Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/3XQl2aZGjx0G4B6lNhjKCU52GfY.roa
File: 3XQl2aZGjx0G4B6lNhjKCU52GfY.roa (raw, json)
Hash identifier: FT3KtfFmeYDjTpv2vREaKYo1FYKB1NfeU+bTJfNupFI=
Subject key identifier: DD:74:25:D9:A6:46:8F:1D:06:E0:1E:A5:36:18:CA:09:4E:76:19:F6
Certificate issuer: /CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Certificate serial: 019EDC5525D78474048E0B12BFC821272845
Authority key identifier: 4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/3XQl2aZGjx0G4B6lNhjKCU52GfY.roa
Signing time: Thu 18 Jun 2026 20:03:48 +0000
ROA not before: Thu 18 Jun 2026 20:03:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43950
IP address blocks: 79.98.32.0/21 maxlen: 21
79.98.32.0/24 maxlen: 24
79.98.33.0/24 maxlen: 24
79.98.35.0/24 maxlen: 24
79.98.39.0/24 maxlen: 24
193.239.8.0/22 maxlen: 22
2a01:568::/32 maxlen: 32
2a01:568::/36 maxlen: 36
2a01:568:3000::/36 maxlen: 36
2a01:568:4000::/36 maxlen: 36
2a01:568:5000::/36 maxlen: 36
2a01:568:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:dc:55:25:d7:84:74:04:8e:0b:12:bf:c8:21:27:28:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Validity
Not Before: Jun 18 20:03:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd7425d9a6468f1d06e01ea53618ca094e7619f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d7:04:7b:5d:a8:01:e6:d4:47:f5:f3:94:a1:
75:18:9c:4c:50:91:79:3f:ab:ae:1c:f0:45:04:31:
de:1c:45:79:f7:4c:00:1a:54:e4:e7:a1:9c:ce:ec:
cf:c8:44:c9:ba:f9:f4:2e:98:2f:b4:cf:5d:8b:16:
da:8a:2f:8d:df:67:52:6c:9f:af:10:b5:44:fd:df:
ca:6c:4c:05:20:fe:3a:5c:d4:a7:19:91:93:85:be:
20:c1:b1:aa:63:55:54:1b:dd:62:fd:45:80:e3:e4:
a1:9e:ab:ea:00:0b:05:50:38:d4:52:a2:6d:0c:98:
f1:cc:28:45:ac:c6:e6:4c:a7:85:26:b3:76:93:db:
62:3b:25:c3:72:3e:aa:a9:d0:f3:e1:37:d1:7d:4c:
84:31:0a:8f:10:c1:75:f0:0f:6c:00:e8:c5:a4:3b:
ff:89:57:8c:70:be:75:f0:1d:8b:1c:32:12:02:29:
8f:ed:b1:4b:89:64:e6:f3:15:25:d6:49:be:ce:09:
60:68:fa:e7:22:91:f9:07:fd:05:f6:9e:19:7d:e6:
2d:82:2a:a1:54:d2:51:eb:03:ed:d3:04:45:b3:2d:
3c:7f:55:23:ef:1f:d5:e1:b7:e6:23:f8:e8:6c:0e:
9e:c0:5b:5c:ad:1a:e5:59:ca:9f:0a:18:0a:d2:8c:
8e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:74:25:D9:A6:46:8F:1D:06:E0:1E:A5:36:18:CA:09:4E:76:19:F6
X509v3 Authority Key Identifier:
keyid:4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/3XQl2aZGjx0G4B6lNhjKCU52GfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.32.0/21
193.239.8.0/22
IPv6:
2a01:568::/32
Signature Algorithm: sha256WithRSAEncryption
41:f8:39:f9:f4:9f:7e:0a:b7:67:7d:5d:06:18:4a:0e:1e:d1:
e7:06:b9:e9:54:59:df:9e:a9:b1:15:e5:1a:43:fa:0f:41:69:
42:82:f3:71:6e:a7:2c:af:e7:4e:9c:54:5e:0b:f8:b6:fc:aa:
41:cc:8d:5f:fd:a5:03:bc:44:09:11:bd:cd:77:21:bd:da:be:
42:18:7a:f9:6b:1e:cb:63:4b:9d:64:49:c1:19:c1:85:c5:31:
0d:59:b0:fe:f5:85:de:e2:f6:2e:c5:2c:ae:e7:90:e4:ea:22:
1c:e7:fc:eb:5b:64:26:32:07:a4:7f:c9:7f:08:28:df:80:b1:
be:3f:84:a1:03:cc:b9:b4:ec:7b:11:5d:6d:20:6f:30:4d:18:
6d:b5:87:49:cf:7b:b3:fc:ca:ff:2d:d5:65:0c:f0:00:7a:0e:
cf:60:4e:55:16:5b:e6:eb:a1:05:64:f1:cf:32:b6:43:87:ce:
d8:18:74:b7:05:49:84:4c:22:52:3a:3f:a5:bc:eb:26:47:88:
28:18:19:72:1a:25:8a:80:0f:75:50:2a:06:fc:df:05:ce:eb:
5d:b1:2d:79:ef:8a:f4:e6:77:6c:a7:47:e8:a3:3b:62:ee:6c:
2e:61:91:ce:34:1c:cd:b0:8a:9d:3e:3a:25:3d:18:3f:36:5c:
d3:e6:a1:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ7cVSXXhHQEjgsSv8ghJyhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMzAyYTJkZDUxN2E2MWEzYjk1Mjc0NmYyZWU5ZmJlNDM2
ZDYzNDkwHhcNMjYwNjE4MjAwMzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc0MjVkOWE2NDY4ZjFkMDZlMDFlYTUzNjE4Y2EwOTRlNzYxOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9cEe12oAebUR/XzlKF1GJxMUJF5
P6uuHPBFBDHeHEV590wAGlTk56GczuzPyETJuvn0LpgvtM9dixbaii+N32dSbJ+v
ELVE/d/KbEwFIP46XNSnGZGThb4gwbGqY1VUG91i/UWA4+ShnqvqAAsFUDjUUqJt
DJjxzChFrMbmTKeFJrN2k9tiOyXDcj6qqdDz4TfRfUyEMQqPEMF18A9sAOjFpDv/
iVeMcL518B2LHDISAimP7bFLiWTm8xUl1km+zglgaPrnIpH5B/0F9p4ZfeYtgiqh
VNJR6wPt0wRFsy08f1Uj7x/V4bfmI/jobA6ewFtcrRrlWcqfChgK0oyOMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN10JdmmRo8dBuAepTYYyglOdhn2MB8GA1UdIwQY
MBaAFE0wKi3VF6YaO5UnRvLun75DbWNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDct
MTY2ZmI5ZGI2ZGIzLzEvM1hRbDJhWkdqeDBHNEI2bE5oaktDVTUyR2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDctMTY2ZmI5ZGI2ZGIz
LzEvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2IgAwQC
we8IMA0EAgACMAcDBQAqAQVoMA0GCSqGSIb3DQEBCwUAA4IBAQBB+Dn59J9+Crdn
fV0GGEoOHtHnBrnpVFnfnqmxFeUaQ/oPQWlCgvNxbqcsr+dOnFReC/i2/KpBzI1f
/aUDvEQJEb3NdyG92r5CGHr5ax7LY0udZEnBGcGFxTENWbD+9YXe4vYuxSyu55Dk
6iIc5/zrW2QmMgekf8l/CCjfgLG+P4ShA8y5tOx7EV1tIG8wTRhttYdJz3uz/Mr/
LdVlDPAAeg7PYE5VFlvm66EFZPHPMrZDh87YGHS3BUmETCJSOj+lvOsmR4goGBly
GiWKgA91UCoG/N8FzutdsS1574r05ndsp0foozti7mwuYZHONBzNsIqdPjolPRg/
NlzT5qGt
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:30 2026 by rpki-client