Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/JVHz_wFOaKlGa58bai3EZCkfl4o.roa
File: JVHz_wFOaKlGa58bai3EZCkfl4o.roa (raw, json)
Hash identifier: Y2zjYlZsQWvQMF2i9AMdA74KrKWztyg082FTOrRHXB8=
Subject key identifier: 25:51:F3:FF:01:4E:68:A9:46:6B:9F:1B:6A:2D:C4:64:29:1F:97:8A
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019C44EC74633AF69DAA8537D6AFD87D1D98
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/JVHz_wFOaKlGa58bai3EZCkfl4o.roa
Signing time: Tue 10 Feb 2026 00:21:12 +0000
ROA not before: Tue 10 Feb 2026 00:21:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 91.147.116.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:44:ec:74:63:3a:f6:9d:aa:85:37:d6:af:d8:7d:1d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Feb 10 00:21:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2551f3ff014e68a9466b9f1b6a2dc464291f978a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:74:97:05:d2:80:9a:e3:d7:9c:80:f5:f7:f9:
67:04:16:bd:86:53:d4:7e:8a:a8:5a:05:f5:8c:37:
39:cf:26:80:b8:46:47:6a:31:8f:5f:02:a9:62:e0:
9c:c1:6e:1f:b4:f4:09:43:02:cb:4e:14:32:9c:17:
9f:bd:c7:76:55:ce:22:15:4f:fa:58:21:33:08:99:
9c:69:43:b8:ec:dc:cc:72:09:d5:2d:1a:e1:87:e1:
e5:43:82:dc:a1:43:e4:37:50:0e:90:60:60:dd:7e:
0e:ce:2d:87:83:fd:f0:05:0a:fb:f5:10:d1:8f:54:
6f:d7:1e:c3:ad:73:0f:3a:b8:de:53:7f:93:05:d1:
93:5b:af:93:5d:2c:29:6d:1e:29:a0:8d:f1:4d:55:
29:25:b3:35:bd:cb:28:cd:cc:d6:28:8f:a3:72:cf:
4f:de:0c:70:d0:22:17:b3:51:1d:07:0d:5d:7d:5a:
1e:c2:e0:d8:38:98:94:4b:39:1e:6c:42:85:f9:65:
d3:5a:fa:6d:32:97:ec:a5:a1:51:a4:3d:3c:d2:8d:
fd:dc:4b:35:e5:77:72:e5:3f:a8:cf:18:9b:ad:aa:
71:cd:be:44:7d:96:f7:d2:68:d3:16:c0:fe:f7:2f:
61:71:4a:14:b9:d5:10:28:77:84:52:e3:8d:30:73:
83:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:51:F3:FF:01:4E:68:A9:46:6B:9F:1B:6A:2D:C4:64:29:1F:97:8A
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/JVHz_wFOaKlGa58bai3EZCkfl4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0-91.147.118.255
91.147.122.0/24
91.147.124.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:7e:f6:71:56:16:10:53:ca:11:c2:47:7c:68:43:77:a3:ab:
c8:64:4c:e0:92:77:22:3a:b1:74:d3:62:50:f7:5f:a3:63:7c:
5c:7d:ed:d6:a6:68:39:b3:79:16:2a:35:4b:46:b0:46:a1:69:
1c:ce:e5:74:06:b1:57:2c:95:95:75:89:2b:84:cf:03:f5:dd:
26:a2:76:cc:d5:35:da:f9:e3:73:ac:47:70:a3:03:8c:82:a5:
08:83:f2:d3:e4:99:2d:cb:2d:c9:2b:0b:5a:14:83:ba:a3:bb:
d5:bf:4b:04:06:f7:22:c8:5d:d7:41:ba:21:b2:27:bb:d5:70:
c9:c8:fe:4f:95:de:ff:11:64:19:b0:e0:60:24:f3:7c:a8:7f:
a9:06:90:39:f5:60:0c:a2:c9:a0:ae:14:0e:7e:47:a3:68:a2:
58:63:92:07:27:9f:ba:3d:72:60:d3:3c:24:dc:b5:48:33:3c:
a3:96:46:d8:eb:2d:2a:e9:eb:70:89:d9:4b:1f:bc:dc:2b:4d:
49:cd:3d:bd:55:61:26:4c:77:cf:59:69:d2:63:20:ea:af:58:
53:b1:55:97:24:12:d2:cd:43:4d:06:e4:4c:8c:90:98:26:a1:
b0:5c:e4:70:ab:93:c3:0d:6f:37:1c:97:43:f9:e3:5d:ba:5f:
73:39:32:58
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZxE7HRjOvadqoU31q/YfR2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjYwMjEwMDAyMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTUxZjNmZjAxNGU2OGE5NDY2YjlmMWI2YTJkYzQ2NDI5MWY5NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93SXBdKAmuPXnID19/lnBBa9hlPU
foqoWgX1jDc5zyaAuEZHajGPXwKpYuCcwW4ftPQJQwLLThQynBefvcd2Vc4iFU/6
WCEzCJmcaUO47NzMcgnVLRrhh+HlQ4LcoUPkN1AOkGBg3X4Ozi2Hg/3wBQr79RDR
j1Rv1x7DrXMPOrjeU3+TBdGTW6+TXSwpbR4poI3xTVUpJbM1vcsozczWKI+jcs9P
3gxw0CIXs1EdBw1dfVoewuDYOJiUSzkebEKF+WXTWvptMpfspaFRpD080o393Es1
5Xdy5T+ozxibrapxzb5EfZb30mjTFsD+9y9hcUoUudUQKHeEUuONMHODDwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCVR8/8BTmipRmufG2otxGQpH5eKMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvSlZIel93Rk9hS2xHYTU4YmFpM0VaQ2tmbDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJbk3QD
BABbk3YDBABbk3oDBAFbk3wwDQYJKoZIhvcNAQELBQADggEBADx+9nFWFhBTyhHC
R3xoQ3ejq8hkTOCSdyI6sXTTYlD3X6NjfFx97damaDmzeRYqNUtGsEahaRzO5XQG
sVcslZV1iSuEzwP13SaidszVNdr543OsR3CjA4yCpQiD8tPkmS3LLckrC1oUg7qj
u9W/SwQG9yLIXddBuiGyJ7vVcMnI/k+V3v8RZBmw4GAk83yof6kGkDn1YAyiyaCu
FA5+R6Noolhjkgcnn7o9cmDTPCTctUgzPKOWRtjrLSrp63CJ2UsfvNwrTUnNPb1V
YSZMd89ZadJjIOqvWFOxVZckEtLNQ00G5EyMkJgmobBc5HCrk8MNbzccl0P54126
X3M5Mlg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:59:49 2026 by rpki-client