Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Psc60QoolkyBLI0pZqkSf7QGjjE.roa
File: Psc60QoolkyBLI0pZqkSf7QGjjE.roa (raw, json)
Hash identifier: f1O/aHL0VzGWzCYfTbMEk1NPqgv8Ih7t0gdi/Lqsbd8=
Subject key identifier: 3E:C7:3A:D1:0A:28:96:4C:81:2C:8D:29:66:A9:12:7F:B4:06:8E:31
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E4A92D800AE3B66FF1F63050E8613380A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Psc60QoolkyBLI0pZqkSf7QGjjE.roa
Signing time: Thu 21 May 2026 12:46:37 +0000
ROA not before: Thu 21 May 2026 12:46:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.13.224.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 May 2026 12:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4a:92:d8:00:ae:3b:66:ff:1f:63:05:0e:86:13:38:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 21 12:46:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ec73ad10a28964c812c8d2966a9127fb4068e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:9b:9e:5b:97:7c:47:e4:a0:3a:f3:6a:41:
09:c6:cd:a6:dc:fe:7c:9f:13:54:46:34:f6:d9:e6:
b6:b5:4a:b2:53:86:cc:7a:8f:23:42:63:8f:b5:9a:
af:b3:b9:59:37:b5:3e:01:c6:98:cd:13:50:fd:dd:
24:78:40:f0:94:38:70:42:2d:04:47:ca:95:d9:6d:
fe:ef:4f:66:3b:23:a8:da:6a:1b:b9:5f:08:aa:55:
b4:e6:f3:76:5b:17:cd:81:f7:ba:83:83:82:ca:84:
83:3b:5b:18:e4:a8:b6:a6:9a:ff:ec:46:7d:ad:f2:
4a:83:dd:50:9e:79:7b:41:f9:6e:21:5a:d8:b4:a3:
ed:4f:93:92:79:15:8f:55:f3:3c:da:1b:7a:14:31:
9d:eb:1f:f8:a5:bd:d6:14:6e:38:b3:a0:cd:ea:b2:
f4:3e:5e:8c:e8:d7:5f:cf:74:5a:8c:8a:06:04:3b:
b9:15:0a:9f:04:eb:77:53:97:d2:96:9a:75:a3:fb:
68:8c:47:44:a8:ce:f5:d0:6a:11:2c:ed:60:a1:c9:
50:b6:dd:47:1c:ed:0a:3c:9e:16:b3:15:4a:1d:92:
d3:e6:75:28:dd:33:4a:1d:45:dc:cc:51:e1:d0:55:
87:3f:61:39:6c:8a:7e:d0:52:fa:1a:94:5f:c3:d6:
54:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C7:3A:D1:0A:28:96:4C:81:2C:8D:29:66:A9:12:7F:B4:06:8E:31
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Psc60QoolkyBLI0pZqkSf7QGjjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
39:b9:34:91:0f:30:fc:08:c3:f9:a3:19:84:6d:02:76:d6:a4:
18:02:1a:89:36:e4:b9:f8:67:01:4d:8f:b0:07:cd:83:43:cb:
75:9d:5a:fe:51:16:03:d7:ef:99:fd:41:05:f5:48:14:90:0a:
12:58:00:7d:13:7d:cd:e6:ab:90:a5:b5:a6:9c:48:bc:6d:d3:
04:96:3e:6a:a8:8d:dd:2a:28:8a:28:27:a0:74:45:b4:0a:10:
92:24:e7:be:6a:6b:d9:02:2c:84:6b:93:45:ca:96:80:8c:26:
48:b5:16:88:5f:13:c0:9f:0d:9f:71:bc:39:e7:c5:a1:84:5f:
23:56:ea:b1:92:1c:e5:aa:c3:51:51:13:38:5f:0a:14:e5:23:
56:76:3e:2e:82:cb:bf:18:76:2b:6f:b5:01:f0:ef:2c:00:6a:
cb:e7:ef:d7:c2:6d:56:8c:a7:c6:c6:be:1e:fc:de:a9:1d:92:
d3:9e:a5:48:6a:17:6a:33:63:f8:56:8c:ca:85:d2:0e:b4:ec:
af:e3:2f:13:92:77:52:5e:91:7e:00:70:2d:05:80:40:2d:80:
19:a7:64:2e:ba:b2:9c:89:54:e8:3b:90:8a:cd:e5:0e:13:81:
d7:0a:46:f5:89:1b:f3:f5:23:08:02:bd:3e:6b:f6:f5:31:12:
18:9b:6b:a2
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ5KktgArjtm/x9jBQ6GEzgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTIxMTI0NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM3M2FkMTBhMjg5NjRjODEyYzhkMjk2NmE5MTI3ZmI0MDY4ZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/SbnluXfEfkoDrzakEJxs2m3P58
nxNURjT22ea2tUqyU4bMeo8jQmOPtZqvs7lZN7U+AcaYzRNQ/d0keEDwlDhwQi0E
R8qV2W3+709mOyOo2mobuV8IqlW05vN2WxfNgfe6g4OCyoSDO1sY5Ki2ppr/7EZ9
rfJKg91Qnnl7QfluIVrYtKPtT5OSeRWPVfM82ht6FDGd6x/4pb3WFG44s6DN6rL0
Pl6M6Ndfz3RajIoGBDu5FQqfBOt3U5fSlpp1o/tojEdEqM710GoRLO1goclQtt1H
HO0KPJ4WsxVKHZLT5nUo3TNKHUXczFHh0FWHP2E5bIp+0FL6GpRfw9ZUiwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFD7HOtEKKJZMgSyNKWapEn+0Bo4xMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUHNjNjBRb29sa3lCTEkwcFpxa1NmN1FHampFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
DeADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtjZ4DBABRoe4DBABTj3EDBABU
NjMDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBABc+TIDBAFde2QDBABd
e20DBABenLwDBACTTmUDBAK52lQDBAC53qADBADCN7oDBADCqa8wDQYJKoZIhvcN
AQELBQADggEBADm5NJEPMPwIw/mjGYRtAnbWpBgCGok25Ln4ZwFNj7AHzYNDy3Wd
Wv5RFgPX75n9QQX1SBSQChJYAH0Tfc3mq5CltaacSLxt0wSWPmqojd0qKIooJ6B0
RbQKEJIk575qa9kCLIRrk0XKloCMJki1FohfE8CfDZ9xvDnnxaGEXyNW6rGSHOWq
w1FREzhfChTlI1Z2Pi6Cy78YditvtQHw7ywAasvn79fCbVaMp8bGvh783qkdktOe
pUhqF2ozY/hWjMqF0g607K/jLxOSd1JekX4AcC0FgEAtgBmnZC66spyJVOg7kIrN
5Q4TgdcKRvWJG/P1IwgCvT5r9vUxEhiba6I=
-----END CERTIFICATE-----
Generated at Thu May 21 21:53:12 2026 by rpki-client