Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JED2jNb_I2x8TXpsZVKYopVgfTE.roa
File: JED2jNb_I2x8TXpsZVKYopVgfTE.roa (raw, json)
Hash identifier: 0TJN920LVcD7TSefe1OWBqkPbwe3z+h9LIr6lP0lT7I=
Subject key identifier: 24:40:F6:8C:D6:FF:23:6C:7C:4D:7A:6C:65:52:98:A2:95:60:7D:31
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019D7093B23E227A8DAF6F35CD2AD029945F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JED2jNb_I2x8TXpsZVKYopVgfTE.roa
Signing time: Thu 09 Apr 2026 04:50:20 +0000
ROA not before: Thu 09 Apr 2026 04:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401838
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.85.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:93:b2:3e:22:7a:8d:af:6f:35:cd:2a:d0:29:94:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 9 04:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2440f68cd6ff236c7c4d7a6c655298a295607d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c0:a6:3b:e5:5a:f7:f1:49:9d:e9:2d:eb:3b:
07:99:69:d5:03:a7:37:13:a0:b0:3d:aa:68:ed:f2:
b3:ae:07:56:8b:99:58:14:4c:32:b5:67:23:6d:27:
ad:91:56:93:25:4f:13:36:5b:42:40:57:cd:01:b4:
70:e4:6e:a2:02:16:78:62:ea:4d:98:45:dc:b3:21:
5b:30:79:a8:ad:80:fa:36:a7:8a:6c:ea:58:8c:44:
7b:9d:06:a8:e6:28:d5:79:da:4b:11:ec:ab:85:b2:
d1:9c:cf:0d:65:18:76:d4:7b:49:28:3b:ab:77:77:
8e:38:3b:f9:d4:ee:25:9b:20:18:f4:c5:be:7b:80:
7e:01:fb:0b:21:be:52:a3:66:b6:8f:b4:78:59:28:
72:cc:6d:1f:33:2a:79:19:e9:b0:be:2d:36:a8:35:
37:f0:e3:fa:af:ee:d2:e5:f3:eb:95:b1:79:25:4f:
3a:77:85:46:65:1a:30:db:aa:d2:81:8c:5d:20:2c:
0f:dd:9c:fb:d4:7c:9f:b5:eb:88:65:32:16:c6:32:
7a:a7:da:38:1b:fd:f7:e6:d4:d0:2e:dd:cc:13:20:
8b:3f:71:b7:30:33:1f:3e:f7:a3:59:30:ed:51:4c:
27:d8:82:00:64:81:fc:0b:93:b7:18:62:79:15:9a:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:40:F6:8C:D6:FF:23:6C:7C:4D:7A:6C:65:52:98:A2:95:60:7D:31
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JED2jNb_I2x8TXpsZVKYopVgfTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.37.119.0/24
89.38.228.0/23
89.40.82.0/24
89.42.80.0-89.42.82.255
89.42.85.0-89.42.86.255
89.42.89.0/24
89.42.92.0/23
89.43.140.0/24
89.43.142.0/23
89.46.3.0-89.46.4.255
89.47.99.0/24
89.47.115.0/24
89.47.117.0/24
89.47.119.0/24
89.47.123.0-89.47.126.255
93.113.181.0/24
93.113.183.0/24
93.114.90.0/23
93.119.106.0/24
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
69:94:79:20:e2:09:08:ba:5f:ca:b8:f5:54:3a:1d:e8:fd:f1:
9c:e9:a2:ce:bb:d2:53:90:2c:ea:ba:43:57:07:e8:d8:c8:d9:
7a:90:ba:f7:d3:8a:cf:15:29:a1:e3:b5:0d:fa:cb:df:88:47:
84:59:6b:e0:b6:18:3c:9b:01:b3:fa:c7:9b:9d:cd:e9:66:2c:
62:83:61:3f:2a:cd:9f:77:22:8b:73:0f:1c:b1:60:d0:cf:8f:
0e:a0:47:2f:03:2e:d6:f4:86:77:e2:24:93:07:76:4e:e1:b7:
d0:51:01:1f:ac:ec:b5:6b:a7:ec:60:4e:79:6f:70:ef:aa:9a:
53:2b:5d:3d:97:f8:30:70:0a:c7:29:4c:46:55:a4:fa:7f:bf:
94:55:85:f9:34:e7:4d:67:e1:e5:32:bd:82:19:2e:84:51:c4:
9f:54:9e:39:76:f1:29:58:4f:00:7e:dd:1b:ec:64:3c:54:f1:
dd:d3:a9:47:67:30:67:cc:81:9a:42:95:52:40:8e:3f:0e:8d:
4c:35:ed:20:40:a3:9f:8b:f1:ab:7c:4c:cf:ae:e1:49:45:e0:
8a:7a:e5:dd:7a:59:79:9c:d4:9c:4d:03:b5:fb:ab:32:50:2d:
cb:f8:87:b9:1b:1a:6c:09:aa:9d:cf:41:0b:4a:d1:e7:f6:58:
b3:ec:ca:db
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZ1wk7I+InqNr281zSrQKZRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNDA5MDQ1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQwZjY4Y2Q2ZmYyMzZjN2M0ZDdhNmM2NTUyOThhMjk1NjA3ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsCmO+Va9/FJnekt6zsHmWnVA6c3
E6CwPapo7fKzrgdWi5lYFEwytWcjbSetkVaTJU8TNltCQFfNAbRw5G6iAhZ4YupN
mEXcsyFbMHmorYD6NqeKbOpYjER7nQao5ijVedpLEeyrhbLRnM8NZRh21HtJKDur
d3eOODv51O4lmyAY9MW+e4B+AfsLIb5So2a2j7R4WShyzG0fMyp5Gemwvi02qDU3
8OP6r+7S5fPrlbF5JU86d4VGZRow26rSgYxdICwP3Zz71HyfteuIZTIWxjJ6p9o4
G/335tTQLt3MEyCLP3G3MDMfPvejWTDtUUwn2IIAZIH8C5O3GGJ5FZrDHQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFCRA9ozW/yNsfE16bGVSmKKVYH0xMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSkVEMmpOYl9JMng4VFhwc1pWS1lvcFZnZlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAFZ
IuADBABZIuQDBABZIucDBABZJXcDBAFZJuQDBABZKFIwDAMEBFkqUAMEAFkqUjAM
AwQAWSpVAwQAWSpWAwQAWSpZAwQBWSpcAwQAWSuMAwQBWSuOMAwDBABZLgMDBABZ
LgQDBABZL2MDBABZL3MDBABZL3UDBABZL3cwDAMEAFkvewMEAFkvfgMEAF1xtQME
AF1xtwMEAV1yWgMEAF13agMEALllaTANBgkqhkiG9w0BAQsFAAOCAQEAaZR5IOIJ
CLpfyrj1VDod6P3xnOmizrvSU5As6rpDVwfo2MjZepC699OKzxUpoeO1DfrL34hH
hFlr4LYYPJsBs/rHm53N6WYsYoNhPyrNn3cii3MPHLFg0M+PDqBHLwMu1vSGd+Ik
kwd2TuG30FEBH6zstWun7GBOeW9w76qaUytdPZf4MHAKxylMRlWk+n+/lFWF+TTn
TWfh5TK9ghkuhFHEn1SeOXbxKVhPAH7dG+xkPFTx3dOpR2cwZ8yBmkKVUkCOPw6N
TDXtIECjn4vxq3xMz67hSUXginrl3XpZeZzUnE0DtfurMlAty/iHuRsabAmqnc9B
C0rR5/ZYs+zK2w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:40:21 2026 by rpki-client