Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/JcXMDE3ebWSqfHBZs7VE5S6oxiE.roa
File: JcXMDE3ebWSqfHBZs7VE5S6oxiE.roa (raw, json)
Hash identifier: qKO6wgBeY/Sj/PEf+kS+5gKnDMaY8bARW2HNfD5qpA0=
Subject key identifier: 25:C5:CC:0C:4D:DE:6D:64:AA:7C:70:59:B3:B5:44:E5:2E:A8:C6:21
Certificate issuer: /CN=8a227c35f928d9c8b8ff7c25721efd47a90dcb67
Certificate serial: 019B7FF294375F0A52E00E72ECFE20D3BA2F
Authority key identifier: 8A:22:7C:35:F9:28:D9:C8:B8:FF:7C:25:72:1E:FD:47:A9:0D:CB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iiJ8Nfko2ci4_3wlch79R6kNy2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/JcXMDE3ebWSqfHBZs7VE5S6oxiE.roa
Signing time: Fri 02 Jan 2026 18:22:42 +0000
ROA not before: Fri 02 Jan 2026 18:22:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199039
IP address blocks: 176.110.96.0/22 maxlen: 22
176.110.98.0/24 maxlen: 24
176.110.99.0/24 maxlen: 24
185.134.52.0/22 maxlen: 24
193.187.74.0/23 maxlen: 23
193.187.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/iiJ8Nfko2ci4_3wlch79R6kNy2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/iiJ8Nfko2ci4_3wlch79R6kNy2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/iiJ8Nfko2ci4_3wlch79R6kNy2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:f2:94:37:5f:0a:52:e0:0e:72:ec:fe:20:d3:ba:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a227c35f928d9c8b8ff7c25721efd47a90dcb67
Validity
Not Before: Jan 2 18:22:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25c5cc0c4dde6d64aa7c7059b3b544e52ea8c621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:b5:82:94:71:19:34:5e:e4:88:1f:4c:bb:
80:eb:26:b9:fd:b0:68:87:a5:ad:2f:3e:b5:54:ca:
d6:b4:1e:6e:2e:6f:98:3b:ad:8c:b0:11:20:55:c7:
c9:4c:ac:39:17:25:6e:b0:d6:e3:68:08:2f:c2:61:
19:e3:bf:bb:4b:ab:1f:61:70:96:d5:72:d7:ae:12:
1a:6b:f9:08:cc:0c:07:19:27:2e:46:2c:87:40:7e:
05:77:b1:40:5f:da:59:e6:35:57:17:ab:7c:19:72:
fe:b9:6b:a5:c8:52:a5:45:6b:19:78:e3:92:64:ef:
13:dc:b8:4c:0f:e9:f8:22:9f:d7:e5:41:a3:c3:4b:
21:dd:2f:d3:24:f9:70:fd:03:36:1c:44:65:f8:43:
d5:86:3e:b2:1e:d4:11:93:6e:97:e8:8e:51:e3:c6:
85:58:72:dc:54:0d:f6:9b:0c:1b:9f:46:79:6a:9d:
0f:1e:a5:f6:31:81:1f:14:3f:3c:60:0f:46:e6:e0:
69:14:ac:f8:aa:eb:db:86:df:32:5c:80:9f:97:31:
b2:19:7b:ee:bb:ab:e5:a9:84:78:0e:d7:46:5d:f8:
fd:ba:b9:56:56:5b:21:de:39:87:22:32:62:a2:c0:
c5:aa:27:af:c1:89:71:ed:d0:5c:2e:28:3f:f9:20:
7c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C5:CC:0C:4D:DE:6D:64:AA:7C:70:59:B3:B5:44:E5:2E:A8:C6:21
X509v3 Authority Key Identifier:
keyid:8A:22:7C:35:F9:28:D9:C8:B8:FF:7C:25:72:1E:FD:47:A9:0D:CB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iiJ8Nfko2ci4_3wlch79R6kNy2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/JcXMDE3ebWSqfHBZs7VE5S6oxiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/iiJ8Nfko2ci4_3wlch79R6kNy2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.96.0/22
185.134.52.0/22
193.187.74.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:c6:5e:40:51:62:5b:4d:e2:a1:25:c1:5c:60:2c:94:66:b4:
a3:59:f3:a4:af:cb:13:07:36:20:5c:d8:06:9b:26:ae:f3:91:
c7:2f:27:e8:e8:bd:4b:53:19:c8:34:04:2f:9a:27:75:0d:f0:
8f:f3:9b:9c:ed:d3:13:05:1a:18:dd:73:98:a0:d2:ce:e5:1c:
22:df:5a:30:05:bd:e0:9e:73:f7:0e:40:7b:8b:7b:d4:95:85:
2b:15:0b:06:5d:b2:ea:3a:2b:0c:51:0e:e7:c3:a4:92:6c:2c:
68:86:0c:41:90:c2:a3:44:3d:3d:7e:2c:2e:ca:ff:bd:fd:bd:
12:64:ad:27:d8:2e:a2:22:98:b7:52:d9:39:80:c1:17:39:f1:
fb:90:b6:84:a6:39:35:ce:9c:7d:f3:77:62:2b:11:8c:60:28:
35:30:41:3c:bc:a2:32:0c:4c:69:2e:2b:ec:9d:7d:d5:7a:03:
20:4c:18:b2:62:cf:03:79:4f:47:5a:e8:78:f8:ff:01:ab:54:
24:d4:c7:84:cf:8c:ac:32:24:13:17:cf:72:c8:ef:4e:9e:7c:
1a:99:1a:f0:7b:40:e5:8d:5d:b8:3e:24:e3:39:8d:61:7b:96:
c9:50:64:1b:67:5f:49:61:1f:56:1b:3b:e7:d9:04:e2:16:cb:
56:95:4d:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt/8pQ3XwpS4A5y7P4g07ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMjI3YzM1ZjkyOGQ5YzhiOGZmN2MyNTcyMWVmZDQ3YTkw
ZGNiNjcwHhcNMjYwMTAyMTgyMjQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM1Y2MwYzRkZGU2ZDY0YWE3YzcwNTliM2I1NDRlNTJlYThjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIW1gpRxGTRe5IgfTLuA6ya5/bBo
h6WtLz61VMrWtB5uLm+YO62MsBEgVcfJTKw5FyVusNbjaAgvwmEZ47+7S6sfYXCW
1XLXrhIaa/kIzAwHGScuRiyHQH4Fd7FAX9pZ5jVXF6t8GXL+uWulyFKlRWsZeOOS
ZO8T3LhMD+n4Ip/X5UGjw0sh3S/TJPlw/QM2HERl+EPVhj6yHtQRk26X6I5R48aF
WHLcVA32mwwbn0Z5ap0PHqX2MYEfFD88YA9G5uBpFKz4quvbht8yXICflzGyGXvu
u6vlqYR4DtdGXfj9urlWVlsh3jmHIjJiosDFqievwYlx7dBcLig/+SB8WwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXFzAxN3m1kqnxwWbO1ROUuqMYhMB8GA1UdIwQY
MBaAFIoifDX5KNnIuP98JXIe/UepDctnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWlKOE5ma28yY2k0XzN3bGNoNzlSNmtOeTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85YWY3OGItNDFjNC00N2I3LWFmOTUt
MzdiMGEyYWIzY2Q2LzEvSmNYTURFM2ViV1NxZkhCWnM3VkU1UzZveGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85YWY3OGItNDFjNC00N2I3LWFmOTUtMzdiMGEyYWIzY2Q2
LzEvaWlKOE5ma28yY2k0XzN3bGNoNzlSNmtOeTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCsG5gAwQC
uYY0AwQBwbtKMA0GCSqGSIb3DQEBCwUAA4IBAQCMxl5AUWJbTeKhJcFcYCyUZrSj
WfOkr8sTBzYgXNgGmyau85HHLyfo6L1LUxnINAQvmid1DfCP85uc7dMTBRoY3XOY
oNLO5Rwi31owBb3gnnP3DkB7i3vUlYUrFQsGXbLqOisMUQ7nw6SSbCxohgxBkMKj
RD09fiwuyv+9/b0SZK0n2C6iIpi3Utk5gMEXOfH7kLaEpjk1zpx983diKxGMYCg1
MEE8vKIyDExpLivsnX3VegMgTBiyYs8DeU9HWuh4+P8Bq1Qk1MeEz4ysMiQTF89y
yO9OnnwamRrwe0DljV24PiTjOY1he5bJUGQbZ19JYR9WGzvn2QTiFstWlU2o
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:37:17 2026 by rpki-client