
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/a3FFZAfJvGbLBQFHON-33xw7vv0.roa
File: a3FFZAfJvGbLBQFHON-33xw7vv0.roa (raw, json)
Hash identifier: LoboXTsl1IHzASFYjvLLZuqaEVQtAfMXHcEitobtY+A=
Subject key identifier: 6B:71:45:64:07:C9:BC:66:CB:05:01:47:38:DF:B7:DF:1C:3B:BE:FD
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368B72BE8D19E94BF0724CC754C4C8A
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/a3FFZAfJvGbLBQFHON-33xw7vv0.roa
Signing time: Thu 02 Jul 2026 15:18:12 +0000
ROA not before: Thu 02 Jul 2026 15:18:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40676
IP address blocks: 109.176.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:b7:2b:e8:d1:9e:94:bf:07:24:cc:75:4c:4c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6b71456407c9bc66cb05014738dfb7df1c3bbefd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3d:e6:a4:40:37:0c:85:89:c1:84:16:b4:e0:
8b:7a:8c:1a:f7:33:48:23:fc:d1:c0:93:5c:27:56:
21:5c:6b:e8:b8:87:55:df:74:77:84:83:2f:6f:28:
7b:b2:9c:21:f6:7e:5f:d2:03:5a:8d:c1:40:4f:58:
06:f6:53:21:ad:2a:30:4f:c1:c8:32:32:8f:fe:2c:
2b:c0:9d:da:51:8a:fe:2c:99:c6:84:db:b0:46:0e:
2c:5a:e5:2a:b1:e6:5e:79:cb:61:91:0d:84:42:ad:
39:c7:86:51:49:f2:29:e9:e3:99:cc:0a:5e:7b:77:
8f:f9:ab:e1:6d:25:c5:a2:c5:4f:69:8b:95:28:09:
f3:ea:fe:e1:d2:f7:bb:89:ad:9a:89:00:00:19:0c:
b7:39:d5:2a:91:8d:e3:c2:c0:05:b2:d6:7d:2c:b6:
bb:b1:a2:9a:ce:9f:4e:62:01:2f:38:65:42:ca:fd:
d4:52:03:5a:c0:73:31:04:fc:18:2b:98:4b:b2:45:
e4:2d:bf:4a:bb:7c:12:70:eb:c8:e4:03:73:be:cd:
2b:47:b3:07:81:f9:92:0d:b3:7c:ad:e5:4f:df:93:
8c:8a:0d:7c:af:b2:c8:06:fb:71:63:ae:e0:86:34:
81:87:30:09:43:f4:47:f0:f0:4d:e9:04:58:b6:e6:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:71:45:64:07:C9:BC:66:CB:05:01:47:38:DF:B7:DF:1C:3B:BE:FD
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/a3FFZAfJvGbLBQFHON-33xw7vv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e7:cb:b7:d5:57:7a:58:0c:1e:25:df:1a:00:d6:29:f8:64:
37:31:3c:52:1f:64:85:ab:04:5a:4d:95:60:25:84:2f:d3:83:
fa:ed:ec:02:5d:50:98:50:2f:66:32:ae:d9:76:0c:bb:54:35:
4b:3d:a2:a3:fe:b3:73:89:c5:eb:60:bd:10:7e:b6:a2:b0:7f:
d0:ae:46:2f:8b:da:bd:c9:eb:53:68:92:c9:9f:65:15:ed:e4:
1c:c4:c5:ee:48:be:98:c6:11:54:05:20:7d:99:4e:ad:26:b5:
c1:a9:90:73:e4:cf:e2:22:19:1f:48:6b:d5:4f:1b:a5:23:20:
f3:77:c6:4b:6d:9a:a9:c0:7f:2d:7f:fc:7d:da:52:ca:b7:26:
9f:ea:14:4e:a7:b5:b3:d4:12:36:bf:54:60:27:a4:dd:5b:19:
89:6e:37:86:3c:20:5b:d3:3c:5c:b2:12:e5:f0:9d:ba:85:b2:
d6:60:eb:fb:b6:5d:f5:ef:f5:fc:53:30:15:6f:58:07:cd:63:
07:ea:12:10:08:df:51:18:27:ec:75:67:cc:1f:7c:33:0a:04:
c9:a4:1f:ee:41:fd:9d:f7:d6:b8:2a:d0:b7:c8:69:44:da:e7:
2b:08:19:de:02:58:e0:b3:31:4a:42:3f:a1:84:d1:e5:8f:70:
da:c3:b4:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaLcr6NGelL8HJMx1TEyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjcxNDU2NDA3YzliYzY2Y2IwNTAxNDczOGRmYjdkZjFjM2JiZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T3mpEA3DIWJwYQWtOCLeowa9zNI
I/zRwJNcJ1YhXGvouIdV33R3hIMvbyh7spwh9n5f0gNajcFAT1gG9lMhrSowT8HI
MjKP/iwrwJ3aUYr+LJnGhNuwRg4sWuUqseZeecthkQ2EQq05x4ZRSfIp6eOZzApe
e3eP+avhbSXFosVPaYuVKAnz6v7h0ve7ia2aiQAAGQy3OdUqkY3jwsAFstZ9LLa7
saKazp9OYgEvOGVCyv3UUgNawHMxBPwYK5hLskXkLb9Ku3wScOvI5ANzvs0rR7MH
gfmSDbN8reVP35OMig18r7LIBvtxY67ghjSBhzAJQ/RH8PBN6QRYtuZ8rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtxRWQHybxmywUBRzjft98cO779MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYTNGRlpBZkp2R2JMQlFGSE9OLTMzeHc3dnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBa58u31Vd6WAweJd8aANYp+GQ3MTxSH2SFqwRaTZVg
JYQv04P67ewCXVCYUC9mMq7Zdgy7VDVLPaKj/rNzicXrYL0QfraisH/QrkYvi9q9
yetTaJLJn2UV7eQcxMXuSL6YxhFUBSB9mU6tJrXBqZBz5M/iIhkfSGvVTxulIyDz
d8ZLbZqpwH8tf/x92lLKtyaf6hROp7Wz1BI2v1RgJ6TdWxmJbjeGPCBb0zxcshLl
8J26hbLWYOv7tl317/X8UzAVb1gHzWMH6hIQCN9RGCfsdWfMH3wzCgTJpB/uQf2d
99a4KtC3yGlE2ucrCBneAljgszFKQj+hhNHlj3Daw7Te
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:19:18 2026 by rpki-client