Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/3Y2zxhsSUK0J5xBYzwh3w9sOjwU.roa
File: 3Y2zxhsSUK0J5xBYzwh3w9sOjwU.roa (raw, json)
Hash identifier: JcYX9lr9/Sx9f5x6hh26/EEeztFRwgP8yXiDVhqjmb4=
Subject key identifier: DD:8D:B3:C6:1B:12:50:AD:09:E7:10:58:CF:08:77:C3:DB:0E:8F:05
Certificate issuer: /CN=e0866e5a7c725dcb6a138cc6c340cfdad4315d3e
Certificate serial: 019CD198B115043293AB53D8EB122566CE09
Authority key identifier: E0:86:6E:5A:7C:72:5D:CB:6A:13:8C:C6:C3:40:CF:DA:D4:31:5D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/3Y2zxhsSUK0J5xBYzwh3w9sOjwU.roa
Signing time: Mon 09 Mar 2026 07:56:10 +0000
ROA not before: Mon 09 Mar 2026 07:56:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56740
IP address blocks: 79.98.54.0/24 maxlen: 24
95.128.65.0/24 maxlen: 24
95.128.66.0/24 maxlen: 24
95.128.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d1:98:b1:15:04:32:93:ab:53:d8:eb:12:25:66:ce:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0866e5a7c725dcb6a138cc6c340cfdad4315d3e
Validity
Not Before: Mar 9 07:56:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd8db3c61b1250ad09e71058cf0877c3db0e8f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:18:c5:d3:69:ab:ca:ad:89:3f:ab:45:fe:df:
eb:c9:6d:b7:6a:83:a8:7b:73:05:40:e9:79:65:01:
5f:53:07:af:1b:19:aa:02:0e:21:75:08:93:e1:1b:
56:42:eb:16:f0:19:61:86:c9:e7:4f:52:3d:7a:09:
eb:78:7a:d1:7a:b9:38:bc:fc:82:90:e2:4d:4d:c2:
93:f3:d8:b6:ff:55:d7:6f:22:fe:49:3f:7e:94:c5:
f6:57:9e:0b:6f:6f:53:81:38:de:8f:63:93:fb:84:
8b:4c:d6:7d:da:9e:34:70:1e:90:0e:33:a7:7b:2a:
7f:df:57:ca:3f:0f:21:80:13:07:20:13:d8:4e:05:
fc:86:e1:84:67:5c:e6:60:98:7f:e0:17:ef:68:38:
8d:99:b0:c0:e2:02:b4:13:fe:1b:5d:5e:3f:50:0a:
34:08:63:1d:25:e8:62:82:f4:fa:77:88:7f:7e:da:
52:82:2d:b7:fb:b3:ce:4b:9a:fa:64:d4:0e:3b:c7:
f0:cf:29:a0:a6:92:bc:31:54:2b:91:c2:6a:60:0f:
a1:c6:dc:48:31:eb:34:4a:9b:8a:ca:fa:af:e4:79:
1f:70:e3:d0:18:61:a4:de:3e:af:d5:a6:8e:33:c6:
5f:7a:85:25:93:9a:36:c7:a5:89:16:f4:dd:5b:ce:
e5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8D:B3:C6:1B:12:50:AD:09:E7:10:58:CF:08:77:C3:DB:0E:8F:05
X509v3 Authority Key Identifier:
keyid:E0:86:6E:5A:7C:72:5D:CB:6A:13:8C:C6:C3:40:CF:DA:D4:31:5D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/3Y2zxhsSUK0J5xBYzwh3w9sOjwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.54.0/24
95.128.65.0-95.128.66.255
95.128.68.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d4:7a:bd:b9:28:44:de:ad:b9:d2:05:85:1b:bc:7e:f3:1d:
6f:e4:94:bb:63:99:9c:dc:d7:cc:b6:9c:12:86:c0:fd:41:4f:
c7:ad:f3:a3:f3:fe:98:25:c9:c1:6f:97:c8:74:e4:f2:e9:e8:
9d:03:4a:70:ad:d6:31:73:7e:6b:ca:57:65:65:5c:96:d6:44:
b1:45:9a:83:78:b5:0c:14:70:9b:85:53:c8:0e:56:24:5d:f3:
75:98:e7:b6:64:9c:10:18:2a:a0:09:8c:86:54:59:74:67:e5:
34:62:c6:4d:91:5b:77:e0:56:22:3d:68:1c:9a:bd:2e:e5:f3:
1f:ce:4f:2b:2d:2b:db:84:b1:89:a2:71:5a:38:92:a1:71:5e:
20:dc:9d:27:5c:06:7a:e4:af:9a:e9:85:90:b3:70:41:fe:7a:
76:70:e1:a8:9e:58:f3:2b:29:7a:f9:a6:0d:a3:c3:0b:0d:5d:
11:50:3d:72:69:b4:9b:8c:ee:ff:bc:f3:3d:6f:31:2a:80:6f:
a3:22:ac:ee:d3:f3:b5:36:76:3b:93:60:f1:14:e7:7d:62:ba:
7c:88:49:44:0f:b1:10:54:72:87:c5:eb:9e:a0:bb:ef:db:96:
ce:a8:19:c0:0c:6a:4d:d3:31:c8:37:da:b3:92:12:32:a7:a5:
c5:b5:69:4f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZzRmLEVBDKTq1PY6xIlZs4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwODY2ZTVhN2M3MjVkY2I2YTEzOGNjNmMzNDBjZmRhZDQz
MTVkM2UwHhcNMjYwMzA5MDc1NjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDhkYjNjNjFiMTI1MGFkMDllNzEwNThjZjA4NzdjM2RiMGU4ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBjF02mryq2JP6tF/t/ryW23aoOo
e3MFQOl5ZQFfUwevGxmqAg4hdQiT4RtWQusW8BlhhsnnT1I9egnreHrRerk4vPyC
kOJNTcKT89i2/1XXbyL+ST9+lMX2V54Lb29TgTjej2OT+4SLTNZ92p40cB6QDjOn
eyp/31fKPw8hgBMHIBPYTgX8huGEZ1zmYJh/4BfvaDiNmbDA4gK0E/4bXV4/UAo0
CGMdJehigvT6d4h/ftpSgi23+7POS5r6ZNQOO8fwzymgppK8MVQrkcJqYA+hxtxI
Mes0SpuKyvqv5HkfcOPQGGGk3j6v1aaOM8ZfeoUlk5o2x6WJFvTdW87lvwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN2Ns8YbElCtCecQWM8Id8PbDo8FMB8GA1UdIwQY
MBaAFOCGblp8cl3LahOMxsNAz9rUMV0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEladVdueHlYY3RxRTR6R3cwRFAydFF4WFQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YmE4NzctNDgzOS00NzE3LThhYTQt
MjQ0MTliODc2ZjA4LzEvM1kyenhoc1NVSzBKNXhCWXp3aDN3OXNPandVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YmE4NzctNDgzOS00NzE3LThhYTQtMjQ0MTliODc2ZjA4
LzEvNEladVdueHlYY3RxRTR6R3cwRFAydFF4WFQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAT2I2MAwD
BABfgEEDBABfgEIDBABfgEQwDQYJKoZIhvcNAQELBQADggEBAALUer25KETerbnS
BYUbvH7zHW/klLtjmZzc18y2nBKGwP1BT8et86Pz/pglycFvl8h05PLp6J0DSnCt
1jFzfmvKV2VlXJbWRLFFmoN4tQwUcJuFU8gOViRd83WY57ZknBAYKqAJjIZUWXRn
5TRixk2RW3fgViI9aByavS7l8x/OTystK9uEsYmicVo4kqFxXiDcnSdcBnrkr5rp
hZCzcEH+enZw4aieWPMrKXr5pg2jwwsNXRFQPXJptJuM7v+88z1vMSqAb6MirO7T
87U2djuTYPEU531iunyISUQPsRBUcofF656gu+/bls6oGcAMak3TMcg32rOSEjKn
pcW1aU8=
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:34:50 2026 by rpki-client