Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3tBTXrVHypj2RBeUycmqu8TBkDA.roa
File: 3tBTXrVHypj2RBeUycmqu8TBkDA.roa (raw, json)
Hash identifier: EKurukIyf8P+4tgEbebLKtqQe/iS6ssm6/c0Etr55DQ=
Subject key identifier: DE:D0:53:5E:B5:47:CA:98:F6:44:17:94:C9:C9:AA:BB:C4:C1:90:30
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E2BCBD12B0297CCB7C563B542C00C97E2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3tBTXrVHypj2RBeUycmqu8TBkDA.roa
Signing time: Fri 15 May 2026 13:20:38 +0000
ROA not before: Fri 15 May 2026 13:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.13.224.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:cb:d1:2b:02:97:cc:b7:c5:63:b5:42:c0:0c:97:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 13:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ded0535eb547ca98f6441794c9c9aabbc4c19030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:24:d0:f1:ae:38:a3:6b:41:8a:08:c4:7f:28:
13:09:15:f8:5c:4e:94:70:53:1b:37:24:a7:26:2e:
63:dc:e2:74:f7:a5:a4:89:b5:47:b3:05:db:4b:aa:
54:3e:2a:5b:75:52:ae:62:f4:03:da:85:95:65:eb:
e7:c4:65:74:c3:bc:ab:49:1c:4f:78:26:b0:40:25:
0c:dc:95:3f:21:38:16:d9:53:43:87:c5:24:b3:ec:
c7:33:25:ef:df:ed:ec:7d:99:44:cf:36:0c:d9:dc:
57:1b:e0:de:86:f2:43:9a:08:40:b9:7c:46:fc:36:
b7:60:44:18:b1:71:67:7a:68:8b:19:f1:55:8b:44:
5b:b2:00:f6:19:c1:45:d4:89:03:0a:f1:5e:4d:0d:
60:81:be:1a:75:88:14:3f:0d:cb:e1:95:1c:f4:ea:
2f:98:6d:87:7f:d0:02:bd:b5:38:07:26:63:95:c7:
ce:ab:3b:8b:90:31:cc:b8:a8:72:8e:ec:44:37:f0:
3e:8d:77:a0:cb:53:83:82:9c:2e:95:86:2d:da:68:
6b:dc:41:64:16:b5:50:d6:88:d3:e6:51:b9:7c:37:
f7:02:45:ec:d4:f5:1e:9c:df:07:e7:39:0c:6c:69:
dd:56:74:96:48:04:72:7b:9a:bd:02:09:bb:dc:4f:
e1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D0:53:5E:B5:47:CA:98:F6:44:17:94:C9:C9:AA:BB:C4:C1:90:30
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3tBTXrVHypj2RBeUycmqu8TBkDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
43:dc:e4:e1:df:97:55:7e:c6:1a:15:91:d8:24:37:97:27:cc:
c2:d2:70:a5:10:7f:ef:7a:12:bd:f3:d3:cf:a2:25:3a:fa:40:
6f:e0:b4:a3:2e:5d:f2:8c:00:74:a0:50:3d:5e:3c:b5:05:8f:
f5:10:86:bd:ad:14:03:5c:e0:cb:d8:12:55:ea:76:07:28:d4:
f8:32:6b:f8:89:42:07:5c:01:4c:4a:60:d5:92:9f:5d:b7:37:
3f:dc:8a:f2:9a:72:b4:72:99:ba:3d:ab:e5:f4:b8:1e:19:60:
21:51:6d:89:bb:64:fa:e4:05:51:61:c5:88:87:45:3f:75:d7:
b5:6a:9f:8d:9d:96:fa:1c:67:91:25:e3:44:9c:38:83:7c:8a:
05:8a:00:23:96:ca:e5:31:fd:44:5a:d5:6e:10:f1:aa:c5:ed:
eb:08:b4:8a:bb:27:3b:9e:fa:8d:05:16:09:78:44:48:5b:41:
ed:5f:49:61:70:a8:11:6e:f3:dd:9a:c9:29:a0:8c:89:73:41:
2c:cf:d2:08:05:0e:68:3b:5e:b4:de:d0:cf:fc:7f:b4:84:f4:
9b:e1:1e:d5:f2:04:e1:fd:f9:80:7d:a2:e5:1a:dc:97:6c:ad:
99:8b:ac:2b:85:48:47:05:46:ce:d2:57:96:12:a8:86:ea:b4:
9d:34:68:20
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ4ry9ErApfMt8VjtULADJfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTE1MTMyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQwNTM1ZWI1NDdjYTk4ZjY0NDE3OTRjOWM5YWFiYmM0YzE5MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCTQ8a44o2tBigjEfygTCRX4XE6U
cFMbNySnJi5j3OJ096WkibVHswXbS6pUPipbdVKuYvQD2oWVZevnxGV0w7yrSRxP
eCawQCUM3JU/ITgW2VNDh8Uks+zHMyXv3+3sfZlEzzYM2dxXG+DehvJDmghAuXxG
/Da3YEQYsXFnemiLGfFVi0RbsgD2GcFF1IkDCvFeTQ1ggb4adYgUPw3L4ZUc9Oov
mG2Hf9ACvbU4ByZjlcfOqzuLkDHMuKhyjuxEN/A+jXegy1ODgpwulYYt2mhr3EFk
FrVQ1ojT5lG5fDf3AkXs1PUenN8H5zkMbGndVnSWSARye5q9Agm73E/h5QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFN7QU161R8qY9kQXlMnJqrvEwZAwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM3RCVFhyVkh5cGoyUkJlVXljbXF1OFRCa0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAB8N
4AMEAC1C5AMEAC1C5wMEAC1Z9wMEAC1bwgMEAC2NngMEAFGh7gMEAFOPcQMEAFQ2
MwMEAVXZggMEAFd4VwMEAFd4fgMEAFd4pgMEAFz5MgMEAV17ZAMEAF17bQMEAJNO
ZQMEArnaVAMEALneoAMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEAQ9zk
4d+XVX7GGhWR2CQ3lyfMwtJwpRB/73oSvfPTz6IlOvpAb+C0oy5d8owAdKBQPV48
tQWP9RCGva0UA1zgy9gSVep2ByjU+DJr+IlCB1wBTEpg1ZKfXbc3P9yK8ppytHKZ
uj2r5fS4HhlgIVFtibtk+uQFUWHFiIdFP3XXtWqfjZ2W+hxnkSXjRJw4g3yKBYoA
I5bK5TH9RFrVbhDxqsXt6wi0irsnO576jQUWCXhESFtB7V9JYXCoEW7z3ZrJKaCM
iXNBLM/SCAUOaDtetN7Qz/x/tIT0m+Ee1fIE4f35gH2i5Rrcl2ytmYusK4VIRwVG
ztJXlhKohuq0nTRoIA==
-----END CERTIFICATE-----
Generated at Fri May 15 21:25:57 2026 by rpki-client