Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JEEGQ3e_dJF9l4TiXQZAf8prmIY.roa
File: JEEGQ3e_dJF9l4TiXQZAf8prmIY.roa (raw, json)
Hash identifier: IsUgfp4MySeSAcdfCtVeGNyHn6tKxGd57NxZ+4hH8Mo=
Subject key identifier: 24:41:06:43:77:BF:74:91:7D:97:84:E2:5D:06:40:7F:CA:6B:98:86
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019C03C9A0A78C5E4C0AE4A19D526E6465F3
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JEEGQ3e_dJF9l4TiXQZAf8prmIY.roa
Signing time: Wed 28 Jan 2026 08:47:51 +0000
ROA not before: Wed 28 Jan 2026 08:47:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51026
IP address blocks: 62.220.124.0/23 maxlen: 24
62.220.126.0/24 maxlen: 24
62.220.127.0/24 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.24.0/24 maxlen: 24
81.12.25.0/24 maxlen: 24
81.12.26.0/24 maxlen: 24
81.12.27.0/24 maxlen: 24
81.12.30.0/24 maxlen: 24
81.12.31.0/24 maxlen: 24
87.107.6.0/23 maxlen: 24
87.107.8.0/23 maxlen: 24
87.107.108.0/23 maxlen: 24
87.107.110.0/23 maxlen: 24
87.107.110.0/24 maxlen: 24
87.107.111.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:03:c9:a0:a7:8c:5e:4c:0a:e4:a1:9d:52:6e:64:65:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 28 08:47:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2441064377bf74917d9784e25d06407fca6b9886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1f:b4:90:8d:5d:c0:0d:f3:c6:92:a1:47:64:
37:be:da:53:0f:4b:69:ad:9e:57:f1:bc:f6:52:26:
06:64:25:d0:76:21:69:f8:9d:8c:d5:3b:7c:57:ce:
aa:e2:c6:fa:92:6b:59:7a:94:d9:9f:90:28:b0:97:
e5:39:e4:dc:ce:f0:85:6b:59:53:99:fb:d6:77:e2:
30:d1:3e:c2:30:4e:20:f3:68:0a:cc:25:2e:bd:6a:
e3:11:1d:e1:a4:b8:6e:7c:76:9d:d5:75:49:5c:08:
13:2b:3e:58:70:0c:69:76:6e:d1:9d:6c:06:57:ed:
e4:52:94:e0:7e:64:a4:66:64:b2:7a:3d:47:8a:6e:
0b:fe:d3:7b:4d:a6:4f:15:91:df:20:10:11:62:4a:
af:26:66:d5:d6:49:1b:41:00:52:ee:41:c1:b6:09:
42:a1:ff:a4:71:8b:12:4f:5c:b3:8b:c3:12:2d:42:
08:b5:13:95:17:f3:50:68:b4:e0:74:bf:b8:de:76:
63:95:f7:ed:7c:14:2f:e6:1e:d3:a1:42:ad:25:0e:
d5:bb:95:f5:a8:74:c0:e4:47:b9:32:d0:c5:b3:4b:
ab:44:23:cd:f3:1e:f0:12:c4:4a:25:93:f3:c0:eb:
e2:5a:8b:07:ba:ea:df:1d:6f:aa:0c:15:0c:32:a9:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:41:06:43:77:BF:74:91:7D:97:84:E2:5D:06:40:7F:CA:6B:98:86
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JEEGQ3e_dJF9l4TiXQZAf8prmIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.124.0/22
81.12.24.0/22
81.12.30.0/23
87.107.6.0-87.107.9.255
87.107.108.0/22
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
55:b0:a3:98:e3:ab:02:ab:b9:5f:9c:50:1c:c0:54:74:fc:f0:
7d:d1:29:4d:c7:a6:6c:a1:47:57:d3:d7:27:e2:cc:22:7e:1f:
42:ea:e3:67:db:cf:0e:6b:42:82:85:58:e8:a9:73:7a:df:a5:
c0:bd:dc:68:c6:9e:c1:e0:f6:30:4c:93:a8:9a:c1:de:54:84:
9b:74:2f:42:46:fe:0f:1c:0f:e0:22:fd:7b:1a:54:cf:c2:c1:
64:55:84:52:4e:b3:92:13:11:10:ce:f5:d4:0f:82:f1:19:0a:
b9:4c:79:ae:0e:7e:af:65:1c:bf:f1:4f:89:42:ac:14:a5:db:
8d:11:66:f4:10:3f:87:c4:37:c1:63:2b:1e:f0:9a:81:4b:62:
8a:76:38:48:a3:71:93:54:d1:39:ff:2c:3e:23:4c:28:bb:98:
f3:3e:65:de:b6:8a:ce:8b:cc:d5:57:c0:be:f4:e1:03:1b:04:
ef:31:fe:d2:51:0b:ea:ac:29:ac:d8:00:ff:cf:34:1b:e9:8c:
c8:80:94:09:29:04:19:8a:61:90:a9:f2:a8:c6:5a:e5:27:b4:
98:87:8f:af:66:2d:29:14:f6:a1:c2:83:d4:c2:39:85:17:2f:
91:39:a4:ba:03:2e:6b:8e:7c:cb:66:ab:27:c7:ae:97:9a:50:
4e:91:80:36
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZwDyaCnjF5MCuShnVJuZGXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwMTI4MDg0NzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQxMDY0Mzc3YmY3NDkxN2Q5Nzg0ZTI1ZDA2NDA3ZmNhNmI5ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h+0kI1dwA3zxpKhR2Q3vtpTD0tp
rZ5X8bz2UiYGZCXQdiFp+J2M1Tt8V86q4sb6kmtZepTZn5AosJflOeTczvCFa1lT
mfvWd+Iw0T7CME4g82gKzCUuvWrjER3hpLhufHad1XVJXAgTKz5YcAxpdm7RnWwG
V+3kUpTgfmSkZmSyej1Him4L/tN7TaZPFZHfIBARYkqvJmbV1kkbQQBS7kHBtglC
of+kcYsST1yzi8MSLUIItROVF/NQaLTgdL+43nZjlfftfBQv5h7ToUKtJQ7Vu5X1
qHTA5Ee5MtDFs0urRCPN8x7wEsRKJZPzwOviWosHuurfHW+qDBUMMqlVHQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCRBBkN3v3SRfZeE4l0GQH/Ka5iGMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvSkVFR1EzZV9kSkY5bDRUaVhRWkFmOHBybUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCPtx8AwQC
UQwYAwQBUQweMAwDBAFXawYDBAFXawgDBAJXa2wDBABXa5ADBAFXa5gDBAFXa6YD
BAFXa64wDQYJKoZIhvcNAQELBQADggEBAFWwo5jjqwKruV+cUBzAVHT88H3RKU3H
pmyhR1fT1yfizCJ+H0Lq42fbzw5rQoKFWOipc3rfpcC93GjGnsHg9jBMk6iawd5U
hJt0L0JG/g8cD+Ai/XsaVM/CwWRVhFJOs5ITERDO9dQPgvEZCrlMea4Ofq9lHL/x
T4lCrBSl240RZvQQP4fEN8FjKx7wmoFLYop2OEijcZNU0Tn/LD4jTCi7mPM+Zd62
is6LzNVXwL704QMbBO8x/tJRC+qsKazYAP/PNBvpjMiAlAkpBBmKYZCp8qjGWuUn
tJiHj69mLSkU9qHCg9TCOYUXL5E5pLoDLmuOfMtmqyfHrpeaUE6RgDY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:50:20 2026 by rpki-client