Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ASI3-gM-OYcgvKx41_9-0-MFno8.roa
File: ASI3-gM-OYcgvKx41_9-0-MFno8.roa (raw, json)
Hash identifier: rSz6ivInpdfIjSJs5vzuNUiUeq90iqCKHwJnYqFONoY=
Subject key identifier: 01:22:37:FA:03:3E:39:87:20:BC:AC:78:D7:FF:7E:D3:E3:05:9E:8F
Certificate issuer: /CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Certificate serial: 019D2FD4062BE60F047DA61916328CD60219
Authority key identifier: 9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ASI3-gM-OYcgvKx41_9-0-MFno8.roa
Signing time: Fri 27 Mar 2026 15:05:17 +0000
ROA not before: Fri 27 Mar 2026 15:05:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56694
IP address blocks: 31.177.108.0/22 maxlen: 24
45.154.184.0/22 maxlen: 24
91.219.148.0/22 maxlen: 24
94.198.50.0/23 maxlen: 24
94.198.52.0/22 maxlen: 24
109.238.92.0/22 maxlen: 24
152.89.216.0/22 maxlen: 24
178.255.126.0/23 maxlen: 24
185.9.144.0/22 maxlen: 24
185.130.248.0/22 maxlen: 24
188.127.224.0/20 maxlen: 24
188.127.240.0/22 maxlen: 24
188.127.244.0/23 maxlen: 24
188.127.248.0/22 maxlen: 24
188.127.253.0/24 maxlen: 24
188.127.254.0/23 maxlen: 24
213.171.16.0/21 maxlen: 24
2a06:dd00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:d4:06:2b:e6:0f:04:7d:a6:19:16:32:8c:d6:02:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Validity
Not Before: Mar 27 15:05:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=012237fa033e398720bcac78d7ff7ed3e3059e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7e:c3:0c:02:76:7a:4b:10:f1:9f:db:bc:cd:
ef:ad:bb:6f:20:21:ab:dc:2a:08:d8:25:63:7e:22:
40:a5:43:42:50:b2:c4:54:b1:ce:9c:73:14:f1:d4:
4d:6a:0d:f4:1a:0c:6e:77:de:64:0a:c2:18:b8:4e:
f6:1e:eb:7f:c1:7c:19:a7:39:c9:c5:55:20:01:83:
3b:d7:02:3a:35:99:31:b5:9c:c1:d2:2c:12:eb:03:
75:19:c2:07:59:ba:09:6a:eb:69:76:f0:3e:3d:13:
b1:09:23:cd:3d:ed:97:10:92:d1:2c:61:30:a2:b5:
e4:d2:21:b6:07:89:ea:fb:91:99:97:1d:9b:f1:f1:
88:e3:85:34:b5:14:f1:5b:85:92:2b:a9:c5:f3:d3:
1e:a2:a2:ce:df:ff:c0:3b:e6:e9:53:ab:a1:9c:a2:
ad:e3:55:8a:1c:7c:16:f9:8e:5f:ff:d1:69:0e:08:
b6:62:e9:8b:53:f8:3b:9c:4f:66:1a:9b:f6:29:40:
4f:df:87:f9:12:04:7f:5d:3d:a4:50:e2:29:89:1e:
9c:c8:bb:7c:03:c0:0f:00:9d:a7:12:7c:da:66:4e:
f2:a3:38:7c:e2:7d:f5:52:09:9c:9d:60:eb:92:6c:
0e:8b:a8:1c:68:a7:c7:43:5e:cc:d4:6c:b3:24:06:
14:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:22:37:FA:03:3E:39:87:20:BC:AC:78:D7:FF:7E:D3:E3:05:9E:8F
X509v3 Authority Key Identifier:
keyid:9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ASI3-gM-OYcgvKx41_9-0-MFno8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.108.0/22
45.154.184.0/22
91.219.148.0/22
94.198.50.0-94.198.55.255
109.238.92.0/22
152.89.216.0/22
178.255.126.0/23
185.9.144.0/22
185.130.248.0/22
188.127.224.0-188.127.245.255
188.127.248.0/22
188.127.253.0-188.127.255.255
213.171.16.0/21
IPv6:
2a06:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
66:86:4d:a7:43:19:1c:4d:6f:f6:ef:25:f8:9f:69:7d:bd:c5:
d0:11:fd:09:d8:8e:18:17:ed:3c:a3:01:49:55:19:05:44:48:
3d:3b:7b:d6:8c:58:68:bf:0c:3b:66:fc:6a:30:b2:70:cc:f9:
82:7d:7b:00:5e:fd:b8:5d:b9:ef:ae:4e:a8:b5:34:ed:ac:68:
51:5a:4f:c8:85:54:50:36:bf:db:6f:a3:8b:47:38:d3:f4:fc:
ad:a2:8b:06:70:a4:29:21:95:0b:a6:43:76:bc:e1:03:9c:d6:
44:1c:6a:6b:cd:22:54:30:8b:d5:30:35:5b:07:01:c3:f2:f3:
bf:77:66:2c:7b:4c:78:d9:22:6e:66:fc:04:0f:59:d5:56:b4:
f4:e7:54:b2:30:1f:69:1a:93:11:97:61:f9:be:c5:23:08:c0:
4a:9d:2f:7c:7f:72:89:c0:da:35:48:b8:6a:89:77:7e:32:0d:
02:12:ea:a5:3a:95:70:18:16:d4:1f:44:c5:87:68:66:d0:ab:
35:bb:c1:9e:59:c8:2e:3b:a7:77:c6:07:af:a7:58:11:06:1b:
9f:89:52:be:71:dc:53:51:1d:44:8c:f1:4b:84:26:30:76:56:
16:c8:30:ce:80:49:fa:c0:42:71:71:7c:58:3f:ef:9b:64:5c:
38:e5:32:8b
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ0v1AYr5g8EfaYZFjKM1gIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDhjMWQ4MDA4Y2RjMDU5ZGIwYjI3YWE5NTE0Nzk5YzA2
ZDU0NDMwHhcNMjYwMzI3MTUwNTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTIyMzdmYTAzM2UzOTg3MjBiY2FjNzhkN2ZmN2VkM2UzMDU5ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl37DDAJ2eksQ8Z/bvM3vrbtvICGr
3CoI2CVjfiJApUNCULLEVLHOnHMU8dRNag30Ggxud95kCsIYuE72Hut/wXwZpznJ
xVUgAYM71wI6NZkxtZzB0iwS6wN1GcIHWboJautpdvA+PROxCSPNPe2XEJLRLGEw
orXk0iG2B4nq+5GZlx2b8fGI44U0tRTxW4WSK6nF89MeoqLO3//AO+bpU6uhnKKt
41WKHHwW+Y5f/9FpDgi2YumLU/g7nE9mGpv2KUBP34f5EgR/XT2kUOIpiR6cyLt8
A8APAJ2nEnzaZk7yozh84n31UgmcnWDrkmwOi6gcaKfHQ17M1GyzJAYU4wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAEiN/oDPjmHILyseNf/ftPjBZ6PMB8GA1UdIwQY
MBaAFJpIwdgAjNwFnbCyeqlRR5nAbVRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAt
NWEzNjYzMTVjMTY2LzEvQVNJMy1nTS1PWWNndkt4NDFfOS0wLU1Gbm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAtNWEzNjYzMTVjMTY2
LzEvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwawQCAAEwZQMEAh+xbAME
Ai2auAMEAlvblDAMAwQBXsYyAwQDXsYwAwQCbe5cAwQCmFnYAwQBsv9+AwQCuQmQ
AwQCuYL4MAwDBAW8f+ADBAG8f/QDBAK8f/gwCwMEALx//QMDB7wAAwQD1asQMA0E
AgACMAcDBQAqBt0AMA0GCSqGSIb3DQEBCwUAA4IBAQBmhk2nQxkcTW/27yX4n2l9
vcXQEf0J2I4YF+08owFJVRkFREg9O3vWjFhovww7ZvxqMLJwzPmCfXsAXv24Xbnv
rk6otTTtrGhRWk/IhVRQNr/bb6OLRzjT9PytoosGcKQpIZULpkN2vOEDnNZEHGpr
zSJUMIvVMDVbBwHD8vO/d2Yse0x42SJuZvwED1nVVrT051SyMB9pGpMRl2H5vsUj
CMBKnS98f3KJwNo1SLhqiXd+Mg0CEuqlOpVwGBbUH0TFh2hm0Ks1u8GeWcguO6d3
xgevp1gRBhufiVK+cdxTUR1EjPFLhCYwdlYWyDDOgEn6wEJxcXxYP++bZFw45TKL
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:01:43 2026 by rpki-client