Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/3_cd2Ct7zjK_tORpvphNWMc2Olc.roa
File: 3_cd2Ct7zjK_tORpvphNWMc2Olc.roa (raw, json)
Hash identifier: AMSmWS3f1EXhSGK6bDR8aw5nsXFbNJdMjMDfBDirAhw=
Subject key identifier: DF:F7:1D:D8:2B:7B:CE:32:BF:B4:E4:69:BE:98:4D:58:C7:36:3A:57
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 019DB4363E68FF7F8A295F09AAC9F49C3196
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/3_cd2Ct7zjK_tORpvphNWMc2Olc.roa
Signing time: Wed 22 Apr 2026 08:02:27 +0000
ROA not before: Wed 22 Apr 2026 08:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202051
IP address blocks: 78.108.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 11:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:36:3e:68:ff:7f:8a:29:5f:09:aa:c9:f4:9c:31:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Apr 22 08:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dff71dd82b7bce32bfb4e469be984d58c7363a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:9d:70:08:a3:4b:69:12:29:bc:1a:f7:a5:
e5:96:fa:c4:08:2e:7a:3f:f2:2b:07:75:f9:0d:e8:
12:fb:b3:26:4a:d0:8d:3b:41:89:e8:4a:46:fd:46:
62:f9:ea:07:b0:b7:1c:f5:ef:6c:68:d5:69:67:d3:
72:31:94:66:0b:aa:ee:0f:37:4c:53:0d:94:db:1f:
3c:21:7f:2c:79:47:ae:a1:fd:6f:f1:6d:fa:76:62:
b8:ee:ab:d2:b6:93:7b:a0:f1:05:b1:a2:7b:8c:99:
7e:b1:bf:e8:55:4a:07:1e:6e:f9:1a:80:5b:fa:18:
56:e1:79:35:96:f1:9f:46:d4:ad:55:e6:ff:56:17:
bb:63:ac:91:b0:e6:cd:38:5f:03:8c:ef:2f:c5:f4:
eb:de:5a:4f:5b:47:1e:b6:2c:60:6e:c4:4b:fb:31:
f5:2c:d0:f9:b2:9b:e1:15:54:13:e0:f9:e3:78:ac:
ab:c3:a3:4c:34:8d:86:07:74:23:0d:2a:8f:b8:c0:
dd:02:89:34:e4:8b:2a:f3:28:fe:17:62:97:44:8a:
96:4a:1f:d6:15:70:6e:65:e7:e4:1c:74:1e:46:60:
9a:f6:93:49:bb:98:b1:7b:d8:ff:28:7b:41:2a:59:
9f:04:3a:74:0f:31:6d:8b:5b:60:d8:5e:93:45:17:
6c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F7:1D:D8:2B:7B:CE:32:BF:B4:E4:69:BE:98:4D:58:C7:36:3A:57
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/3_cd2Ct7zjK_tORpvphNWMc2Olc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.56.0/24
Signature Algorithm: sha256WithRSAEncryption
76:05:8a:e8:56:fc:ae:c4:65:43:58:cc:96:28:35:11:36:bd:
03:75:e0:ed:b4:64:28:19:e9:f2:2b:e0:32:e4:9a:0a:5f:bf:
20:0a:66:e0:db:9d:44:b6:f7:3b:41:c3:79:65:bc:7e:2b:d5:
3c:88:33:a4:ce:0a:81:b4:87:a7:c1:d6:44:56:69:c7:45:39:
7c:ae:fa:3b:ac:ea:f4:a2:75:5f:47:d8:a9:f1:c8:8d:16:6a:
95:7c:d8:a4:e2:32:9d:01:e0:f2:21:b8:fa:90:e4:f1:ca:ae:
31:c4:4e:97:58:42:1c:3b:7a:e9:98:a8:15:36:ad:fa:ce:9a:
7e:b0:cd:85:e1:ce:40:4b:14:24:e2:dd:e5:40:8e:7d:0d:49:
5b:5d:6a:f2:6f:1e:c2:ad:46:43:32:84:cf:f4:eb:90:8e:e0:
24:e7:e6:07:72:a9:e3:e2:1b:e9:bd:05:c1:03:db:43:02:e6:
bd:5f:f8:9d:58:fb:ce:03:3a:81:ea:87:b6:cf:e8:53:69:7d:
8c:50:2e:43:5a:27:66:84:b1:63:6d:fd:a7:29:51:cf:ac:60:
74:ca:a3:7b:c2:3e:1d:78:d2:35:66:e9:c4:8c:35:5f:af:de:
a6:6a:7d:6d:58:9a:77:f0:69:40:f6:43:de:81:d8:36:30:30:
5a:a6:d8:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ20Nj5o/3+KKV8Jqsn0nDGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjYwNDIyMDgwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY3MWRkODJiN2JjZTMyYmZiNGU0NjliZTk4NGQ1OGM3MzYzYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OidcAijS2kSKbwa96XllvrECC56
P/IrB3X5DegS+7MmStCNO0GJ6EpG/UZi+eoHsLcc9e9saNVpZ9NyMZRmC6ruDzdM
Uw2U2x88IX8seUeuof1v8W36dmK47qvStpN7oPEFsaJ7jJl+sb/oVUoHHm75GoBb
+hhW4Xk1lvGfRtStVeb/Vhe7Y6yRsObNOF8DjO8vxfTr3lpPW0cetixgbsRL+zH1
LND5spvhFVQT4PnjeKyrw6NMNI2GB3QjDSqPuMDdAok05Isq8yj+F2KXRIqWSh/W
FXBuZefkHHQeRmCa9pNJu5ixe9j/KHtBKlmfBDp0DzFti1tg2F6TRRdskwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/3Hdgre84yv7Tkab6YTVjHNjpXMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvM19jZDJDdDd6aktfdE9ScHZwaE5XTWMyT2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATmw4MA0G
CSqGSIb3DQEBCwUAA4IBAQB2BYroVvyuxGVDWMyWKDURNr0DdeDttGQoGenyK+Ay
5JoKX78gCmbg251Etvc7QcN5Zbx+K9U8iDOkzgqBtIenwdZEVmnHRTl8rvo7rOr0
onVfR9ip8ciNFmqVfNik4jKdAeDyIbj6kOTxyq4xxE6XWEIcO3rpmKgVNq36zpp+
sM2F4c5ASxQk4t3lQI59DUlbXWrybx7CrUZDMoTP9OuQjuAk5+YHcqnj4hvpvQXB
A9tDAua9X/idWPvOAzqB6oe2z+hTaX2MUC5DWidmhLFjbf2nKVHPrGB0yqN7wj4d
eNI1ZunEjDVfr96man1tWJp38GlA9kPegdg2MDBapthy
-----END CERTIFICATE-----
Generated at Tue May 5 19:06:24 2026 by rpki-client