Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3MrTzqXRqi4qw3h6oaqykX6J0kU.roa
File: 3MrTzqXRqi4qw3h6oaqykX6J0kU.roa (raw, json)
Hash identifier: +ClOERLFY4P0cwxaW/Im6eS4rQN8CdS+8xi58ep6Alk=
Subject key identifier: DC:CA:D3:CE:A5:D1:AA:2E:2A:C3:78:7A:A1:AA:B2:91:7E:89:D2:45
Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Certificate serial: 01993402A9A08A1462122195A6A148513BDB
Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3MrTzqXRqi4qw3h6oaqykX6J0kU.roa
Signing time: Wed 10 Sep 2025 14:23:33 +0000
ROA not before: Wed 10 Sep 2025 14:23:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48014
IP address blocks: 31.41.33.0/24 maxlen: 24
45.88.89.0/24 maxlen: 24
2001:3783::/32 maxlen: 32
2001:3787::/32 maxlen: 32
2a12:4040::/32 maxlen: 32
2a12:4045::/32 maxlen: 32
2a12:4047::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 07:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:02:a9:a0:8a:14:62:12:21:95:a6:a1:48:51:3b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Validity
Not Before: Sep 10 14:23:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dccad3cea5d1aa2e2ac3787aa1aab2917e89d245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c2:58:c5:fd:71:a2:6f:4a:ca:21:6c:38:5b:
76:50:40:5d:df:25:bf:2b:2f:72:79:f6:c3:1d:ac:
94:57:e7:0b:13:7b:1d:a9:68:82:3a:ef:c9:51:37:
7f:00:48:ef:a1:4a:bd:99:18:01:27:cd:4d:0d:42:
bd:8f:23:3c:7c:be:53:c4:a6:6d:b1:0b:a7:7c:c3:
b1:86:25:e0:61:7b:08:71:ce:58:3f:7a:79:a0:75:
c9:3c:d7:d4:0d:d5:80:e4:fd:d9:24:a4:c6:d5:7f:
db:86:15:5d:d1:2d:af:7a:a1:fe:4c:f8:0a:2e:0b:
1a:85:17:36:35:71:88:19:83:b5:34:f8:04:e7:e0:
27:ef:8d:8a:9b:6b:a5:02:da:5d:cc:3e:ea:a1:30:
7b:ef:5e:37:af:80:36:bc:81:da:0d:d9:a0:f9:5b:
89:8b:a7:6d:8d:a6:4e:e0:a4:0c:86:a3:6a:af:0a:
76:b4:67:dc:15:bb:c6:f0:a7:4a:6c:fd:bc:de:fa:
d9:0b:5c:cf:02:62:40:91:dc:54:46:c9:ff:b3:ed:
3c:1a:a6:e3:cb:91:9f:72:6e:fa:a0:0e:2c:4e:c5:
44:f7:c5:70:f4:85:eb:e0:6f:e5:52:83:95:39:fd:
47:35:f3:1e:41:61:53:57:5b:b2:d0:e0:40:46:2b:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CA:D3:CE:A5:D1:AA:2E:2A:C3:78:7A:A1:AA:B2:91:7E:89:D2:45
X509v3 Authority Key Identifier:
keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/3MrTzqXRqi4qw3h6oaqykX6J0kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
45.88.89.0/24
IPv6:
2001:3783::/32
2001:3787::/32
2a12:4040::/32
2a12:4045::/32
2a12:4047::/32
Signature Algorithm: sha256WithRSAEncryption
60:51:d2:80:d5:f4:49:ef:e7:b0:4a:aa:35:93:70:15:aa:61:
a5:99:fd:ef:fc:0d:87:a8:cd:8d:23:b3:62:8d:0b:3d:ce:57:
c2:3a:a5:45:77:97:a7:e1:13:55:ab:c7:5f:6e:ad:83:6a:6b:
3e:df:34:e4:65:4e:70:79:e9:97:2e:42:df:d1:83:ca:66:58:
53:8e:10:37:f4:24:1d:2e:7a:a1:de:76:a5:7d:c4:b1:7d:b2:
1b:9a:1d:f1:5c:54:59:28:db:56:cd:e2:f1:89:b3:c6:88:c7:
47:54:4d:27:1c:db:ed:c7:77:2f:d1:b2:59:8c:5f:36:14:71:
68:5a:44:81:1a:59:5a:05:6b:31:96:77:b1:4e:5a:34:54:cc:
0b:db:31:82:3a:ef:dd:84:a7:e8:87:c7:b5:ea:47:b5:3b:ce:
50:1a:10:c7:ed:ee:fb:b0:21:92:7f:1e:4f:08:3b:31:8d:96:
53:cc:4d:33:b3:a3:75:ac:6b:96:b1:50:ef:d2:c6:68:ed:de:
18:67:f8:ba:2f:05:a4:4a:12:a1:bf:90:c2:9e:4f:d0:23:da:
ff:d2:57:ce:2c:a4:19:8d:4d:66:68:8d:93:a4:ee:64:7d:1d:
e2:7a:1e:8b:8c:f0:44:33:e0:cc:46:92:ef:e8:c0:d0:cd:df:
c1:fd:ac:da
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZk0AqmgihRiEiGVpqFIUTvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh
NTc2ZDEwHhcNMjUwOTEwMTQyMzMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NhZDNjZWE1ZDFhYTJlMmFjMzc4N2FhMWFhYjI5MTdlODlkMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8JYxf1xom9KyiFsOFt2UEBd3yW/
Ky9yefbDHayUV+cLE3sdqWiCOu/JUTd/AEjvoUq9mRgBJ81NDUK9jyM8fL5TxKZt
sQunfMOxhiXgYXsIcc5YP3p5oHXJPNfUDdWA5P3ZJKTG1X/bhhVd0S2veqH+TPgK
LgsahRc2NXGIGYO1NPgE5+An742Km2ulAtpdzD7qoTB77143r4A2vIHaDdmg+VuJ
i6dtjaZO4KQMhqNqrwp2tGfcFbvG8KdKbP283vrZC1zPAmJAkdxURsn/s+08Gqbj
y5Gfcm76oA4sTsVE98Vw9IXr4G/lUoOVOf1HNfMeQWFTV1uy0OBARivq2wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFNzK086l0aouKsN4eqGqspF+idJFMB8GA1UdIwQY
MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt
YzgzMDJlODJlYTIyLzEvM01yVHpxWFJxaTRxdzNoNm9hcXlrWDZKMGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy
LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzASBAIAATAMAwQAHykhAwQA
LVhZMCkEAgACMCMDBQAgATeDAwUAIAE3hwMFACoSQEADBQAqEkBFAwUAKhJARzAN
BgkqhkiG9w0BAQsFAAOCAQEAYFHSgNX0Se/nsEqqNZNwFaphpZn97/wNh6jNjSOz
Yo0LPc5XwjqlRXeXp+ETVavHX26tg2prPt805GVOcHnply5C39GDymZYU44QN/Qk
HS56od52pX3EsX2yG5od8VxUWSjbVs3i8YmzxojHR1RNJxzb7cd3L9GyWYxfNhRx
aFpEgRpZWgVrMZZ3sU5aNFTMC9sxgjrv3YSn6IfHtepHtTvOUBoQx+3u+7Ahkn8e
Twg7MY2WU8xNM7OjdaxrlrFQ79LGaO3eGGf4ui8FpEoSob+Qwp5P0CPa/9JXziyk
GY1NZmiNk6TuZH0d4noei4zwRDPgzEaS7+jA0M3fwf2s2g==
-----END CERTIFICATE-----
Generated at Thu Sep 18 14:35:33 2025 by rpki-client