Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PRKZDc3Ssw_KJ2BfQWOYB9WbQmI.roa
File: PRKZDc3Ssw_KJ2BfQWOYB9WbQmI.roa (raw, json)
Hash identifier: 9N1BU4QZlNiG94dqQc71XATVOeXKg75vXWuSVlbYniU=
Subject key identifier: 3D:12:99:0D:CD:D2:B3:0F:CA:27:60:5F:41:63:98:07:D5:9B:42:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DF1CBFA1E5F9A98CF80965F8886431799
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PRKZDc3Ssw_KJ2BfQWOYB9WbQmI.roa
Signing time: Mon 04 May 2026 07:02:50 +0000
ROA not before: Mon 04 May 2026 07:02:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44828
IP address blocks: 45.139.123.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.133.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 May 2026 14:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f1:cb:fa:1e:5f:9a:98:cf:80:96:5f:88:86:43:17:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 4 07:02:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d12990dcdd2b30fca27605f41639807d59b4262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:62:08:97:44:0e:c2:16:9a:ca:89:1b:72:
b3:12:c2:e2:f6:8a:da:1b:ab:d7:3f:f7:4d:47:df:
c7:eb:ea:fe:bb:18:bb:45:35:46:da:c9:26:ac:39:
e8:47:b1:d8:1d:01:48:7a:8a:59:94:42:50:59:81:
8c:94:61:7b:25:ea:bf:13:77:fb:34:3b:39:24:93:
b0:98:ba:8c:ea:46:fe:b3:67:37:cf:9a:91:8a:6a:
8e:12:82:50:8b:ba:4a:1c:2f:9e:09:d1:88:69:27:
6c:b8:6a:5b:02:55:d2:c9:3b:9a:fa:4e:de:6f:80:
78:22:7d:b5:1f:61:8e:71:4a:1a:01:2e:01:16:23:
6a:df:3c:7c:88:69:e0:ea:38:76:d9:79:29:13:8f:
2f:05:5b:36:3a:98:09:e8:46:48:2d:0d:3d:14:57:
41:21:79:96:1c:19:61:31:28:24:51:53:37:5c:fa:
5f:d4:1c:20:a6:bf:a6:47:4a:c4:5f:7e:45:ef:08:
5a:b6:a2:54:9e:8c:73:3d:20:1c:9c:0b:84:8c:fa:
22:99:ac:ce:b8:73:19:48:83:95:75:2a:4a:3a:f1:
ec:66:c2:0d:a2:1e:c1:76:7b:ef:f6:34:54:4a:ab:
e6:df:74:05:ea:cc:4a:c9:32:79:3f:73:f9:a4:23:
6e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:12:99:0D:CD:D2:B3:0F:CA:27:60:5F:41:63:98:07:D5:9B:42:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PRKZDc3Ssw_KJ2BfQWOYB9WbQmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.123.0/24
87.120.33.0/24
87.121.133.0/24
94.154.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:01:b8:15:1b:30:ba:f0:2a:c5:01:d7:38:30:a8:40:dd:b5:
11:3a:f2:82:32:6b:a7:57:cf:22:cc:2a:5d:d8:be:77:f6:b0:
81:0a:6b:52:f6:ef:26:f6:53:d6:0e:ba:43:c2:ba:9f:39:77:
8d:f5:3e:82:45:3e:27:b3:3c:43:89:f2:83:18:00:ae:f1:01:
df:29:d3:2f:1c:b2:df:ff:1c:01:b9:9e:56:3b:b8:38:44:a4:
ed:75:af:ad:4a:8d:d4:2e:0d:35:5d:f7:3b:22:1e:d9:af:80:
7e:44:6f:ca:00:83:0b:aa:9d:ed:e0:f2:26:64:a0:b1:a1:6d:
49:f2:1d:d6:b7:ae:a6:76:a0:fe:89:0d:e3:af:8e:e1:39:6f:
e1:0c:90:60:f7:cf:e1:55:0a:75:49:2f:0f:77:64:d3:10:0e:
6e:3f:c3:c7:ec:f6:b0:ae:ba:cc:2d:75:2e:34:9b:9d:74:f0:
d7:7b:99:65:40:95:35:b5:0c:8b:92:2a:3f:0c:d3:42:7a:5e:
36:aa:1e:77:b1:e1:7f:29:c4:1f:47:cd:fb:77:2c:02:e1:42:
73:8f:7b:ce:68:9f:15:21:e8:83:0c:d1:fd:24:81:d6:04:17:
dc:e6:5a:e5:96:3c:37:f0:dc:7d:5d:37:03:7d:b8:7d:02:7d:
74:2d:bb:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3xy/oeX5qYz4CWX4iGQxeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTA0MDcwMjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDEyOTkwZGNkZDJiMzBmY2EyNzYwNWY0MTYzOTgwN2Q1OWI0MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGtiCJdEDsIWmsqJG3KzEsLi9ora
G6vXP/dNR9/H6+r+uxi7RTVG2skmrDnoR7HYHQFIeopZlEJQWYGMlGF7Jeq/E3f7
NDs5JJOwmLqM6kb+s2c3z5qRimqOEoJQi7pKHC+eCdGIaSdsuGpbAlXSyTua+k7e
b4B4In21H2GOcUoaAS4BFiNq3zx8iGng6jh22XkpE48vBVs2OpgJ6EZILQ09FFdB
IXmWHBlhMSgkUVM3XPpf1Bwgpr+mR0rEX35F7whatqJUnoxzPSAcnAuEjPoimazO
uHMZSIOVdSpKOvHsZsINoh7Bdnvv9jRUSqvm33QF6sxKyTJ5P3P5pCNu1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD0SmQ3N0rMPyidgX0FjmAfVm0JiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUFJLWkRjM1Nzd19LSjJCZlFXT1lCOVdiUW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYt7AwQA
V3ghAwQAV3mFAwQAXpqhMA0GCSqGSIb3DQEBCwUAA4IBAQB7AbgVGzC68CrFAdc4
MKhA3bUROvKCMmunV88izCpd2L539rCBCmtS9u8m9lPWDrpDwrqfOXeN9T6CRT4n
szxDifKDGACu8QHfKdMvHLLf/xwBuZ5WO7g4RKTtda+tSo3ULg01Xfc7Ih7Zr4B+
RG/KAIMLqp3t4PImZKCxoW1J8h3Wt66mdqD+iQ3jr47hOW/hDJBg98/hVQp1SS8P
d2TTEA5uP8PH7PawrrrMLXUuNJuddPDXe5llQJU1tQyLkio/DNNCel42qh53seF/
KcQfR837dywC4UJzj3vOaJ8VIeiDDNH9JIHWBBfc5lrlljw38Nx9XTcDfbh9An10
LbvE
-----END CERTIFICATE-----
Generated at Mon May 4 21:24:40 2026 by rpki-client