Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/o3qzkkESXY7sQI9Ef9a47N0JYRI.roa
File: o3qzkkESXY7sQI9Ef9a47N0JYRI.roa (raw, json)
Hash identifier: +KpziTc4EL6AuFsdBC1mCWAUUjeoCRgVK2HMDiAy6Q8=
Subject key identifier: A3:7A:B3:92:41:12:5D:8E:EC:40:8F:44:7F:D6:B8:EC:DD:09:61:12
Certificate issuer: /CN=1455ca30592313388925ee1441009ad31d4bb41f
Certificate serial: 019EA1E6ADCEA3B8CBE5118ACF64C81E7EDC
Authority key identifier: 14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/o3qzkkESXY7sQI9Ef9a47N0JYRI.roa
Signing time: Sun 07 Jun 2026 11:45:09 +0000
ROA not before: Sun 07 Jun 2026 11:45:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43141
IP address blocks: 31.44.44.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
185.155.176.0/22 maxlen: 24
193.222.104.0/23 maxlen: 24
2a04:1580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 14:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a1:e6:ad:ce:a3:b8:cb:e5:11:8a:cf:64:c8:1e:7e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1455ca30592313388925ee1441009ad31d4bb41f
Validity
Not Before: Jun 7 11:45:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a37ab39241125d8eec408f447fd6b8ecdd096112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6c:d6:be:95:c9:b3:fd:b0:8f:5d:ad:57:04:
fb:ef:1c:b9:96:8f:2a:dc:d8:e4:a4:18:88:ae:b8:
75:4a:1c:27:3f:87:0f:04:62:58:e7:9a:bb:1e:89:
29:6e:8f:14:09:2a:6e:5d:a9:cf:11:b0:e9:25:06:
f3:d8:50:a9:43:64:f9:69:b1:41:d9:8e:53:32:c5:
76:26:b1:c8:cc:f8:41:bd:e2:d6:6a:49:e2:4e:d9:
5a:a6:6d:03:52:1a:ab:3b:ea:5b:08:3e:bf:ff:07:
8b:e4:c3:4e:2b:ab:3f:14:a6:c0:25:cd:3e:d8:95:
a8:77:65:78:7b:d6:a6:43:da:88:ee:5e:1d:84:58:
23:22:e7:19:95:c1:cf:41:c3:64:0c:a8:83:b4:47:
1f:3c:5b:b6:f0:c9:de:20:23:17:9c:fb:25:66:2e:
dc:96:d0:55:79:e6:5a:ba:d9:13:75:7b:a2:5f:7d:
1e:12:60:b1:fa:03:38:8f:59:15:d4:50:17:dc:13:
1a:9d:34:5f:c5:c6:df:85:74:18:6d:cc:e4:55:aa:
e4:20:82:06:50:2c:68:e0:dc:39:a5:eb:e5:e2:67:
c9:71:68:70:ea:73:46:da:2c:e3:bb:0f:7d:38:b3:
41:7f:9b:0b:9a:e4:66:c5:ba:8b:db:d8:2d:06:4a:
9b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7A:B3:92:41:12:5D:8E:EC:40:8F:44:7F:D6:B8:EC:DD:09:61:12
X509v3 Authority Key Identifier:
keyid:14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/o3qzkkESXY7sQI9Ef9a47N0JYRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.44.0/22
185.155.176.0/22
193.222.104.0/23
IPv6:
2a04:1580::/29
Signature Algorithm: sha256WithRSAEncryption
6d:e4:9d:92:30:77:c7:1c:95:e2:5b:03:c8:22:3f:da:38:17:
c4:89:9e:ea:01:6b:2e:41:06:d5:d4:3c:31:da:33:dd:1c:28:
cb:d8:50:d8:34:e7:d5:fa:16:c3:7f:80:53:12:a2:88:55:ff:
5f:12:dc:d1:4c:e5:20:e5:26:35:22:0c:31:63:00:07:28:ff:
27:48:5a:2a:22:28:47:8a:0f:26:0d:78:cc:7f:c7:ef:53:47:
2c:67:99:1a:fb:c0:43:ac:41:8b:d6:6e:76:fc:c9:92:37:f5:
86:45:73:5e:4f:f1:33:26:b4:49:0e:6f:88:71:42:0b:b0:b7:
e5:c0:0d:60:c7:c7:87:a9:ca:16:de:33:a6:a5:b3:c6:a9:53:
d9:eb:c1:a3:74:34:ca:d7:7d:1d:ed:0e:82:f0:bb:99:6e:b2:
d5:7b:68:9d:6f:f1:7b:f4:27:e1:54:cb:d0:6b:e0:bd:70:59:
9e:4f:33:48:32:8a:d5:05:b2:22:3f:c2:72:94:c0:b8:8d:77:
c4:73:90:46:b7:47:80:4c:9e:8f:40:20:40:bb:49:bf:54:9d:
9a:c8:c1:55:02:cb:b1:75:9d:0d:33:ef:0e:a6:bf:ca:19:e6:
04:64:0c:89:69:8f:67:6f:1a:b9:ff:22:d4:1b:a2:69:9f:7e:
cb:bb:fa:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ6h5q3Oo7jL5RGKz2TIHn7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NTVjYTMwNTkyMzEzMzg4OTI1ZWUxNDQxMDA5YWQzMWQ0
YmI0MWYwHhcNMjYwNjA3MTE0NTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdhYjM5MjQxMTI1ZDhlZWM0MDhmNDQ3ZmQ2YjhlY2RkMDk2MTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WzWvpXJs/2wj12tVwT77xy5lo8q
3NjkpBiIrrh1ShwnP4cPBGJY55q7Hokpbo8UCSpuXanPEbDpJQbz2FCpQ2T5abFB
2Y5TMsV2JrHIzPhBveLWakniTtlapm0DUhqrO+pbCD6//weL5MNOK6s/FKbAJc0+
2JWod2V4e9amQ9qI7l4dhFgjIucZlcHPQcNkDKiDtEcfPFu28MneICMXnPslZi7c
ltBVeeZautkTdXuiX30eEmCx+gM4j1kV1FAX3BManTRfxcbfhXQYbczkVarkIIIG
UCxo4Nw5pevl4mfJcWhw6nNG2izjuw99OLNBf5sLmuRmxbqL29gtBkqbaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKN6s5JBEl2O7ECPRH/WuOzdCWESMB8GA1UdIwQY
MBaAFBRVyjBZIxM4iSXuFEEAmtMdS7QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDIt
OWIyNmNhYjc5NDUxLzEvbzNxemtrRVNYWTdzUUk5RWY5YTQ3TjBKWVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDItOWIyNmNhYjc5NDUx
LzEvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCHywsAwQC
uZuwAwQBwd5oMA0EAgACMAcDBQMqBBWAMA0GCSqGSIb3DQEBCwUAA4IBAQBt5J2S
MHfHHJXiWwPIIj/aOBfEiZ7qAWsuQQbV1Dwx2jPdHCjL2FDYNOfV+hbDf4BTEqKI
Vf9fEtzRTOUg5SY1IgwxYwAHKP8nSFoqIihHig8mDXjMf8fvU0csZ5ka+8BDrEGL
1m52/MmSN/WGRXNeT/EzJrRJDm+IcUILsLflwA1gx8eHqcoW3jOmpbPGqVPZ68Gj
dDTK130d7Q6C8LuZbrLVe2idb/F79CfhVMvQa+C9cFmeTzNIMorVBbIiP8JylMC4
jXfEc5BGt0eATJ6PQCBAu0m/VJ2ayMFVAsuxdZ0NM+8Opr/KGeYEZAyJaY9nbxq5
/yLUG6Jpn37Lu/rc
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:49:22 2026 by rpki-client