Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kjrhLAzPDt3EL4pjx8odgv_z7II.roa
File: kjrhLAzPDt3EL4pjx8odgv_z7II.roa (raw, json)
Hash identifier: XQKmA/goV06Rjw1bYAO14ImlGg9ALsrEKK9d3pRiZVU=
Subject key identifier: 92:3A:E1:2C:0C:CF:0E:DD:C4:2F:8A:63:C7:CA:1D:82:FF:F3:EC:82
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019D7871DA0DBFB4FD375591E594577F2F8F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kjrhLAzPDt3EL4pjx8odgv_z7II.roa
Signing time: Fri 10 Apr 2026 17:30:20 +0000
ROA not before: Fri 10 Apr 2026 17:30:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/22 maxlen: 22
89.39.242.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
146.19.50.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
185.214.166.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
213.134.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:78:71:da:0d:bf:b4:fd:37:55:91:e5:94:57:7f:2f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 10 17:30:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=923ae12c0ccf0eddc42f8a63c7ca1d82fff3ec82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4d:15:cd:8c:52:c1:b1:c4:5e:79:9c:89:fb:
20:a6:99:08:d3:fd:e9:43:23:a3:b4:07:e3:38:cb:
ae:a5:cb:40:67:38:c4:15:c0:38:4a:a5:87:e8:97:
d2:1e:ac:63:0d:5d:a0:9f:90:16:65:01:5c:6f:b6:
ef:b1:52:b3:97:af:57:52:4f:7c:55:42:75:92:7d:
01:31:f4:e0:37:71:85:1c:6f:5d:32:58:44:e4:bc:
fc:40:59:44:be:85:52:6a:f5:48:4e:32:18:fa:48:
d0:02:e8:39:8e:97:09:62:51:14:f4:7f:39:5d:5b:
a9:07:ef:5f:0b:90:10:a3:02:d1:7a:a7:04:ef:c1:
4f:fa:83:84:2b:68:c6:42:0f:2a:c0:a6:82:f1:5e:
75:f5:29:29:40:1f:2d:15:7b:4a:9b:bd:7d:cd:a3:
50:69:88:b0:40:30:d8:32:5f:27:2b:e5:f1:de:ce:
f0:8f:d0:27:c1:09:63:a1:b0:5a:2b:f0:a2:5e:95:
49:0e:d5:c9:69:13:1a:2e:22:21:09:81:32:b1:87:
4e:7d:12:ca:58:66:b3:ff:7b:99:bd:48:d3:09:0f:
6e:c1:da:95:47:7e:42:c7:9d:d9:1f:2d:fa:c4:2c:
86:cd:52:8a:1d:9e:60:8b:9d:09:46:34:ba:f7:18:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3A:E1:2C:0C:CF:0E:DD:C4:2F:8A:63:C7:CA:1D:82:FF:F3:EC:82
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kjrhLAzPDt3EL4pjx8odgv_z7II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/22
89.39.242.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
94.231.198.0/24
146.19.50.0/24
178.175.176.0/22
185.180.145.0/24
185.212.11.0/24
185.214.166.0/24
194.50.206.0/23
195.138.103.0-195.138.107.255
195.138.112.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
213.134.25.0/24
Signature Algorithm: sha256WithRSAEncryption
97:30:22:90:c2:56:73:4f:2a:de:16:ee:64:21:04:73:d4:a9:
a1:3d:6c:52:be:b2:3d:45:ad:3b:8c:2d:2b:98:62:fe:63:ad:
08:35:76:42:70:67:6e:49:c9:36:3a:63:62:b5:76:3a:c6:d1:
02:db:a7:4e:4b:00:01:c0:0f:1b:20:a6:9f:2a:24:30:c3:7f:
01:f6:5a:49:be:8e:7d:45:ac:3d:a7:a3:97:41:5f:ea:4f:2e:
c1:52:25:ea:4b:dc:66:3c:04:a0:5f:75:6a:c9:82:42:ae:7a:
8c:29:33:c0:e0:5f:cd:88:db:f8:54:0b:a9:ab:c5:7c:96:33:
23:25:fa:15:70:47:60:ef:b1:b1:83:93:14:57:6f:54:4c:20:
1c:9e:44:af:bc:5a:7b:bf:f5:60:20:d7:4d:94:4e:f5:2c:d0:
ae:61:d6:7d:92:6c:2e:8b:40:70:40:0b:4f:fc:b8:e6:a4:97:
f6:68:1c:62:3e:83:d5:42:d6:11:15:41:33:c7:5e:cd:ff:b9:
28:8a:62:87:d5:ff:c8:ce:5a:4f:ec:a7:2c:3d:6a:33:e5:89:
e3:dc:48:02:ca:c6:b7:8a:e9:59:fc:78:1b:82:14:00:c7:e8:
9d:62:a1:a6:e7:d3:63:7b:d8:24:8e:64:9c:8c:7b:8d:15:d4:
b0:a5:05:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ14cdoNv7T9N1WR5ZRXfy+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNDEwMTczMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNhZTEyYzBjY2YwZWRkYzQyZjhhNjNjN2NhMWQ4MmZmZjNlYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU0VzYxSwbHEXnmcifsgppkI0/3p
QyOjtAfjOMuupctAZzjEFcA4SqWH6JfSHqxjDV2gn5AWZQFcb7bvsVKzl69XUk98
VUJ1kn0BMfTgN3GFHG9dMlhE5Lz8QFlEvoVSavVITjIY+kjQAug5jpcJYlEU9H85
XVupB+9fC5AQowLReqcE78FP+oOEK2jGQg8qwKaC8V519SkpQB8tFXtKm719zaNQ
aYiwQDDYMl8nK+Xx3s7wj9AnwQljobBaK/CiXpVJDtXJaRMaLiIhCYEysYdOfRLK
WGaz/3uZvUjTCQ9uwdqVR35Cx53ZHy36xCyGzVKKHZ5gi50JRjS69xh52wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFJI64SwMzw7dxC+KY8fKHYL/8+yCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEva2pyaExBelBEdDNFTDRwang4b2Rndl96N0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
tAQDBAIFthwDBAItVhADBABZJ/IDBAJb8kgDBAFb8l4DBABb8mcDBABe58YDBACS
EzIDBAKyr7ADBAC5tJEDBAC51AsDBAC51qYDBAHCMs4wDAMEAMOKZwMEAsOKaAME
AMOKcAMEAMOKeDAMAwQBw4p6AwQHw4oAAwQCw9icAwQA1YYZMA0GCSqGSIb3DQEB
CwUAA4IBAQCXMCKQwlZzTyreFu5kIQRz1KmhPWxSvrI9Ra07jC0rmGL+Y60INXZC
cGduSck2OmNitXY6xtEC26dOSwABwA8bIKafKiQww38B9lpJvo59Raw9p6OXQV/q
Ty7BUiXqS9xmPASgX3VqyYJCrnqMKTPA4F/NiNv4VAupq8V8ljMjJfoVcEdg77Gx
g5MUV29UTCAcnkSvvFp7v/VgINdNlE71LNCuYdZ9kmwui0BwQAtP/LjmpJf2aBxi
PoPVQtYRFUEzx17N/7koimKH1f/IzlpP7KcsPWoz5Ynj3EgCysa3iulZ/HgbghQA
x+idYqGm59Nje9gkjmScjHuNFdSwpQXp
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:18:25 2026 by rpki-client