Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/j-_-OLKpvCpzT4pF0J3tbQLvCOk.roa
File: j-_-OLKpvCpzT4pF0J3tbQLvCOk.roa (raw, json)
Hash identifier: Suu8haJW2xwfl33lBXaWemEMPHtEd4FyCegVEYmcMLQ=
Subject key identifier: 8F:EF:FE:38:B2:A9:BC:2A:73:4F:8A:45:D0:9D:ED:6D:02:EF:08:E9
Certificate issuer: /CN=c818be19c10980f15bcdee076690078491a8aa21
Certificate serial: 019B7E38C2542CF4EE0ADC0EBBDB80AA07F2
Authority key identifier: C8:18:BE:19:C1:09:80:F1:5B:CD:EE:07:66:90:07:84:91:A8:AA:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBi-GcEJgPFbze4HZpAHhJGoqiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/j-_-OLKpvCpzT4pF0J3tbQLvCOk.roa
Signing time: Fri 02 Jan 2026 10:20:07 +0000
ROA not before: Fri 02 Jan 2026 10:20:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49911
IP address blocks: 185.76.48.0/22 maxlen: 22
185.76.48.0/24 maxlen: 24
185.76.49.0/24 maxlen: 24
185.76.51.0/24 maxlen: 24
2a13:7200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/yBi-GcEJgPFbze4HZpAHhJGoqiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/yBi-GcEJgPFbze4HZpAHhJGoqiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yBi-GcEJgPFbze4HZpAHhJGoqiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:c2:54:2c:f4:ee:0a:dc:0e:bb:db:80:aa:07:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c818be19c10980f15bcdee076690078491a8aa21
Validity
Not Before: Jan 2 10:20:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8feffe38b2a9bc2a734f8a45d09ded6d02ef08e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e0:f0:7f:2a:ab:3b:c8:9d:35:00:04:94:66:
45:44:98:7d:5c:29:8d:c0:e1:e7:d9:1e:a0:a3:4e:
d4:d6:5b:2d:14:57:b7:51:07:26:c8:7c:18:4f:ba:
26:75:04:25:58:b9:17:61:5b:6d:84:f9:e5:a0:98:
d0:b0:1d:87:ea:7e:a2:6c:d5:49:e0:d5:99:b5:fd:
03:56:46:cc:19:1f:34:c7:e4:73:f1:ac:14:34:37:
f9:8e:b5:cb:03:45:3a:e6:6c:5a:dc:a6:ae:12:47:
79:06:06:13:24:da:7a:5e:bb:ba:19:f0:a0:dd:26:
42:e3:83:53:2d:82:6d:2d:6e:ec:5e:07:24:23:90:
12:ee:20:51:75:27:d4:cd:3e:64:32:a8:dd:76:9b:
6e:f9:94:6a:4f:19:4f:a9:0b:bb:57:6e:3f:86:15:
5a:31:f2:e9:cb:1f:b8:22:2c:f0:83:26:80:48:ff:
e7:80:07:2f:79:1e:42:26:d3:ef:0d:ad:f1:1f:04:
49:90:60:79:73:81:15:c2:f8:62:1e:4d:cd:b1:98:
c4:7d:b3:e5:ea:e3:53:72:15:b5:45:ef:0e:b0:d5:
21:54:2c:99:45:20:6a:ca:9f:bb:ae:28:2b:cd:be:
5c:5b:1a:85:b8:b7:aa:57:8c:5e:78:39:6e:ad:20:
e7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:EF:FE:38:B2:A9:BC:2A:73:4F:8A:45:D0:9D:ED:6D:02:EF:08:E9
X509v3 Authority Key Identifier:
keyid:C8:18:BE:19:C1:09:80:F1:5B:CD:EE:07:66:90:07:84:91:A8:AA:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBi-GcEJgPFbze4HZpAHhJGoqiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/j-_-OLKpvCpzT4pF0J3tbQLvCOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/8840f0-271e-4527-a413-6c4719bcf9ee/1/yBi-GcEJgPFbze4HZpAHhJGoqiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.48.0/22
IPv6:
2a13:7200::/29
Signature Algorithm: sha256WithRSAEncryption
3b:40:e2:94:3b:c1:a4:2b:8b:93:a9:33:ca:b2:aa:5e:de:73:
39:f0:ee:62:b7:a2:c5:07:dd:3b:1a:60:55:41:f2:56:b6:14:
1c:d8:c8:61:e6:c7:21:bf:3c:46:c4:ed:45:95:88:6a:a0:96:
b1:72:b0:ef:07:d8:59:f0:99:87:63:13:13:0a:3c:7b:ae:a9:
6a:91:4c:c3:fa:55:53:96:2c:42:ea:44:3b:70:74:94:a8:ce:
96:94:2d:ab:04:bf:06:03:7a:72:05:a8:46:ac:ec:ff:fd:b6:
5d:4d:53:f1:b3:d4:00:b3:bb:21:ec:97:fb:7d:64:18:9d:36:
d1:0d:98:3e:93:a1:86:a7:ff:14:6f:bc:a8:59:0d:fb:ef:06:
04:00:47:79:4d:93:cd:23:7e:a7:d4:dd:9f:45:79:ea:d2:de:
c7:ce:c4:07:68:b0:62:2f:d1:e9:61:2a:2f:e4:64:30:d2:0a:
12:ce:85:47:37:e3:c1:73:9e:cb:a9:54:cf:0a:72:df:cd:c5:
79:84:e5:f3:65:d2:74:f1:b1:78:a6:5b:bd:ad:4d:6c:1d:0d:
41:35:4e:3f:4f:23:ce:fc:30:1a:7f:d1:9f:59:9f:30:cc:97:
30:cb:89:82:53:b2:37:b5:2c:44:3e:dd:fb:66:b6:9a:f8:3a:
a5:a7:0d:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt+OMJULPTuCtwOu9uAqgfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MThiZTE5YzEwOTgwZjE1YmNkZWUwNzY2OTAwNzg0OTFh
OGFhMjEwHhcNMjYwMTAyMTAyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmVmZmUzOGIyYTliYzJhNzM0ZjhhNDVkMDlkZWQ2ZDAyZWYwOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoODwfyqrO8idNQAElGZFRJh9XCmN
wOHn2R6go07U1lstFFe3UQcmyHwYT7omdQQlWLkXYVtthPnloJjQsB2H6n6ibNVJ
4NWZtf0DVkbMGR80x+Rz8awUNDf5jrXLA0U65mxa3KauEkd5BgYTJNp6Xru6GfCg
3SZC44NTLYJtLW7sXgckI5AS7iBRdSfUzT5kMqjddptu+ZRqTxlPqQu7V24/hhVa
MfLpyx+4IizwgyaASP/ngAcveR5CJtPvDa3xHwRJkGB5c4EVwvhiHk3NsZjEfbPl
6uNTchW1Re8OsNUhVCyZRSBqyp+7rigrzb5cWxqFuLeqV4xeeDlurSDntQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI/v/jiyqbwqc0+KRdCd7W0C7wjpMB8GA1UdIwQY
MBaAFMgYvhnBCYDxW83uB2aQB4SRqKohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJpLUdjRUpnUEZiemU0SFpwQUhoSkdvcWlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84ODQwZjAtMjcxZS00NTI3LWE0MTMt
NmM0NzE5YmNmOWVlLzEvai1fLU9MS3B2Q3B6VDRwRjBKM3RiUUx2Q09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84ODQwZjAtMjcxZS00NTI3LWE0MTMtNmM0NzE5YmNmOWVl
LzEveUJpLUdjRUpnUEZiemU0SFpwQUhoSkdvcWlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUwwMA0E
AgACMAcDBQMqE3IAMA0GCSqGSIb3DQEBCwUAA4IBAQA7QOKUO8GkK4uTqTPKsqpe
3nM58O5it6LFB907GmBVQfJWthQc2Mhh5schvzxGxO1FlYhqoJaxcrDvB9hZ8JmH
YxMTCjx7rqlqkUzD+lVTlixC6kQ7cHSUqM6WlC2rBL8GA3pyBahGrOz//bZdTVPx
s9QAs7sh7Jf7fWQYnTbRDZg+k6GGp/8Ub7yoWQ377wYEAEd5TZPNI36n1N2fRXnq
0t7HzsQHaLBiL9HpYSov5GQw0goSzoVHN+PBc57LqVTPCnLfzcV5hOXzZdJ08bF4
plu9rU1sHQ1BNU4/TyPO/DAaf9GfWZ8wzJcwy4mCU7I3tSxEPt37Zraa+Dqlpw1q
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:05:21 2026 by rpki-client