Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/j4Ert-J3RYXgEKpLcLx5_T9dxS8.roa
File: j4Ert-J3RYXgEKpLcLx5_T9dxS8.roa (raw, json)
Hash identifier: keE/Qns0D+PUwgQtZ9LOIqamoxuah8ZLWQxn+5RiOWw=
Subject key identifier: 8F:81:2B:B7:E2:77:45:85:E0:10:AA:4B:70:BC:79:FD:3F:5D:C5:2F
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 019B7758CB0A0B8577D0910C4C641604968C
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/j4Ert-J3RYXgEKpLcLx5_T9dxS8.roa
Signing time: Thu 01 Jan 2026 02:17:46 +0000
ROA not before: Thu 01 Jan 2026 02:17:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.42.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:cb:0a:0b:85:77:d0:91:0c:4c:64:16:04:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 1 02:17:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f812bb7e2774585e010aa4b70bc79fd3f5dc52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3d:52:2f:28:9e:e8:e0:75:b5:eb:b8:40:50:
87:8f:1a:0f:79:11:bb:e6:c7:86:3a:f6:26:64:bc:
97:d9:4a:ea:89:0c:99:25:f5:3c:ed:d2:e3:d1:f8:
60:c2:71:b6:02:ba:68:b1:50:ea:dc:1f:8b:e7:6a:
c6:b8:ba:d6:9f:57:bd:8d:0a:1e:82:22:15:02:98:
cf:2e:82:b4:b1:48:1f:92:1b:ff:e4:24:97:0c:60:
81:d6:1d:32:7f:ec:c3:b4:c8:56:ad:6d:b6:e3:63:
cd:b9:54:3e:c3:c8:e9:fd:ed:6e:60:16:04:61:fa:
6b:5a:7b:05:b5:4c:a7:f8:07:03:e9:54:55:70:87:
b8:b9:5a:83:1d:64:46:c9:e6:69:c5:62:40:f0:3a:
1b:8c:8c:11:87:bb:b7:0c:e2:90:3d:c7:34:d6:17:
33:54:a6:f4:9c:b2:d5:fd:05:4f:f0:4e:95:80:93:
d6:50:31:f6:cb:9a:85:7f:9d:2f:3a:1f:a4:07:0d:
54:c2:72:54:a6:a0:07:bb:4c:70:19:8a:3e:ec:1d:
12:b7:d9:41:01:9a:7b:b7:be:ad:cd:57:79:9a:a7:
dc:19:2a:87:ad:12:eb:86:ed:a5:b0:7a:03:07:1d:
eb:ba:76:83:55:a7:6e:0a:64:05:d9:b1:53:0b:68:
c6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:81:2B:B7:E2:77:45:85:E0:10:AA:4B:70:BC:79:FD:3F:5D:C5:2F
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/j4Ert-J3RYXgEKpLcLx5_T9dxS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/24
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
69:62:9d:96:0d:23:5e:7e:ab:d3:54:f3:20:c8:2c:24:ad:74:
38:4f:97:a4:34:d8:2c:35:a8:de:6a:75:4c:bd:97:61:dc:d5:
e3:5b:f2:7f:6c:fb:07:64:e0:de:26:d8:4e:51:30:82:27:ce:
3d:49:d5:63:da:86:fe:82:e4:bb:96:cd:f7:9e:78:4d:15:1b:
f9:ab:1a:72:52:5f:79:a9:9b:fc:b7:14:34:ea:93:ae:20:a7:
d1:69:40:c7:52:e8:78:3d:ad:55:e6:2c:78:4a:61:13:93:66:
cf:d7:75:90:a0:77:1b:54:8c:6e:1b:88:fc:c0:c0:2a:93:eb:
6d:d5:0a:d6:f8:cc:e1:3d:93:4e:4b:ea:cd:71:f9:1f:02:dd:
88:54:67:8a:d8:76:b0:69:44:4b:5d:4f:5d:54:f3:6e:9d:84:
a7:21:21:8d:62:4b:44:6d:a2:8b:50:e2:99:b4:b8:6e:a4:07:
d3:ed:8e:93:47:fb:61:84:07:8c:57:1b:56:53:65:cb:3f:53:
9c:ba:88:ba:c0:2e:80:76:9b:b4:3d:06:5f:89:10:2e:28:f9:
2b:be:26:b2:30:30:5f:86:ac:60:8c:be:63:11:9a:4e:db:93:
31:36:b7:6a:3c:99:20:28:64:41:9d:8b:55:c2:00:76:95:a9:
0d:d4:e6:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt3WMsKC4V30JEMTGQWBJaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjYwMTAxMDIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjgxMmJiN2UyNzc0NTg1ZTAxMGFhNGI3MGJjNzlmZDNmNWRjNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz1SLyie6OB1teu4QFCHjxoPeRG7
5seGOvYmZLyX2UrqiQyZJfU87dLj0fhgwnG2ArposVDq3B+L52rGuLrWn1e9jQoe
giIVApjPLoK0sUgfkhv/5CSXDGCB1h0yf+zDtMhWrW2242PNuVQ+w8jp/e1uYBYE
YfprWnsFtUyn+AcD6VRVcIe4uVqDHWRGyeZpxWJA8DobjIwRh7u3DOKQPcc01hcz
VKb0nLLV/QVP8E6VgJPWUDH2y5qFf50vOh+kBw1UwnJUpqAHu0xwGYo+7B0St9lB
AZp7t76tzVd5mqfcGSqHrRLrhu2lsHoDBx3runaDVaduCmQF2bFTC2jGwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI+BK7fid0WF4BCqS3C8ef0/XcUvMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvajRFcnQtSjNSWVhnRUtwTGNMeDVfVDlkeFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBpYp2WDSNefqvTVPMgyCwkrXQ4
T5ekNNgsNajeanVMvZdh3NXjW/J/bPsHZODeJthOUTCCJ849SdVj2ob+guS7ls33
nnhNFRv5qxpyUl95qZv8txQ06pOuIKfRaUDHUuh4Pa1V5ix4SmETk2bP13WQoHcb
VIxuG4j8wMAqk+tt1QrW+MzhPZNOS+rNcfkfAt2IVGeK2HawaURLXU9dVPNunYSn
ISGNYktEbaKLUOKZtLhupAfT7Y6TR/thhAeMVxtWU2XLP1Ocuoi6wC6Adpu0PQZf
iRAuKPkrviayMDBfhqxgjL5jEZpO25MxNrdqPJkgKGRBnYtVwgB2lakN1OYf
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:07:23 2026 by rpki-client