Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/JfAxYSslNRgXCvxTlHkjURGg_tA.roa
File: JfAxYSslNRgXCvxTlHkjURGg_tA.roa (raw, json)
Hash identifier: 1wkFd6nRFSOKqVQcfvyLq2KKje8vaNBC709RUWhAcGk=
Subject key identifier: 25:F0:31:61:2B:25:35:18:17:0A:FC:53:94:79:23:51:11:A0:FE:D0
Certificate issuer: /CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Certificate serial: 019B7D5CFA23E0542E52AEB5462C70385974
Authority key identifier: 00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/JfAxYSslNRgXCvxTlHkjURGg_tA.roa
Signing time: Fri 02 Jan 2026 06:20:03 +0000
ROA not before: Fri 02 Jan 2026 06:20:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50257
IP address blocks: 185.10.172.0/22 maxlen: 22
185.10.172.0/23 maxlen: 23
185.10.172.0/24 maxlen: 24
185.10.173.0/24 maxlen: 24
185.10.174.0/23 maxlen: 23
185.10.174.0/24 maxlen: 24
185.10.175.0/24 maxlen: 24
185.99.4.0/23 maxlen: 23
185.99.4.0/24 maxlen: 24
185.99.5.0/24 maxlen: 24
185.99.6.0/24 maxlen: 24
185.99.7.0/24 maxlen: 24
195.191.4.0/23 maxlen: 23
195.191.4.0/24 maxlen: 24
195.191.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:fa:23:e0:54:2e:52:ae:b5:46:2c:70:38:59:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Validity
Not Before: Jan 2 06:20:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25f031612b253518170afc539479235111a0fed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:22:e5:5f:a9:7c:6d:12:a7:ad:ea:09:20:95:
ee:d2:16:cd:f9:64:04:a9:85:66:c8:e8:2b:79:3d:
22:a5:d3:42:5e:17:ad:20:3a:e4:0b:66:75:0a:17:
77:82:48:69:80:15:47:1d:b0:60:6d:20:9c:70:a9:
9a:e0:1d:58:c6:d8:10:8c:71:30:3d:9f:2b:e7:e3:
1e:2b:52:43:95:e2:5b:ad:1f:fa:da:89:37:5e:63:
f5:25:de:97:89:88:90:b5:0e:e7:95:d0:e6:09:bb:
3a:6e:a3:e6:35:e4:1a:c9:7d:00:91:23:c9:e8:68:
ce:75:12:a3:e2:f8:3c:ae:29:e0:9b:2e:31:25:f6:
63:7c:ff:4f:90:21:11:52:27:1c:51:9a:59:53:d3:
69:fe:be:df:7d:40:43:2f:85:97:f6:c6:e1:2d:e0:
8a:56:50:ea:be:2d:1e:6d:50:71:98:58:b3:ca:07:
40:31:d4:55:07:11:36:b1:9e:51:94:97:13:37:2a:
ae:4e:c7:2d:60:b3:09:bb:00:aa:2b:5f:cb:b4:c6:
2b:7e:99:42:70:42:0b:bf:6a:0c:e2:c2:24:46:0a:
87:c4:7a:bb:43:9e:08:b0:fb:d1:49:1a:cf:3e:7e:
d8:97:67:46:6c:a4:a5:cb:92:d8:76:eb:43:55:97:
3d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F0:31:61:2B:25:35:18:17:0A:FC:53:94:79:23:51:11:A0:FE:D0
X509v3 Authority Key Identifier:
keyid:00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/JfAxYSslNRgXCvxTlHkjURGg_tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.172.0/22
185.99.4.0/22
195.191.4.0/23
Signature Algorithm: sha256WithRSAEncryption
88:3e:aa:1a:23:2d:17:21:95:65:40:d4:b4:2d:78:10:23:59:
4e:f3:b7:12:ac:36:33:c6:8b:f4:de:19:ea:ba:50:d4:d6:ba:
05:4a:7d:c9:46:ee:c9:82:de:c7:b1:ac:82:34:00:83:49:a2:
d6:d0:e8:27:dd:fb:50:77:5d:c2:e8:39:db:78:d0:3f:94:42:
7f:51:ee:51:e6:6c:42:48:12:dc:d9:37:8e:d5:2c:c5:06:b8:
71:43:53:97:cb:f6:95:fe:ea:e5:85:33:54:86:9e:c3:8e:c8:
65:31:43:4c:cc:2a:80:c8:8b:61:d6:f5:0c:85:89:2c:c2:17:
69:17:b4:9a:c1:5d:59:4a:37:21:e8:07:df:47:af:08:1e:e1:
a9:60:9f:a1:0f:64:a7:38:90:03:32:50:34:ff:fd:98:f8:91:
56:17:b3:ce:5c:07:78:19:02:ea:0b:6a:71:34:61:4f:e7:66:
f4:a3:51:8e:db:4d:23:d2:12:bf:1f:4b:7f:98:2a:2c:0d:7b:
ec:06:ee:f0:67:8a:53:e3:03:6d:f1:84:da:29:d2:b9:06:bc:
83:b1:55:bf:7b:eb:d6:96:36:e5:64:fd:31:90:10:5a:b5:bd:
77:84:30:87:9e:f7:51:bd:67:2b:df:17:a6:30:04:03:fa:04:
ca:0b:f1:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt9XPoj4FQuUq61RixwOFl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmM4ODY1YmMyYTA3ZTRhY2ZlYjI2M2I0ZDljZjYyNDYw
ZmQ1MjMwHhcNMjYwMTAyMDYyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWYwMzE2MTJiMjUzNTE4MTcwYWZjNTM5NDc5MjM1MTExYTBmZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iLlX6l8bRKnreoJIJXu0hbN+WQE
qYVmyOgreT0ipdNCXhetIDrkC2Z1Chd3gkhpgBVHHbBgbSCccKma4B1YxtgQjHEw
PZ8r5+MeK1JDleJbrR/62ok3XmP1Jd6XiYiQtQ7nldDmCbs6bqPmNeQayX0AkSPJ
6GjOdRKj4vg8ringmy4xJfZjfP9PkCERUiccUZpZU9Np/r7ffUBDL4WX9sbhLeCK
VlDqvi0ebVBxmFizygdAMdRVBxE2sZ5RlJcTNyquTsctYLMJuwCqK1/LtMYrfplC
cEILv2oM4sIkRgqHxHq7Q54IsPvRSRrPPn7Yl2dGbKSly5LYdutDVZc9hQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXwMWErJTUYFwr8U5R5I1ERoP7QMB8GA1UdIwQY
MBaAFAAsiGW8KgfkrP6yY7TZz2JGD9UjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjIt
YTYwYzIwYzhmNzE3LzEvSmZBeFlTc2xOUmdYQ3Z4VGxIa2pVUkdnX3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3
LzEvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQqsAwQC
uWMEAwQBw78EMA0GCSqGSIb3DQEBCwUAA4IBAQCIPqoaIy0XIZVlQNS0LXgQI1lO
87cSrDYzxov03hnqulDU1roFSn3JRu7Jgt7HsayCNACDSaLW0Ogn3ftQd13C6Dnb
eNA/lEJ/Ue5R5mxCSBLc2TeO1SzFBrhxQ1OXy/aV/urlhTNUhp7DjshlMUNMzCqA
yIth1vUMhYkswhdpF7SawV1ZSjch6AffR68IHuGpYJ+hD2SnOJADMlA0//2Y+JFW
F7POXAd4GQLqC2pxNGFP52b0o1GO200j0hK/H0t/mCosDXvsBu7wZ4pT4wNt8YTa
KdK5BryDsVW/e+vWljblZP0xkBBatb13hDCHnvdRvWcr3xemMAQD+gTKC/GQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:19:19 2026 by rpki-client