNW6GI9NoM.roa
Signing time: Tue 26 May 2026 12:15:37 +0000
ROA not before: Tue 26 May 2026 12:15:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.13.224.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 May 2026 12:15:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:36:42:ee:57:73:69:63:87:86:a7:d6:84:6d:b2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 26 12:15:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0a353426a039ba740ae90d42f2356e8623d3683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:11:84:f0:82:7f:47:3e:3a:08:98:e7:57:fa:
80:e0:37:e5:f3:0f:9e:27:fb:92:a5:41:cd:4c:ce:
c4:c7:06:a2:a4:2d:b3:e4:b6:a3:d1:31:c4:fc:2a:
bc:89:55:6b:d3:fe:f5:51:d6:74:06:25:19:ee:84:
61:58:6e:a5:67:41:31:ba:f3:3d:4e:29:fc:53:bb:
a2:59:19:03:05:42:8b:61:cb:3e:f4:3f:9f:49:9b:
27:fc:ba:7e:76:20:b7:10:16:5b:06:74:f4:5c:90:
45:c1:a9:0f:80:15:ab:cd:bc:f9:44:06:32:7f:fe:
91:13:22:a7:83:d1:e1:fd:af:1f:97:6d:e2:bc:e6:
1d:30:ba:cc:9f:91:7d:e1:2c:a2:7a:4e:ed:1d:05:
69:55:60:71:fc:47:1d:53:d7:f2:c6:1f:71:3a:04:
e9:60:5e:9f:af:b9:de:fb:9b:39:91:66:81:0d:2e:
06:83:8c:05:72:51:b6:9a:88:27:5b:1d:23:58:66:
9a:12:11:a5:07:11:6d:76:08:b6:dd:74:d1:08:f8:
ca:e8:6a:1d:8b:30:41:47:5c:66:55:b5:cd:79:f7:
14:6a:e0:2a:02:90:31:ad:87:98:02:81:f2:a8:64:
1e:98:8c:fa:2c:e7:d4:7b:08:bb:c2:25:80:da:67:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A3:53:42:6A:03:9B:A7:40:AE:90:D4:2F:23:56:E8:62:3D:36:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KNTQmoDm6dArpDULyNW6GI9NoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
71:60:2e:f6:ba:65:d9:e2:88:5b:40:70:f8:b2:c8:95:2f:02:
16:f4:7b:60:6f:3c:33:d5:30:20:f4:97:e9:e5:7a:89:38:be:
87:04:a9:51:e8:ee:7d:a6:32:c9:ef:57:b2:8a:3e:43:10:dd:
0d:60:07:2d:f8:e3:d6:3c:06:3c:82:4a:32:4c:3e:44:20:05:
c5:da:90:63:79:bd:26:ef:e0:81:d9:54:db:f0:30:ae:91:45:
af:c6:96:36:52:40:a5:5c:c9:e6:e0:db:16:c7:16:c0:49:4d:
e7:8a:91:2c:9f:de:d8:1c:38:75:30:9a:77:02:b2:c3:1d:a9:
3e:47:f8:6c:6e:b6:2d:e1:bc:72:3b:85:f7:06:0a:ce:e8:17:
7d:fe:f7:34:5a:da:21:3d:6f:81:67:33:51:a4:c5:f9:f5:98:
3b:ad:2a:d2:0c:f7:4b:7d:f0:f3:63:4b:e0:a5:90:2a:e9:47:
ee:1d:dd:44:f0:c2:6c:5f:3a:73:d4:46:f5:f3:0a:3b:63:ac:
59:8e:09:d5:be:c5:dd:04:1c:48:17:b6:b9:8c:c6:c5:0e:69:
a3:92:b4:45:c8:38:4a:73:b0:ae:a5:ae:6b:27:7e:c6:b7:75:
0e:21:60:10:1e:96:fb:e3:7e:20:fe:62:96:0e:db:7b:cf:4b:
40:db:98:35
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ5kNkLuV3NpY4eGp9aEbbKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTI2MTIxNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGEzNTM0MjZhMDM5YmE3NDBhZTkwZDQyZjIzNTZlODYyM2QzNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9BGE8IJ/Rz46CJjnV/qA4Dfl8w+e
J/uSpUHNTM7ExwaipC2z5Laj0THE/Cq8iVVr0/71UdZ0BiUZ7oRhWG6lZ0ExuvM9
Tin8U7uiWRkDBUKLYcs+9D+fSZsn/Lp+diC3EBZbBnT0XJBFwakPgBWrzbz5RAYy
f/6REyKng9Hh/a8fl23ivOYdMLrMn5F94Syiek7tHQVpVWBx/EcdU9fyxh9xOgTp
YF6fr7ne+5s5kWaBDS4Gg4wFclG2mognWx0jWGaaEhGlBxFtdgi23XTRCPjK6God
izBBR1xmVbXNefcUauAqApAxrYeYAoHyqGQemIz6LOfUewi7wiWA2mdmWwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFNCjU0JqA5unQK6Q1C8jVuhiPTaDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEtOVFFtb0RtNmRBcnBEVUx5Tlc2R0k5Tm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
DeADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtjZ4DBABRoe4DBABTj3EDBABU
NjMDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBABc+TIDBAFde2QDBABd
e20DBABenLwDBACTTmUDBAK52lQDBAC53qADBADCN7oDBADCqa8wDQYJKoZIhvcN
AQELBQADggEBAHFgLva6ZdniiFtAcPiyyJUvAhb0e2BvPDPVMCD0l+nleok4vocE
qVHo7n2mMsnvV7KKPkMQ3Q1gBy3449Y8BjyCSjJMPkQgBcXakGN5vSbv4IHZVNvw
MK6RRa/GljZSQKVcyebg2xbHFsBJTeeKkSyf3tgcOHUwmncCssMdqT5H+Gxuti3h
vHI7hfcGCs7oF33+9zRa2iE9b4FnM1Gkxfn1mDutKtIM90t98PNjS+ClkCrpR+4d
3UTwwmxfOnPURvXzCjtjrFmOCdW+xd0EHEgXtrmMxsUOaaOStEXIOEpzsK6lrmsn
fsa3dQ4hYBAelvvjfiD+YpYO23vPS0DbmDU=
-----END CERTIFICATE-----
Generated at Tue May 26 21:44:18 2026 by rpki-client