Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/PJp6DbhLKKKJBHIjV1dFl7mxtw4.roa
File: PJp6DbhLKKKJBHIjV1dFl7mxtw4.roa (raw, json)
Hash identifier: syNKE4d6EsnVmU6S6ul2WC5ym8D/rC72+oaHb43GzTA=
Subject key identifier: 3C:9A:7A:0D:B8:4B:28:A2:89:04:72:23:57:57:45:97:B9:B1:B7:0E
Certificate issuer: /CN=98e18fadaef7232d3161886acbea8ab323cf3570
Certificate serial: 019D4DAE0F108F74435ED96B5B32E4453566
Authority key identifier: 98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/PJp6DbhLKKKJBHIjV1dFl7mxtw4.roa
Signing time: Thu 02 Apr 2026 10:12:25 +0000
ROA not before: Thu 02 Apr 2026 10:12:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204689
IP address blocks: 185.222.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:ae:0f:10:8f:74:43:5e:d9:6b:5b:32:e4:45:35:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e18fadaef7232d3161886acbea8ab323cf3570
Validity
Not Before: Apr 2 10:12:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c9a7a0db84b28a28904722357574597b9b1b70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2e:1b:4b:4e:05:0d:ee:7c:bc:ab:33:f5:67:
88:0e:2e:ce:a3:d2:e4:ed:a7:10:ab:04:60:84:0c:
45:06:92:84:2e:33:71:08:bc:52:7b:31:a3:b0:c7:
c3:1d:58:34:5c:1a:e0:4b:b8:11:6b:d8:08:cc:80:
07:d2:c2:12:44:41:95:da:ce:8d:8b:0c:3c:e7:2a:
6d:9c:b6:a3:9f:b0:1f:3f:0c:fa:8e:d0:66:f8:04:
ea:8c:b5:c6:8b:19:99:64:60:1a:df:2a:62:0d:cb:
8c:13:90:85:31:6a:5e:84:43:b6:7a:34:06:25:87:
a8:b5:1a:00:b7:a3:82:d0:1e:fe:60:f3:f1:01:0e:
94:64:17:79:84:aa:0d:92:00:83:af:5e:7d:64:1d:
bd:2e:27:8a:82:50:18:4c:f1:d1:51:23:c6:3c:b5:
5a:a8:7a:d3:52:79:f7:b0:cb:38:8d:5b:e4:58:eb:
1d:fb:e0:d8:21:bc:08:48:69:66:3a:33:46:18:c3:
51:73:30:58:9f:85:b0:fe:8b:87:c5:cf:a0:fd:88:
85:ef:ca:77:d6:3e:bc:e3:de:30:84:71:92:7d:c6:
bc:69:26:7e:85:dc:df:07:8d:c0:fb:46:c1:e4:48:
59:32:41:02:59:4c:e6:fb:0e:02:1b:c2:b6:d9:c5:
c0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9A:7A:0D:B8:4B:28:A2:89:04:72:23:57:57:45:97:B9:B1:B7:0E
X509v3 Authority Key Identifier:
keyid:98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/PJp6DbhLKKKJBHIjV1dFl7mxtw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.251.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c3:89:f8:a5:3b:62:e0:3b:0d:42:90:1d:30:3f:d2:e6:5c:
6c:9f:6a:b0:94:b5:a7:d9:33:0f:7f:c2:cc:22:8c:ce:80:d9:
5a:b6:2b:da:19:51:ca:59:a5:60:bd:f4:e4:a3:cb:ab:d3:32:
6d:77:e0:db:3b:12:68:df:18:25:c8:ea:b9:f7:e6:7a:c2:da:
f5:89:ee:6c:81:cf:d8:31:08:0f:fb:4d:39:13:09:d7:ab:d7:
26:68:03:12:ea:1c:2a:ff:0c:f8:09:d7:ad:9b:d2:c7:0e:36:
8a:bb:cd:14:05:5d:30:ae:40:5c:fc:a4:be:e9:82:1d:c6:48:
39:5b:f2:39:6a:09:67:ea:4a:68:25:c6:6c:3f:33:0d:9d:d0:
fe:75:b7:11:f7:a5:9b:11:50:e6:4e:b6:dd:c9:8d:6e:94:e0:
f3:e6:50:bc:ef:22:15:f4:15:5c:3c:de:ce:3a:05:0c:2d:29:
e4:35:b1:f6:17:0d:bf:7f:1d:00:00:7c:0e:78:c2:13:46:f5:
64:d4:b3:d4:b5:96:45:0e:52:9e:55:04:94:d5:71:97:aa:2d:
81:b3:3d:ce:8a:31:24:1c:af:c7:5f:34:f0:39:68:df:a1:04:
e7:5d:dd:fe:92:fd:dd:07:c0:96:a9:46:f5:60:cc:d5:4e:2f:
19:86:24:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1Nrg8Qj3RDXtlrWzLkRTVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZTE4ZmFkYWVmNzIzMmQzMTYxODg2YWNiZWE4YWIzMjNj
ZjM1NzAwHhcNMjYwNDAyMTAxMjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhN2EwZGI4NGIyOGEyODkwNDcyMjM1NzU3NDU5N2I5YjFiNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni4bS04FDe58vKsz9WeIDi7Oo9Lk
7acQqwRghAxFBpKELjNxCLxSezGjsMfDHVg0XBrgS7gRa9gIzIAH0sISREGV2s6N
iww85yptnLajn7AfPwz6jtBm+ATqjLXGixmZZGAa3ypiDcuME5CFMWpehEO2ejQG
JYeotRoAt6OC0B7+YPPxAQ6UZBd5hKoNkgCDr159ZB29LieKglAYTPHRUSPGPLVa
qHrTUnn3sMs4jVvkWOsd++DYIbwISGlmOjNGGMNRczBYn4Ww/ouHxc+g/YiF78p3
1j68494whHGSfca8aSZ+hdzfB43A+0bB5EhZMkECWUzm+w4CG8K22cXACwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyaeg24SyiiiQRyI1dXRZe5sbcOMB8GA1UdIwQY
MBaAFJjhj62u9yMtMWGIasvqirMjzzVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2Njct
NzIxODg1NTY0NmUzLzEvUEpwNkRiaExLS0tKQkhJalYxZEZsN214dHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2NjctNzIxODg1NTY0NmUz
LzEvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud77MA0G
CSqGSIb3DQEBCwUAA4IBAQClw4n4pTti4DsNQpAdMD/S5lxsn2qwlLWn2TMPf8LM
IozOgNlativaGVHKWaVgvfTko8ur0zJtd+DbOxJo3xglyOq59+Z6wtr1ie5sgc/Y
MQgP+005EwnXq9cmaAMS6hwq/wz4Cdetm9LHDjaKu80UBV0wrkBc/KS+6YIdxkg5
W/I5agln6kpoJcZsPzMNndD+dbcR96WbEVDmTrbdyY1ulODz5lC87yIV9BVcPN7O
OgUMLSnkNbH2Fw2/fx0AAHwOeMITRvVk1LPUtZZFDlKeVQSU1XGXqi2Bsz3OijEk
HK/HXzTwOWjfoQTnXd3+kv3dB8CWqUb1YMzVTi8ZhiT+
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:12:52 2026 by rpki-client