Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/JCgQ0jhtvNytc6rDfzGCSk5A3As.roa
File: JCgQ0jhtvNytc6rDfzGCSk5A3As.roa (raw, json)
Hash identifier: IgPkxCZ8kwTcJu+Ih3BQQ8FfdfzcKieEcV9mrQhcpmg=
Subject key identifier: 24:28:10:D2:38:6D:BC:DC:AD:73:AA:C3:7F:31:82:4A:4E:40:DC:0B
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019C8ECF77290BE1DB11E37FFB9E75000C26
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/JCgQ0jhtvNytc6rDfzGCSk5A3As.roa
Signing time: Tue 24 Feb 2026 08:41:27 +0000
ROA not before: Tue 24 Feb 2026 08:41:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 84.55.8.0/22 maxlen: 24
88.223.44.0/24 maxlen: 24
88.223.46.0/24 maxlen: 24
88.223.168.0/24 maxlen: 24
88.223.169.0/24 maxlen: 24
95.173.48.0/24 maxlen: 24
95.173.49.0/24 maxlen: 24
95.173.50.0/24 maxlen: 24
95.173.51.0/24 maxlen: 24
95.173.57.0/24 maxlen: 24
95.173.58.0/24 maxlen: 24
95.173.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:cf:77:29:0b:e1:db:11:e3:7f:fb:9e:75:00:0c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Feb 24 08:41:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=242810d2386dbcdcad73aac37f31824a4e40dc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:60:96:f4:69:f9:fd:fa:e0:19:35:fc:d9:13:
9e:fe:ec:f1:15:d5:90:e9:b3:36:73:4b:b7:5f:2d:
01:ec:bb:02:ea:d8:c6:7b:e8:cb:72:40:f9:6f:26:
b5:dd:78:03:24:8b:2f:5e:f1:e6:64:fc:a3:d9:ed:
af:3b:7a:c3:b4:c8:7a:71:4e:aa:f0:24:6d:43:a6:
ab:90:b0:de:3c:67:cc:69:e4:bb:10:d7:24:2a:d2:
2c:65:1e:85:f9:ed:b1:35:03:78:f9:91:eb:88:4c:
9a:1b:6e:89:66:46:55:77:8b:9c:25:05:f0:0f:06:
17:aa:0a:41:94:a5:79:51:84:af:9b:d1:12:b0:56:
30:eb:a9:48:38:15:d2:7f:fb:f1:a3:b6:b5:6b:dd:
8b:00:03:31:47:1b:0f:01:bf:dd:ed:5f:33:5b:6c:
89:03:5f:33:9e:1c:05:04:7f:97:c5:5e:3c:28:cc:
04:35:d6:c9:d0:c2:c8:4f:4e:42:09:2c:27:cb:b4:
fa:9a:8c:29:05:86:55:fa:55:5f:87:0a:9c:f1:3f:
8c:4b:83:68:70:3f:31:46:da:79:ba:4a:40:19:58:
76:04:fd:96:fe:c1:de:2c:91:2c:16:75:ba:53:bf:
56:c1:e4:96:e5:d2:0f:fb:c9:62:59:9c:50:4c:b8:
5e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:28:10:D2:38:6D:BC:DC:AD:73:AA:C3:7F:31:82:4A:4E:40:DC:0B
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/JCgQ0jhtvNytc6rDfzGCSk5A3As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.8.0/22
88.223.44.0/24
88.223.46.0/24
88.223.168.0/23
95.173.48.0/22
95.173.57.0-95.173.58.255
95.173.60.0/24
Signature Algorithm: sha256WithRSAEncryption
59:64:7b:3b:bb:44:25:c7:54:88:4c:3a:38:bc:4c:6c:d9:f3:
89:b0:64:72:f3:c9:08:ff:98:1b:10:a5:2c:8e:9b:f3:a4:f8:
b6:67:18:df:23:01:fa:7c:83:e2:b8:3f:6e:9b:30:a1:85:62:
2f:88:7f:2f:32:6c:ab:17:71:c6:98:5a:ab:b2:8c:b9:57:fe:
b0:1d:23:c3:1f:7d:96:14:a3:e8:6b:58:00:e0:35:5c:25:8f:
2e:d7:26:01:82:8b:e9:d8:c7:1e:fa:9b:c4:0a:36:37:ab:7f:
5a:fe:63:6b:c1:d2:c2:dc:20:1e:06:31:72:f8:6f:7c:ce:5a:
02:9d:fd:40:13:ee:75:0f:64:2a:1a:4e:6e:9d:24:a3:78:2c:
4f:e7:96:01:bd:2f:ae:4f:a4:98:04:f2:fc:16:e9:4f:3b:94:
a6:09:18:34:cf:04:b9:b8:5c:19:d4:a3:0b:db:da:dc:ac:06:
08:16:0b:7c:57:8f:08:9b:11:0e:90:e1:47:69:34:7c:2d:d2:
bb:b4:d7:36:1c:45:4b:d7:07:bb:5b:29:0a:0f:23:aa:7b:7a:
cb:a7:c0:70:4b:79:8b:10:4b:90:af:a4:6d:67:5b:11:1d:5d:
44:e2:5c:3b:16:81:cc:c7:67:38:99:7b:8f:0e:e4:3e:83:90:
cd:ff:45:d6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZyOz3cpC+HbEeN/+551AAwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwMjI0MDg0MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDI4MTBkMjM4NmRiY2RjYWQ3M2FhYzM3ZjMxODI0YTRlNDBkYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GCW9Gn5/frgGTX82ROe/uzxFdWQ
6bM2c0u3Xy0B7LsC6tjGe+jLckD5bya13XgDJIsvXvHmZPyj2e2vO3rDtMh6cU6q
8CRtQ6arkLDePGfMaeS7ENckKtIsZR6F+e2xNQN4+ZHriEyaG26JZkZVd4ucJQXw
DwYXqgpBlKV5UYSvm9ESsFYw66lIOBXSf/vxo7a1a92LAAMxRxsPAb/d7V8zW2yJ
A18znhwFBH+XxV48KMwENdbJ0MLIT05CCSwny7T6mowpBYZV+lVfhwqc8T+MS4No
cD8xRtp5ukpAGVh2BP2W/sHeLJEsFnW6U79WweSW5dIP+8liWZxQTLheaQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCQoENI4bbzcrXOqw38xgkpOQNwLMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvSkNnUTBqaHR2Tnl0YzZyRGZ6R0NTazVBM0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCVDcIAwQA
WN8sAwQAWN8uAwQBWN+oAwQCX60wMAwDBABfrTkDBABfrToDBABfrTwwDQYJKoZI
hvcNAQELBQADggEBAFlkezu7RCXHVIhMOji8TGzZ84mwZHLzyQj/mBsQpSyOm/Ok
+LZnGN8jAfp8g+K4P26bMKGFYi+Ify8ybKsXccaYWquyjLlX/rAdI8MffZYUo+hr
WADgNVwljy7XJgGCi+nYxx76m8QKNjerf1r+Y2vB0sLcIB4GMXL4b3zOWgKd/UAT
7nUPZCoaTm6dJKN4LE/nlgG9L65PpJgE8vwW6U87lKYJGDTPBLm4XBnUowvb2tys
BggWC3xXjwibEQ6Q4UdpNHwt0ru01zYcRUvXB7tbKQoPI6p7esunwHBLeYsQS5Cv
pG1nWxEdXUTiXDsWgczHZziZe48O5D6DkM3/RdY=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:18:00 2026 by rpki-client