Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/Jpv9SoI3kGDyqv0pBDJ7LN0fBHk.roa
File: Jpv9SoI3kGDyqv0pBDJ7LN0fBHk.roa (raw, json)
Hash identifier: 9hKDjqkV+zjeJgPKdV8lkrKW71TW0AgzmRdy+RD5KHQ=
Subject key identifier: 26:9B:FD:4A:82:37:90:60:F2:AA:FD:29:04:32:7B:2C:DD:1F:04:79
Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial: 019C519740D132411451754919BF255DD1FE
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/Jpv9SoI3kGDyqv0pBDJ7LN0fBHk.roa
Signing time: Thu 12 Feb 2026 11:23:12 +0000
ROA not before: Thu 12 Feb 2026 11:23:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30764
IP address blocks: 46.47.128.0/18 maxlen: 18
62.129.32.0/19 maxlen: 19
78.157.128.0/19 maxlen: 19
82.209.0.0/18 maxlen: 18
85.135.0.0/17 maxlen: 17
89.29.0.0/17 maxlen: 17
94.242.64.0/18 maxlen: 18
128.0.176.0/20 maxlen: 20
164.215.112.0/20 maxlen: 20
185.5.68.0/22 maxlen: 22
193.165.0.0/16 maxlen: 16
193.165.0.0/24 maxlen: 24
193.165.57.0/24 maxlen: 24
193.165.58.0/23 maxlen: 23
193.165.61.0/24 maxlen: 24
193.165.96.0/23 maxlen: 23
193.165.236.0/23 maxlen: 23
212.109.176.0/20 maxlen: 20
213.216.32.0/19 maxlen: 19
2a00:ca8::/32 maxlen: 32
2a02:c38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:97:40:d1:32:41:14:51:75:49:19:bf:25:5d:d1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Validity
Not Before: Feb 12 11:23:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=269bfd4a82379060f2aafd2904327b2cdd1f0479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6e:e8:ef:c5:d6:a6:0f:e2:2f:90:e2:c0:9e:
83:59:ee:3e:bf:5c:91:09:03:78:48:6c:e3:f9:14:
87:76:39:79:0e:10:49:66:74:89:82:da:52:f3:5d:
4c:7e:56:99:73:f1:79:ab:3b:45:7a:42:43:b7:c6:
82:3e:96:a3:de:59:89:b2:c0:f1:ca:e0:9b:9a:40:
79:ed:a2:db:fe:74:85:0a:5d:6f:27:7e:05:ad:00:
8d:ff:5c:d1:1a:21:ec:93:fd:56:02:ce:80:13:ab:
cf:ee:58:23:96:87:f9:d3:ea:e6:a4:eb:5e:0d:cd:
94:ab:38:55:ff:da:28:da:cd:2e:ba:45:89:98:32:
bf:35:f7:11:38:20:82:fe:04:0f:10:a3:3d:66:17:
07:d2:7d:c9:86:e2:12:f5:28:93:12:e4:39:a0:8d:
55:39:94:c6:c0:3e:69:6d:e5:98:a3:a8:f8:d1:4a:
02:86:fe:a4:79:77:e4:12:4b:3e:19:ab:23:95:07:
b1:3e:8c:dc:29:20:51:c8:1f:f9:9b:fa:aa:5a:80:
a5:af:f1:f7:d1:a4:52:e2:4c:13:18:a0:99:94:c6:
8c:29:04:a2:c0:0f:8f:b5:55:93:ce:30:6d:9f:37:
14:1f:9e:93:0b:b5:53:52:68:89:6a:c1:88:3c:94:
2b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9B:FD:4A:82:37:90:60:F2:AA:FD:29:04:32:7B:2C:DD:1F:04:79
X509v3 Authority Key Identifier:
keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/Jpv9SoI3kGDyqv0pBDJ7LN0fBHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.128.0/18
62.129.32.0/19
78.157.128.0/19
82.209.0.0/18
85.135.0.0/17
89.29.0.0/17
94.242.64.0/18
128.0.176.0/20
164.215.112.0/20
185.5.68.0/22
193.165.0.0/16
212.109.176.0/20
213.216.32.0/19
IPv6:
2a00:ca8::/32
2a02:c38::/32
Signature Algorithm: sha256WithRSAEncryption
2a:9e:8d:49:c3:6c:7c:e2:3a:b6:be:38:fb:83:a8:f8:d8:0b:
7b:9c:82:57:34:cd:0d:98:b6:87:21:e6:68:fb:a5:95:7b:b7:
fd:3f:70:49:a0:21:4f:ea:32:8d:7f:d8:f3:a2:c1:4c:9b:41:
ac:1a:e3:c7:22:84:f1:4d:e1:28:6e:12:2f:77:1a:0e:30:31:
cd:3b:2d:13:de:38:7e:27:1e:d1:9f:7c:f4:6e:32:d9:2f:ef:
47:4a:04:e9:d6:3e:83:97:6e:88:06:91:e1:d3:8a:6f:47:6b:
78:7d:b4:92:5a:5c:a4:1a:df:69:7d:0f:5a:0b:c3:93:95:3e:
01:1b:d0:31:6a:26:39:89:1b:22:83:7e:31:14:18:76:b7:48:
f3:37:0d:ec:04:67:16:76:ce:c4:f4:15:c6:5c:29:c1:b4:13:
3a:bb:4e:18:50:21:a6:b1:ea:af:35:e8:3b:6b:34:4e:62:0c:
68:8f:b1:8c:30:b6:63:d9:54:cc:43:46:20:b1:4b:e7:91:84:
44:0c:6a:33:8b:98:f3:16:83:c7:a8:3f:65:7f:cb:2c:5b:a4:
14:a3:39:a3:5d:06:46:63:46:32:e6:c0:0f:c0:82:3b:dc:fe:
80:25:ef:b5:4a:89:76:ad:c6:74:ae:c5:6d:f6:aa:3d:1a:33:
83:33:25:b3
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZxRl0DRMkEUUXVJGb8lXdH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjYwMjEyMTEyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjliZmQ0YTgyMzc5MDYwZjJhYWZkMjkwNDMyN2IyY2RkMWYwNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW7o78XWpg/iL5DiwJ6DWe4+v1yR
CQN4SGzj+RSHdjl5DhBJZnSJgtpS811MflaZc/F5qztFekJDt8aCPpaj3lmJssDx
yuCbmkB57aLb/nSFCl1vJ34FrQCN/1zRGiHsk/1WAs6AE6vP7lgjlof50+rmpOte
Dc2UqzhV/9oo2s0uukWJmDK/NfcROCCC/gQPEKM9ZhcH0n3JhuIS9SiTEuQ5oI1V
OZTGwD5pbeWYo6j40UoChv6keXfkEks+GasjlQexPozcKSBRyB/5m/qqWoClr/H3
0aRS4kwTGKCZlMaMKQSiwA+PtVWTzjBtnzcUH56TC7VTUmiJasGIPJQrkQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCab/UqCN5Bg8qr9KQQyeyzdHwR5MB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvSnB2OVNvSTNrR0R5cXYwcEJESjdMTjBmQkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm
LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBTBAIAATBNAwQGLi+AAwQF
PoEgAwQFTp2AAwQGUtEAAwQHVYcAAwQHWR0AAwQGXvJAAwQEgACwAwQEpNdwAwQC
uQVEAwMAwaUDBATUbbADBAXV2CAwFAQCAAIwDgMFACoADKgDBQAqAgw4MA0GCSqG
SIb3DQEBCwUAA4IBAQAqno1Jw2x84jq2vjj7g6j42At7nIJXNM0NmLaHIeZo+6WV
e7f9P3BJoCFP6jKNf9jzosFMm0GsGuPHIoTxTeEobhIvdxoOMDHNOy0T3jh+Jx7R
n3z0bjLZL+9HSgTp1j6Dl26IBpHh04pvR2t4fbSSWlykGt9pfQ9aC8OTlT4BG9Ax
aiY5iRsig34xFBh2t0jzNw3sBGcWds7E9BXGXCnBtBM6u04YUCGmseqvNeg7azRO
Ygxoj7GMMLZj2VTMQ0YgsUvnkYREDGozi5jzFoPHqD9lf8ssW6QUozmjXQZGY0Yy
5sAPwII73P6AJe+1Sol2rcZ0rsVt9qo9GjODMyWz
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:13:35 2026 by rpki-client