Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Jm2SNeqHZIz2ovLrQw9-PaeR5fw.roa
File: Jm2SNeqHZIz2ovLrQw9-PaeR5fw.roa (raw, json)
Hash identifier: 1b9MEAq3rxpcmlWoQbWnEniHetzdqv2h7VzBROMD4dA=
Subject key identifier: 26:6D:92:35:EA:87:64:8C:F6:A2:F2:EB:43:0F:7E:3D:A7:91:E5:FC
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 019D76919BE80CBDD35AB1E338D50CB47669
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Jm2SNeqHZIz2ovLrQw9-PaeR5fw.roa
Signing time: Fri 10 Apr 2026 08:45:47 +0000
ROA not before: Fri 10 Apr 2026 08:45:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29522
IP address blocks: 91.198.146.0/24 maxlen: 24
91.225.28.0/22 maxlen: 24
91.225.31.0/24 maxlen: 24
94.152.0.0/16 maxlen: 24
94.152.32.0/19 maxlen: 19
94.152.176.0/21 maxlen: 21
94.152.184.0/21 maxlen: 21
94.152.205.0/24 maxlen: 24
94.152.216.0/21 maxlen: 21
94.152.224.0/21 maxlen: 21
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
185.11.100.0/22 maxlen: 24
185.140.120.0/22 maxlen: 24
194.60.251.0/24 maxlen: 24
194.169.227.0/24 maxlen: 24
195.62.12.0/23 maxlen: 24
195.149.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:91:9b:e8:0c:bd:d3:5a:b1:e3:38:d5:0c:b4:76:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Apr 10 08:45:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=266d9235ea87648cf6a2f2eb430f7e3da791e5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:37:c4:78:96:db:7f:19:6a:ad:d6:ff:7b:62:
f6:5d:50:e4:ff:b7:9e:c3:0c:80:34:96:e4:af:7e:
76:9d:2f:97:04:f7:78:ab:34:e2:1f:e2:09:a0:e5:
4b:10:65:62:d2:17:80:87:9f:f2:61:c9:61:61:b3:
eb:37:60:08:44:c8:55:14:bc:12:18:b1:bc:ea:d1:
2c:9f:91:73:3a:b4:b1:46:40:9d:af:22:00:6d:43:
5b:4d:14:49:eb:4d:e8:31:3f:8c:37:56:2d:1a:ce:
52:92:1e:3e:11:06:cc:c0:6f:fe:93:a1:e8:d8:ad:
b3:04:a0:35:f8:e0:ec:8c:a4:30:a7:b7:b6:1a:0d:
aa:f5:74:70:83:35:11:0a:60:fa:42:dc:1f:cb:f5:
07:ce:b2:3c:22:50:b5:21:d6:f2:2a:64:04:f0:0a:
5b:f8:0b:16:61:36:c8:69:ee:93:be:98:e9:3c:96:
86:77:0f:9d:ae:ee:fc:04:a7:52:e2:f9:0e:0a:40:
66:48:4f:ac:10:91:09:0a:fc:bc:bf:48:5f:b0:3a:
df:4b:01:d6:0f:63:0b:90:0e:07:c8:e3:c9:1b:7a:
d2:ef:20:ea:c8:00:a0:a6:79:be:eb:4c:f1:d0:df:
d1:eb:22:02:59:21:c2:62:21:df:cd:a3:54:f1:e1:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6D:92:35:EA:87:64:8C:F6:A2:F2:EB:43:0F:7E:3D:A7:91:E5:FC
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Jm2SNeqHZIz2ovLrQw9-PaeR5fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.146.0/24
91.225.28.0/22
94.152.0.0/16
185.11.100.0/22
185.140.120.0/22
194.60.251.0/24
194.169.227.0/24
195.62.12.0/23
195.149.224.0/21
Signature Algorithm: sha256WithRSAEncryption
49:72:ba:48:b6:ba:27:5b:78:03:b4:a7:f9:c2:6b:1a:57:32:
51:b5:60:e3:38:69:8a:dd:59:a8:71:e5:d8:70:93:f3:50:1c:
b5:0e:f2:04:dd:d7:47:c3:47:b0:29:75:6a:d9:c0:ae:cf:67:
6f:2d:2a:14:8b:c2:b9:88:04:07:46:e9:2c:cf:8c:58:db:9f:
a6:ab:ab:41:1d:c1:2a:9a:d5:ca:4a:41:b6:52:6e:1a:b2:26:
1c:2e:be:e3:6b:67:99:30:76:33:06:59:05:1e:a7:b7:0f:7c:
7e:76:c0:25:d5:36:f7:2a:c0:93:23:32:25:c5:3c:74:95:c5:
8f:4d:d0:ca:5f:87:75:4c:f3:03:f4:4e:94:6a:77:d6:b0:a0:
f0:bf:84:ba:d3:ca:2e:7a:79:60:3a:2d:b2:6f:bf:76:3d:90:
61:13:b4:74:ab:6b:ad:c0:b4:2c:b5:6c:60:97:6f:62:0c:3a:
ab:a4:f8:ca:e2:68:4b:25:9b:6d:8c:77:ae:54:75:32:d4:87:
ec:e5:50:2c:c6:35:41:87:ed:f0:39:8b:08:6e:c2:cb:a6:6f:
89:8d:d2:8d:e2:da:9d:15:d3:d9:52:ff:a5:a6:36:11:3b:57:
65:af:ef:ae:a6:9e:16:c0:dd:19:97:ee:f8:e3:80:3d:b6:07:
69:ef:d4:7f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ12kZvoDL3TWrHjONUMtHZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjYwNDEwMDg0NTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjZkOTIzNWVhODc2NDhjZjZhMmYyZWI0MzBmN2UzZGE3OTFlNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTfEeJbbfxlqrdb/e2L2XVDk/7ee
wwyANJbkr352nS+XBPd4qzTiH+IJoOVLEGVi0heAh5/yYclhYbPrN2AIRMhVFLwS
GLG86tEsn5FzOrSxRkCdryIAbUNbTRRJ603oMT+MN1YtGs5Skh4+EQbMwG/+k6Ho
2K2zBKA1+ODsjKQwp7e2Gg2q9XRwgzURCmD6Qtwfy/UHzrI8IlC1IdbyKmQE8Apb
+AsWYTbIae6TvpjpPJaGdw+dru78BKdS4vkOCkBmSE+sEJEJCvy8v0hfsDrfSwHW
D2MLkA4HyOPJG3rS7yDqyACgpnm+60zx0N/R6yICWSHCYiHfzaNU8eFgwQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCZtkjXqh2SM9qLy60MPfj2nkeX8MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvSm0yU05lcUhaSXoyb3ZMclF3OS1QYWVSNWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQAW8aSAwQC
W+EcAwMAXpgDBAK5C2QDBAK5jHgDBADCPPsDBADCqeMDBAHDPgwDBAPDleAwDQYJ
KoZIhvcNAQELBQADggEBAElyuki2uidbeAO0p/nCaxpXMlG1YOM4aYrdWahx5dhw
k/NQHLUO8gTd10fDR7ApdWrZwK7PZ28tKhSLwrmIBAdG6SzPjFjbn6arq0EdwSqa
1cpKQbZSbhqyJhwuvuNrZ5kwdjMGWQUep7cPfH52wCXVNvcqwJMjMiXFPHSVxY9N
0Mpfh3VM8wP0TpRqd9awoPC/hLrTyi56eWA6LbJvv3Y9kGETtHSra63AtCy1bGCX
b2IMOquk+MriaEslm22Md65UdTLUh+zlUCzGNUGH7fA5iwhuwsumb4mN0o3i2p0V
09lS/6WmNhE7V2Wv766mnhbA3RmX7vjjgD22B2nv1H8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:25:54 2026 by rpki-client