Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PJovINnr20-leWA7kJPKMBrKmtg.roa
File: PJovINnr20-leWA7kJPKMBrKmtg.roa (raw, json)
Hash identifier: 3MaNZNbZej5H9oqAeSz+6mwaBQ79zqRtFjAY7Mq3TKk=
Subject key identifier: 3C:9A:2F:20:D9:EB:DB:4F:A5:79:60:3B:90:93:CA:30:1A:CA:9A:D8
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019ED057347F6B3D9DF030E6E69D7854B7EE
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PJovINnr20-leWA7kJPKMBrKmtg.roa
Signing time: Tue 16 Jun 2026 12:10:36 +0000
ROA not before: Tue 16 Jun 2026 12:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20766
IP address blocks: 45.94.17.0/24 maxlen: 24
45.94.18.0/23 maxlen: 23
45.94.19.0/24 maxlen: 24
80.67.160.0/19 maxlen: 19
80.67.182.0/24 maxlen: 24
185.57.124.0/22 maxlen: 22
193.23.30.0/24 maxlen: 24
2001:910::/32 maxlen: 32
2001:913:4000::/36 maxlen: 36
2a04:9ac2::/32 maxlen: 32
2a0f:6780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d0:57:34:7f:6b:3d:9d:f0:30:e6:e6:9d:78:54:b7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jun 16 12:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c9a2f20d9ebdb4fa579603b9093ca301aca9ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:09:7b:e6:4d:91:91:db:80:63:72:b9:ec:ed:
a3:e8:d4:de:7b:1c:b3:f0:32:7f:0e:e1:81:dd:03:
53:02:da:b6:40:52:e2:7c:33:e5:fa:dc:88:d5:49:
0d:31:cc:a2:6d:78:b1:8b:fb:28:d4:77:61:5d:14:
d0:1f:67:4b:3f:ae:c5:9a:99:18:64:fe:57:b0:3a:
3e:a7:65:19:12:36:53:d8:9a:ab:20:9d:76:8f:79:
cc:82:84:fc:62:1c:57:03:e1:b9:04:24:00:27:67:
f4:ae:36:b4:3c:80:67:a9:ec:f2:6f:39:6e:d8:e6:
f1:85:9d:9f:21:4c:1d:8a:77:bd:9f:c0:ea:01:ac:
20:3a:08:9d:2e:92:12:3b:89:09:52:3f:83:91:35:
e8:1b:cf:28:0b:1c:87:a1:67:fc:51:01:b3:2c:14:
05:be:c3:51:f1:c4:5c:ab:98:35:30:3d:7f:2a:87:
db:86:1e:ef:98:b2:95:f5:95:8e:d4:d6:3c:eb:85:
50:c3:6f:49:eb:bd:6b:b4:70:f0:e5:b2:4f:e6:d2:
bd:1e:78:ed:b9:18:e2:65:86:b5:0d:c3:10:f6:dc:
b6:2e:f2:39:aa:36:07:f0:22:e3:3f:ec:dd:ef:c9:
06:18:a0:ff:05:11:10:a4:cf:a5:5c:9f:82:28:87:
e4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9A:2F:20:D9:EB:DB:4F:A5:79:60:3B:90:93:CA:30:1A:CA:9A:D8
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PJovINnr20-leWA7kJPKMBrKmtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.17.0-45.94.19.255
80.67.160.0/19
185.57.124.0/22
193.23.30.0/24
IPv6:
2001:910::/32
2001:913:4000::/36
2a04:9ac2::/32
2a0f:6780::/29
Signature Algorithm: sha256WithRSAEncryption
0c:9f:65:b8:34:5d:ca:c0:05:2c:75:fb:46:89:a2:ec:6a:91:
b8:e2:ee:b4:d7:71:f2:c5:df:7e:18:fe:a1:e8:78:c7:e3:19:
eb:54:e0:2f:11:84:b3:76:54:c6:6e:2a:c1:84:9c:b2:9d:2f:
f6:b1:1f:86:b6:9c:2a:a3:45:43:b9:1e:2c:4c:13:f1:cd:f7:
c4:a9:39:98:29:9b:cf:51:0f:5e:08:00:9b:83:34:4d:c1:69:
a7:e8:fe:5b:38:64:47:da:e0:95:1a:19:5b:26:7b:e1:21:6c:
43:3f:57:5f:fa:8a:b1:e3:05:2f:cb:a2:96:5e:25:9d:e0:24:
ee:2a:1d:74:14:a3:3d:1e:99:16:06:6e:03:a5:a0:0b:ee:7b:
45:d0:d4:8f:23:22:d5:3c:29:33:a5:f7:d0:6c:f9:3c:b9:87:
de:46:f1:58:bf:d2:b5:30:8b:8d:eb:de:39:fe:57:02:40:78:
a0:c0:04:bd:71:6c:67:d0:be:84:ce:89:01:5b:e2:7f:cf:2e:
10:52:a5:46:44:b8:4a:73:3b:2c:d6:13:8d:2c:46:2b:65:a2:
c6:a5:3f:f6:5d:6a:6d:5b:ec:30:21:13:0b:c6:a7:ee:30:bb:
a6:de:25:16:01:ed:2d:e5:6f:b8:dd:a9:f7:41:05:4d:0b:ea:
8c:b6:18:e6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ7QVzR/az2d8DDm5p14VLfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjYwNjE2MTIxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhMmYyMGQ5ZWJkYjRmYTU3OTYwM2I5MDkzY2EzMDFhY2E5YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwl75k2RkduAY3K57O2j6NTeexyz
8DJ/DuGB3QNTAtq2QFLifDPl+tyI1UkNMcyibXixi/so1HdhXRTQH2dLP67FmpkY
ZP5XsDo+p2UZEjZT2JqrIJ12j3nMgoT8YhxXA+G5BCQAJ2f0rja0PIBnqezybzlu
2ObxhZ2fIUwdine9n8DqAawgOgidLpISO4kJUj+DkTXoG88oCxyHoWf8UQGzLBQF
vsNR8cRcq5g1MD1/Kofbhh7vmLKV9ZWO1NY864VQw29J671rtHDw5bJP5tK9Hnjt
uRjiZYa1DcMQ9ty2LvI5qjYH8CLjP+zd78kGGKD/BREQpM+lXJ+CKIfkyQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDyaLyDZ69tPpXlgO5CTyjAayprYMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvUEpvdklObnIyMC1sZVdBN2tKUEtNQnJLbXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAmBAIAATAgMAwDBAAtXhED
BAItXhADBAVQQ6ADBAK5OXwDBADBFx4wIwQCAAIwHQMFACABCRADBgQgAQkTQAMF
ACoEmsIDBQMqD2eAMA0GCSqGSIb3DQEBCwUAA4IBAQAMn2W4NF3KwAUsdftGiaLs
apG44u6013Hyxd9+GP6h6HjH4xnrVOAvEYSzdlTGbirBhJyynS/2sR+Gtpwqo0VD
uR4sTBPxzffEqTmYKZvPUQ9eCACbgzRNwWmn6P5bOGRH2uCVGhlbJnvhIWxDP1df
+oqx4wUvy6KWXiWd4CTuKh10FKM9HpkWBm4DpaAL7ntF0NSPIyLVPCkzpffQbPk8
uYfeRvFYv9K1MIuN6945/lcCQHigwAS9cWxn0L6EzokBW+J/zy4QUqVGRLhKczss
1hONLEYrZaLGpT/2XWptW+wwIRMLxqfuMLum3iUWAe0t5W+43an3QQVNC+qMthjm
-----END CERTIFICATE-----
Generated at Sat Jun 20 13:32:41 2026 by rpki-client