Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3Ha9eDJ65Qu12o7ZVhD7PYjlb6g.roa
File: 3Ha9eDJ65Qu12o7ZVhD7PYjlb6g.roa (raw, json)
Hash identifier: AYdPdpRi3ntFhY82+ibJvJK0pux5j+3bWE/h4ue3218=
Subject key identifier: DC:76:BD:78:32:7A:E5:0B:B5:DA:8E:D9:56:10:FB:3D:88:E5:6F:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D66427E93C6AA2722BC2BD806B8BCE913
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3Ha9eDJ65Qu12o7ZVhD7PYjlb6g.roa
Signing time: Tue 07 Apr 2026 04:45:26 +0000
ROA not before: Tue 07 Apr 2026 04:45:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
92.119.199.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 11:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:66:42:7e:93:c6:aa:27:22:bc:2b:d8:06:b8:bc:e9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 04:45:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc76bd78327ae50bb5da8ed95610fb3d88e56fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:6f:47:85:c4:0f:96:66:49:9e:f4:6c:51:
5c:8c:e9:7d:ab:ce:3b:a7:e4:cb:42:63:b5:77:a3:
f5:cf:c8:25:68:8b:2e:b1:99:6c:03:00:53:74:35:
54:f4:26:67:b4:f5:0e:c7:3b:1b:1f:22:f2:ac:45:
a0:1b:29:f2:9b:22:1d:a0:67:ff:70:8c:36:ee:a7:
c6:37:1a:a9:bc:2f:00:9d:43:ad:61:d8:73:2e:b6:
0b:5e:f9:1d:0b:70:23:c1:a8:f0:20:4c:b4:6b:39:
aa:a3:38:f4:cb:21:9d:bd:2f:a7:7a:ff:5c:77:23:
42:39:a2:4e:3f:87:1a:7d:81:45:de:76:da:e3:0d:
e5:39:35:ff:79:eb:3e:94:56:fb:a4:53:ff:1b:8b:
61:69:12:04:d7:39:5f:06:fe:bf:28:ab:05:31:f2:
9f:f8:ea:52:b7:98:e6:9e:10:85:3a:b8:60:ae:b8:
2a:38:02:3a:59:66:b5:16:05:51:7a:be:5f:b3:05:
83:b7:6d:10:13:21:eb:14:4c:76:af:2e:3c:bb:37:
36:7d:63:eb:1b:49:5f:37:e3:02:a9:f7:53:1b:8e:
62:b3:35:b5:e1:c5:54:6f:cf:ba:9d:31:59:ff:c8:
66:70:f8:a1:15:f1:ca:eb:93:01:9c:14:51:ac:4d:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:76:BD:78:32:7A:E5:0B:B5:DA:8E:D9:56:10:FB:3D:88:E5:6F:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3Ha9eDJ65Qu12o7ZVhD7PYjlb6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
87.121.60.0/23
92.119.199.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ff:76:c5:af:51:64:3c:44:68:35:03:ff:ef:7f:d4:2e:fb:
8c:18:47:0c:3d:1b:5f:74:11:2a:b4:b9:1a:41:1c:36:22:99:
1d:8b:8d:e6:ca:d5:46:e2:c5:9c:15:8d:8a:b5:01:fd:eb:a4:
39:44:f6:ab:cb:99:41:e5:23:1f:c9:a3:33:a5:33:93:8b:e6:
94:b2:01:9a:11:9b:78:c4:fb:0b:d3:17:f1:e3:10:53:7f:8b:
dc:ef:cf:ed:c1:71:c4:3a:34:8b:a3:e5:23:aa:b1:c5:b8:a8:
5d:f0:f6:6b:ff:e2:80:cf:63:9d:2a:ba:0a:2c:28:ae:ab:44:
9f:fb:5e:d6:36:94:86:6c:9e:02:b6:dd:b9:36:e3:ae:be:df:
f4:0c:09:7d:ee:3d:94:92:ce:f4:bf:73:31:5d:92:fd:6f:4d:
c3:76:73:9f:0f:1a:bd:97:2c:98:76:7a:53:14:05:8c:01:0f:
78:3f:a8:30:cd:26:02:15:32:f2:09:19:12:c9:02:d5:c9:08:
04:02:75:fc:d9:a6:73:3d:4b:a8:67:df:7a:73:25:87:f2:76:
d9:b0:e3:c6:9c:dc:04:4d:d6:e1:7d:6d:4c:a7:60:ce:4c:25:
d4:66:48:5b:fe:1e:c5:a9:49:f0:c1:10:fe:34:93:73:41:d4:
30:9b:e3:ee
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ1mQn6TxqonIrwr2Aa4vOkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA3MDQ0NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc2YmQ3ODMyN2FlNTBiYjVkYThlZDk1NjEwZmIzZDg4ZTU2ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5ZvR4XED5ZmSZ70bFFcjOl9q847
p+TLQmO1d6P1z8glaIsusZlsAwBTdDVU9CZntPUOxzsbHyLyrEWgGynymyIdoGf/
cIw27qfGNxqpvC8AnUOtYdhzLrYLXvkdC3AjwajwIEy0azmqozj0yyGdvS+nev9c
dyNCOaJOP4cafYFF3nba4w3lOTX/ees+lFb7pFP/G4thaRIE1zlfBv6/KKsFMfKf
+OpSt5jmnhCFOrhgrrgqOAI6WWa1FgVRer5fswWDt20QEyHrFEx2ry48uzc2fWPr
G0lfN+MCqfdTG45iszW14cVUb8+6nTFZ/8hmcPihFfHK65MBnBRRrE352wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFNx2vXgyeuULtdqO2VYQ+z2I5W+oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM0hhOWVESjY1UXUxMm83WlZoRDdQWWpsYjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAt
QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBABTj3EDBABVHy8DBAFV2YIDBABX
eFcDBABXeH4DBABXeKYDBABXeL8DBAFXeTwDBABcd8cDBABc+TIDBABde20DBACT
TmUDBAK52lQDBAC53qADBADBGdgDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQAD
ggEBACH/dsWvUWQ8RGg1A//vf9Qu+4wYRww9G190ESq0uRpBHDYimR2LjebK1Ubi
xZwVjYq1Af3rpDlE9qvLmUHlIx/JozOlM5OL5pSyAZoRm3jE+wvTF/HjEFN/i9zv
z+3BccQ6NIuj5SOqscW4qF3w9mv/4oDPY50qugosKK6rRJ/7XtY2lIZsngK23bk2
466+3/QMCX3uPZSSzvS/czFdkv1vTcN2c58PGr2XLJh2elMUBYwBD3g/qDDNJgIV
MvIJGRLJAtXJCAQCdfzZpnM9S6hn33pzJYfydtmw48ac3ARN1uF9bUynYM5MJdRm
SFv+HsWpSfDBEP40k3NB1DCb4+4=
-----END CERTIFICATE-----
Generated at Tue Apr 7 18:27:31 2026 by rpki-client