Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/j7jUPHVWAdTQhKi59WB4Ng94oXI.roa
File: j7jUPHVWAdTQhKi59WB4Ng94oXI.roa (raw, json)
Hash identifier: 7naIK2I6whcQD7j7iach8+i3Y6ADAHh3rGPZHWfL1Ro=
Subject key identifier: 8F:B8:D4:3C:75:56:01:D4:D0:84:A8:B9:F5:60:78:36:0F:78:A1:72
Certificate issuer: /CN=67147694fd17eb2d16fed7f735d7a11ddd451963
Certificate serial: 019B7EA476655FE3B220ABFC4D2C4C8729F9
Authority key identifier: 67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/j7jUPHVWAdTQhKi59WB4Ng94oXI.roa
Signing time: Fri 02 Jan 2026 12:17:45 +0000
ROA not before: Fri 02 Jan 2026 12:17:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57121
IP address blocks: 91.230.221.0/24 maxlen: 32
176.96.144.0/21 maxlen: 32
176.96.160.0/20 maxlen: 32
192.109.84.0/23 maxlen: 32
192.109.132.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a4:76:65:5f:e3:b2:20:ab:fc:4d:2c:4c:87:29:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67147694fd17eb2d16fed7f735d7a11ddd451963
Validity
Not Before: Jan 2 12:17:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fb8d43c755601d4d084a8b9f56078360f78a172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:96:99:24:25:f2:08:f3:49:67:e4:7d:fc:3d:
04:30:4a:7f:db:ef:a4:88:73:ec:0d:b0:42:eb:dd:
e0:1f:d2:7a:53:31:7f:77:07:9b:43:a5:d7:26:0b:
ee:2a:c2:bb:3c:e6:25:ee:aa:82:de:40:06:c9:f5:
c6:06:f7:49:dc:88:e7:7a:34:73:f3:c4:0b:8d:c3:
28:72:cd:98:ae:c2:a4:d3:bb:c2:ae:a1:52:a3:a7:
c0:5b:6a:af:a6:5a:6c:a9:c3:7d:f5:21:29:80:89:
bf:3d:c4:fb:b0:16:16:63:d2:0b:ad:b4:c3:90:9e:
dd:b2:57:78:a9:fa:14:b6:6b:cd:be:1f:72:0e:02:
aa:62:b8:6c:b0:6a:c5:ed:69:61:a1:45:34:fe:73:
ef:ce:eb:ac:7a:83:f2:59:6c:d1:61:bf:dc:65:7b:
77:fc:b8:ca:e6:57:3f:d9:e1:29:74:03:49:43:6c:
03:42:bb:fb:27:e6:c1:43:a6:ea:43:a1:e2:8c:23:
73:18:0c:f4:27:66:2b:95:74:cf:27:2b:ab:0c:b3:
f2:6b:72:9a:4d:f9:35:29:f3:30:99:ab:96:c5:21:
e2:a4:e0:37:81:ad:59:56:e5:51:74:28:45:23:f8:
66:ca:9f:a3:56:64:87:73:1c:15:59:ba:27:6b:80:
ed:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B8:D4:3C:75:56:01:D4:D0:84:A8:B9:F5:60:78:36:0F:78:A1:72
X509v3 Authority Key Identifier:
keyid:67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/j7jUPHVWAdTQhKi59WB4Ng94oXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.221.0/24
176.96.144.0/21
176.96.160.0/20
192.109.84.0/23
192.109.132.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:43:11:ae:71:74:bd:2a:95:0b:45:8b:fa:70:95:64:9e:c0:
cd:bd:30:09:e9:f8:ad:c5:84:37:49:9c:ee:14:61:56:68:e8:
1f:a7:c2:c2:f7:87:9f:e2:18:ab:99:6d:07:ee:51:1c:09:4d:
c7:51:51:e8:fa:6a:b9:5d:38:9f:d6:ab:c0:eb:0a:76:31:bc:
cf:e4:9a:fa:01:de:28:62:60:1c:22:f3:f6:af:da:60:07:b4:
3e:92:26:ea:13:84:08:40:68:45:c8:86:f7:61:e5:ca:9e:33:
20:ee:09:e1:c8:bf:6e:74:b6:ba:bb:23:65:80:14:b7:f0:53:
e2:9f:9d:1a:0b:76:09:1e:a3:ef:78:ab:ad:ae:1f:41:47:d3:
32:6b:07:46:eb:09:4b:e1:fd:dd:49:d4:10:e8:c6:eb:02:07:
c7:23:ef:03:88:97:30:77:43:9e:a6:60:86:d6:65:4c:d2:c2:
6b:b1:39:20:97:ad:e6:0c:b3:94:c3:9b:af:6a:9f:65:84:06:
bc:d5:61:ef:25:f7:a5:d8:c7:bd:55:dd:0f:90:ba:33:14:5d:
ff:ad:5f:19:3b:41:94:45:95:4a:ec:92:b8:8a:23:19:ed:2a:
28:16:dc:12:21:00:3f:66:de:46:16:66:68:32:4f:11:c9:57:
7f:83:ac:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZt+pHZlX+OyIKv8TSxMhyn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MTQ3Njk0ZmQxN2ViMmQxNmZlZDdmNzM1ZDdhMTFkZGQ0
NTE5NjMwHhcNMjYwMTAyMTIxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI4ZDQzYzc1NTYwMWQ0ZDA4NGE4YjlmNTYwNzgzNjBmNzhhMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZaZJCXyCPNJZ+R9/D0EMEp/2++k
iHPsDbBC693gH9J6UzF/dwebQ6XXJgvuKsK7POYl7qqC3kAGyfXGBvdJ3IjnejRz
88QLjcMocs2YrsKk07vCrqFSo6fAW2qvplpsqcN99SEpgIm/PcT7sBYWY9ILrbTD
kJ7dsld4qfoUtmvNvh9yDgKqYrhssGrF7WlhoUU0/nPvzuuseoPyWWzRYb/cZXt3
/LjK5lc/2eEpdANJQ2wDQrv7J+bBQ6bqQ6HijCNzGAz0J2YrlXTPJyurDLPya3Ka
Tfk1KfMwmauWxSHipOA3ga1ZVuVRdChFI/hmyp+jVmSHcxwVWbona4DtCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI+41Dx1VgHU0ISoufVgeDYPeKFyMB8GA1UdIwQY
MBaAFGcUdpT9F+stFv7X9zXXoR3dRRljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnhSMmxQMFg2eTBXX3RmM05kZWhIZDFGR1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZTE5MGItNzMzNS00ODE2LWE3MTEt
ZGNjYWQwMjExMzI3LzEvajdqVVBIVldBZFRRaEtpNTlXQjROZzk0b1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZTE5MGItNzMzNS00ODE2LWE3MTEtZGNjYWQwMjExMzI3
LzEvWnhSMmxQMFg2eTBXX3RmM05kZWhIZDFGR1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+bdAwQD
sGCQAwQEsGCgAwQBwG1UAwQBwG2EMA0GCSqGSIb3DQEBCwUAA4IBAQANQxGucXS9
KpULRYv6cJVknsDNvTAJ6fitxYQ3SZzuFGFWaOgfp8LC94ef4hirmW0H7lEcCU3H
UVHo+mq5XTif1qvA6wp2MbzP5Jr6Ad4oYmAcIvP2r9pgB7Q+kibqE4QIQGhFyIb3
YeXKnjMg7gnhyL9udLa6uyNlgBS38FPin50aC3YJHqPveKutrh9BR9MyawdG6wlL
4f3dSdQQ6MbrAgfHI+8DiJcwd0OepmCG1mVM0sJrsTkgl63mDLOUw5uvap9lhAa8
1WHvJfel2Me9Vd0PkLozFF3/rV8ZO0GURZVK7JK4iiMZ7SooFtwSIQA/Zt5GFmZo
Mk8RyVd/g6zs
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:59:03 2026 by rpki-client