Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/jsCYhpNJVH_eKt0bnKb0fio60Rw.roa
File: jsCYhpNJVH_eKt0bnKb0fio60Rw.roa (raw, json)
Hash identifier: 21UbAgBhTmff3Apwb1l7E5CZsKCIBDLMoVPCBR84oms=
Subject key identifier: 8E:C0:98:86:93:49:54:7F:DE:2A:DD:1B:9C:A6:F4:7E:2A:3A:D1:1C
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 019C85729D59F5B6EC3C27E00AD19E958BF4
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/jsCYhpNJVH_eKt0bnKb0fio60Rw.roa
Signing time: Sun 22 Feb 2026 13:03:26 +0000
ROA not before: Sun 22 Feb 2026 13:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211904
IP address blocks: 94.184.0.0/24 maxlen: 24
94.184.1.0/24 maxlen: 24
94.184.2.0/24 maxlen: 24
94.184.3.0/24 maxlen: 24
94.184.6.0/24 maxlen: 24
94.184.11.0/24 maxlen: 24
94.184.12.0/24 maxlen: 24
94.184.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:85:72:9d:59:f5:b6:ec:3c:27:e0:0a:d1:9e:95:8b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Feb 22 13:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ec098869349547fde2add1b9ca6f47e2a3ad11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:c5:a2:32:8f:31:f1:35:de:23:52:59:5c:
26:cc:72:5f:e2:11:f2:07:22:40:70:60:5c:0d:76:
5f:73:26:98:f3:1f:51:1f:45:c2:62:62:f5:41:b0:
fc:9a:c2:f9:bf:b0:11:d0:3b:9a:2c:d8:58:6e:2e:
a4:4e:23:71:0e:ec:46:8c:5e:67:0f:1c:f6:82:5e:
62:c4:3c:69:12:e4:76:a6:9a:43:9a:71:56:0a:1c:
34:7c:d1:0f:bb:dc:22:3c:d9:0b:94:2d:16:6e:58:
23:b6:d5:91:77:6f:1d:e1:bb:42:1c:b2:7f:3a:79:
e2:02:58:78:1b:df:64:7a:88:86:d9:a2:47:d9:31:
0a:ff:74:c9:3a:65:76:ad:bd:40:3f:bd:d8:4b:be:
ef:9b:be:94:fd:0b:fb:81:fa:bd:28:17:f9:e9:da:
31:2c:a7:85:43:cf:1d:64:a7:08:57:cc:d5:2d:ad:
6a:2a:a0:70:45:ba:96:9d:12:92:a8:c5:11:bb:3c:
80:91:f3:75:e6:de:49:91:c1:df:0c:64:42:75:5c:
66:32:f0:e6:9f:46:2a:66:27:e9:a3:ec:de:29:8e:
28:00:a2:82:e5:a1:39:26:21:50:11:1c:02:a4:3d:
88:2b:ad:c9:13:4e:e0:ba:c9:b5:5b:b9:d4:a1:46:
47:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C0:98:86:93:49:54:7F:DE:2A:DD:1B:9C:A6:F4:7E:2A:3A:D1:1C
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/jsCYhpNJVH_eKt0bnKb0fio60Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.0.0/22
94.184.6.0/24
94.184.11.0-94.184.13.255
Signature Algorithm: sha256WithRSAEncryption
b7:d6:b2:f5:48:75:09:6c:ae:72:ec:96:a8:03:0c:5c:ce:5f:
a6:15:82:be:ee:af:0c:35:e9:27:90:9d:13:50:02:d0:a4:61:
d8:84:c1:6f:8f:24:01:16:04:7f:6d:f8:7c:b0:74:23:f1:81:
bf:dc:dc:06:9d:fe:9f:9a:dd:b7:ed:05:44:ac:ae:77:8a:74:
79:12:81:0c:34:27:74:2b:81:a7:a9:64:31:11:9a:29:eb:79:
b8:d2:f5:68:9c:5c:04:80:18:f2:30:3d:5a:d0:34:ad:60:8a:
8e:47:8f:d2:b3:d0:e3:4c:b9:40:73:37:54:55:7c:78:ae:44:
b4:1a:0e:ab:6d:e7:31:a3:7b:df:01:f6:62:3c:db:0a:9c:8a:
1c:4b:d3:bd:a6:74:68:ac:31:e4:8c:ac:12:05:ac:73:b5:b7:
27:f1:2c:c9:7d:75:51:6c:3b:76:20:82:89:1f:54:6a:91:76:
a9:c1:40:a7:26:84:88:d9:64:cc:47:46:1e:83:6c:f0:ce:b8:
ba:a7:ff:c0:a7:4d:5e:eb:19:69:a3:a9:7c:2a:66:f5:f1:39:
7f:31:59:8d:32:45:d0:9f:e4:1f:91:b9:1a:5e:3c:b5:15:77:
3f:9d:db:01:fd:fb:73:4e:bb:70:41:35:3d:92:15:60:de:cf:
b4:fc:e3:19
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZyFcp1Z9bbsPCfgCtGelYv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjYwMjIyMTMwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWMwOTg4NjkzNDk1NDdmZGUyYWRkMWI5Y2E2ZjQ3ZTJhM2FkMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuybFojKPMfE13iNSWVwmzHJf4hHy
ByJAcGBcDXZfcyaY8x9RH0XCYmL1QbD8msL5v7AR0DuaLNhYbi6kTiNxDuxGjF5n
Dxz2gl5ixDxpEuR2pppDmnFWChw0fNEPu9wiPNkLlC0WblgjttWRd28d4btCHLJ/
OnniAlh4G99keoiG2aJH2TEK/3TJOmV2rb1AP73YS77vm76U/Qv7gfq9KBf56dox
LKeFQ88dZKcIV8zVLa1qKqBwRbqWnRKSqMURuzyAkfN15t5JkcHfDGRCdVxmMvDm
n0YqZifpo+zeKY4oAKKC5aE5JiFQERwCpD2IK63JE07gusm1W7nUoUZHCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI7AmIaTSVR/3irdG5ym9H4qOtEcMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvanNDWWhwTkpWSF9lS3QwYm5LYjBmaW82MFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXrgAAwQA
XrgGMAwDBABeuAsDBAFeuAwwDQYJKoZIhvcNAQELBQADggEBALfWsvVIdQlsrnLs
lqgDDFzOX6YVgr7urww16SeQnRNQAtCkYdiEwW+PJAEWBH9t+HywdCPxgb/c3Aad
/p+a3bftBUSsrneKdHkSgQw0J3QrgaepZDERminrebjS9WicXASAGPIwPVrQNK1g
io5Hj9Kz0ONMuUBzN1RVfHiuRLQaDqtt5zGje98B9mI82wqcihxL072mdGisMeSM
rBIFrHO1tyfxLMl9dVFsO3YggokfVGqRdqnBQKcmhIjZZMxHRh6DbPDOuLqn/8Cn
TV7rGWmjqXwqZvXxOX8xWY0yRdCf5B+RuRpePLUVdz+d2wH9+3NOu3BBNT2SFWDe
z7T84xk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:57:27 2026 by rpki-client