Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/H-3bQ-7Lc-BNSgANmO6MHSsPLSs.roa
File: H-3bQ-7Lc-BNSgANmO6MHSsPLSs.roa (raw, json)
Hash identifier: F2USW61FAReCMbWyEgVR2l80hK+ZfBgaE66ET3G7sBk=
Subject key identifier: 1F:ED:DB:43:EE:CB:73:E0:4D:4A:00:0D:98:EE:8C:1D:2B:0F:2D:2B
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 019E68C478F3DEFDC7732A2A2F043104D5CB
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/H-3bQ-7Lc-BNSgANmO6MHSsPLSs.roa
Signing time: Wed 27 May 2026 09:29:26 +0000
ROA not before: Wed 27 May 2026 09:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.26.0/24 maxlen: 24
85.12.27.0/24 maxlen: 24
85.12.28.0/22 maxlen: 24
85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.208.0/20 maxlen: 20
185.91.28.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
193.138.221.0/24 maxlen: 24
193.138.222.0/24 maxlen: 24
193.138.223.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:4::/48 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:c4:78:f3:de:fd:c7:73:2a:2a:2f:04:31:04:d5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: May 27 09:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1feddb43eecb73e04d4a000d98ee8c1d2b0f2d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0c:26:b2:1f:6f:b3:26:eb:06:fd:a1:27:e8:
65:0b:01:06:30:b7:25:dc:6c:2f:16:8f:5f:ff:3e:
11:1e:03:16:f0:b8:7e:32:27:1a:8c:e6:5c:f4:c6:
2e:9d:2e:38:2f:36:92:a9:49:20:a0:27:4e:94:0d:
ca:8f:98:e4:0b:9b:d1:01:11:3a:58:e8:87:f5:3d:
d8:7c:6e:fe:ba:98:c3:a6:a3:29:d3:4b:1a:aa:88:
e6:66:1f:2c:99:4f:8a:13:c3:dd:93:e1:a8:bb:f2:
a3:8c:a0:c8:fa:b2:39:2f:87:a2:17:c7:62:39:45:
aa:0c:da:7a:57:72:9d:68:f1:8d:a8:1c:76:99:8f:
89:f2:e9:72:37:9e:d8:54:fb:4f:9d:6f:5f:eb:6a:
2d:bb:4b:0a:eb:e0:7b:a8:5e:5a:76:a0:0e:4a:cc:
29:de:6a:f3:4f:b2:cb:52:79:4e:28:8d:c9:4a:33:
ae:f9:0f:eb:54:5d:22:3c:1f:93:ca:3d:35:10:0d:
0a:6d:fc:47:0b:c0:73:2b:04:ee:ce:07:19:44:f6:
65:a4:97:56:17:8f:38:74:d8:ca:2b:9b:87:0e:8b:
d2:db:32:cd:97:95:49:e5:a7:2e:27:63:67:b7:dc:
c6:e5:98:3f:3e:ed:75:6c:a7:7d:bf:d2:3e:4f:d8:
e1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:ED:DB:43:EE:CB:73:E0:4D:4A:00:0D:98:EE:8C:1D:2B:0F:2D:2B
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/H-3bQ-7Lc-BNSgANmO6MHSsPLSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.26.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.208.0/20
185.91.28.0/24
193.138.220.0/22
195.200.84.0/23
IPv6:
2a01:788:4::/48
2a01:788:1000::/48
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c8:65:ce:3d:3c:fd:93:c2:62:be:40:4f:4d:9e:56:9b:dd:ed:
f8:bc:25:8e:87:0a:2c:66:f5:3d:af:cc:ff:02:2e:46:6a:13:
92:6f:48:ea:06:7d:bb:80:06:c1:9a:d6:ee:9f:68:78:4b:2c:
24:3b:7a:0e:aa:8f:7f:c7:bf:24:c5:aa:d4:7d:a0:31:b3:e0:
51:00:e4:d2:8e:dd:fe:b2:79:ff:36:7a:a0:d1:a2:65:9b:4d:
6e:7f:01:a8:fc:30:cc:25:34:83:3e:03:3b:c6:86:41:e5:29:
4e:d8:73:34:04:1d:7e:a8:c7:28:89:88:64:1a:23:95:31:55:
c6:89:fb:f9:41:2d:7e:fd:8a:05:88:c1:05:83:1b:4d:85:05:
c0:c2:f3:d7:83:49:39:41:06:19:a4:9f:38:21:b3:a5:8c:1e:
5b:04:f9:49:6b:48:76:0f:3f:88:78:d4:7c:d4:69:09:66:a4:
5d:01:dd:af:25:b6:1c:37:29:e6:2c:1a:7b:2d:3d:f5:bb:a7:
1b:dd:ab:08:4e:a6:d5:28:e0:1c:5e:bf:87:9c:28:d5:79:76:
4f:34:55:77:01:cc:f2:d4:21:84:0d:17:eb:c4:04:2b:cb:02:
32:51:9d:a1:e7:b7:26:96:58:51:00:6b:50:38:80:e8:f4:d4:
ec:a1:d6:4d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ5oxHjz3v3HcyoqLwQxBNXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjYwNTI3MDkyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVkZGI0M2VlY2I3M2UwNGQ0YTAwMGQ5OGVlOGMxZDJiMGYyZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Awmsh9vsybrBv2hJ+hlCwEGMLcl
3GwvFo9f/z4RHgMW8Lh+MicajOZc9MYunS44LzaSqUkgoCdOlA3Kj5jkC5vRARE6
WOiH9T3YfG7+upjDpqMp00saqojmZh8smU+KE8Pdk+Gou/KjjKDI+rI5L4eiF8di
OUWqDNp6V3KdaPGNqBx2mY+J8ulyN57YVPtPnW9f62otu0sK6+B7qF5adqAOSswp
3mrzT7LLUnlOKI3JSjOu+Q/rVF0iPB+Tyj01EA0KbfxHC8BzKwTuzgcZRPZlpJdW
F484dNjKK5uHDovS2zLNl5VJ5acuJ2Nnt9zG5Zg/Pu11bKd9v9I+T9jhGwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFB/t20Puy3PgTUoADZjujB0rDy0rMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvSC0zYlEtN0xjLUJOU2dBTm1PNk1IU3NQTFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajA6BAIAATA0MAwDBAFVDBoD
BANVDDAwDAMEAVUMOgMEBlUMAAMEBFuU0AMEALlbHAMEAsGK3AMEAcPIVDAsBAIA
AjAmAwcAKgEHiAAEAwcAKgEHiBAAMBIDBwEqAQeIqqoDBwAqAQeIqqwwDQYJKoZI
hvcNAQELBQADggEBAMhlzj08/ZPCYr5AT02eVpvd7fi8JY6HCixm9T2vzP8CLkZq
E5JvSOoGfbuABsGa1u6faHhLLCQ7eg6qj3/HvyTFqtR9oDGz4FEA5NKO3f6yef82
eqDRomWbTW5/Aaj8MMwlNIM+AzvGhkHlKU7YczQEHX6oxyiJiGQaI5UxVcaJ+/lB
LX79igWIwQWDG02FBcDC89eDSTlBBhmknzghs6WMHlsE+UlrSHYPP4h41HzUaQlm
pF0B3a8lthw3KeYsGnstPfW7pxvdqwhOptUo4Bxev4ecKNV5dk80VXcBzPLUIYQN
F+vEBCvLAjJRnaHntyaWWFEAa1A4gOj01Oyh1k0=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:37 2026 by rpki-client