Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3CDVtkqY_cPjXlQO_2t24Ooy3UA.roa
File: 3CDVtkqY_cPjXlQO_2t24Ooy3UA.roa (raw, json)
Hash identifier: bP6j69wyYmKWV/lxhpdCPFR4Jl7eAUioY6qgVXyGltg=
Subject key identifier: DC:20:D5:B6:4A:98:FD:C3:E3:5E:54:0E:FF:6B:76:E0:EA:32:DD:40
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019E5706B16F6065AEE9B0623BEFEA403114
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3CDVtkqY_cPjXlQO_2t24Ooy3UA.roa
Signing time: Sat 23 May 2026 22:48:36 +0000
ROA not before: Sat 23 May 2026 22:48:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 22:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:57:06:b1:6f:60:65:ae:e9:b0:62:3b:ef:ea:40:31:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 23 22:48:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc20d5b64a98fdc3e35e540eff6b76e0ea32dd40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3b:1d:32:55:77:61:be:98:e2:88:31:f7:bb:
b8:f1:45:e1:8c:fd:45:0f:83:2c:40:cb:e3:ae:ca:
78:b0:e3:f2:d1:29:62:77:de:26:0f:c6:fa:6c:0f:
82:17:77:10:dd:6d:b4:d5:2d:9b:e1:38:a8:61:fb:
43:f8:93:7f:2e:fc:f4:b1:65:85:45:a8:0d:45:15:
14:67:1d:81:e3:61:88:33:a1:6c:d2:fc:a3:98:27:
3b:a7:05:bf:a0:eb:52:e4:70:cc:9c:98:c6:86:76:
6b:94:84:c3:81:f5:c4:28:3a:d8:d1:a1:4a:ef:ea:
fc:f5:c0:7d:4d:e1:c3:81:83:1c:d7:8a:33:60:87:
8d:a5:01:c1:c1:5e:f0:67:a4:25:a0:f3:a8:cb:c4:
0b:f6:7f:a2:8d:cc:9e:97:e6:34:2d:3b:c6:bc:de:
ed:19:08:1a:32:30:ba:7b:58:b6:a4:64:d4:b2:9e:
28:95:66:11:a2:e1:d4:ec:e7:a4:0f:20:3c:b7:09:
ac:bf:ff:82:e0:02:3c:45:d8:aa:e8:92:9c:02:90:
51:70:5e:20:a3:da:4b:a5:c3:0e:0a:98:d3:b2:35:
46:c1:1d:b8:b8:1f:1e:f8:1f:b2:98:f4:a9:73:94:
30:a0:13:20:2b:fe:e3:1c:b9:f3:ce:86:41:1e:bd:
46:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:20:D5:B6:4A:98:FD:C3:E3:5E:54:0E:FF:6B:76:E0:EA:32:DD:40
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3CDVtkqY_cPjXlQO_2t24Ooy3UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
185.211.49.0/24
185.227.243.0/24
193.201.211.0/24
194.36.102.0/23
194.124.66.0/24
Signature Algorithm: sha256WithRSAEncryption
09:fc:04:2d:fb:b0:9e:c4:38:f0:4d:ad:f8:d4:e0:ac:bb:65:
6b:10:3c:6c:3c:e4:b8:b3:9f:eb:d8:e8:f8:9d:ea:6f:70:a8:
d9:a9:19:57:5a:79:3d:ee:9b:d1:49:77:f4:1e:da:ce:0b:6c:
64:db:b0:18:0b:7f:15:e6:a4:b0:6f:73:27:f6:9f:c6:cb:cb:
a7:95:3d:d8:c6:69:5f:f3:85:f3:df:11:1c:38:21:31:a1:45:
2f:96:3b:ab:dd:68:51:18:25:c7:31:6a:96:9f:47:8e:33:d4:
bc:2d:6d:6a:4d:88:c9:6c:74:d2:5d:17:bc:95:da:7a:1a:6d:
69:96:94:d6:32:fd:f9:ce:37:06:58:05:41:36:0a:bb:91:e7:
85:f9:0f:01:0e:45:36:49:e9:94:64:d8:f1:c9:9c:32:d0:b7:
9b:24:85:bb:3a:75:70:f0:04:98:be:22:3f:0b:91:1c:d0:4a:
5a:46:da:ce:47:07:35:f6:f7:bc:31:4c:ca:ef:f0:8e:cf:91:
71:49:f6:2f:32:c3:32:e1:39:95:0a:f6:7c:85:b2:e6:7a:5e:
2c:02:06:a4:d0:df:f0:87:ec:ae:6e:17:90:55:d5:ec:c6:27:
5b:b3:b3:94:2d:fa:a5:ad:b6:d1:e8:c3:8f:21:c9:2d:f3:37:
5b:9b:df:ee
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5XBrFvYGWu6bBiO+/qQDEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwNTIzMjI0ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIwZDViNjRhOThmZGMzZTM1ZTU0MGVmZjZiNzZlMGVhMzJkZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TsdMlV3Yb6Y4ogx97u48UXhjP1F
D4MsQMvjrsp4sOPy0Slid94mD8b6bA+CF3cQ3W201S2b4TioYftD+JN/Lvz0sWWF
RagNRRUUZx2B42GIM6Fs0vyjmCc7pwW/oOtS5HDMnJjGhnZrlITDgfXEKDrY0aFK
7+r89cB9TeHDgYMc14ozYIeNpQHBwV7wZ6QloPOoy8QL9n+ijcyel+Y0LTvGvN7t
GQgaMjC6e1i2pGTUsp4olWYRouHU7OekDyA8twmsv/+C4AI8Rdiq6JKcApBRcF4g
o9pLpcMOCpjTsjVGwR24uB8e+B+ymPSpc5QwoBMgK/7jHLnzzoZBHr1GQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNwg1bZKmP3D415UDv9rduDqMt1AMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvM0NEVnRrcVlfY1BqWGxRT18ydDI0T295M1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYgAAwQA
udMxAwQAuePzAwQAwcnTAwQBwiRmAwQAwnxCMA0GCSqGSIb3DQEBCwUAA4IBAQAJ
/AQt+7CexDjwTa341OCsu2VrEDxsPOS4s5/r2Oj4nepvcKjZqRlXWnk97pvRSXf0
HtrOC2xk27AYC38V5qSwb3Mn9p/Gy8unlT3Yxmlf84Xz3xEcOCExoUUvljur3WhR
GCXHMWqWn0eOM9S8LW1qTYjJbHTSXRe8ldp6Gm1plpTWMv35zjcGWAVBNgq7keeF
+Q8BDkU2SemUZNjxyZwy0LebJIW7OnVw8ASYviI/C5Ec0EpaRtrORwc19ve8MUzK
7/COz5FxSfYvMsMy4TmVCvZ8hbLmel4sAgak0N/wh+yubheQVdXsxidbs7OULfql
rbbR6MOPIckt8zdbm9/u
-----END CERTIFICATE-----
Generated at Wed Jun 3 08:45:36 2026 by rpki-client