Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/J0u4PbYIevSkqXDSEnsyGZVMqtc.roa
File: J0u4PbYIevSkqXDSEnsyGZVMqtc.roa (raw, json)
Hash identifier: aBXYYl48jca9wveAZI/GuYbbGGyv9mDo91i3PZYst5k=
Subject key identifier: 27:4B:B8:3D:B6:08:7A:F4:A4:A9:70:D2:12:7B:32:19:95:4C:AA:D7
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 019B7C124643E229BC9ED82C0856C37D7480
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/J0u4PbYIevSkqXDSEnsyGZVMqtc.roa
Signing time: Fri 02 Jan 2026 00:18:50 +0000
ROA not before: Fri 02 Jan 2026 00:18:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216134
IP address blocks: 140.171.0.0/16 maxlen: 16
149.223.0.0/16 maxlen: 24
149.223.0.0/17 maxlen: 17
149.223.128.0/17 maxlen: 17
149.238.0.0/16 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
170.205.192.0/18 maxlen: 24
192.77.114.0/23 maxlen: 24
192.101.48.0/20 maxlen: 20
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
193.39.210.0/24 maxlen: 24
193.39.211.0/24 maxlen: 24
193.39.214.0/24 maxlen: 24
193.202.20.0/24 maxlen: 24
204.235.176.0/20 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:46:43:e2:29:bc:9e:d8:2c:08:56:c3:7d:74:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Jan 2 00:18:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=274bb83db6087af4a4a970d2127b3219954caad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3e:0a:c0:73:98:bc:a2:e5:c9:78:0f:59:d0:
b7:2e:70:40:2e:26:d3:d4:95:df:e8:32:e4:2b:e8:
21:12:1c:0c:53:59:a0:76:3c:76:30:89:9e:ec:b5:
7d:63:cb:77:fe:19:8c:54:8b:75:a1:cf:76:08:5a:
03:11:46:92:94:95:8c:79:b5:2a:ef:fc:03:36:b3:
34:46:b6:a3:00:03:87:3c:95:17:71:6d:2a:cc:0a:
ff:0e:4c:71:1c:6f:3f:80:b0:5e:b8:28:a9:d0:7c:
b6:04:6d:66:20:bc:2e:18:16:2d:d7:62:cd:c0:46:
c6:fe:0a:38:3c:e9:02:67:b4:0a:a5:8d:53:56:2c:
2b:7e:48:5b:4e:ed:53:5a:2b:b3:cd:43:14:41:95:
30:f9:e7:1c:91:9f:99:fb:23:3c:29:a2:5d:9f:a8:
f4:98:08:c0:f8:81:9d:e9:3d:21:9c:fa:e9:49:05:
14:d4:9e:57:f3:d5:e0:bc:1c:b3:ca:5e:bb:39:1b:
6d:f0:96:23:ab:46:f5:6c:05:72:b6:ab:3c:19:29:
02:bd:fb:64:65:6e:8b:90:5f:8a:7b:ad:f8:35:5f:
4d:2c:dc:b5:c0:26:40:3f:45:b0:00:ea:c8:a3:85:
4c:93:f8:8f:2f:b8:b7:b0:21:5c:7b:ec:e7:c3:f0:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:4B:B8:3D:B6:08:7A:F4:A4:A9:70:D2:12:7B:32:19:95:4C:AA:D7
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/J0u4PbYIevSkqXDSEnsyGZVMqtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.171.0.0/16
149.223.0.0/16
149.238.0.0/16
170.205.192.0/18
192.77.114.0/23
192.101.48.0/20
192.112.208.0/24
193.33.52.0/23
193.39.210.0/23
193.39.214.0/24
193.202.20.0/24
204.235.176.0/20
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:3e:87:9e:83:ca:35:ff:d9:a7:b6:03:5f:5b:d8:d2:f5:50:
db:24:ba:08:b1:e1:bc:2f:78:6f:5a:d5:01:ab:44:72:ec:15:
48:8f:3e:ff:c2:b4:b7:cb:f7:51:d4:75:bf:3c:df:99:16:4a:
ed:3b:be:e0:9b:54:de:04:7b:0f:82:dc:bd:08:df:94:66:62:
d0:96:24:8e:73:14:54:99:90:90:a8:26:01:d8:1b:ac:fe:7e:
74:d9:ed:1d:1c:7d:2a:e9:2a:af:aa:db:24:72:2b:66:ce:60:
6c:4a:21:03:1a:ab:26:6a:bb:cb:1a:6a:b7:0f:ca:88:48:58:
93:57:67:cc:21:66:ef:6c:77:52:5c:3b:9b:8d:b0:61:5a:03:
ce:f4:86:cd:9b:84:28:cc:d8:a0:5e:56:1c:01:5a:68:f1:2a:
8c:f7:35:a0:af:4d:ec:66:6e:78:78:a6:83:f6:df:fe:9f:74:
18:fa:ad:44:dd:ca:f3:71:69:46:83:85:18:c3:e6:9b:73:08:
7c:ae:d5:8c:97:df:44:aa:4b:76:b4:bb:fa:bb:3a:3c:ee:16:
95:b0:63:46:7a:9f:03:ee:8c:97:27:14:2f:9a:eb:aa:9a:40:
49:fa:b5:92:c2:20:ba:cd:83:ad:66:36:c4:7a:74:90:db:21:
49:26:67:8f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZt8EkZD4im8ntgsCFbDfXSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjYwMTAyMDAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzRiYjgzZGI2MDg3YWY0YTRhOTcwZDIxMjdiMzIxOTk1NGNhYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T4KwHOYvKLlyXgPWdC3LnBALibT
1JXf6DLkK+ghEhwMU1mgdjx2MIme7LV9Y8t3/hmMVIt1oc92CFoDEUaSlJWMebUq
7/wDNrM0RrajAAOHPJUXcW0qzAr/DkxxHG8/gLBeuCip0Hy2BG1mILwuGBYt12LN
wEbG/go4POkCZ7QKpY1TViwrfkhbTu1TWiuzzUMUQZUw+ecckZ+Z+yM8KaJdn6j0
mAjA+IGd6T0hnPrpSQUU1J5X89XgvByzyl67ORtt8JYjq0b1bAVytqs8GSkCvftk
ZW6LkF+Ke634NV9NLNy1wCZAP0WwAOrIo4VMk/iPL7i3sCFce+znw/CZIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCdLuD22CHr0pKlw0hJ7MhmVTKrXMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvSjB1NFBiWUlldlNrcVhEU0Vuc3lHWlZNcXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwMAjKsDAwCV
3wMDAJXuAwQGqs3AAwQBwE1yAwQEwGUwAwQAwHDQAwQBwSE0AwQBwSfSAwQAwSfW
AwQAwcoUAwQEzOuwMA0EAgACMAcDBQMqE8tAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
Poeeg8o1/9mntgNfW9jS9VDbJLoIseG8L3hvWtUBq0Ry7BVIjz7/wrS3y/dR1HW/
PN+ZFkrtO77gm1TeBHsPgty9CN+UZmLQliSOcxRUmZCQqCYB2Bus/n502e0dHH0q
6SqvqtskcitmzmBsSiEDGqsmarvLGmq3D8qISFiTV2fMIWbvbHdSXDubjbBhWgPO
9IbNm4QozNigXlYcAVpo8SqM9zWgr03sZm54eKaD9t/+n3QY+q1E3crzcWlGg4UY
w+abcwh8rtWMl99Eqkt2tLv6uzo87haVsGNGep8D7oyXJxQvmuuqmkBJ+rWSwiC6
zYOtZjbEenSQ2yFJJmeP
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:57:09 2026 by rpki-client