Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/j2TcQ7FFpXzz-tgwxe38uLXQdgk.roa
File: j2TcQ7FFpXzz-tgwxe38uLXQdgk.roa (raw, json)
Hash identifier: MMiIwVbQ8aiheyhBeB/trgDx55b/UG6AYdCk4oAMvxI=
Subject key identifier: 8F:64:DC:43:B1:45:A5:7C:F3:FA:D8:30:C5:ED:FC:B8:B5:D0:76:09
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019D5878339F8707D75C0BEE2DA59FE39356
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/j2TcQ7FFpXzz-tgwxe38uLXQdgk.roa
Signing time: Sat 04 Apr 2026 12:29:25 +0000
ROA not before: Sat 04 Apr 2026 12:29:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7768
IP address blocks: 31.7.32.0/21 maxlen: 32
31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/22 maxlen: 32
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
185.234.218.0/24 maxlen: 32
2a0a:9f40::/29 maxlen: 128
2a0a:9f40:beef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:58:78:33:9f:87:07:d7:5c:0b:ee:2d:a5:9f:e3:93:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Apr 4 12:29:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f64dc43b145a57cf3fad830c5edfcb8b5d07609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:17:d8:ea:82:3a:7f:a3:60:52:bc:1b:8f:56:
d2:9a:bf:4f:df:fa:cd:c4:19:e1:b6:2d:65:ae:20:
63:f5:78:24:c4:39:bc:83:a1:7b:70:a4:ca:dd:38:
1f:2e:0b:cc:a6:71:fd:fa:21:bc:9a:ef:c8:08:98:
a6:0f:1d:43:a3:73:71:86:cb:51:52:9b:04:98:96:
c9:f4:1a:e6:2b:31:98:55:56:c4:be:48:0e:4b:4a:
ac:b3:68:19:f0:0b:11:eb:65:7c:f8:82:a3:56:57:
ac:f3:9a:69:6f:fa:c8:0b:05:35:cb:b5:15:ab:17:
54:17:af:57:7f:59:8f:bf:7f:67:7f:6a:d1:7d:cb:
c0:91:0b:17:b6:cb:43:45:25:c3:e3:f9:9e:e0:cb:
70:89:4a:ae:3a:f8:83:f2:32:e7:ff:41:95:0e:f6:
bf:7e:af:f3:37:40:b3:9d:2e:af:35:51:78:bd:f1:
5f:15:35:dc:be:5c:a4:c8:0d:87:82:e6:9a:12:dc:
70:e5:9c:67:c4:77:43:80:ce:5f:e4:50:af:02:5c:
ca:ca:9b:24:c6:e5:a6:8b:7a:90:ff:a4:7b:e2:f0:
9e:b3:31:4c:d2:13:44:3f:dc:fa:0f:cb:ca:a5:f2:
73:49:90:f4:0c:cf:a6:90:55:05:07:22:b9:49:9d:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:64:DC:43:B1:45:A5:7C:F3:FA:D8:30:C5:ED:FC:B8:B5:D0:76:09
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/j2TcQ7FFpXzz-tgwxe38uLXQdgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
185.234.218.0/24
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
77:a6:fe:a6:00:cf:08:3a:26:e5:89:76:ca:5a:da:87:f3:32:
79:0b:b4:58:93:d4:e8:03:3a:ee:3b:49:76:5f:29:e2:2a:77:
40:5a:be:37:39:62:33:9e:48:d5:aa:d1:2c:f9:b0:73:75:8f:
07:d4:ff:bb:bf:63:65:1d:c4:c6:5c:0a:35:d3:95:98:92:e6:
d9:23:e9:bb:52:7a:58:9e:3a:98:6f:d5:97:4c:f5:37:cc:f3:
b4:fe:9e:76:72:62:c8:98:4a:f9:ec:b9:44:1c:c7:66:6b:5f:
26:57:cc:3f:f0:06:53:be:02:2b:e8:7a:48:f2:bc:1a:0b:21:
4d:4f:ab:15:47:ad:fa:16:04:a5:3b:13:e6:21:88:67:08:e9:
36:f9:82:b2:f2:bc:25:1e:f7:5f:65:c5:01:4e:8e:86:3d:17:
8d:2c:5e:90:b0:00:ce:07:16:5f:4d:fa:47:5e:23:a1:d6:ac:
41:10:2c:82:06:2f:fe:d8:9c:16:a8:df:a8:96:72:9b:c2:88:
1b:68:cb:2d:c2:93:7c:58:60:97:fa:7e:56:30:1f:66:01:32:
c6:7f:d7:3a:79:f6:21:e2:29:9b:2d:5d:ea:57:c9:37:a7:8a:
ac:5c:90:ed:9a:3e:4c:fc:f6:a0:fe:a1:70:d8:3b:9b:cc:ee:
e3:7b:bf:76
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ1YeDOfhwfXXAvuLaWf45NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjYwNDA0MTIyOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY0ZGM0M2IxNDVhNTdjZjNmYWQ4MzBjNWVkZmNiOGI1ZDA3NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxfY6oI6f6NgUrwbj1bSmr9P3/rN
xBnhti1lriBj9XgkxDm8g6F7cKTK3TgfLgvMpnH9+iG8mu/ICJimDx1Do3NxhstR
UpsEmJbJ9BrmKzGYVVbEvkgOS0qss2gZ8AsR62V8+IKjVles85ppb/rICwU1y7UV
qxdUF69Xf1mPv39nf2rRfcvAkQsXtstDRSXD4/me4MtwiUquOviD8jLn/0GVDva/
fq/zN0CznS6vNVF4vfFfFTXcvlykyA2HguaaEtxw5ZxnxHdDgM5f5FCvAlzKypsk
xuWmi3qQ/6R74vCeszFM0hNEP9z6D8vKpfJzSZD0DM+mkFUFByK5SZ3wowIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI9k3EOxRaV88/rYMMXt/Li10HYJMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvajJUY1E3RkZwWHp6LXRnd3hlMzh1TFhRZGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHwcgAwQC
uYx8AwQAueraMA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQB3pv6m
AM8IOibliXbKWtqH8zJ5C7RYk9ToAzruO0l2XyniKndAWr43OWIznkjVqtEs+bBz
dY8H1P+7v2NlHcTGXAo105WYkubZI+m7UnpYnjqYb9WXTPU3zPO0/p52cmLImEr5
7LlEHMdma18mV8w/8AZTvgIr6HpI8rwaCyFNT6sVR636FgSlOxPmIYhnCOk2+YKy
8rwlHvdfZcUBTo6GPReNLF6QsADOBxZfTfpHXiOh1qxBECyCBi/+2JwWqN+olnKb
wogbaMstwpN8WGCX+n5WMB9mATLGf9c6efYh4imbLV3qV8k3p4qsXJDtmj5M/Pag
/qFw2DubzO7je792
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:42:53 2026 by rpki-client