Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/bBRqwBxrWrgyylsp2nzv4C0sL6Q.roa
File: bBRqwBxrWrgyylsp2nzv4C0sL6Q.roa (raw, json)
Hash identifier: H+9SNV9b7doXFnTVPT2uod/HC/IjGc2xqH/b4GNt5eg=
Subject key identifier: 6C:14:6A:C0:1C:6B:5A:B8:32:CA:5B:29:DA:7C:EF:E0:2D:2C:2F:A4
Certificate issuer: /CN=26638c2cb7b860cd369679c4d05d50f705e04629
Certificate serial: 019D92C3369B2F5C0CBF8B350E45C6E3BDD9
Authority key identifier: 26:63:8C:2C:B7:B8:60:CD:36:96:79:C4:D0:5D:50:F7:05:E0:46:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmOMLLe4YM02lnnE0F1Q9wXgRik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/bBRqwBxrWrgyylsp2nzv4C0sL6Q.roa
Signing time: Wed 15 Apr 2026 20:09:20 +0000
ROA not before: Wed 15 Apr 2026 20:09:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25281
IP address blocks: 185.103.12.0/22 maxlen: 22
185.103.12.0/24 maxlen: 24
185.103.13.0/24 maxlen: 24
185.103.14.0/24 maxlen: 24
185.103.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/JmOMLLe4YM02lnnE0F1Q9wXgRik.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/JmOMLLe4YM02lnnE0F1Q9wXgRik.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmOMLLe4YM02lnnE0F1Q9wXgRik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:c3:36:9b:2f:5c:0c:bf:8b:35:0e:45:c6:e3:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26638c2cb7b860cd369679c4d05d50f705e04629
Validity
Not Before: Apr 15 20:09:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c146ac01c6b5ab832ca5b29da7cefe02d2c2fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7d:5c:2a:15:50:be:5f:7a:81:ec:3d:b8:f6:
26:95:5e:c9:b4:9c:2f:4a:36:5c:b6:64:3d:dc:5d:
e6:60:f1:da:33:0f:07:26:fa:c5:4b:0c:ba:50:a3:
07:c5:6d:16:38:30:98:03:cd:d6:df:5f:0a:1b:77:
cf:37:20:2b:42:21:ae:90:ab:9d:54:76:65:67:5a:
01:e8:ad:26:ab:30:7c:7c:fd:f4:61:33:0f:c0:4c:
83:3f:4b:48:22:7a:b0:f4:b7:9e:bb:90:5a:f3:47:
70:f5:dc:a5:33:37:58:5e:64:81:45:94:7a:30:2b:
86:c4:6b:c8:61:5e:c0:9d:14:d7:d7:33:ab:3a:be:
5f:f5:1f:62:99:a7:91:61:33:d0:f2:a0:23:90:d4:
81:0e:58:26:d3:c9:f4:f9:35:2e:0b:60:9b:f2:fa:
0c:4d:e3:7c:c5:07:12:6f:d1:80:9e:26:09:24:f4:
c0:14:de:57:d3:da:f7:f8:bf:21:2a:21:e3:20:d4:
2c:99:f4:87:f2:b2:3b:e9:0a:c7:dd:ab:85:37:67:
1d:53:04:47:91:e4:aa:36:a9:6c:cc:03:02:5e:96:
76:34:c1:f2:99:e9:16:87:d6:87:25:a5:44:da:f1:
22:c3:bc:de:f9:15:fd:94:a4:ed:e8:00:fd:19:eb:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:14:6A:C0:1C:6B:5A:B8:32:CA:5B:29:DA:7C:EF:E0:2D:2C:2F:A4
X509v3 Authority Key Identifier:
keyid:26:63:8C:2C:B7:B8:60:CD:36:96:79:C4:D0:5D:50:F7:05:E0:46:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmOMLLe4YM02lnnE0F1Q9wXgRik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/bBRqwBxrWrgyylsp2nzv4C0sL6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d96f69-ef14-4227-8898-3e57cc52c84e/1/JmOMLLe4YM02lnnE0F1Q9wXgRik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.12.0/22
Signature Algorithm: sha256WithRSAEncryption
39:fb:98:d5:0a:c4:a9:fc:03:e1:54:81:22:fb:e8:ef:b4:bc:
ef:4f:e5:74:96:09:44:e5:e5:52:6b:26:2c:c6:9b:b6:1a:a8:
72:68:fa:43:c1:9d:d4:cb:5a:a1:5a:ae:90:c1:dc:41:6e:cc:
54:27:7b:04:88:b1:f8:d5:6c:ae:a2:9c:13:10:57:b1:24:5d:
f9:ed:f2:18:ed:4f:7f:9d:80:9d:59:54:b0:d5:ca:41:ee:25:
f3:2e:df:26:3d:d5:89:d8:d7:9f:bc:2d:32:88:b6:bc:25:46:
04:9d:2b:8d:00:59:92:14:53:13:6c:3a:bc:d7:a2:ef:73:40:
3f:21:1c:f3:50:f5:1e:2e:2b:a8:99:1c:cc:0f:c5:e9:16:9a:
c8:30:1c:48:a5:e2:09:06:44:5c:78:4d:d9:fa:d1:25:b3:55:
7a:bf:75:5c:93:ac:37:5a:92:4b:4b:52:b5:8e:41:f0:7b:5c:
a1:a8:e7:0d:c7:76:e8:24:7c:0b:76:0a:36:8a:63:72:79:f2:
e5:1d:24:3d:36:32:d1:19:32:93:92:dc:a7:83:65:42:c0:8c:
9f:b2:1d:51:f8:bc:fb:87:6e:2f:f3:5f:98:29:00:81:60:6f:
79:f8:d3:41:2c:f3:9c:fb:4a:35:ed:8c:ea:49:c5:f5:c4:04:
5f:cf:56:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2SwzabL1wMv4s1DkXG473ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjM4YzJjYjdiODYwY2QzNjk2NzljNGQwNWQ1MGY3MDVl
MDQ2MjkwHhcNMjYwNDE1MjAwOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzE0NmFjMDFjNmI1YWI4MzJjYTViMjlkYTdjZWZlMDJkMmMyZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX1cKhVQvl96gew9uPYmlV7JtJwv
SjZctmQ93F3mYPHaMw8HJvrFSwy6UKMHxW0WODCYA83W318KG3fPNyArQiGukKud
VHZlZ1oB6K0mqzB8fP30YTMPwEyDP0tIInqw9Leeu5Ba80dw9dylMzdYXmSBRZR6
MCuGxGvIYV7AnRTX1zOrOr5f9R9imaeRYTPQ8qAjkNSBDlgm08n0+TUuC2Cb8voM
TeN8xQcSb9GAniYJJPTAFN5X09r3+L8hKiHjINQsmfSH8rI76QrH3auFN2cdUwRH
keSqNqlszAMCXpZ2NMHymekWh9aHJaVE2vEiw7ze+RX9lKTt6AD9GetEZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwUasAca1q4MspbKdp87+AtLC+kMB8GA1UdIwQY
MBaAFCZjjCy3uGDNNpZ5xNBdUPcF4EYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1PTUxMZTRZTTAybG5uRTBGMVE5d1hnUmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kOTZmNjktZWYxNC00MjI3LTg4OTgt
M2U1N2NjNTJjODRlLzEvYkJScXdCeHJXcmd5eWxzcDJuenY0QzBzTDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kOTZmNjktZWYxNC00MjI3LTg4OTgtM2U1N2NjNTJjODRl
LzEvSm1PTUxMZTRZTTAybG5uRTBGMVE5d1hnUmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcMMA0G
CSqGSIb3DQEBCwUAA4IBAQA5+5jVCsSp/APhVIEi++jvtLzvT+V0lglE5eVSayYs
xpu2GqhyaPpDwZ3Uy1qhWq6QwdxBbsxUJ3sEiLH41WyuopwTEFexJF357fIY7U9/
nYCdWVSw1cpB7iXzLt8mPdWJ2NefvC0yiLa8JUYEnSuNAFmSFFMTbDq816Lvc0A/
IRzzUPUeLiuomRzMD8XpFprIMBxIpeIJBkRceE3Z+tEls1V6v3Vck6w3WpJLS1K1
jkHwe1yhqOcNx3boJHwLdgo2imNyefLlHSQ9NjLRGTKTktyng2VCwIyfsh1R+Lz7
h24v81+YKQCBYG95+NNBLPOc+0o17YzqScX1xARfz1bl
-----END CERTIFICATE-----
Generated at Sat Apr 18 06:04:16 2026 by rpki-client