Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/jCDXlrz8c9rsUKvFReQJ9m-z47E.roa
File: jCDXlrz8c9rsUKvFReQJ9m-z47E.roa (raw, json)
Hash identifier: JoF0kXETbMOZ8yV0z/co4+t+DcaXzNgjnhb+0mWBNMw=
Subject key identifier: 8C:20:D7:96:BC:FC:73:DA:EC:50:AB:C5:45:E4:09:F6:6F:B3:E3:B1
Certificate issuer: /CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Certificate serial: 019E886E8DEB54C138F32C67F0DC733BDA9B
Authority key identifier: 54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/jCDXlrz8c9rsUKvFReQJ9m-z47E.roa
Signing time: Tue 02 Jun 2026 13:03:27 +0000
ROA not before: Tue 02 Jun 2026 13:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211381
IP address blocks: 188.137.176.0/24 maxlen: 24
188.137.177.0/24 maxlen: 24
188.137.179.0/24 maxlen: 24
188.137.180.0/24 maxlen: 24
188.137.181.0/24 maxlen: 24
188.137.182.0/24 maxlen: 24
188.137.183.0/24 maxlen: 24
188.137.224.0/24 maxlen: 24
188.137.225.0/24 maxlen: 24
188.137.227.0/24 maxlen: 24
188.137.228.0/24 maxlen: 24
188.137.229.0/24 maxlen: 24
188.137.230.0/24 maxlen: 24
188.137.231.0/24 maxlen: 24
188.137.232.0/24 maxlen: 24
188.137.233.0/24 maxlen: 24
188.137.234.0/24 maxlen: 24
188.137.235.0/24 maxlen: 24
188.137.236.0/24 maxlen: 24
188.137.237.0/24 maxlen: 24
188.137.238.0/24 maxlen: 24
188.137.239.0/24 maxlen: 24
188.137.240.0/24 maxlen: 24
188.137.241.0/24 maxlen: 24
188.137.242.0/24 maxlen: 24
188.137.243.0/24 maxlen: 24
188.137.245.0/24 maxlen: 24
188.137.246.0/24 maxlen: 24
188.137.247.0/24 maxlen: 24
188.137.248.0/24 maxlen: 24
188.137.249.0/24 maxlen: 24
188.137.250.0/24 maxlen: 24
188.137.251.0/24 maxlen: 24
188.137.252.0/24 maxlen: 24
188.137.253.0/24 maxlen: 24
188.137.254.0/24 maxlen: 24
188.137.255.0/24 maxlen: 24
212.43.144.0/24 maxlen: 24
212.43.145.0/24 maxlen: 24
212.43.146.0/24 maxlen: 24
212.43.147.0/24 maxlen: 24
212.43.148.0/24 maxlen: 24
212.43.149.0/24 maxlen: 24
212.43.150.0/24 maxlen: 24
212.43.151.0/24 maxlen: 24
212.43.152.0/24 maxlen: 24
212.43.153.0/24 maxlen: 24
212.43.154.0/24 maxlen: 24
212.43.155.0/24 maxlen: 24
212.43.156.0/24 maxlen: 24
212.43.157.0/24 maxlen: 24
212.43.158.0/24 maxlen: 24
212.43.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:6e:8d:eb:54:c1:38:f3:2c:67:f0:dc:73:3b:da:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Validity
Not Before: Jun 2 13:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8c20d796bcfc73daec50abc545e409f66fb3e3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3d:06:e1:7a:70:bc:67:26:ff:a1:48:45:31:
54:04:a5:21:ca:2b:78:96:6d:0f:db:a2:d9:49:40:
9e:5d:34:7e:57:4d:a2:a0:6a:f9:ad:b9:95:01:7b:
3d:50:79:cd:64:33:ab:6b:b7:39:d8:b2:99:80:75:
2b:fb:57:ac:37:4f:72:dc:87:3c:2f:12:c2:9b:ca:
37:98:bb:0b:a0:c2:97:56:16:4c:88:c7:4d:1d:ed:
c4:26:64:8f:a6:2e:1c:5d:8e:d3:54:72:6a:ea:60:
8a:4c:e9:34:9f:18:ed:b4:80:c8:a4:65:66:06:74:
df:34:f7:23:ae:55:08:60:3d:18:bf:4b:1a:bb:50:
dc:58:40:75:5f:f1:13:b7:91:1e:b6:dc:54:f4:ec:
b2:ea:40:36:6c:7c:17:30:05:86:24:80:61:c6:8e:
de:fd:81:51:a5:65:ee:50:19:56:98:12:be:fe:5d:
36:d1:ea:de:c8:68:d9:c5:49:0c:64:86:98:52:90:
11:43:42:29:9e:7b:57:4c:ca:3d:df:95:de:fd:d2:
fd:7d:ee:94:ce:14:9a:67:87:00:d4:52:d2:f7:59:
fa:46:a0:eb:3f:47:3d:e1:1c:ad:5b:17:02:0f:e1:
89:da:c9:bb:1d:3d:3c:73:c3:12:fc:c7:ff:eb:5e:
26:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:20:D7:96:BC:FC:73:DA:EC:50:AB:C5:45:E4:09:F6:6F:B3:E3:B1
X509v3 Authority Key Identifier:
keyid:54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/jCDXlrz8c9rsUKvFReQJ9m-z47E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.176.0/23
188.137.179.0-188.137.183.255
188.137.224.0/23
188.137.227.0-188.137.243.255
188.137.245.0-188.137.255.255
212.43.144.0/20
Signature Algorithm: sha256WithRSAEncryption
45:e6:3b:cb:f1:46:1a:62:74:05:8b:d7:50:6b:b6:01:61:4a:
c2:87:95:9d:1e:80:cb:86:65:dd:28:e3:a8:9b:4b:29:f0:be:
a1:27:5c:ec:64:dc:3d:44:f7:ff:eb:e4:5b:b2:64:0e:b3:db:
f9:af:34:31:30:97:0a:9e:c7:23:24:3f:8a:63:16:c2:1d:f6:
d3:50:b6:9a:8e:e5:e2:c6:b4:f7:2a:53:cf:67:a8:a0:67:d6:
c5:b4:95:ba:17:1b:e7:a6:f5:9a:91:63:fe:fd:c9:99:d2:22:
0f:59:d8:d6:86:7d:68:c3:83:62:b0:f3:49:a0:c3:b3:d8:ba:
e2:2e:74:9e:c2:86:c8:6e:19:5f:c0:a3:62:5f:91:75:49:6c:
95:7e:b1:54:06:34:d9:85:8d:03:42:85:b2:63:6f:35:26:f8:
4a:5d:48:31:38:7e:6d:83:a5:95:d0:62:35:ec:da:05:fb:ed:
ab:8e:85:9f:8b:9e:6a:56:4b:f9:62:e1:d2:6f:2f:c2:93:ee:
a9:c2:21:87:33:4f:19:94:1f:38:21:7e:8b:7e:e4:a9:97:9c:
8c:16:05:77:29:4b:20:b5:1a:a5:c8:9b:e7:e5:92:fa:a6:f2:
53:f3:3e:f5:3c:b4:07:28:53:62:e5:65:2b:1c:3e:5c:80:46:
6c:40:b6:1a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZ6Ibo3rVME48yxn8NxzO9qbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NGE4MmFhNWUyZWI3MTcxOWI3ZjlmMDQ5YTMwN2IxMjQ1
NDQ5N2UwHhcNMjYwNjAyMTMwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzIwZDc5NmJjZmM3M2RhZWM1MGFiYzU0NWU0MDlmNjZmYjNlM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T0G4XpwvGcm/6FIRTFUBKUhyit4
lm0P26LZSUCeXTR+V02ioGr5rbmVAXs9UHnNZDOra7c52LKZgHUr+1esN09y3Ic8
LxLCm8o3mLsLoMKXVhZMiMdNHe3EJmSPpi4cXY7TVHJq6mCKTOk0nxjttIDIpGVm
BnTfNPcjrlUIYD0Yv0sau1DcWEB1X/ETt5EettxU9Oyy6kA2bHwXMAWGJIBhxo7e
/YFRpWXuUBlWmBK+/l020ereyGjZxUkMZIaYUpARQ0IpnntXTMo935Xe/dL9fe6U
zhSaZ4cA1FLS91n6RqDrP0c94RytWxcCD+GJ2sm7HT08c8MS/Mf/614mPwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFIwg15a8/HPa7FCrxUXkCfZvs+OxMB8GA1UdIwQY
MBaAFFRKgqpeLrcXGbf58EmjB7EkVEl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYt
MDJkZTAxMjQyMjhlLzEvakNEWGxyejhjOXJzVUt2RlJlUUo5bS16NDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYtMDJkZTAxMjQyMjhl
LzEvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBvImwMAwD
BAC8ibMDBAO8ibADBAG8ieAwDAMEALyJ4wMEAryJ8DALAwQAvIn1AwMBvIgDBATU
K5AwDQYJKoZIhvcNAQELBQADggEBAEXmO8vxRhpidAWL11BrtgFhSsKHlZ0egMuG
Zd0o46ibSynwvqEnXOxk3D1E9//r5FuyZA6z2/mvNDEwlwqexyMkP4pjFsId9tNQ
tpqO5eLGtPcqU89nqKBn1sW0lboXG+em9ZqRY/79yZnSIg9Z2NaGfWjDg2Kw80mg
w7PYuuIudJ7ChshuGV/Ao2JfkXVJbJV+sVQGNNmFjQNChbJjbzUm+EpdSDE4fm2D
pZXQYjXs2gX77auOhZ+LnmpWS/li4dJvL8KT7qnCIYczTxmUHzghfot+5KmXnIwW
BXcpSyC1GqXIm+flkvqm8lPzPvU8tAcoU2LlZSscPlyARmxAtho=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:50 2026 by rpki-client