Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TgqiQtc9R0hZ21m_cZUw6vLl0YM.roa
File: TgqiQtc9R0hZ21m_cZUw6vLl0YM.roa (raw, json)
Hash identifier: riQmOjrkAvN2GV2qvjzj/ZLKq6dAfU4fiiyLZBIX1m4=
Subject key identifier: 4E:0A:A2:42:D7:3D:47:48:59:DB:59:BF:71:95:30:EA:F2:E5:D1:83
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019C92C4F50C8F9491065BCBF9174AB78167
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TgqiQtc9R0hZ21m_cZUw6vLl0YM.roa
Signing time: Wed 25 Feb 2026 03:08:27 +0000
ROA not before: Wed 25 Feb 2026 03:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 194.231.132.0/22 maxlen: 22
194.231.134.0/24 maxlen: 24
194.231.136.0/22 maxlen: 22
194.231.136.0/24 maxlen: 24
194.231.139.0/24 maxlen: 24
194.231.150.0/24 maxlen: 24
194.231.151.0/24 maxlen: 24
194.231.152.0/22 maxlen: 22
194.231.153.0/24 maxlen: 24
194.231.154.0/24 maxlen: 24
194.231.157.0/24 maxlen: 24
194.231.158.0/24 maxlen: 24
194.231.195.0/24 maxlen: 24
194.231.196.0/22 maxlen: 22
194.231.196.0/24 maxlen: 24
194.231.198.0/24 maxlen: 24
194.231.200.0/22 maxlen: 22
194.231.201.0/24 maxlen: 24
194.231.202.0/23 maxlen: 24
194.231.204.0/22 maxlen: 22
194.231.204.0/23 maxlen: 24
194.231.206.0/23 maxlen: 24
194.231.208.0/23 maxlen: 24
194.231.210.0/23 maxlen: 24
194.231.212.0/22 maxlen: 22
194.231.212.0/24 maxlen: 24
194.231.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:92:c4:f5:0c:8f:94:91:06:5b:cb:f9:17:4a:b7:81:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 25 03:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e0aa242d73d474859db59bf719530eaf2e5d183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9d:dd:7d:55:8f:8a:19:16:15:a3:7c:68:ea:
9a:df:9c:85:39:5b:0b:59:90:1b:d9:33:5a:ee:57:
9d:92:98:11:4a:17:79:0f:0e:7d:30:cc:12:a2:6b:
c6:f0:d3:82:67:d2:2d:6a:63:23:2a:56:a4:30:07:
37:bf:2c:01:59:f8:19:05:f8:16:10:5d:6a:54:50:
4f:0e:c7:f2:81:0a:5b:0f:ef:6c:00:d8:27:a8:92:
1b:79:c8:9c:20:20:a2:68:74:88:67:2f:f4:92:b4:
59:cb:74:af:44:41:14:04:c6:aa:8e:d4:79:2d:c9:
08:9f:3d:47:84:46:01:a2:44:cf:ff:47:73:78:16:
03:ff:cc:03:9f:51:bd:87:53:3f:17:58:54:69:82:
e0:70:39:7c:7d:92:bf:94:7e:f4:64:39:9a:94:da:
dd:53:ac:32:19:2a:d8:e3:4d:d1:a7:cc:be:81:f9:
ac:9c:a3:53:16:59:8b:d8:fb:7c:77:76:8d:1b:03:
f9:e4:12:ef:4d:27:dd:af:68:b9:58:7f:5f:77:ca:
81:40:25:fc:aa:88:dc:f2:e2:8d:85:e0:77:22:bf:
58:df:9b:69:b5:38:b6:14:32:30:1c:9d:8d:d7:67:
ee:29:aa:35:a0:5b:2d:19:40:ea:13:8e:b4:5b:3e:
44:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0A:A2:42:D7:3D:47:48:59:DB:59:BF:71:95:30:EA:F2:E5:D1:83
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TgqiQtc9R0hZ21m_cZUw6vLl0YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.132.0-194.231.139.255
194.231.150.0-194.231.155.255
194.231.157.0-194.231.158.255
194.231.195.0-194.231.215.255
194.231.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:be:4d:28:72:78:a7:ab:48:d3:92:4e:39:a8:ad:e1:a6:c1:
e5:62:02:41:96:99:f8:53:7c:1c:3f:14:72:a5:80:c1:7c:ef:
67:52:f1:8f:5d:da:0b:b5:5e:28:62:65:46:fe:e5:63:4c:bb:
f5:30:d0:12:a5:bc:ad:6f:f3:da:97:38:a2:98:f3:e0:bc:42:
62:e4:4f:17:a1:0e:b7:da:2e:8a:ff:06:95:7b:d0:f1:32:86:
ab:cf:c2:9c:cd:fa:8c:c6:3c:c9:fc:64:fd:bf:51:95:e5:c4:
62:d9:16:86:7b:90:b4:f1:42:d6:e6:d7:ac:cd:de:d1:68:3c:
cb:ae:22:fb:37:37:f0:1a:57:84:61:ad:2a:4b:ea:bf:64:29:
8d:83:f2:c0:90:1c:db:d7:b0:5d:06:08:6c:ab:0c:5e:c4:e8:
d1:f4:0b:f2:23:f4:14:2a:ab:5f:44:40:4a:47:3f:71:ea:18:
91:27:03:a7:91:cd:e7:9d:97:8c:79:c9:8d:d9:37:18:39:28:
ab:72:2c:2f:f8:9c:d9:fa:56:25:0b:b1:18:ae:11:e5:46:f3:
49:2b:aa:ff:83:be:c3:f4:e2:7e:2a:de:8e:c3:68:c5:c3:f5:
a2:03:60:06:b6:6a:2f:9f:ec:89:21:94:cb:81:e1:e7:da:10:
84:f4:9e:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZySxPUMj5SRBlvL+RdKt4FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwMjI1MDMwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBhYTI0MmQ3M2Q0NzQ4NTlkYjU5YmY3MTk1MzBlYWYyZTVkMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt53dfVWPihkWFaN8aOqa35yFOVsL
WZAb2TNa7ledkpgRShd5Dw59MMwSomvG8NOCZ9ItamMjKlakMAc3vywBWfgZBfgW
EF1qVFBPDsfygQpbD+9sANgnqJIbecicICCiaHSIZy/0krRZy3SvREEUBMaqjtR5
LckInz1HhEYBokTP/0dzeBYD/8wDn1G9h1M/F1hUaYLgcDl8fZK/lH70ZDmalNrd
U6wyGSrY403Rp8y+gfmsnKNTFlmL2Pt8d3aNGwP55BLvTSfdr2i5WH9fd8qBQCX8
qojc8uKNheB3Ir9Y35tptTi2FDIwHJ2N12fuKao1oFstGUDqE460Wz5EeQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFE4KokLXPUdIWdtZv3GVMOry5dGDMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvVGdxaVF0YzlSMGhaMjFtX2NaVXc2dkxsMFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBALC54QD
BALC54gwDAMEAcLnlgMEAsLnmDAMAwQAwuedAwQAwueeMAwDBADC58MDBAPC59AD
BALC59wwDQYJKoZIhvcNAQELBQADggEBAKO+TShyeKerSNOSTjmoreGmweViAkGW
mfhTfBw/FHKlgMF872dS8Y9d2gu1XihiZUb+5WNMu/Uw0BKlvK1v89qXOKKY8+C8
QmLkTxehDrfaLor/BpV70PEyhqvPwpzN+ozGPMn8ZP2/UZXlxGLZFoZ7kLTxQtbm
16zN3tFoPMuuIvs3N/AaV4RhrSpL6r9kKY2D8sCQHNvXsF0GCGyrDF7E6NH0C/Ij
9BQqq19EQEpHP3HqGJEnA6eRzeedl4x5yY3ZNxg5KKtyLC/4nNn6ViULsRiuEeVG
80krqv+DvsP04n4q3o7DaMXD9aIDYAa2ai+f7IkhlMuB4efaEIT0nkw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:34 2026 by rpki-client