Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/bj44VJDQrpOwawRUkessJ1R8jYY.roa
File: bj44VJDQrpOwawRUkessJ1R8jYY.roa (raw, json)
Hash identifier: z80ifPC0ZLzcF5tnL4jWIKImO3qEDSXM3xUBgVNcb54=
Subject key identifier: 6E:3E:38:54:90:D0:AE:93:B0:6B:04:54:91:EB:2C:27:54:7C:8D:86
Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Certificate serial: 019C7A757C23E6CFBCF3AC731167D9F4C6D7
Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/bj44VJDQrpOwawRUkessJ1R8jYY.roa
Signing time: Fri 20 Feb 2026 09:50:45 +0000
ROA not before: Fri 20 Feb 2026 09:50:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213887
IP address blocks: 85.137.254.0/23 maxlen: 24
2a14:a087:3::/48 maxlen: 48
2a14:a087:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:75:7c:23:e6:cf:bc:f3:ac:73:11:67:d9:f4:c6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Validity
Not Before: Feb 20 09:50:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e3e385490d0ae93b06b045491eb2c27547c8d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:18:d2:a0:ba:85:5a:7a:56:d0:fb:49:9c:94:
db:6a:2f:b4:aa:37:ba:c3:8a:f9:fc:8f:f9:43:e8:
2b:e9:74:a1:47:6b:30:b9:95:58:09:65:68:b0:52:
03:6e:47:84:45:ae:a2:89:01:0a:67:f5:40:f2:05:
5f:df:6a:02:ec:91:a2:d9:6e:eb:24:3a:f7:63:4c:
7a:9d:6c:46:2d:ba:6d:b3:a2:e3:74:e9:19:77:a5:
dd:f1:8a:b2:05:fa:b1:d4:7e:88:b3:cf:98:b6:d4:
af:11:1b:36:a9:5a:cd:9e:46:70:03:f1:b1:4a:9a:
5c:9f:87:38:9a:fb:d0:0f:53:03:8e:31:02:a6:86:
0a:f1:a9:f4:11:55:dc:1b:3f:79:da:56:80:a8:72:
7a:eb:23:3f:40:bf:6f:89:ab:cf:16:2d:11:7c:0e:
de:03:14:e2:55:a0:4f:e7:50:77:4c:67:d4:9b:b7:
b8:83:be:38:5b:dd:ae:95:5e:af:4b:6d:bf:ef:d4:
ef:85:c3:78:b9:99:05:4c:fb:dc:f1:1d:12:f1:13:
12:d1:de:65:a7:0b:f4:9d:c0:c8:d8:7d:99:05:ed:
ef:00:c3:ec:99:c7:78:73:94:4e:63:b4:d0:ec:5f:
b0:ac:38:21:2e:ad:11:15:64:0e:68:24:0c:2a:3e:
48:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3E:38:54:90:D0:AE:93:B0:6B:04:54:91:EB:2C:27:54:7C:8D:86
X509v3 Authority Key Identifier:
keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/bj44VJDQrpOwawRUkessJ1R8jYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.137.254.0/23
IPv6:
2a14:a087:3::-2a14:a087:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:8e:42:1b:7a:5a:2e:0f:22:6c:c7:a0:59:0b:19:20:20:45:
0c:e7:c2:6e:53:59:11:37:c9:9c:e2:da:3f:7a:25:91:90:ad:
ea:7e:e1:aa:1c:38:50:39:f8:2e:ec:30:60:79:f2:fb:97:01:
4c:3a:e7:1c:f0:a1:7c:5f:c7:19:5f:9f:5b:5a:77:6b:f4:fa:
52:a8:a7:b8:9f:a8:30:8a:a4:96:33:a5:b4:a0:ca:c8:ad:90:
07:cc:f5:4b:36:f8:55:db:b3:c5:cb:f7:13:38:ae:bc:24:fa:
3a:02:bd:3a:2d:bc:b5:6f:0f:6c:33:65:3d:f1:d8:cf:56:2e:
c4:10:7e:d3:e5:83:06:b1:87:1b:0e:86:2b:ec:6a:29:fa:e4:
db:11:cb:23:66:5c:bf:12:9a:4d:1a:9a:b6:a8:82:63:fe:26:
50:e7:05:48:22:cb:22:78:cb:d7:38:52:b0:c5:53:09:25:30:
eb:db:a1:4b:a8:d8:9d:7e:2f:19:74:43:ab:07:d4:e0:ba:99:
a7:cc:22:e3:9b:5f:c3:2f:7f:5f:7d:d9:4c:44:af:39:20:2e:
1a:80:39:9f:6b:9a:3f:54:18:5e:7e:6f:0f:14:5b:17:43:98:
15:68:e1:b6:dc:aa:c3:81:a5:75:fa:10:8f:e4:9d:5b:5b:44:
27:af:db:ca
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZx6dXwj5s+886xzEWfZ9MbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0
YTdjZGMwHhcNMjYwMjIwMDk1MDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNlMzg1NDkwZDBhZTkzYjA2YjA0NTQ5MWViMmMyNzU0N2M4ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hjSoLqFWnpW0PtJnJTbai+0qje6
w4r5/I/5Q+gr6XShR2swuZVYCWVosFIDbkeERa6iiQEKZ/VA8gVf32oC7JGi2W7r
JDr3Y0x6nWxGLbpts6LjdOkZd6Xd8YqyBfqx1H6Is8+YttSvERs2qVrNnkZwA/Gx
Sppcn4c4mvvQD1MDjjECpoYK8an0EVXcGz952laAqHJ66yM/QL9viavPFi0RfA7e
AxTiVaBP51B3TGfUm7e4g744W92ulV6vS22/79TvhcN4uZkFTPvc8R0S8RMS0d5l
pwv0ncDI2H2ZBe3vAMPsmcd4c5ROY7TQ7F+wrDghLq0RFWQOaCQMKj5IbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG4+OFSQ0K6TsGsEVJHrLCdUfI2GMB8GA1UdIwQY
MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt
MmUyOGI5NjQ5OGE5LzEvYmo0NFZKRFFycE93YXdSVWtlc3NKMVI4allZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5
LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBVYn+MBoE
AgACMBQwEgMHACoUoIcAAwMHACoUoIcABDANBgkqhkiG9w0BAQsFAAOCAQEABY5C
G3paLg8ibMegWQsZICBFDOfCblNZETfJnOLaP3olkZCt6n7hqhw4UDn4LuwwYHny
+5cBTDrnHPChfF/HGV+fW1p3a/T6UqinuJ+oMIqkljOltKDKyK2QB8z1Szb4Vduz
xcv3EziuvCT6OgK9Oi28tW8PbDNlPfHYz1YuxBB+0+WDBrGHGw6GK+xqKfrk2xHL
I2ZcvxKaTRqatqiCY/4mUOcFSCLLInjL1zhSsMVTCSUw69uhS6jYnX4vGXRDqwfU
4LqZp8wi45tfwy9/X33ZTESvOSAuGoA5n2uaP1QYXn5vDxRbF0OYFWjhttyqw4Gl
dfoQj+SdW1tEJ6/byg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:01:50 2026 by rpki-client