Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pr90WuSkqHq-lxUoQH2NqVzEu94.roa
File: Pr90WuSkqHq-lxUoQH2NqVzEu94.roa (raw, json)
Hash identifier: 6wVWcialsagT7geFrAaPhDZyYoMTpj0MkP2MqolJPfQ=
Subject key identifier: 3E:BF:74:5A:E4:A4:A8:7A:BE:97:15:28:40:7D:8D:A9:5C:C4:BB:DE
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019CAE237C20425B33ADC174661DF3815727
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pr90WuSkqHq-lxUoQH2NqVzEu94.roa
Signing time: Mon 02 Mar 2026 10:41:26 +0000
ROA not before: Mon 02 Mar 2026 10:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41343
IP address blocks: 185.110.212.0/22 maxlen: 24
185.111.0.0/22 maxlen: 24
185.111.0.0/24 maxlen: 24
185.111.1.0/24 maxlen: 24
185.111.2.0/24 maxlen: 24
185.111.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 22:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:23:7c:20:42:5b:33:ad:c1:74:66:1d:f3:81:57:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Mar 2 10:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ebf745ae4a4a87abe971528407d8da95cc4bbde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:42:c2:1a:85:d1:a2:4e:6a:7e:2a:70:5d:57:
15:42:95:3c:9d:34:a6:ba:6f:95:94:dd:45:54:97:
e2:3a:f5:6f:a9:aa:b1:73:82:b0:63:a5:7e:7c:69:
f5:3a:57:f0:6e:4f:a8:1b:05:c6:df:47:90:d3:40:
3a:56:00:60:12:f2:a3:a6:a8:aa:da:d4:1b:70:10:
cd:3b:ca:52:44:18:60:c0:b9:b7:ef:f7:a8:10:3e:
5a:f6:8b:4d:b7:6e:d9:d7:50:39:a5:c7:be:7f:74:
4f:bd:a6:94:81:a2:c4:e2:42:e4:bb:a9:f3:65:e2:
60:1b:ee:74:16:19:25:dc:37:ad:6c:14:bc:87:cd:
be:f0:b8:11:53:ed:21:c8:58:c3:85:59:e6:b6:fb:
1b:b8:85:10:67:11:7e:5a:78:c9:60:25:4e:23:3d:
4f:6e:5f:40:3e:df:ee:ad:e7:c9:64:57:18:e9:07:
ef:7d:42:98:48:a5:61:53:ec:54:bf:13:bb:d2:68:
50:4d:cb:30:16:3f:27:21:45:bc:f8:28:0a:de:32:
45:ac:b7:f2:63:89:be:e0:11:97:76:66:91:df:27:
73:72:4e:0a:05:ff:54:9b:10:6c:ca:6c:bf:e7:02:
85:9e:e8:20:64:b7:3f:80:66:8b:ec:85:ba:7c:06:
b1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BF:74:5A:E4:A4:A8:7A:BE:97:15:28:40:7D:8D:A9:5C:C4:BB:DE
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pr90WuSkqHq-lxUoQH2NqVzEu94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.212.0/22
185.111.0.0/22
Signature Algorithm: sha256WithRSAEncryption
16:8b:96:70:52:a8:bf:fc:95:47:2b:60:ed:90:64:87:18:a9:
1a:d2:7e:37:1b:4c:e4:fa:cb:1e:77:18:d7:d4:89:40:ed:fb:
7d:5f:fc:88:70:ae:80:d3:49:88:f5:ff:3c:9c:d7:59:21:11:
4b:f3:6c:22:e5:80:ac:a9:d2:20:be:b4:f6:13:f8:f2:f1:b6:
6c:61:ea:bb:07:7f:e5:3a:99:00:02:ed:1f:a1:8c:4c:ad:89:
d5:b7:46:8a:b0:9b:ca:0a:56:df:5b:16:31:25:11:5a:a0:e6:
bf:d0:41:3c:62:3a:e2:3d:ce:4f:59:ed:be:b7:16:55:13:36:
7c:bc:14:fe:5e:1b:cb:d8:ed:92:b8:cf:60:00:82:bd:70:df:
d4:6a:66:3f:60:c2:69:36:43:d0:85:5a:7b:c9:34:4f:ee:cc:
97:f0:87:55:ae:68:99:59:02:b9:38:52:96:b1:7e:f5:9c:27:
5f:ee:15:a2:e7:c7:11:57:78:0d:d4:d0:79:56:f5:ab:17:14:
70:71:af:c7:33:67:d7:ec:23:7b:6b:2a:c8:f0:52:26:2a:d8:
cf:ad:d6:0c:08:c5:46:cb:41:6f:2f:51:2c:e4:7a:ec:ea:9c:
d0:89:d0:6e:5e:95:e9:1a:b4:c1:73:31:f1:6a:92:41:d7:7f:
98:58:ea:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyuI3wgQlszrcF0Zh3zgVcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjYwMzAyMTA0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJmNzQ1YWU0YTRhODdhYmU5NzE1Mjg0MDdkOGRhOTVjYzRiYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10LCGoXRok5qfipwXVcVQpU8nTSm
um+VlN1FVJfiOvVvqaqxc4KwY6V+fGn1Olfwbk+oGwXG30eQ00A6VgBgEvKjpqiq
2tQbcBDNO8pSRBhgwLm37/eoED5a9otNt27Z11A5pce+f3RPvaaUgaLE4kLku6nz
ZeJgG+50Fhkl3DetbBS8h82+8LgRU+0hyFjDhVnmtvsbuIUQZxF+WnjJYCVOIz1P
bl9APt/urefJZFcY6QfvfUKYSKVhU+xUvxO70mhQTcswFj8nIUW8+CgK3jJFrLfy
Y4m+4BGXdmaR3ydzck4KBf9UmxBsymy/5wKFnuggZLc/gGaL7IW6fAax5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD6/dFrkpKh6vpcVKEB9jalcxLveMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvUHI5MFd1U2txSHEtbHhVb1FIMk5xVnpFdTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW7UAwQC
uW8AMA0GCSqGSIb3DQEBCwUAA4IBAQAWi5ZwUqi//JVHK2DtkGSHGKka0n43G0zk
+ssedxjX1IlA7ft9X/yIcK6A00mI9f88nNdZIRFL82wi5YCsqdIgvrT2E/jy8bZs
Yeq7B3/lOpkAAu0foYxMrYnVt0aKsJvKClbfWxYxJRFaoOa/0EE8YjriPc5PWe2+
txZVEzZ8vBT+XhvL2O2SuM9gAIK9cN/UamY/YMJpNkPQhVp7yTRP7syX8IdVrmiZ
WQK5OFKWsX71nCdf7hWi58cRV3gN1NB5VvWrFxRwca/HM2fX7CN7ayrI8FImKtjP
rdYMCMVGy0FvL1Es5Hrs6pzQidBuXpXpGrTBczHxapJB13+YWOoF
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:00:28 2026 by rpki-client