Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/OuWrpI5tA2nM39wIK9hf8zKRMpQ.roa
File: OuWrpI5tA2nM39wIK9hf8zKRMpQ.roa (raw, json)
Hash identifier: 9qABw/PbuwVgydGcGw+YmrMyH005TQ2bdJfH/8dMgvY=
Subject key identifier: 3A:E5:AB:A4:8E:6D:03:69:CC:DF:DC:08:2B:D8:5F:F3:32:91:32:94
Certificate issuer: /CN=1455ca30592313388925ee1441009ad31d4bb41f
Certificate serial: 019E8D070127654C0DB62BCB682EEBA90B9D
Authority key identifier: 14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/OuWrpI5tA2nM39wIK9hf8zKRMpQ.roa
Signing time: Wed 03 Jun 2026 10:28:26 +0000
ROA not before: Wed 03 Jun 2026 10:28:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/21 maxlen: 21
31.44.40.0/22 maxlen: 22
46.21.22.0/24 maxlen: 24
46.21.29.0/24 maxlen: 24
185.155.176.0/22 maxlen: 22
185.155.184.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:07:01:27:65:4c:0d:b6:2b:cb:68:2e:eb:a9:0b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1455ca30592313388925ee1441009ad31d4bb41f
Validity
Not Before: Jun 3 10:28:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ae5aba48e6d0369ccdfdc082bd85ff332913294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:de:0f:e7:cd:aa:10:9f:58:ad:8b:d2:8a:f3:
c4:b2:5a:88:6a:b0:d4:10:d7:e7:0b:9c:35:24:fc:
a7:51:9e:aa:e9:38:d5:23:e7:b4:f8:14:64:f4:39:
ec:ec:3a:ad:6f:61:70:b7:ae:81:f5:e8:e8:c4:af:
ab:94:79:5d:24:ff:b0:7c:9e:73:e7:b6:aa:1a:4c:
91:80:5f:83:31:83:20:e3:50:c1:60:13:07:bd:84:
32:53:8d:17:d1:63:91:bd:9c:15:da:72:ec:f8:59:
95:23:3b:95:3f:70:41:de:a0:c7:dd:d6:c6:d8:99:
7c:f2:22:1b:2d:b3:06:93:df:05:e0:54:5c:59:59:
03:7b:df:0b:1b:73:61:b5:fc:2f:a1:b2:75:f6:83:
2a:03:49:8e:2b:94:9f:80:5f:02:d0:eb:b5:f5:8d:
f2:0e:03:1f:35:68:a1:6e:43:35:d2:33:d4:ff:58:
e9:60:e6:e6:31:6f:72:e3:37:7b:44:23:4b:62:11:
db:94:64:19:a2:79:25:e9:0f:ef:da:a7:35:33:b2:
5c:cb:8e:06:bc:9e:0a:f4:28:cf:c3:3b:f3:70:59:
ef:8f:56:35:7b:98:5c:fc:78:47:e5:9d:b8:50:6d:
96:49:3c:0d:31:18:8c:49:9b:c3:04:9c:98:b0:33:
2e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E5:AB:A4:8E:6D:03:69:CC:DF:DC:08:2B:D8:5F:F3:32:91:32:94
X509v3 Authority Key Identifier:
keyid:14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/OuWrpI5tA2nM39wIK9hf8zKRMpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0-31.44.43.255
46.21.22.0/24
46.21.29.0/24
185.155.176.0/22
185.155.184.0/23
Signature Algorithm: sha256WithRSAEncryption
81:8b:3d:58:4b:79:06:d5:b0:0e:50:d6:77:f0:7c:98:c7:80:
4a:17:10:74:cf:4f:55:4e:35:c6:46:34:12:46:78:b9:29:c0:
ec:40:47:12:9e:8c:b6:28:a3:73:ce:10:a1:f3:72:fd:89:91:
fc:6f:d9:2f:53:68:e9:a8:4b:3e:5c:1e:0a:eb:bf:e8:9a:ce:
8e:42:ab:fc:d8:23:b8:0a:a2:17:47:fc:91:a7:bf:7c:13:c8:
39:b2:57:21:64:a7:fc:5b:3b:78:94:aa:a4:f0:d6:00:a2:01:
6d:ef:fc:ca:9d:2e:24:84:e3:06:34:2a:75:f8:eb:f3:3b:a5:
e3:a5:05:06:b3:6f:35:84:95:d7:25:5e:6f:47:e1:bb:f7:8b:
f2:5e:06:a2:d1:8c:ec:3f:f8:18:35:56:83:1a:2f:eb:8b:64:
ac:23:a0:5e:ba:a0:01:7c:aa:38:0e:1e:3c:54:49:95:85:c6:
be:78:7a:9f:bc:8c:97:6d:7d:e6:0c:a2:86:8c:b9:14:19:02:
0f:4c:c2:11:13:c7:53:33:f1:39:df:7b:a4:86:e4:58:82:ed:
41:ff:80:29:fa:69:7e:95:8b:7f:7d:d8:3f:28:fe:15:c4:5b:
0d:5c:4c:cb:e4:bb:59:b2:8b:3f:30:8c:c6:95:88:fc:e5:a1:
41:fd:8c:08
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ6NBwEnZUwNtivLaC7rqQudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NTVjYTMwNTkyMzEzMzg4OTI1ZWUxNDQxMDA5YWQzMWQ0
YmI0MWYwHhcNMjYwNjAzMTAyODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU1YWJhNDhlNmQwMzY5Y2NkZmRjMDgyYmQ4NWZmMzMyOTEzMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx94P582qEJ9YrYvSivPEslqIarDU
ENfnC5w1JPynUZ6q6TjVI+e0+BRk9Dns7Dqtb2Fwt66B9ejoxK+rlHldJP+wfJ5z
57aqGkyRgF+DMYMg41DBYBMHvYQyU40X0WORvZwV2nLs+FmVIzuVP3BB3qDH3dbG
2Jl88iIbLbMGk98F4FRcWVkDe98LG3NhtfwvobJ19oMqA0mOK5SfgF8C0Ou19Y3y
DgMfNWihbkM10jPU/1jpYObmMW9y4zd7RCNLYhHblGQZonkl6Q/v2qc1M7Jcy44G
vJ4K9CjPwzvzcFnvj1Y1e5hc/HhH5Z24UG2WSTwNMRiMSZvDBJyYsDMuhQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDrlq6SObQNpzN/cCCvYX/MykTKUMB8GA1UdIwQY
MBaAFBRVyjBZIxM4iSXuFEEAmtMdS7QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDIt
OWIyNmNhYjc5NDUxLzEvT3VXcnBJNXRBMm5NMzl3SUs5aGY4ektSTXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDItOWIyNmNhYjc5NDUx
LzEvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUfLCAD
BAIfLCgDBAAuFRYDBAAuFR0DBAK5m7ADBAG5m7gwDQYJKoZIhvcNAQELBQADggEB
AIGLPVhLeQbVsA5Q1nfwfJjHgEoXEHTPT1VONcZGNBJGeLkpwOxARxKejLYoo3PO
EKHzcv2Jkfxv2S9TaOmoSz5cHgrrv+iazo5Cq/zYI7gKohdH/JGnv3wTyDmyVyFk
p/xbO3iUqqTw1gCiAW3v/MqdLiSE4wY0KnX46/M7peOlBQazbzWEldclXm9H4bv3
i/JeBqLRjOw/+Bg1VoMaL+uLZKwjoF66oAF8qjgOHjxUSZWFxr54ep+8jJdtfeYM
ooaMuRQZAg9MwhETx1Mz8Tnfe6SG5FiC7UH/gCn6aX6Vi3992D8o/hXEWw1cTMvk
u1myiz8wjMaViPzloUH9jAg=
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:51:17 2026 by rpki-client