Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/s3SYC34soWmzoKTsPOX5kVncr4c.roa
File: s3SYC34soWmzoKTsPOX5kVncr4c.roa (raw, json)
Hash identifier: NNv/S0wj01Qx/jiwO1ikXgdpR/5j5vjGnHKp5dqdD6M=
Subject key identifier: B3:74:98:0B:7E:2C:A1:69:B3:A0:A4:EC:3C:E5:F9:91:59:DC:AF:87
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019E39EC21409A40FF404EACA6068595E224
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/s3SYC34soWmzoKTsPOX5kVncr4c.roa
Signing time: Mon 18 May 2026 07:10:36 +0000
ROA not before: Mon 18 May 2026 07:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.96.0/24 maxlen: 24
89.23.97.0/24 maxlen: 24
89.23.98.0/24 maxlen: 24
89.23.99.0/24 maxlen: 24
89.23.100.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
185.39.206.0/24 maxlen: 24
212.67.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:39:ec:21:40:9a:40:ff:40:4e:ac:a6:06:85:95:e2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 18 07:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b374980b7e2ca169b3a0a4ec3ce5f99159dcaf87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:31:92:55:d7:02:e9:95:8c:18:09:9e:07:
5e:b7:ac:66:e2:15:41:86:7d:fa:d6:c6:1f:a6:33:
d2:de:a5:bc:ae:57:34:5c:c6:30:2a:d8:3c:f6:bf:
d0:0b:56:f4:30:5a:b9:f5:ca:df:c8:5f:9c:6c:f9:
52:36:7c:ba:e1:9a:a2:7e:bd:13:c4:1d:5b:1f:09:
1b:fd:c7:35:33:fa:0a:e1:67:72:d2:25:4c:a7:f4:
03:99:47:34:be:c3:af:c2:84:a7:df:ba:b3:9e:74:
dd:3e:42:63:7b:e9:c4:88:53:bc:fd:20:b8:9b:88:
49:33:8a:65:ba:65:25:a3:9a:ef:26:83:c3:57:75:
5d:13:f6:43:4d:c6:eb:19:97:4f:ab:32:24:1a:6a:
b6:2b:a9:5c:43:31:ee:f8:d9:19:ff:e5:96:36:f4:
9c:ae:35:c8:34:ac:78:2c:59:5c:bf:69:c3:8b:c2:
d7:34:e2:47:75:d2:13:62:b1:c9:95:de:24:da:59:
b1:65:15:1a:55:d1:a9:4c:0b:33:41:6a:73:81:73:
9b:4f:f2:1b:74:ed:e2:64:09:d6:88:bd:44:5b:ed:
21:8d:f7:dd:9e:51:3d:10:af:b6:45:2c:e0:c2:c1:
0a:5d:4e:4a:74:23:fb:75:34:3a:00:b4:99:53:60:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:74:98:0B:7E:2C:A1:69:B3:A0:A4:EC:3C:E5:F9:91:59:DC:AF:87
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/s3SYC34soWmzoKTsPOX5kVncr4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
89.23.112.0/24
89.23.115.0-89.23.118.255
185.39.206.0/24
212.67.17.0/24
Signature Algorithm: sha256WithRSAEncryption
93:fa:70:be:0d:bb:30:09:75:34:77:1b:ef:4b:c2:fb:c7:9d:
71:63:1c:5a:dc:53:dd:e2:20:84:2d:86:10:31:d9:df:71:a3:
f2:41:a8:7c:a8:62:82:7a:39:40:d4:4f:15:c2:1e:94:06:d3:
77:93:95:19:0b:3f:a4:7c:c5:cb:77:d7:bd:ae:ab:ef:50:7f:
ce:f9:bf:6d:8f:91:ab:0d:6e:21:a7:24:61:65:34:06:ad:5a:
9f:00:11:6a:82:37:66:f0:93:49:cb:28:6f:fb:fc:5a:0b:78:
47:9e:76:29:f0:44:18:fa:24:81:46:7d:8a:13:75:1f:bd:67:
0d:b4:1c:45:92:40:a1:57:3f:68:00:14:87:22:4a:24:59:fd:
eb:fd:7f:78:38:1e:89:8f:6f:fd:7c:9e:3c:d4:5d:b3:9f:70:
f0:3c:ba:50:7e:b3:25:e6:62:59:72:33:08:f3:58:08:e6:fd:
9f:7f:02:16:16:e7:ae:66:74:45:c9:66:63:14:44:37:67:70:
ca:9a:ab:56:a2:99:04:58:2a:25:4d:83:54:0b:6c:f5:77:82:
fe:9a:1b:dd:1d:72:0d:f1:d3:4e:dc:8e:ec:f2:a0:ac:8e:41:
68:ba:ea:7f:e3:48:ce:8d:9a:13:97:22:eb:8a:0b:be:e0:3b:
33:75:4a:ae
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ457CFAmkD/QE6spgaFleIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjYwNTE4MDcxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc0OTgwYjdlMmNhMTY5YjNhMGE0ZWMzY2U1Zjk5MTU5ZGNhZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnsxklXXAumVjBgJngdet6xm4hVB
hn361sYfpjPS3qW8rlc0XMYwKtg89r/QC1b0MFq59crfyF+cbPlSNny64Zqifr0T
xB1bHwkb/cc1M/oK4Wdy0iVMp/QDmUc0vsOvwoSn37qznnTdPkJje+nEiFO8/SC4
m4hJM4plumUlo5rvJoPDV3VdE/ZDTcbrGZdPqzIkGmq2K6lcQzHu+NkZ/+WWNvSc
rjXINKx4LFlcv2nDi8LXNOJHddITYrHJld4k2lmxZRUaVdGpTAszQWpzgXObT/Ib
dO3iZAnWiL1EW+0hjffdnlE9EK+2RSzgwsEKXU5KdCP7dTQ6ALSZU2Cf4QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLN0mAt+LKFps6Ck7Dzl+ZFZ3K+HMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvczNTWUMzNHNvV216b0tUc1BPWDVrVm5jcjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAVZF2AD
BABZF2YDBABZF3AwDAMEAFkXcwMEAFkXdgMEALknzgMEANRDETANBgkqhkiG9w0B
AQsFAAOCAQEAk/pwvg27MAl1NHcb70vC+8edcWMcWtxT3eIghC2GEDHZ33Gj8kGo
fKhigno5QNRPFcIelAbTd5OVGQs/pHzFy3fXva6r71B/zvm/bY+Rqw1uIackYWU0
Bq1anwARaoI3ZvCTScsob/v8Wgt4R552KfBEGPokgUZ9ihN1H71nDbQcRZJAoVc/
aAAUhyJKJFn96/1/eDgeiY9v/XyePNRds59w8Dy6UH6zJeZiWXIzCPNYCOb9n38C
FhbnrmZ0RclmYxREN2dwypqrVqKZBFgqJU2DVAts9XeC/pob3R1yDfHTTtyO7PKg
rI5BaLrqf+NIzo2aE5ci64oLvuA7M3VKrg==
-----END CERTIFICATE-----
Generated at Tue May 26 02:52:47 2026 by rpki-client