
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/p3zDIjcAWzrwrNrpwE_PsccEM3A.roa
File: p3zDIjcAWzrwrNrpwE_PsccEM3A.roa (raw, json)
Hash identifier: jLiAzTfka0/Q0jf7zmlCDsBaadFbTH7kx2Q/ozkOt3Y=
Subject key identifier: A7:7C:C3:22:37:00:5B:3A:F0:AC:DA:E9:C0:4F:CF:B1:C7:04:33:70
Certificate issuer: /CN=3f60f6e6b404e03401ac3d7491bab633fe6a129f
Certificate serial: 019F2368F54B76D48FCBEF37EACC6B245352
Authority key identifier: 3F:60:F6:E6:B4:04:E0:34:01:AC:3D:74:91:BA:B6:33:FE:6A:12:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P2D25rQE4DQBrD10kbq2M_5qEp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/p3zDIjcAWzrwrNrpwE_PsccEM3A.roa
Signing time: Thu 02 Jul 2026 15:18:28 +0000
ROA not before: Thu 02 Jul 2026 15:18:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8717
IP address blocks: 195.128.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/P2D25rQE4DQBrD10kbq2M_5qEp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/P2D25rQE4DQBrD10kbq2M_5qEp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/P2D25rQE4DQBrD10kbq2M_5qEp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 09:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:f5:4b:76:d4:8f:cb:ef:37:ea:cc:6b:24:53:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f60f6e6b404e03401ac3d7491bab633fe6a129f
Validity
Not Before: Jul 2 15:18:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a77cc32237005b3af0acdae9c04fcfb1c7043370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4d:45:fa:98:36:dc:cf:74:e3:cd:4e:46:35:
f5:db:ec:8c:ce:53:a4:71:06:6e:50:59:0d:bf:d4:
fe:e0:95:34:e6:e2:42:30:ec:1b:85:c4:6b:7f:f5:
10:c0:27:82:f2:67:f0:bd:c4:a8:69:2a:e8:99:fc:
3b:d7:3c:e2:39:7f:b5:b7:83:d8:c2:07:28:49:6a:
b6:4d:d7:ab:62:a1:d2:a6:9a:cc:e5:3f:8b:20:ea:
fc:66:ef:ac:f1:3e:70:e6:0f:de:8e:2e:42:b4:61:
f1:1f:31:f5:50:ac:c5:4e:d9:fe:96:28:bd:61:7d:
94:9b:a7:a0:9c:ce:01:6c:94:c8:39:1a:95:21:42:
13:32:73:43:79:e7:7c:f7:05:2f:1f:07:22:54:79:
ce:d9:ab:74:0d:c6:aa:68:30:e7:77:f8:31:85:1d:
ab:d3:58:84:48:a5:2b:4b:a2:3a:e0:38:81:06:b7:
c5:4d:34:de:59:ab:d3:d0:22:54:57:b0:c7:63:31:
a1:60:85:ab:80:5e:a9:9f:f5:44:51:c3:37:70:58:
9e:c2:19:b2:5f:9f:fa:2a:d8:1d:45:4a:b2:ab:8a:
d6:1d:05:d7:96:93:b5:4b:10:ed:55:bf:75:88:f0:
7a:29:48:55:e6:b8:8a:7f:04:d4:d3:aa:8c:7d:0b:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:7C:C3:22:37:00:5B:3A:F0:AC:DA:E9:C0:4F:CF:B1:C7:04:33:70
X509v3 Authority Key Identifier:
keyid:3F:60:F6:E6:B4:04:E0:34:01:AC:3D:74:91:BA:B6:33:FE:6A:12:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2D25rQE4DQBrD10kbq2M_5qEp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/p3zDIjcAWzrwrNrpwE_PsccEM3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1356cf-ab79-4c69-9e55-628400671d0e/1/P2D25rQE4DQBrD10kbq2M_5qEp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.134.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9a:69:d0:dd:2d:2e:58:dc:4a:39:a5:73:4f:ac:72:14:94:
c0:8f:73:71:5a:39:d5:85:67:47:80:10:00:da:66:3e:8e:e8:
97:6b:00:d9:37:2d:d2:59:9c:ed:3d:ee:99:e0:01:a6:d3:a8:
17:a2:d2:e9:fe:75:6c:39:50:d8:dd:de:ee:03:4f:d8:f7:d8:
7c:62:dd:22:5f:ef:0c:13:fd:cf:69:fb:72:d0:77:b9:27:38:
e8:c3:51:10:af:29:c5:77:44:5c:3b:ac:cc:aa:4c:ab:73:0c:
c3:17:f3:5f:ad:52:1b:0c:bd:f8:29:7d:79:64:af:00:46:1d:
8c:2c:78:0f:bc:7b:90:03:b2:f5:55:d2:10:71:7a:b7:72:ac:
78:19:0b:43:49:4f:88:c7:77:79:34:3d:46:20:36:74:f3:42:
ef:20:af:dc:cb:59:8c:5c:ab:03:5e:f4:a6:5e:ef:47:5e:c0:
7d:73:33:90:94:84:8b:4c:79:53:88:04:9d:cf:ee:14:2b:57:
6e:35:c3:55:7f:c4:21:ae:9c:b0:01:ab:30:cc:44:5c:19:7a:
a2:fd:77:43:20:9c:66:ea:0b:33:b4:8a:79:c0:ff:13:3e:bf:
4e:80:5c:be:ca:f4:72:e6:74:9d:cf:ed:f2:2b:03:35:bf:49:
f1:7b:36:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaPVLdtSPy+836sxrJFNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjBmNmU2YjQwNGUwMzQwMWFjM2Q3NDkxYmFiNjMzZmU2
YTEyOWYwHhcNMjYwNzAyMTUxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdjYzMyMjM3MDA1YjNhZjBhY2RhZTljMDRmY2ZiMWM3MDQzMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6k1F+pg23M90481ORjX12+yMzlOk
cQZuUFkNv9T+4JU05uJCMOwbhcRrf/UQwCeC8mfwvcSoaSromfw71zziOX+1t4PY
wgcoSWq2TderYqHSpprM5T+LIOr8Zu+s8T5w5g/eji5CtGHxHzH1UKzFTtn+lii9
YX2Um6egnM4BbJTIORqVIUITMnNDeed89wUvHwciVHnO2at0DcaqaDDnd/gxhR2r
01iESKUrS6I64DiBBrfFTTTeWavT0CJUV7DHYzGhYIWrgF6pn/VEUcM3cFiewhmy
X5/6KtgdRUqyq4rWHQXXlpO1SxDtVb91iPB6KUhV5riKfwTU06qMfQsgEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKd8wyI3AFs68Kza6cBPz7HHBDNwMB8GA1UdIwQY
MBaAFD9g9ua0BOA0Aaw9dJG6tjP+ahKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJEMjVyUUU0RFFCckQxMGticTJNXzVxRXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xMzU2Y2YtYWI3OS00YzY5LTllNTUt
NjI4NDAwNjcxZDBlLzEvcDN6RElqY0FXenJ3ck5ycHdFX1BzY2NFTTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xMzU2Y2YtYWI3OS00YzY5LTllNTUtNjI4NDAwNjcxZDBl
LzEvUDJEMjVyUUU0RFFCckQxMGticTJNXzVxRXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CGMA0G
CSqGSIb3DQEBCwUAA4IBAQBymmnQ3S0uWNxKOaVzT6xyFJTAj3NxWjnVhWdHgBAA
2mY+juiXawDZNy3SWZztPe6Z4AGm06gXotLp/nVsOVDY3d7uA0/Y99h8Yt0iX+8M
E/3Pafty0He5Jzjow1EQrynFd0RcO6zMqkyrcwzDF/NfrVIbDL34KX15ZK8ARh2M
LHgPvHuQA7L1VdIQcXq3cqx4GQtDSU+Ix3d5ND1GIDZ080LvIK/cy1mMXKsDXvSm
Xu9HXsB9czOQlISLTHlTiASdz+4UK1duNcNVf8QhrpywAaswzERcGXqi/XdDIJxm
6gsztIp5wP8TPr9OgFy+yvRy5nSdz+3yKwM1v0nxezZW
-----END CERTIFICATE-----
Generated at Fri Jul 3 16:51:48 2026 by rpki-client