Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/jgH6u912rK5Xtxpxfif3Cfl9DZ4.roa
File: jgH6u912rK5Xtxpxfif3Cfl9DZ4.roa (raw, json)
Hash identifier: t2SsP6gmWCBRP4SsEFRkLirUYBsfe7RvyzM3ohHxmzE=
Subject key identifier: 8E:01:FA:BB:DD:76:AC:AE:57:B7:1A:71:7E:27:F7:09:F9:7D:0D:9E
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 019D7728ADC4D5EB422E593961F282EFB977
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/jgH6u912rK5Xtxpxfif3Cfl9DZ4.roa
Signing time: Fri 10 Apr 2026 11:30:47 +0000
ROA not before: Fri 10 Apr 2026 11:30:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21859
IP address blocks: 164.18.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:28:ad:c4:d5:eb:42:2e:59:39:61:f2:82:ef:b9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Apr 10 11:30:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e01fabbdd76acae57b71a717e27f709f97d0d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b9:19:1b:0a:c2:5c:9f:94:ed:39:75:fe:c3:
10:2a:01:fd:48:1d:4d:99:b3:85:b3:68:03:04:86:
b7:66:ab:70:2d:96:21:f5:20:c5:91:e8:63:aa:cb:
97:73:2f:50:88:b8:c8:01:cc:1a:48:8a:bf:3b:9d:
2e:3d:ea:07:0f:03:18:da:62:3b:af:75:0b:c0:03:
af:60:97:25:e4:0a:1c:e7:58:92:8f:96:82:76:85:
01:1d:57:d1:7f:e2:df:2c:58:77:eb:b6:01:03:36:
cc:71:25:e4:b9:61:5b:36:3a:7a:43:33:27:5f:b7:
f0:cf:93:75:2c:24:8b:e6:06:c9:cf:62:42:7d:f7:
57:49:5f:f6:74:ee:af:80:a0:79:77:22:6d:b8:c6:
0d:93:20:2f:94:fa:2a:11:4e:7c:cb:0c:ab:fa:84:
68:33:6d:81:d9:eb:ae:4f:30:b5:36:1f:85:77:00:
d1:46:d3:b5:36:f1:0b:f0:84:3b:ae:04:ab:49:ba:
11:17:12:1f:f2:73:9e:74:07:7c:d4:77:d9:03:7d:
89:cb:66:83:86:5e:55:ee:71:d2:da:54:4c:92:e8:
10:07:bb:f9:fc:d5:f0:be:8e:a6:79:37:8a:1f:3e:
9b:fb:83:d4:1a:b7:cc:c7:fd:51:83:93:0c:1a:15:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:01:FA:BB:DD:76:AC:AE:57:B7:1A:71:7E:27:F7:09:F9:7D:0D:9E
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/jgH6u912rK5Xtxpxfif3Cfl9DZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.240.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:25:80:5e:4e:61:40:96:b2:2d:72:07:5d:fa:e2:e3:20:f8:
4b:82:b7:b0:2a:20:72:6e:12:b1:5d:af:fa:75:4a:b1:98:4f:
1a:0b:31:eb:fd:5e:85:4a:79:1a:8f:c8:b7:26:7a:c8:16:2a:
3a:45:55:70:36:7c:38:19:fb:79:d2:c6:15:14:22:28:0e:5b:
87:90:79:af:a2:a6:54:ce:7a:5a:77:80:98:aa:cc:07:f0:37:
e1:fa:ea:79:8a:c0:e7:2e:85:8c:bd:c3:25:8e:ca:5b:6c:18:
a3:23:2d:6b:87:04:c6:87:e8:ce:cb:30:54:9d:d3:11:e3:82:
36:b0:9a:cf:43:dc:f3:3c:69:46:74:7a:96:be:a8:5b:f2:c6:
f9:ab:b4:b7:36:6a:42:b4:62:e8:dc:04:db:48:c0:eb:2d:0d:
86:e6:aa:d8:06:4b:f2:fa:7e:52:31:75:f8:34:1c:f6:cf:71:
c7:42:b9:d4:b9:8e:c2:06:b6:ff:25:a3:1d:7e:d4:9d:ed:f6:
10:e4:80:88:6d:a3:40:0f:ee:24:07:11:46:54:ef:22:13:53:
79:2b:e9:f7:8f:3a:d3:64:83:f3:78:8b:3c:3c:48:6c:86:42:
e0:21:5d:86:29:b4:1e:6c:07:f1:28:f9:82:ce:dc:96:39:05:
12:3f:39:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ13KK3E1etCLlk5YfKC77l3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjYwNDEwMTEzMDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTAxZmFiYmRkNzZhY2FlNTdiNzFhNzE3ZTI3ZjcwOWY5N2QwZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbkZGwrCXJ+U7Tl1/sMQKgH9SB1N
mbOFs2gDBIa3ZqtwLZYh9SDFkehjqsuXcy9QiLjIAcwaSIq/O50uPeoHDwMY2mI7
r3ULwAOvYJcl5Aoc51iSj5aCdoUBHVfRf+LfLFh367YBAzbMcSXkuWFbNjp6QzMn
X7fwz5N1LCSL5gbJz2JCffdXSV/2dO6vgKB5dyJtuMYNkyAvlPoqEU58ywyr+oRo
M22B2euuTzC1Nh+FdwDRRtO1NvEL8IQ7rgSrSboRFxIf8nOedAd81HfZA32Jy2aD
hl5V7nHS2lRMkugQB7v5/NXwvo6meTeKHz6b+4PUGrfMx/1Rg5MMGhXQ+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4B+rvddqyuV7cacX4n9wn5fQ2eMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvamdINnU5MTJySzVYdHhweGZpZjNDZmw5RFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApBLwMA0G
CSqGSIb3DQEBCwUAA4IBAQCqJYBeTmFAlrItcgdd+uLjIPhLgrewKiBybhKxXa/6
dUqxmE8aCzHr/V6FSnkaj8i3JnrIFio6RVVwNnw4Gft50sYVFCIoDluHkHmvoqZU
znpad4CYqswH8Dfh+up5isDnLoWMvcMljspbbBijIy1rhwTGh+jOyzBUndMR44I2
sJrPQ9zzPGlGdHqWvqhb8sb5q7S3NmpCtGLo3ATbSMDrLQ2G5qrYBkvy+n5SMXX4
NBz2z3HHQrnUuY7CBrb/JaMdftSd7fYQ5ICIbaNAD+4kBxFGVO8iE1N5K+n3jzrT
ZIPzeIs8PEhshkLgIV2GKbQebAfxKPmCztyWOQUSPzlX
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:17 2026 by rpki-client