Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6j9AVsDIcLErIkpn3X-eJeF1GGI.roa
File: 6j9AVsDIcLErIkpn3X-eJeF1GGI.roa (raw, json)
Hash identifier: ZsMGjImkdIZH7VCwDNjWJbDGVpBmnhjQHnLW0jKIHBo=
Subject key identifier: EA:3F:40:56:C0:C8:70:B1:2B:22:4A:67:DD:7F:9E:25:E1:75:18:62
Certificate issuer: /CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Certificate serial: 019E3FF8491D6FA8A2D9DB59A72EDB5EED1B
Authority key identifier: 8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6j9AVsDIcLErIkpn3X-eJeF1GGI.roa
Signing time: Tue 19 May 2026 11:21:36 +0000
ROA not before: Tue 19 May 2026 11:21:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202038
IP address blocks: 31.25.56.0/23 maxlen: 24
31.25.59.0/24 maxlen: 24
94.199.232.0/21 maxlen: 24
109.234.224.0/21 maxlen: 24
185.78.216.0/22 maxlen: 24
185.108.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:f8:49:1d:6f:a8:a2:d9:db:59:a7:2e:db:5e:ed:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Validity
Not Before: May 19 11:21:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ea3f4056c0c870b12b224a67dd7f9e25e1751862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:41:e1:88:71:6c:14:2a:4d:07:de:37:ec:
c0:d7:38:ed:03:21:f0:42:0a:db:c4:f0:25:6c:f0:
5f:58:da:af:67:9c:98:50:e4:ce:f3:1e:42:e9:bf:
fe:60:fe:f2:bf:0f:34:82:83:88:1b:f0:5f:b0:88:
63:85:81:a4:3b:8f:3b:70:97:34:4f:c9:cf:fc:44:
cc:5b:76:ae:46:f3:fc:a9:0c:ba:77:9a:de:4a:55:
0d:62:06:81:49:dd:73:bb:53:50:b1:e3:8b:42:ff:
4d:27:e6:30:6c:fc:15:09:06:57:fd:48:a4:6f:a6:
13:27:eb:7e:3c:32:8c:fb:8c:47:03:6b:04:6c:1b:
c8:46:53:74:5a:cd:9e:bd:4a:45:54:48:c5:61:75:
f8:fd:f4:b0:2f:34:8c:84:22:a7:24:31:02:e9:aa:
bb:bb:87:2c:39:a8:af:e4:75:35:79:fa:4f:d0:7c:
cd:59:ef:2e:5a:b3:72:b5:cd:31:8c:fa:af:af:48:
aa:62:0d:27:29:3b:56:4b:1b:c0:dd:d0:c4:12:e6:
40:60:2b:2c:36:21:17:3f:c1:7d:1a:86:4e:d5:a9:
e7:76:09:8c:f5:00:bf:13:e1:fc:db:70:c4:83:57:
ce:f3:b8:12:1d:95:eb:9b:c1:0a:57:0f:56:b5:fc:
d9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3F:40:56:C0:C8:70:B1:2B:22:4A:67:DD:7F:9E:25:E1:75:18:62
X509v3 Authority Key Identifier:
keyid:8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6j9AVsDIcLErIkpn3X-eJeF1GGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.56.0/23
31.25.59.0/24
94.199.232.0/21
109.234.224.0/21
185.78.216.0/22
185.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
51:51:f6:4e:42:26:f2:9f:44:d7:79:3c:40:28:80:73:44:58:
34:fa:51:89:8d:df:ec:2f:61:39:9a:d0:63:05:da:1d:27:3b:
72:93:59:00:cf:26:6d:d7:ee:89:8e:22:f7:01:89:50:cd:d0:
36:06:d1:a6:e2:8d:36:54:f0:7c:f6:37:5d:76:24:12:d0:0e:
73:13:7c:ce:4d:ca:da:8f:45:e9:26:09:d7:6d:52:2f:1b:a8:
ee:9b:c8:0e:97:76:98:21:0d:d7:22:e4:28:c4:8e:fe:92:cb:
25:e6:96:93:05:3a:4b:e9:1d:00:94:a5:88:52:be:34:35:7f:
60:b3:78:a8:08:03:63:17:25:8f:c7:ef:47:71:48:6c:f8:0f:
14:bb:b6:f6:9b:ab:24:6f:4a:6f:d4:2a:16:f4:a0:94:54:45:
e7:a1:3f:a0:a3:58:ed:2f:0c:f7:29:f6:9c:ec:b4:eb:63:f9:
85:79:63:16:68:12:bd:12:ad:18:86:d5:55:a1:ef:d5:c9:53:
f0:eb:a9:e3:2d:95:42:09:83:a9:91:ee:27:e8:d8:79:35:9e:
f8:1f:19:56:64:79:fe:43:b8:3d:a5:1d:87:c9:f6:75:a3:78:
5a:3d:e9:55:51:50:ab:da:a0:26:e3:96:1b:3e:7c:be:02:31:
71:86:e4:28
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4/+Ekdb6ii2dtZpy7bXu0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzQ1ODczMzVjMjkwZmY4ZjJiMzc0ZGYyNGFiZTIzMzNi
Y2VkNWUwHhcNMjYwNTE5MTEyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNmNDA1NmMwYzg3MGIxMmIyMjRhNjdkZDdmOWUyNWUxNzUxODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxpB4YhxbBQqTQfeN+zA1zjtAyHw
QgrbxPAlbPBfWNqvZ5yYUOTO8x5C6b/+YP7yvw80goOIG/BfsIhjhYGkO487cJc0
T8nP/ETMW3auRvP8qQy6d5reSlUNYgaBSd1zu1NQseOLQv9NJ+YwbPwVCQZX/Uik
b6YTJ+t+PDKM+4xHA2sEbBvIRlN0Ws2evUpFVEjFYXX4/fSwLzSMhCKnJDEC6aq7
u4csOaiv5HU1efpP0HzNWe8uWrNytc0xjPqvr0iqYg0nKTtWSxvA3dDEEuZAYCss
NiEXP8F9GoZO1anndgmM9QC/E+H823DEg1fO87gSHZXrm8EKVw9WtfzZ1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOo/QFbAyHCxKyJKZ91/niXhdRhiMB8GA1UdIwQY
MBaAFI3EWHM1wpD/jys3TfJKviMzvO1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYt
ZDYwNmQ5OTI1YWI3LzEvNmo5QVZzREljTEVySWtwbjNYLWVKZUYxR0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYtZDYwNmQ5OTI1YWI3
LzEvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBHxk4AwQA
Hxk7AwQDXsfoAwQDbergAwQCuU7YAwQCuWxcMA0GCSqGSIb3DQEBCwUAA4IBAQBR
UfZOQibyn0TXeTxAKIBzRFg0+lGJjd/sL2E5mtBjBdodJztyk1kAzyZt1+6JjiL3
AYlQzdA2BtGm4o02VPB89jdddiQS0A5zE3zOTcraj0XpJgnXbVIvG6jum8gOl3aY
IQ3XIuQoxI7+kssl5paTBTpL6R0AlKWIUr40NX9gs3ioCANjFyWPx+9HcUhs+A8U
u7b2m6skb0pv1CoW9KCUVEXnoT+go1jtLwz3Kfac7LTrY/mFeWMWaBK9Eq0YhtVV
oe/VyVPw66njLZVCCYOpke4n6Nh5NZ74HxlWZHn+Q7g9pR2HyfZ1o3haPelVUVCr
2qAm45YbPny+AjFxhuQo
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:58:41 2026 by rpki-client