Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/jaTCzxQZwGVoMfE5pxy0Gbm9K_E.roa
File: jaTCzxQZwGVoMfE5pxy0Gbm9K_E.roa (raw, json)
Hash identifier: ULw0U4ZGmZtESpblMgYhOZZu7hCKbL/R7CwXeeGSDEM=
Subject key identifier: 8D:A4:C2:CF:14:19:C0:65:68:31:F1:39:A7:1C:B4:19:B9:BD:2B:F1
Certificate issuer: /CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
Certificate serial: 019B7C129338BF4FBD89E528F6545CA9F067
Authority key identifier: 2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/jaTCzxQZwGVoMfE5pxy0Gbm9K_E.roa
Signing time: Fri 02 Jan 2026 00:19:10 +0000
ROA not before: Fri 02 Jan 2026 00:19:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57687
IP address blocks: 185.129.168.0/24 maxlen: 24
185.129.169.0/24 maxlen: 24
185.129.170.0/24 maxlen: 24
185.129.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/LD4cA--i8tn_-dvsMyW8bDdpQlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/LD4cA--i8tn_-dvsMyW8bDdpQlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:93:38:bf:4f:bd:89:e5:28:f6:54:5c:a9:f0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
Validity
Not Before: Jan 2 00:19:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8da4c2cf1419c0656831f139a71cb419b9bd2bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b2:49:4e:f3:60:2b:8d:05:32:5e:11:60:0f:
81:ed:b1:3b:48:46:f6:9d:bf:f2:57:3c:4a:37:e2:
a9:99:09:af:c1:e7:87:dd:60:39:f8:b3:1b:08:59:
3a:ac:4e:cc:56:65:19:ea:3c:70:9f:5d:82:df:c7:
0f:6a:8f:5d:66:00:86:bc:2a:85:db:63:21:3c:31:
cf:03:ad:06:11:53:2a:71:53:d8:39:65:8d:2f:91:
62:db:3c:45:cc:b1:70:86:93:0f:0e:97:00:04:80:
73:6b:92:9c:f0:84:f4:6c:49:ea:21:a3:e6:52:4e:
65:6d:82:fc:4e:40:69:00:6f:4f:72:5d:77:8b:d0:
05:e7:58:1b:2e:0a:08:21:fa:f3:8f:29:03:e1:43:
69:69:8f:b5:f7:32:ae:7a:a4:1c:8f:6c:a4:b3:0d:
45:d1:3f:8f:30:31:4c:71:bd:da:86:32:d8:0b:af:
d9:d6:57:5a:fa:05:95:71:bd:06:d2:12:3a:b0:6c:
f7:ae:eb:25:db:3d:9e:57:b0:41:d2:2d:73:45:e8:
b3:76:42:94:98:07:e9:fa:a3:1c:29:1a:7d:e6:22:
ae:5c:96:5b:8e:af:6b:d8:47:22:0b:b2:eb:c7:c8:
8e:14:d1:66:a3:c9:39:93:6f:6b:cb:af:7d:05:e0:
73:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A4:C2:CF:14:19:C0:65:68:31:F1:39:A7:1C:B4:19:B9:BD:2B:F1
X509v3 Authority Key Identifier:
keyid:2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/jaTCzxQZwGVoMfE5pxy0Gbm9K_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/LD4cA--i8tn_-dvsMyW8bDdpQlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:12:28:61:bc:04:e8:1c:03:67:0e:b3:9d:0f:ef:9f:c4:60:
fe:af:4f:7e:c9:6c:e5:3a:71:2d:5a:7d:fd:ab:bb:1b:2c:75:
10:f8:87:19:24:a4:b7:6e:28:eb:53:fa:1e:4e:73:ae:68:c0:
34:ef:d7:ac:14:e6:58:55:29:34:2a:3b:58:01:50:33:df:fe:
4c:03:0b:e8:b8:c1:12:97:35:b4:af:f7:77:74:12:52:1d:51:
a4:03:4d:d0:12:89:fa:6b:81:6d:15:0c:c9:2b:a1:30:c5:79:
9a:14:3f:59:40:8a:35:4b:fb:9f:61:86:4a:46:55:84:a0:1b:
44:05:62:c1:f9:cc:e3:14:e4:0e:81:e6:e3:69:f8:f2:ca:dd:
c0:c0:db:25:b1:28:cd:cc:41:e0:5d:52:19:18:9f:81:fe:89:
72:46:53:eb:24:d8:3a:c7:60:61:cf:91:de:b9:97:0a:b2:52:
29:6a:f6:02:75:36:c4:d0:3d:9b:8c:01:c5:65:ab:2d:39:ae:
3a:21:ea:24:44:77:02:cc:4f:f3:04:93:6e:b9:df:f4:23:e7:
83:cb:23:98:a3:63:10:17:5f:c9:35:95:e6:97:b0:54:1a:08:
f1:37:19:da:75:84:12:45:16:b6:d6:31:fc:5e:ac:6a:8a:dd:
39:a0:10:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8EpM4v0+9ieUo9lRcqfBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2UxYzAzZWZhMmYyZDlmZmY5ZGJlYzMzMjViYzZjMzc2
OTQyNTAwHhcNMjYwMTAyMDAxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE0YzJjZjE0MTljMDY1NjgzMWYxMzlhNzFjYjQxOWI5YmQyYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LJJTvNgK40FMl4RYA+B7bE7SEb2
nb/yVzxKN+KpmQmvweeH3WA5+LMbCFk6rE7MVmUZ6jxwn12C38cPao9dZgCGvCqF
22MhPDHPA60GEVMqcVPYOWWNL5Fi2zxFzLFwhpMPDpcABIBza5Kc8IT0bEnqIaPm
Uk5lbYL8TkBpAG9Pcl13i9AF51gbLgoIIfrzjykD4UNpaY+19zKueqQcj2yksw1F
0T+PMDFMcb3ahjLYC6/Z1lda+gWVcb0G0hI6sGz3rusl2z2eV7BB0i1zReizdkKU
mAfp+qMcKRp95iKuXJZbjq9r2EciC7Lrx8iOFNFmo8k5k29ry699BeBzNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2kws8UGcBlaDHxOacctBm5vSvxMB8GA1UdIwQY
MBaAFCw+HAPvovLZ//nb7DMlvGw3aUJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQt
YmYyODg3NWFiMjYxLzEvamFUQ3p4UVp3R1ZvTWZFNXB4eTBHYm05S19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQtYmYyODg3NWFiMjYx
LzEvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYGoMA0G
CSqGSIb3DQEBCwUAA4IBAQA6EihhvAToHANnDrOdD++fxGD+r09+yWzlOnEtWn39
q7sbLHUQ+IcZJKS3bijrU/oeTnOuaMA079esFOZYVSk0KjtYAVAz3/5MAwvouMES
lzW0r/d3dBJSHVGkA03QEon6a4FtFQzJK6EwxXmaFD9ZQIo1S/ufYYZKRlWEoBtE
BWLB+czjFOQOgebjafjyyt3AwNslsSjNzEHgXVIZGJ+B/olyRlPrJNg6x2Bhz5He
uZcKslIpavYCdTbE0D2bjAHFZastOa46IeokRHcCzE/zBJNuud/0I+eDyyOYo2MQ
F1/JNZXml7BUGgjxNxnadYQSRRa21jH8Xqxqit05oBD5
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:06:07 2026 by rpki-client