Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/rj-0V1J38VZQrRPfHd8xSzQLmRI.roa
File: rj-0V1J38VZQrRPfHd8xSzQLmRI.roa (raw, json)
Hash identifier: hduanHT2uT8V/UIO7xHWzu4Y55+PQEhZP0n2Pd1XDes=
Subject key identifier: AE:3F:B4:57:52:77:F1:56:50:AD:13:DF:1D:DF:31:4B:34:0B:99:12
Certificate issuer: /CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Certificate serial: 019C23C049BFC4C7339A7025F080467F30AF
Authority key identifier: C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/rj-0V1J38VZQrRPfHd8xSzQLmRI.roa
Signing time: Tue 03 Feb 2026 13:45:30 +0000
ROA not before: Tue 03 Feb 2026 13:45:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42201
IP address blocks: 45.130.84.0/22 maxlen: 24
45.148.4.0/22 maxlen: 24
91.240.64.0/22 maxlen: 24
193.104.211.0/24 maxlen: 24
193.104.222.0/24 maxlen: 24
2a10:a000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:23:c0:49:bf:c4:c7:33:9a:70:25:f0:80:46:7f:30:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Validity
Not Before: Feb 3 13:45:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae3fb4575277f15650ad13df1ddf314b340b9912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:51:3a:a9:97:4b:b6:29:33:38:f1:67:f6:
36:ad:98:ca:9c:d1:f1:7d:e0:44:f0:7e:a4:42:ed:
f1:36:26:7a:35:1e:ac:de:36:21:06:9b:af:fe:3a:
5c:20:a7:79:e0:76:d4:28:fb:5c:83:d9:37:dc:2c:
70:37:eb:cf:c1:af:f7:f7:d3:64:16:fc:a4:b8:0b:
7d:f0:0c:8e:2d:39:37:87:a1:f1:e5:03:50:ee:b3:
01:7c:10:05:b4:1f:c8:cb:83:74:c5:20:b1:c6:de:
78:2d:3d:36:b9:b5:f3:ab:70:2d:06:d5:88:a1:52:
24:e5:04:5a:2d:39:a3:a9:4c:a8:ff:33:9d:9f:c4:
6b:c5:af:0e:ed:31:84:11:bc:e5:d5:51:ef:86:ae:
39:ff:37:0a:75:e4:14:6c:a3:1d:45:d0:9f:49:0b:
c8:ed:91:56:5d:45:ad:ca:d2:51:86:eb:45:50:1c:
40:bc:0c:61:a4:58:81:2b:6f:a0:b7:99:6f:e4:a0:
b6:6a:91:48:db:b7:cb:de:df:de:a3:3c:5f:7a:c1:
af:49:60:c8:af:f0:69:7f:33:e3:5d:66:e3:35:ab:
e9:fb:fc:1d:60:5f:5f:2d:22:65:3f:ff:f3:66:be:
69:34:75:ce:a1:1a:07:95:a0:75:6e:cc:10:d1:87:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3F:B4:57:52:77:F1:56:50:AD:13:DF:1D:DF:31:4B:34:0B:99:12
X509v3 Authority Key Identifier:
keyid:C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/rj-0V1J38VZQrRPfHd8xSzQLmRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.84.0/22
45.148.4.0/22
91.240.64.0/22
193.104.211.0/24
193.104.222.0/24
IPv6:
2a10:a000::/44
Signature Algorithm: sha256WithRSAEncryption
10:31:75:dd:84:77:91:9a:dd:f2:38:d5:38:1f:60:18:34:16:
5b:0e:e3:7a:84:ee:ab:a1:60:55:88:e6:59:67:6a:1a:c1:e6:
e9:83:f2:f4:a4:05:a3:9c:c3:94:df:1a:35:e1:b8:d3:a2:30:
34:a7:b8:f9:cd:aa:e6:6f:e6:c6:49:97:a8:09:54:a7:82:ea:
54:09:3a:09:de:09:41:ab:63:fc:ff:92:05:5a:b6:21:82:e6:
87:c3:e1:7e:60:df:0c:31:7f:ca:af:c7:3a:34:ca:bf:28:05:
8d:1d:e5:1f:69:c0:9f:fa:c4:66:d7:99:78:70:13:8b:91:f9:
71:6a:98:ef:0c:34:45:86:f9:c6:ed:8c:41:8a:ca:f8:1a:a7:
0d:c8:2b:89:2d:63:b2:13:68:76:bf:e0:f3:dd:a7:7e:5f:e9:
c7:d6:0f:85:31:0b:96:3f:51:8f:a4:11:4b:99:81:d5:a1:3d:
b8:5c:31:9e:eb:1d:83:72:80:b0:2d:eb:68:05:1d:e8:7c:ef:
5d:b8:42:f6:2e:57:d2:0b:af:5a:43:41:db:cd:4e:87:56:a0:
f8:70:a6:5a:4f:cc:ff:bc:a1:5e:6d:51:e7:76:15:12:90:b5:
a8:19:73:85:5b:1b:7b:f3:eb:97:69:cf:be:4e:7b:fe:b6:8d:
30:32:e6:c3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZwjwEm/xMczmnAl8IBGfzCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmJlODQyMjQzMjcyN2QzODc0YjE1NjRiYWVhYzhhODA1
NTdiMmQwHhcNMjYwMjAzMTM0NTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTNmYjQ1NzUyNzdmMTU2NTBhZDEzZGYxZGRmMzE0YjM0MGI5OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOhROqmXS7YpMzjxZ/Y2rZjKnNHx
feBE8H6kQu3xNiZ6NR6s3jYhBpuv/jpcIKd54HbUKPtcg9k33CxwN+vPwa/399Nk
FvykuAt98AyOLTk3h6Hx5QNQ7rMBfBAFtB/Iy4N0xSCxxt54LT02ubXzq3AtBtWI
oVIk5QRaLTmjqUyo/zOdn8Rrxa8O7TGEEbzl1VHvhq45/zcKdeQUbKMdRdCfSQvI
7ZFWXUWtytJRhutFUBxAvAxhpFiBK2+gt5lv5KC2apFI27fL3t/eozxfesGvSWDI
r/BpfzPjXWbjNavp+/wdYF9fLSJlP//zZr5pNHXOoRoHlaB1bswQ0YeYqQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFK4/tFdSd/FWUK0T3x3fMUs0C5kSMB8GA1UdIwQY
MBaAFMT76EIkMnJ9OHSxVkuurIqAVXstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFB2b1FpUXljbjA0ZExGV1M2NnNpb0JWZXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iZjJkOGMtZTM4Yi00NjNhLWIyNmIt
ZWNmMjIxN2Y5ODY3LzEvcmotMFYxSjM4VlpRclJQZkhkOHhTelFMbVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iZjJkOGMtZTM4Yi00NjNhLWIyNmItZWNmMjIxN2Y5ODY3
LzEveFB2b1FpUXljbjA0ZExGV1M2NnNpb0JWZXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCLYJUAwQC
LZQEAwQCW/BAAwQAwWjTAwQAwWjeMA8EAgACMAkDBwQqEKAAAAAwDQYJKoZIhvcN
AQELBQADggEBABAxdd2Ed5Ga3fI41TgfYBg0FlsO43qE7quhYFWI5llnahrB5umD
8vSkBaOcw5TfGjXhuNOiMDSnuPnNquZv5sZJl6gJVKeC6lQJOgneCUGrY/z/kgVa
tiGC5ofD4X5g3wwxf8qvxzo0yr8oBY0d5R9pwJ/6xGbXmXhwE4uR+XFqmO8MNEWG
+cbtjEGKyvgapw3IK4ktY7ITaHa/4PPdp35f6cfWD4UxC5Y/UY+kEUuZgdWhPbhc
MZ7rHYNygLAt62gFHeh87124QvYuV9ILr1pDQdvNTodWoPhwplpPzP+8oV5tUed2
FRKQtagZc4VbG3vz65dpz75Oe/62jTAy5sM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:35:42 2026 by rpki-client