Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nJjzPLEd59uR4gEvlvyEApV_GA8.roa
File: nJjzPLEd59uR4gEvlvyEApV_GA8.roa (raw, json)
Hash identifier: bAUAkW+fvu0rrzGl7Uj/epP6iFz3m1ICReiJ99PvDsA=
Subject key identifier: 9C:98:F3:3C:B1:1D:E7:DB:91:E2:01:2F:96:FC:84:02:95:7F:18:0F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E8CA5AF1E63BED2B8FB19B832CFBF9FBD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nJjzPLEd59uR4gEvlvyEApV_GA8.roa
Signing time: Wed 03 Jun 2026 08:42:08 +0000
ROA not before: Wed 03 Jun 2026 08:42:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 37.252.26.0/24 maxlen: 24
79.99.75.0/24 maxlen: 24
79.99.150.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
82.153.145.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.226.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:a5:af:1e:63:be:d2:b8:fb:19:b8:32:cf:bf:9f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 3 08:42:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c98f33cb11de7db91e2012f96fc8402957f180f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2f:c2:f8:d1:14:6b:29:df:35:f5:7a:a8:48:
ad:3e:4a:ff:fe:3a:b5:04:c9:ce:4d:d4:52:90:1c:
ac:e0:fa:0b:a3:87:ec:8d:b4:e6:72:21:53:36:91:
3a:35:09:0b:00:5f:38:1b:0d:7a:dd:e9:4c:52:c9:
dd:4d:a4:a5:13:36:5d:ed:db:33:cd:79:77:6a:3f:
56:fc:4a:e1:58:a9:d4:f0:16:7a:6c:84:e6:df:6c:
4c:1f:ce:d7:c4:26:51:06:e6:f8:70:f6:8f:26:48:
55:86:be:b1:da:b9:da:a2:bb:18:f8:43:19:d8:1d:
4e:04:dc:f2:3c:49:45:f0:b8:13:bf:4f:53:7d:df:
f5:cc:5d:98:e0:c0:a7:cd:30:17:70:60:15:a5:9a:
a4:af:68:fb:77:bb:a2:97:3e:00:19:1b:e9:a0:c0:
65:f5:cf:6b:30:a6:0c:fa:dc:bc:f8:78:2f:77:0e:
a4:6f:27:d5:16:71:01:c7:3b:95:a1:34:ff:20:ba:
08:3f:4b:6f:77:f5:24:ad:ce:1c:6e:4a:c2:b7:a8:
f4:9d:03:a6:36:49:3f:b6:f1:7d:3d:29:c4:58:29:
46:c3:a4:2b:72:5b:26:3a:60:98:a7:09:73:be:0b:
31:51:cc:1f:7e:f5:82:08:a9:c0:07:4a:74:6e:46:
e6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:98:F3:3C:B1:1D:E7:DB:91:E2:01:2F:96:FC:84:02:95:7F:18:0F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nJjzPLEd59uR4gEvlvyEApV_GA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.26.0/24
79.99.75.0/24
79.99.150.0/23
82.152.55.0/24
82.153.10.0/24
82.153.145.0/24
82.163.10.0/23
89.213.226.0/24
109.176.30.0/24
109.176.208.0/24
213.210.41.0/24
Signature Algorithm: sha256WithRSAEncryption
21:86:21:b0:d5:c9:00:07:2f:a5:11:21:41:90:8e:17:15:dc:
5a:2f:3a:39:5a:d8:93:e3:64:c8:21:fe:8d:76:d9:8d:8f:15:
6c:23:e0:d0:c7:50:a1:e7:ce:54:03:f4:f6:20:48:34:00:55:
d7:44:17:42:d3:d0:18:b8:a1:08:3e:a0:60:ba:72:fe:47:98:
24:9a:8a:78:6c:4c:ce:35:de:d2:b9:0b:ee:80:ec:c2:31:e5:
10:50:a5:5b:74:7e:bf:52:4e:7b:90:a7:07:3e:20:ad:a9:67:
5d:dc:40:e1:2d:59:50:51:ad:1f:39:b0:1d:53:87:1e:94:2a:
64:82:b9:7a:53:76:45:bc:ae:dd:5d:ca:d6:19:d4:22:37:dd:
8f:31:6c:86:7e:8b:f6:2f:b3:9a:86:33:9d:03:97:2f:5f:4e:
50:74:f5:46:e0:99:2b:f8:bb:be:27:e9:69:2a:8b:51:8c:40:
40:3a:bc:88:0a:f5:3b:3b:c3:7e:9e:81:8b:b9:b3:8f:29:fd:
90:99:79:a7:60:7f:13:78:5d:20:d7:29:9b:78:f1:f3:f9:8a:
c6:5e:e3:b3:4a:74:20:cb:87:b8:4e:50:25:9d:76:6f:55:75:
4b:2c:1a:d7:a9:06:1a:d1:25:e8:4d:14:fc:f4:50:d5:89:78:
4f:b0:5a:ff
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ6Mpa8eY77SuPsZuDLPv5+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNjAzMDg0MjA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk4ZjMzY2IxMWRlN2RiOTFlMjAxMmY5NmZjODQwMjk1N2YxODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS/C+NEUaynfNfV6qEitPkr//jq1
BMnOTdRSkBys4PoLo4fsjbTmciFTNpE6NQkLAF84Gw163elMUsndTaSlEzZd7dsz
zXl3aj9W/ErhWKnU8BZ6bITm32xMH87XxCZRBub4cPaPJkhVhr6x2rnaorsY+EMZ
2B1OBNzyPElF8LgTv09Tfd/1zF2Y4MCnzTAXcGAVpZqkr2j7d7uilz4AGRvpoMBl
9c9rMKYM+ty8+Hgvdw6kbyfVFnEBxzuVoTT/ILoIP0tvd/Ukrc4cbkrCt6j0nQOm
Nkk/tvF9PSnEWClGw6QrclsmOmCYpwlzvgsxUcwffvWCCKnAB0p0bkbmrQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJyY8zyxHefbkeIBL5b8hAKVfxgPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbkpqelBMRWQ1OXVSNGdFdmx2eUVBcFZfR0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJfwaAwQA
T2NLAwQBT2OWAwQAUpg3AwQAUpkKAwQAUpmRAwQBUqMKAwQAWdXiAwQAbbAeAwQA
bbDQAwQA1dIpMA0GCSqGSIb3DQEBCwUAA4IBAQAhhiGw1ckABy+lESFBkI4XFdxa
Lzo5WtiT42TIIf6NdtmNjxVsI+DQx1Ch585UA/T2IEg0AFXXRBdC09AYuKEIPqBg
unL+R5gkmop4bEzONd7SuQvugOzCMeUQUKVbdH6/Uk57kKcHPiCtqWdd3EDhLVlQ
Ua0fObAdU4celCpkgrl6U3ZFvK7dXcrWGdQiN92PMWyGfov2L7OahjOdA5cvX05Q
dPVG4Jkr+Lu+J+lpKotRjEBAOryICvU7O8N+noGLubOPKf2QmXmnYH8TeF0g1ymb
ePHz+YrGXuOzSnQgy4e4TlAlnXZvVXVLLBrXqQYa0SXoTRT89FDViXhPsFr/
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:53:07 2026 by rpki-client