Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Cp3jnpl_DmM311cMhnO7skk8UL0.roa
File: Cp3jnpl_DmM311cMhnO7skk8UL0.roa (raw, json)
Hash identifier: 9gJirXCkXX6jnQSaEd61pBg9W4eG09fG4Oa5+cFh/3Y=
Subject key identifier: 0A:9D:E3:9E:99:7F:0E:63:37:D7:57:0C:86:73:BB:B2:49:3C:50:BD
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E6000AC6C3402AA2B83048B24E93DDA3B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Cp3jnpl_DmM311cMhnO7skk8UL0.roa
Signing time: Mon 25 May 2026 16:38:37 +0000
ROA not before: Mon 25 May 2026 16:38:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57494
IP address blocks: 186.246.14.0/24 maxlen: 24
186.246.27.0/24 maxlen: 32
186.246.28.0/24 maxlen: 32
186.246.29.0/24 maxlen: 24
186.246.30.0/24 maxlen: 24
186.246.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:60:00:ac:6c:34:02:aa:2b:83:04:8b:24:e9:3d:da:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 25 16:38:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a9de39e997f0e6337d7570c8673bbb2493c50bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:05:39:fd:e9:60:aa:29:fb:3c:57:ee:1f:39:
29:bc:7d:57:e1:78:19:b0:23:ec:cf:bd:a8:9a:cd:
5d:d9:24:e4:5b:f9:db:95:c6:ad:06:dc:7f:ce:1c:
38:a6:33:b6:3f:e7:37:af:d2:93:fc:97:da:12:a8:
89:91:2b:27:6b:b9:6b:b7:11:93:88:f7:ee:01:19:
5c:f0:7f:37:44:62:30:d0:4b:68:cc:7f:c8:57:96:
66:0f:f3:8d:88:f5:a2:cf:df:9f:a7:98:1d:6d:77:
22:57:34:ac:9f:3c:74:3e:ef:28:80:93:f0:10:bf:
b0:36:58:ce:ed:63:15:84:d6:fe:51:25:38:40:6e:
8a:27:88:18:80:29:fe:0f:bc:d4:5b:61:4c:8e:d8:
44:9e:8c:27:eb:0e:64:63:5f:92:a6:b0:e2:c8:21:
47:70:03:4f:b1:e3:79:bb:db:e0:41:64:14:a1:e0:
52:4c:5f:24:b6:71:37:64:63:c2:3b:13:56:ed:91:
42:8e:15:29:d7:35:cd:1d:08:5a:02:d2:df:7a:cf:
c2:c2:32:06:3b:7e:08:00:a0:10:8c:2a:d5:70:49:
72:af:94:47:45:54:1d:b6:6c:2f:4f:3c:61:e6:17:
0c:25:f7:c0:b9:2a:bf:ed:9a:c4:d1:08:8e:f7:09:
ba:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9D:E3:9E:99:7F:0E:63:37:D7:57:0C:86:73:BB:B2:49:3C:50:BD
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Cp3jnpl_DmM311cMhnO7skk8UL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.246.14.0/24
186.246.27.0-186.246.31.255
Signature Algorithm: sha256WithRSAEncryption
8f:50:8f:2a:5f:f6:52:ee:65:0f:98:71:32:84:55:a1:7f:9e:
95:09:4e:84:f5:a7:be:68:cf:ee:c4:27:a8:69:5f:9f:72:94:
a0:de:71:69:da:e6:e2:a2:bd:d5:7c:52:4b:85:fb:fc:f0:f4:
db:20:32:33:ed:3a:ac:81:28:31:7b:88:e6:66:27:21:d8:3c:
31:e3:56:f8:26:b1:4a:f3:69:02:ab:b3:31:83:2b:26:34:d9:
86:02:8e:fa:27:d6:53:5b:7a:26:e6:f2:55:23:85:8f:45:da:
b0:b3:b9:ab:4b:9c:d1:39:8f:d8:24:ba:55:c9:d5:9e:54:c8:
db:36:1f:81:e7:da:74:ea:c0:30:ef:71:e2:58:f5:65:10:90:
f1:6d:b0:a7:ee:db:ac:88:af:cf:9c:a5:85:d8:43:9f:9c:ad:
a5:ed:0a:5e:57:97:01:50:64:48:82:b2:38:67:f5:cf:95:79:
20:48:9a:af:7e:a8:97:8b:1e:74:09:03:8b:52:c9:96:be:ab:
c6:81:12:0e:e6:33:2c:e8:be:06:bc:28:6b:d8:59:08:00:00:
14:b6:62:2a:65:15:e6:bf:55:5a:83:47:c2:2c:7d:7b:87:23:
53:cf:ae:f7:d8:8b:46:b6:20:b4:57:0b:5d:80:ba:c0:63:27:
ac:92:68:58
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ5gAKxsNAKqK4MEiyTpPdo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTI1MTYzODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTlkZTM5ZTk5N2YwZTYzMzdkNzU3MGM4NjczYmJiMjQ5M2M1MGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AU5/elgqin7PFfuHzkpvH1X4XgZ
sCPsz72oms1d2STkW/nblcatBtx/zhw4pjO2P+c3r9KT/JfaEqiJkSsna7lrtxGT
iPfuARlc8H83RGIw0EtozH/IV5ZmD/ONiPWiz9+fp5gdbXciVzSsnzx0Pu8ogJPw
EL+wNljO7WMVhNb+USU4QG6KJ4gYgCn+D7zUW2FMjthEnown6w5kY1+SprDiyCFH
cANPseN5u9vgQWQUoeBSTF8ktnE3ZGPCOxNW7ZFCjhUp1zXNHQhaAtLfes/CwjIG
O34IAKAQjCrVcElyr5RHRVQdtmwvTzxh5hcMJffAuSq/7ZrE0QiO9wm6HQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAqd456Zfw5jN9dXDIZzu7JJPFC9MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvQ3Azam5wbF9EbU0zMTFjTWhuTzdza2s4VUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuvYOMAwD
BAC69hsDBAW69gAwDQYJKoZIhvcNAQELBQADggEBAI9Qjypf9lLuZQ+YcTKEVaF/
npUJToT1p75oz+7EJ6hpX59ylKDecWna5uKivdV8UkuF+/zw9NsgMjPtOqyBKDF7
iOZmJyHYPDHjVvgmsUrzaQKrszGDKyY02YYCjvon1lNbeibm8lUjhY9F2rCzuatL
nNE5j9gkulXJ1Z5UyNs2H4Hn2nTqwDDvceJY9WUQkPFtsKfu26yIr8+cpYXYQ5+c
raXtCl5XlwFQZEiCsjhn9c+VeSBImq9+qJeLHnQJA4tSyZa+q8aBEg7mMyzovga8
KGvYWQgAABS2YiplFea/VVqDR8IsfXuHI1PPrvfYi0a2ILRXC12AusBjJ6ySaFg=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:19 2026 by rpki-client