Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/0Jg7s7B0eDOPqjSebZ4xs29JMA4.roa
File: 0Jg7s7B0eDOPqjSebZ4xs29JMA4.roa (raw, json)
Hash identifier: XJ/7frWB/oqCLp6nsdiA6o9FourwsPzfzhxnxLyO4xE=
Subject key identifier: D0:98:3B:B3:B0:74:78:33:8F:AA:34:9E:6D:9E:31:B3:6F:49:30:0E
Certificate issuer: /CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Certificate serial: 019D58F1F720E52C3484A5321581C92DEE9C
Authority key identifier: 41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/0Jg7s7B0eDOPqjSebZ4xs29JMA4.roa
Signing time: Sat 04 Apr 2026 14:42:25 +0000
ROA not before: Sat 04 Apr 2026 14:42:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209659
IP address blocks: 94.142.251.0/24 maxlen: 24
2a12:5bc0::/32 maxlen: 48
2a12:5bc1::/48 maxlen: 48
2a12:5bc2::/48 maxlen: 48
2a12:5bc3::/48 maxlen: 48
2a12:5bc5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:58:f1:f7:20:e5:2c:34:84:a5:32:15:81:c9:2d:ee:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Validity
Not Before: Apr 4 14:42:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0983bb3b07478338faa349e6d9e31b36f49300e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:03:c6:1a:da:b9:7f:b6:db:b1:e7:78:bf:
0a:48:5d:6e:0a:a3:aa:9b:93:5b:05:14:af:35:5c:
ea:90:30:23:52:7c:e6:22:96:3f:0c:9f:71:39:a2:
f5:59:d9:90:6c:7e:5b:cc:fa:31:94:d3:dc:23:a5:
bf:80:a8:69:04:f1:5d:0c:ab:a8:49:68:c6:f9:13:
8c:89:49:e9:95:43:df:f6:9b:4c:27:0e:19:9b:af:
cb:f7:57:cb:fb:1e:ac:97:7b:58:d8:9e:45:53:a0:
75:ee:c0:39:58:4b:0d:31:3b:a0:84:8f:b0:d0:3d:
b4:ee:4f:78:90:3c:cd:5e:5b:f1:4a:ca:d4:e6:27:
a6:d4:f8:3f:17:06:a6:dd:28:14:02:01:60:49:45:
0f:2f:48:d9:c1:b6:d8:f0:72:53:4b:68:00:d1:78:
97:4f:db:a5:fc:e8:4d:fe:fb:84:79:17:dc:19:06:
eb:21:b0:86:50:80:30:66:90:53:b0:b5:f6:8e:92:
48:0a:13:52:14:c8:43:86:a2:e9:a2:12:27:18:c4:
eb:18:71:e2:df:a3:9e:84:46:5c:28:34:81:1e:56:
a2:a3:f0:d5:05:50:21:ef:15:34:10:51:9b:38:4e:
f5:79:1c:18:5c:da:15:92:8d:33:cc:80:2d:7d:34:
8e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:3B:B3:B0:74:78:33:8F:AA:34:9E:6D:9E:31:B3:6F:49:30:0E
X509v3 Authority Key Identifier:
keyid:41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/0Jg7s7B0eDOPqjSebZ4xs29JMA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.251.0/24
IPv6:
2a12:5bc0::-2a12:5bc1:0:ffff:ffff:ffff:ffff:ffff
2a12:5bc2::/48
2a12:5bc3::/48
2a12:5bc5::/32
Signature Algorithm: sha256WithRSAEncryption
0f:14:bb:7d:3e:00:e7:72:d8:68:88:41:3d:9a:f7:3a:47:1f:
33:ee:d6:71:50:a1:ec:d0:11:61:80:b8:f2:2d:63:b8:89:22:
6d:00:fa:14:d4:ee:2e:8b:76:2c:a3:8f:f4:d7:b6:77:75:3a:
dd:47:82:c5:3c:22:83:09:d0:e4:6c:c1:a5:35:09:68:be:82:
de:21:9f:bf:fd:d5:7f:78:17:7f:2f:c2:20:e1:78:97:b4:be:
22:60:8d:5a:fa:cd:2e:de:61:0e:ee:6c:66:39:d6:32:23:95:
12:7b:ff:7f:08:c1:6f:de:d7:a8:4c:9e:60:f8:d0:ab:54:2a:
63:b9:04:fe:43:fa:89:7d:9c:5e:f1:2d:09:25:56:43:b0:db:
b9:13:a2:fd:65:08:0b:7a:84:a0:ca:c5:c0:9c:cd:a6:1d:78:
fa:1d:a0:72:86:cc:8a:ea:3e:19:d8:0b:02:9c:04:ce:22:94:
66:37:03:46:7d:26:34:0b:c4:ab:e7:a8:9c:f4:ca:56:ff:58:
de:3a:aa:e2:60:01:95:58:42:c6:35:4c:61:19:03:7d:22:7e:
9f:12:50:81:72:59:03:b5:0f:04:71:59:52:a3:31:42:87:f5:
44:a4:0c:44:46:9c:64:da:ea:f2:68:8a:2e:6b:24:84:6d:4b:
90:96:52:e1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ1Y8fcg5Sw0hKUyFYHJLe6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMTZmMGU5YWZmMzlhOGIxOTZjNDgzZTA4NWRlNzlmMjQ2
ZDlmZGQwHhcNMjYwNDA0MTQ0MjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk4M2JiM2IwNzQ3ODMzOGZhYTM0OWU2ZDllMzFiMzZmNDkzMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQDxhrauX+227HneL8KSF1uCqOq
m5NbBRSvNVzqkDAjUnzmIpY/DJ9xOaL1WdmQbH5bzPoxlNPcI6W/gKhpBPFdDKuo
SWjG+ROMiUnplUPf9ptMJw4Zm6/L91fL+x6sl3tY2J5FU6B17sA5WEsNMTughI+w
0D207k94kDzNXlvxSsrU5iem1Pg/Fwam3SgUAgFgSUUPL0jZwbbY8HJTS2gA0XiX
T9ul/OhN/vuEeRfcGQbrIbCGUIAwZpBTsLX2jpJIChNSFMhDhqLpohInGMTrGHHi
36OehEZcKDSBHlaio/DVBVAh7xU0EFGbOE71eRwYXNoVko0zzIAtfTSONwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNCYO7OwdHgzj6o0nm2eMbNvSTAOMB8GA1UdIwQY
MBaAFEEW8Omv85qLGWxIPghd558kbZ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAt
MjQwZDFmZmQwOWI4LzEvMEpnN3M3QjBlRE9QcWpTZWJaNHhzMjlKTUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAtMjQwZDFmZmQwOWI4
LzEvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQAXo77MDEE
AgACMCswEAMFBioSW8ADBwAqElvBAAADBwAqElvCAAADBwAqElvDAAADBQAqElvF
MA0GCSqGSIb3DQEBCwUAA4IBAQAPFLt9PgDncthoiEE9mvc6Rx8z7tZxUKHs0BFh
gLjyLWO4iSJtAPoU1O4ui3Yso4/017Z3dTrdR4LFPCKDCdDkbMGlNQlovoLeIZ+/
/dV/eBd/L8Ig4XiXtL4iYI1a+s0u3mEO7mxmOdYyI5USe/9/CMFv3teoTJ5g+NCr
VCpjuQT+Q/qJfZxe8S0JJVZDsNu5E6L9ZQgLeoSgysXAnM2mHXj6HaByhsyK6j4Z
2AsCnATOIpRmNwNGfSY0C8Sr56ic9MpW/1jeOqriYAGVWELGNUxhGQN9In6fElCB
clkDtQ8EcVlSozFCh/VEpAxERpxk2uryaIouaySEbUuQllLh
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:02:34 2026 by rpki-client