Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/scy3JA7ODcaFfLyc1vMHTNRaqs4.roa
File: scy3JA7ODcaFfLyc1vMHTNRaqs4.roa (raw, json)
Hash identifier: nNaNAs8EoRMTp0K0I2YJHQNN+g9yMh71v7UEMzO0Tls=
Subject key identifier: B1:CC:B7:24:0E:CE:0D:C6:85:7C:BC:9C:D6:F3:07:4C:D4:5A:AA:CE
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019E878F2B0033B3EDCC74FA0A1E97EEABE6
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/scy3JA7ODcaFfLyc1vMHTNRaqs4.roa
Signing time: Tue 02 Jun 2026 08:59:27 +0000
ROA not before: Tue 02 Jun 2026 08:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.24.0/24 maxlen: 24
89.21.86.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
194.61.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:8f:2b:00:33:b3:ed:cc:74:fa:0a:1e:97:ee:ab:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 2 08:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1ccb7240ece0dc6857cbc9cd6f3074cd45aaace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0c:ca:71:9b:39:91:89:85:76:c6:8c:1c:c4:
ce:4e:51:79:d3:5f:70:0b:4a:13:41:05:46:18:59:
cd:69:1f:1b:f3:aa:0f:23:4e:e0:20:85:1e:fc:9a:
c9:cb:d0:d4:b3:20:af:74:ba:85:c9:a1:59:5e:64:
52:b4:20:59:1d:c7:db:a8:83:54:78:fe:14:94:4a:
78:7b:28:14:db:54:bd:87:3a:89:51:4c:16:40:a6:
61:dc:b1:b7:32:fe:b3:d3:38:aa:5f:bf:b0:bb:24:
ae:12:d3:29:05:f2:6c:6b:38:36:e6:ad:56:da:10:
f1:de:a2:5f:7f:3b:b8:f5:83:54:f9:49:4b:ce:bd:
72:15:0c:6c:b4:4b:be:79:30:1b:6b:b3:e3:f9:75:
20:91:69:7b:7f:38:27:e4:1c:0a:f0:60:8b:02:0c:
b1:9e:66:44:f2:a1:de:a8:3d:36:39:5b:9d:2e:18:
d8:ba:2b:e2:d8:41:4e:e0:70:e8:29:4b:9e:1f:97:
a8:91:7d:d0:db:bb:fa:34:83:f0:be:03:99:53:0e:
08:bc:bf:c9:09:67:5a:8c:92:e5:0f:1d:06:49:fc:
94:e0:a4:75:25:84:af:f5:77:99:47:dc:ea:a3:7a:
55:b5:dc:44:68:fa:ef:d7:64:a0:90:0b:10:9d:f9:
f9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CC:B7:24:0E:CE:0D:C6:85:7C:BC:9C:D6:F3:07:4C:D4:5A:AA:CE
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/scy3JA7ODcaFfLyc1vMHTNRaqs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.24.0/24
89.21.86.0/24
91.210.145.0/24
109.122.43.0/24
194.61.75.0/24
Signature Algorithm: sha256WithRSAEncryption
37:bb:bb:01:71:5f:da:39:f9:63:ec:60:a2:a5:65:ce:25:53:
ed:7c:89:d2:74:9e:2c:b5:c0:fc:14:23:99:79:49:c4:ba:4d:
d4:33:5b:39:5c:02:0f:c1:76:47:33:5e:85:5d:08:b3:12:18:
a6:4b:c1:c0:ba:d2:08:78:6e:8e:4d:c7:30:9a:4f:29:1e:d5:
62:15:16:6c:97:75:13:86:dd:52:e5:26:36:8b:7f:99:3c:64:
57:0b:0c:bd:f3:96:9a:f5:3c:60:2e:5f:29:da:e7:52:64:e9:
bb:30:91:f6:60:78:26:07:43:89:4d:9c:51:84:93:a8:c9:0e:
90:74:c1:88:73:4b:f3:5a:e1:45:fd:91:50:de:92:51:6c:7a:
b7:28:9b:8f:8c:84:ab:57:ec:8f:dd:c7:47:02:ce:77:e0:24:
97:ca:27:31:e7:bc:8e:7f:b3:54:22:5e:cd:24:ce:a3:5f:4b:
fb:b1:49:fb:19:94:29:13:46:79:c1:66:58:a6:b1:f9:c5:0c:
33:39:bc:fa:77:c2:83:c6:01:a6:42:0c:8f:57:4c:49:7c:33:
da:91:53:f2:cf:f9:ae:5c:40:0e:25:92:b2:fb:68:e1:94:d2:
8d:07:b4:ff:63:39:50:fe:e7:b2:0c:1d:30:8f:2f:e7:e1:98:
fc:8b:10:fe
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6HjysAM7PtzHT6Ch6X7qvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjYwNjAyMDg1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWNjYjcyNDBlY2UwZGM2ODU3Y2JjOWNkNmYzMDc0Y2Q0NWFhYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQzKcZs5kYmFdsaMHMTOTlF5019w
C0oTQQVGGFnNaR8b86oPI07gIIUe/JrJy9DUsyCvdLqFyaFZXmRStCBZHcfbqINU
eP4UlEp4eygU21S9hzqJUUwWQKZh3LG3Mv6z0ziqX7+wuySuEtMpBfJsazg25q1W
2hDx3qJffzu49YNU+UlLzr1yFQxstEu+eTAba7Pj+XUgkWl7fzgn5BwK8GCLAgyx
nmZE8qHeqD02OVudLhjYuivi2EFO4HDoKUueH5eokX3Q27v6NIPwvgOZUw4IvL/J
CWdajJLlDx0GSfyU4KR1JYSv9XeZR9zqo3pVtdxEaPrv12SgkAsQnfn5yQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLHMtyQOzg3GhXy8nNbzB0zUWqrOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvc2N5M0pBN09EY2FGZkx5YzF2TUhUTlJhcXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZUYAwQA
WRVWAwQAW9KRAwQAbXorAwQAwj1LMA0GCSqGSIb3DQEBCwUAA4IBAQA3u7sBcV/a
Oflj7GCipWXOJVPtfInSdJ4stcD8FCOZeUnEuk3UM1s5XAIPwXZHM16FXQizEhim
S8HAutIIeG6OTccwmk8pHtViFRZsl3UTht1S5SY2i3+ZPGRXCwy985aa9TxgLl8p
2udSZOm7MJH2YHgmB0OJTZxRhJOoyQ6QdMGIc0vzWuFF/ZFQ3pJRbHq3KJuPjISr
V+yP3cdHAs534CSXyicx57yOf7NUIl7NJM6jX0v7sUn7GZQpE0Z5wWZYprH5xQwz
Obz6d8KDxgGmQgyPV0xJfDPakVPyz/muXEAOJZKy+2jhlNKNB7T/YzlQ/ueyDB0w
jy/n4Zj8ixD+
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:41 2026 by rpki-client