Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/3SGaIwhtWysQLWn0sQ-j25aYWzk.roa
File: 3SGaIwhtWysQLWn0sQ-j25aYWzk.roa (raw, json)
Hash identifier: 6nFcHI9+JyUVi2ufE9HEixwgDofNaQHxTSquSnDsJV8=
Subject key identifier: DD:21:9A:23:08:6D:5B:2B:10:2D:69:F4:B1:0F:A3:DB:96:98:5B:39
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 019ED58C7E8D16622D856466F992BBB33312
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/3SGaIwhtWysQLWn0sQ-j25aYWzk.roa
Signing time: Wed 17 Jun 2026 12:26:54 +0000
ROA not before: Wed 17 Jun 2026 12:26:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57922
IP address blocks: 2a0f:4d00::/29 maxlen: 48
2a0f:4d00:1::/48 maxlen: 48
2a0f:4d00:2::/48 maxlen: 48
2a0f:4d00:3::/48 maxlen: 48
2a0f:4d00:4::/48 maxlen: 48
2a0f:4d00:5::/48 maxlen: 48
2a0f:4d00:6::/48 maxlen: 48
2a0f:4d00:7::/48 maxlen: 48
2a0f:4d00:8::/48 maxlen: 48
2a0f:4d00:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d5:8c:7e:8d:16:62:2d:85:64:66:f9:92:bb:b3:33:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Jun 17 12:26:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd219a23086d5b2b102d69f4b10fa3db96985b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:45:b6:45:55:bf:50:8e:d6:98:3a:68:94:d7:
9d:ca:23:e6:91:80:7e:63:b9:9c:cb:d8:92:3d:c0:
d9:a9:0c:4c:0e:3d:41:19:68:8b:6e:f0:4b:6a:41:
45:fe:15:30:89:7e:da:c6:4f:05:b4:33:5c:ce:c0:
e4:00:ec:62:33:95:c7:92:27:20:d2:d6:8c:e5:06:
44:31:4e:8f:0c:6f:c5:a0:7b:70:54:f4:f8:24:c9:
92:74:b1:60:c7:2e:d9:f4:81:33:dd:8f:e7:dd:8e:
36:bf:5e:e1:d2:8c:62:c5:0a:a5:9c:d3:b9:4d:7b:
8b:b1:7e:de:8d:c1:e9:22:28:01:73:ee:14:04:d9:
b5:5d:d1:aa:9d:0b:7e:59:6e:02:11:96:13:e7:9f:
11:52:53:d3:48:40:2c:7e:87:4d:2f:73:cd:54:b0:
04:ea:3b:3a:81:31:44:a2:38:d6:cd:70:0c:05:cb:
a8:80:64:24:ac:d4:ab:8f:d9:ec:15:6e:48:de:54:
be:6d:36:75:56:18:11:c0:e5:93:8c:09:cf:78:2b:
1e:13:f6:4f:09:4e:cd:44:70:59:7f:12:23:2f:b8:
46:16:a2:13:46:83:d7:dd:4f:f1:e0:9b:64:c9:b4:
48:f7:24:6c:2d:04:bf:bb:1c:18:da:95:cb:72:66:
34:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:21:9A:23:08:6D:5B:2B:10:2D:69:F4:B1:0F:A3:DB:96:98:5B:39
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/3SGaIwhtWysQLWn0sQ-j25aYWzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
74:8d:a8:c3:bc:48:3e:f4:8b:57:ec:0c:0f:43:d6:1e:28:fb:
86:ce:06:c2:52:33:93:98:25:60:47:8b:58:ac:7f:8b:ad:81:
23:99:e1:b4:ba:72:5c:65:27:34:11:d0:ce:10:6d:10:1c:2b:
cc:5a:0e:bc:e7:4f:09:18:e4:0e:53:b9:75:0f:9d:23:42:83:
ba:4b:a4:3b:5f:a3:4d:02:69:ef:4f:51:b1:2a:e7:dd:24:ee:
50:e9:15:45:3f:e3:5d:94:06:ae:06:92:30:a9:db:06:ec:58:
71:80:bc:b7:b1:ec:a3:7f:c2:a0:a5:3d:90:c1:fa:3f:b7:a5:
4f:b7:e5:7e:96:5a:6c:8f:93:63:38:9f:cb:2b:d8:26:46:ac:
50:97:52:09:c2:f8:91:36:00:ad:e7:da:77:31:6e:e2:bd:a8:
06:c2:a9:8e:e4:c2:61:d4:5e:ef:1f:81:02:ad:9d:b1:eb:2e:
16:a1:42:bd:80:6e:28:e5:1a:4d:64:02:5f:99:2a:0d:d5:13:
5f:1f:7e:9b:13:5c:c1:ea:ea:e7:df:75:f6:4e:c9:22:5b:02:
4f:67:07:11:ce:1c:33:ad:58:95:a5:d3:b4:91:1a:53:53:46:
3e:a3:5c:25:c1:0f:ca:1a:da:63:15:c5:29:de:05:a4:70:bd:
1a:67:7d:fc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ7VjH6NFmIthWRm+ZK7szMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjYwNjE3MTIyNjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDIxOWEyMzA4NmQ1YjJiMTAyZDY5ZjRiMTBmYTNkYjk2OTg1YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUW2RVW/UI7WmDpolNedyiPmkYB+
Y7mcy9iSPcDZqQxMDj1BGWiLbvBLakFF/hUwiX7axk8FtDNczsDkAOxiM5XHkicg
0taM5QZEMU6PDG/FoHtwVPT4JMmSdLFgxy7Z9IEz3Y/n3Y42v17h0oxixQqlnNO5
TXuLsX7ejcHpIigBc+4UBNm1XdGqnQt+WW4CEZYT558RUlPTSEAsfodNL3PNVLAE
6js6gTFEojjWzXAMBcuogGQkrNSrj9nsFW5I3lS+bTZ1VhgRwOWTjAnPeCseE/ZP
CU7NRHBZfxIjL7hGFqITRoPX3U/x4JtkybRI9yRsLQS/uxwY2pXLcmY0MwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN0hmiMIbVsrEC1p9LEPo9uWmFs5MB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvM1NHYUl3aHRXeXNRTFduMHNRLWoyNWFZV3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9NADAN
BgkqhkiG9w0BAQsFAAOCAQEAdI2ow7xIPvSLV+wMD0PWHij7hs4GwlIzk5glYEeL
WKx/i62BI5nhtLpyXGUnNBHQzhBtEBwrzFoOvOdPCRjkDlO5dQ+dI0KDukukO1+j
TQJp709RsSrn3STuUOkVRT/jXZQGrgaSMKnbBuxYcYC8t7Hso3/CoKU9kMH6P7el
T7flfpZabI+TYzifyyvYJkasUJdSCcL4kTYArefadzFu4r2oBsKpjuTCYdRe7x+B
Aq2dsesuFqFCvYBuKOUaTWQCX5kqDdUTXx9+mxNcwerq59919k7JIlsCT2cHEc4c
M61YlaXTtJEaU1NGPqNcJcEPyhraYxXFKd4FpHC9Gmd9/A==
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:32:54 2026 by rpki-client