Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jTWbkAFLGxG1mROlYvMxI8MV6-U.roa
File: jTWbkAFLGxG1mROlYvMxI8MV6-U.roa (raw, json)
Hash identifier: vD7HGdrGfXGE6wwLr2UW7clcjL2WURKJ8tkkM3jGIvU=
Subject key identifier: 8D:35:9B:90:01:4B:1B:11:B5:99:13:A5:62:F3:31:23:C3:15:EB:E5
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019C8A37F022C258A3E3474647BE70DCDBB2
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jTWbkAFLGxG1mROlYvMxI8MV6-U.roa
Signing time: Mon 23 Feb 2026 11:17:27 +0000
ROA not before: Mon 23 Feb 2026 11:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 80.97.54.0/24 maxlen: 24
81.180.173.0/24 maxlen: 24
81.181.172.0/24 maxlen: 24
81.181.175.0/24 maxlen: 24
81.181.236.0/22 maxlen: 22
194.102.122.0/23 maxlen: 23
194.102.217.0/24 maxlen: 24
217.156.29.0/24 maxlen: 24
217.156.57.0/24 maxlen: 24
217.156.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:37:f0:22:c2:58:a3:e3:47:46:47:be:70:dc:db:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 23 11:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d359b90014b1b11b59913a562f33123c315ebe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:e8:13:a2:93:86:d3:36:e0:d6:5a:c0:05:
17:07:bd:74:1b:1d:74:77:c0:d0:2b:38:41:2c:48:
f2:56:ff:13:15:58:88:d3:80:fd:92:04:71:49:b0:
68:5e:a5:8c:8f:4c:55:e1:c2:9c:9d:c0:21:a9:31:
b2:ab:a5:44:12:30:85:36:d8:25:71:8a:81:93:70:
8d:31:04:fa:52:6f:7e:ae:d5:ac:eb:06:81:8e:29:
e9:2b:c4:92:f9:73:ad:17:ca:c6:cc:63:aa:95:e9:
bd:b2:e9:f5:73:81:7b:67:35:15:a1:7b:81:48:e5:
05:e4:b7:0c:b3:60:36:68:bb:98:00:4f:85:9a:91:
29:d1:fc:fc:da:99:45:9b:e3:d8:ef:45:ad:17:f3:
71:21:a5:d1:49:cd:4e:43:b2:3b:a3:00:b1:d6:ff:
e2:a7:88:3e:d4:a0:c3:d2:b6:8c:55:3d:74:bf:1d:
06:8a:f8:80:55:9a:d0:80:b3:cc:a9:3f:aa:40:c2:
f8:2d:b8:eb:b9:f6:9c:87:ea:70:57:dd:ad:ce:48:
26:b8:2c:bd:c9:96:50:a6:df:10:fe:06:f2:d6:1a:
50:a2:16:ba:cf:f6:ce:ff:cf:a5:e0:72:94:9b:fc:
be:e0:44:ef:fc:61:56:e0:8e:7b:b6:0e:3d:c6:3e:
78:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:35:9B:90:01:4B:1B:11:B5:99:13:A5:62:F3:31:23:C3:15:EB:E5
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jTWbkAFLGxG1mROlYvMxI8MV6-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.54.0/24
81.180.173.0/24
81.181.172.0/24
81.181.175.0/24
81.181.236.0/22
194.102.122.0/23
194.102.217.0/24
217.156.29.0/24
217.156.57.0/24
217.156.112.0/22
Signature Algorithm: sha256WithRSAEncryption
94:f6:fb:db:44:97:2e:1b:28:2c:5c:19:09:dd:dc:cf:43:c2:
79:3b:16:cf:ae:71:6c:ab:65:e5:5a:b4:1e:62:84:c3:c0:28:
c0:58:ab:e8:36:5c:1c:bc:58:eb:e7:dd:bd:a9:8b:8b:07:ce:
f3:cf:c4:f1:fb:e3:f0:6a:13:07:b7:8d:14:51:2c:3e:aa:f7:
e3:37:c6:1d:25:eb:f8:a7:8b:12:dc:db:36:c8:09:52:a6:70:
23:84:cd:bc:cc:8b:21:9b:00:2c:75:cc:36:f7:71:71:fd:b2:
58:9a:91:21:d8:c3:aa:ab:8c:6d:51:dc:87:91:fc:9d:f8:7c:
c8:35:b5:68:61:6e:24:34:b3:62:4c:dc:4f:5a:91:33:f3:45:
19:89:e0:5a:9a:6c:b9:ba:d6:9a:9b:1c:b9:c6:d5:96:c8:59:
23:db:d2:a5:3e:1e:fb:13:71:75:f4:0b:4d:c2:88:04:38:02:
2d:36:42:b1:0a:d7:74:a2:3c:fa:6d:dd:31:99:79:15:09:96:
fa:f7:e0:5b:a9:8e:c8:19:79:4c:70:89:a7:fc:b3:cf:93:0f:
8e:c4:65:7b:b6:fa:cb:9b:a5:ea:21:6b:80:71:0e:83:98:e4:
f5:b7:63:a6:5a:f0:11:8b:46:db:0c:08:24:74:ad:90:d4:4b:
19:e1:85:e4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZyKN/Aiwlij40dGR75w3NuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMjIzMTExNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM1OWI5MDAxNGIxYjExYjU5OTEzYTU2MmYzMzEyM2MzMTVlYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH/oE6KThtM24NZawAUXB710Gx10
d8DQKzhBLEjyVv8TFViI04D9kgRxSbBoXqWMj0xV4cKcncAhqTGyq6VEEjCFNtgl
cYqBk3CNMQT6Um9+rtWs6waBjinpK8SS+XOtF8rGzGOqlem9sun1c4F7ZzUVoXuB
SOUF5LcMs2A2aLuYAE+FmpEp0fz82plFm+PY70WtF/NxIaXRSc1OQ7I7owCx1v/i
p4g+1KDD0raMVT10vx0GiviAVZrQgLPMqT+qQML4Lbjrufach+pwV92tzkgmuCy9
yZZQpt8Q/gby1hpQoha6z/bO/8+l4HKUm/y+4ETv/GFW4I57tg49xj543QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFI01m5ABSxsRtZkTpWLzMSPDFevlMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvalRXYmtBRkxHeEcxbVJPbFl2TXhJOE1WNi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUGE2AwQA
UbStAwQAUbWsAwQAUbWvAwQCUbXsAwQBwmZ6AwQAwmbZAwQA2ZwdAwQA2Zw5AwQC
2ZxwMA0GCSqGSIb3DQEBCwUAA4IBAQCU9vvbRJcuGygsXBkJ3dzPQ8J5OxbPrnFs
q2XlWrQeYoTDwCjAWKvoNlwcvFjr5929qYuLB87zz8Tx++PwahMHt40UUSw+qvfj
N8YdJev4p4sS3Ns2yAlSpnAjhM28zIshmwAsdcw293Fx/bJYmpEh2MOqq4xtUdyH
kfyd+HzINbVoYW4kNLNiTNxPWpEz80UZieBammy5utaamxy5xtWWyFkj29KlPh77
E3F19AtNwogEOAItNkKxCtd0ojz6bd0xmXkVCZb69+BbqY7IGXlMcImn/LPPkw+O
xGV7tvrLm6XqIWuAcQ6DmOT1t2OmWvARi0bbDAgkdK2Q1EsZ4YXk
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:33:29 2026 by rpki-client