Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/J-CQBo3ChzIUc8Y7MQrpimPYAp8.roa
File: J-CQBo3ChzIUc8Y7MQrpimPYAp8.roa (raw, json)
Hash identifier: R27AQe7TWoms4Nu6wKQKgLGsrOu3tRNqPEQ8Y7m/YjE=
Subject key identifier: 27:E0:90:06:8D:C2:87:32:14:73:C6:3B:31:0A:E9:8A:63:D8:02:9F
Certificate issuer: /CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Certificate serial: 019D701641E154C8FB5291244BF45DBC49D3
Authority key identifier: 64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/J-CQBo3ChzIUc8Y7MQrpimPYAp8.roa
Signing time: Thu 09 Apr 2026 02:33:20 +0000
ROA not before: Thu 09 Apr 2026 02:33:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135391
IP address blocks: 45.82.241.0/24 maxlen: 24
45.82.242.0/24 maxlen: 24
185.232.56.0/24 maxlen: 24
185.232.57.0/24 maxlen: 24
185.232.58.0/24 maxlen: 24
185.232.59.0/24 maxlen: 24
2a0d:5300::/40 maxlen: 40
2a0d:5300:100::/40 maxlen: 40
2a0d:5300:200::/40 maxlen: 40
2a0d:5300:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:16:41:e1:54:c8:fb:52:91:24:4b:f4:5d:bc:49:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Validity
Not Before: Apr 9 02:33:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27e090068dc287321473c63b310ae98a63d8029f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7f:19:37:07:11:9a:fd:5a:90:c0:2d:b7:23:
95:a5:06:1d:a4:4e:3e:5d:23:30:47:e7:e0:c5:a7:
59:74:9e:69:db:48:ed:ae:2f:ca:59:76:1f:5d:3f:
dd:7e:22:b2:4e:da:ee:f8:70:84:af:be:39:10:56:
6c:33:d2:78:80:1a:71:90:4a:7e:41:3b:f7:4b:30:
b0:3e:e4:b9:29:a1:04:90:fe:40:ff:63:ff:87:0a:
c3:81:53:ab:5c:26:ca:c3:7d:ac:4b:40:67:34:4b:
03:d8:61:62:9c:58:d1:e2:fd:1e:fc:ec:d4:7f:ea:
17:b4:15:5e:fa:a7:93:64:99:39:09:76:c7:d5:d3:
ff:26:f6:c3:b0:c0:71:b6:f0:f6:a9:28:da:ad:d8:
99:40:b4:5f:b6:aa:74:d1:5a:fd:82:1c:be:5e:10:
6d:34:87:ac:ad:fb:60:35:b2:f5:c9:40:2f:1b:4f:
d8:9b:14:14:0b:3c:37:0c:7c:f9:99:a0:01:00:c7:
6e:b8:0c:06:f4:70:74:b0:99:89:75:41:a4:c2:80:
c5:5a:80:f8:44:ab:aa:04:1c:a6:9d:32:41:7a:28:
7e:2b:c1:3b:75:dc:0d:96:63:06:db:28:5b:cc:e1:
29:df:39:1f:f0:ef:c8:ac:f0:99:08:fd:24:66:ae:
66:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E0:90:06:8D:C2:87:32:14:73:C6:3B:31:0A:E9:8A:63:D8:02:9F
X509v3 Authority Key Identifier:
keyid:64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/J-CQBo3ChzIUc8Y7MQrpimPYAp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.241.0-45.82.242.255
185.232.56.0/22
IPv6:
2a0d:5300::/38
Signature Algorithm: sha256WithRSAEncryption
ab:78:ec:4f:e6:eb:ce:b9:80:0f:e4:a9:d1:6c:9b:4e:e1:a2:
0d:70:bf:96:45:ff:79:20:b5:04:dc:9f:14:e5:d1:b0:1e:b0:
8a:62:2b:27:1f:a6:c9:16:92:92:b0:93:21:c2:a8:a2:ca:12:
82:02:5d:11:8e:fd:95:50:33:39:f8:87:d1:4c:8d:0a:34:2d:
cf:7a:3e:ce:48:72:ac:d7:5f:8c:ad:e4:79:77:f0:ff:89:b5:
f4:bb:7e:8c:ad:59:45:73:f7:66:67:d6:f7:aa:42:29:b4:15:
14:bd:75:6b:ab:66:ea:6e:57:a7:be:66:0c:ef:a8:f4:88:43:
7a:00:99:0c:72:80:d7:43:5e:88:68:33:4a:a4:0d:9c:11:05:
ae:b5:48:ef:f1:8f:2d:37:4c:85:cb:be:68:fb:fb:14:6f:15:
49:e2:06:b0:42:7c:57:27:ea:82:bf:75:66:80:91:7a:73:c0:
69:aa:5a:01:af:ff:13:c9:82:16:8b:a3:55:a3:4c:17:28:c0:
34:a4:db:2a:02:b7:d5:bc:74:68:a8:bb:91:1b:2e:5a:94:19:
ff:63:38:91:17:a0:d1:dc:4c:dd:0d:40:a5:b4:9b:b9:35:57:
30:31:bf:44:f8:c4:f6:87:f9:ba:a2:19:4e:fc:d9:35:31:11:
0b:55:6a:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1wFkHhVMj7UpEkS/RdvEnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjMxZGNkNmJiNTMwODAyOWM0MjczMjMwNTE0ZjcyNmIx
Yjg2YmEwHhcNMjYwNDA5MDIzMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2UwOTAwNjhkYzI4NzMyMTQ3M2M2M2IzMTBhZTk4YTYzZDgwMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyX8ZNwcRmv1akMAttyOVpQYdpE4+
XSMwR+fgxadZdJ5p20jtri/KWXYfXT/dfiKyTtru+HCEr745EFZsM9J4gBpxkEp+
QTv3SzCwPuS5KaEEkP5A/2P/hwrDgVOrXCbKw32sS0BnNEsD2GFinFjR4v0e/OzU
f+oXtBVe+qeTZJk5CXbH1dP/JvbDsMBxtvD2qSjardiZQLRftqp00Vr9ghy+XhBt
NIesrftgNbL1yUAvG0/YmxQUCzw3DHz5maABAMduuAwG9HB0sJmJdUGkwoDFWoD4
RKuqBBymnTJBeih+K8E7ddwNlmMG2yhbzOEp3zkf8O/IrPCZCP0kZq5miwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCfgkAaNwocyFHPGOzEK6Ypj2AKfMB8GA1UdIwQY
MBaAFGSzHc1rtTCAKcQnMjBRT3JrG4a6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQt
NDRhYjY4OWUxZDRkLzEvSi1DUUJvM0NoeklVYzhZN01RcnBpbVBZQXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQtNDRhYjY4OWUxZDRk
LzEvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAAtUvED
BAAtUvIDBAK56DgwDgQCAAIwCAMGAioNUwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCr
eOxP5uvOuYAP5KnRbJtO4aINcL+WRf95ILUE3J8U5dGwHrCKYisnH6bJFpKSsJMh
wqiiyhKCAl0Rjv2VUDM5+IfRTI0KNC3Pej7OSHKs11+MreR5d/D/ibX0u36MrVlF
c/dmZ9b3qkIptBUUvXVrq2bqblenvmYM76j0iEN6AJkMcoDXQ16IaDNKpA2cEQWu
tUjv8Y8tN0yFy75o+/sUbxVJ4gawQnxXJ+qCv3VmgJF6c8BpqloBr/8TyYIWi6NV
o0wXKMA0pNsqArfVvHRoqLuRGy5alBn/YziRF6DR3EzdDUCltJu5NVcwMb9E+MT2
h/m6ohlO/Nk1MRELVWoA
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:29:15 2026 by rpki-client