Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/JU735praQ5D7ZouW4n12dU9bM-4.roa
File: JU735praQ5D7ZouW4n12dU9bM-4.roa (raw, json)
Hash identifier: dXXp6fBpmMfrGgRgIwTGPcESSVbHsTgXLylCNhPpDJI=
Subject key identifier: 25:4E:F7:E6:9A:DA:43:90:FB:66:8B:96:E2:7D:76:75:4F:5B:33:EE
Certificate issuer: /CN=ee25026e5955dcdd111476f9b6849d728185469b
Certificate serial: 019C4CD76EDB8FBA96D889F2581CB7FFD41E
Authority key identifier: EE:25:02:6E:59:55:DC:DD:11:14:76:F9:B6:84:9D:72:81:85:46:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iUCbllV3N0RFHb5toSdcoGFRps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/JU735praQ5D7ZouW4n12dU9bM-4.roa
Signing time: Wed 11 Feb 2026 13:15:12 +0000
ROA not before: Wed 11 Feb 2026 13:15:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200683
IP address blocks: 185.68.4.0/22 maxlen: 22
185.231.67.0/24 maxlen: 24
188.64.212.0/22 maxlen: 22
2a05:1400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/7iUCbllV3N0RFHb5toSdcoGFRps.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/7iUCbllV3N0RFHb5toSdcoGFRps.mft
rsync://rpki.ripe.net/repository/DEFAULT/7iUCbllV3N0RFHb5toSdcoGFRps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:d7:6e:db:8f:ba:96:d8:89:f2:58:1c:b7:ff:d4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee25026e5955dcdd111476f9b6849d728185469b
Validity
Not Before: Feb 11 13:15:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=254ef7e69ada4390fb668b96e27d76754f5b33ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c3:e0:60:49:a6:79:83:2b:6d:1f:da:aa:48:
ce:80:37:91:a3:99:22:e0:7a:b5:35:4c:5c:da:eb:
1d:9e:cb:3f:51:2e:83:f7:67:dc:ca:93:2e:70:fe:
0b:7f:f2:b2:87:e9:61:25:a5:5b:bb:34:b0:8a:a3:
e3:a6:29:a7:4a:92:c9:c8:5e:ae:73:10:05:9c:23:
29:0d:4c:d6:c3:23:cf:ad:8d:8e:58:d4:b1:79:36:
21:01:d2:48:40:9a:a0:9b:a4:7c:7a:fb:92:19:57:
e8:4e:41:45:52:e5:60:6d:ff:bc:e9:a5:8f:e9:3e:
a1:98:22:7d:83:ea:ad:0f:f0:86:88:26:3e:97:1e:
28:c9:70:1b:59:cb:a5:bb:15:b1:84:97:9a:85:60:
53:bb:be:a5:29:15:ff:08:9f:cc:99:a6:96:e5:9e:
e8:e4:ad:7c:d9:de:44:fb:a4:75:21:02:7e:b0:73:
47:6e:bb:ec:05:2f:de:d7:45:8e:49:6d:62:2e:62:
b8:71:50:f8:f8:a8:b8:58:65:df:d5:93:4a:0d:9b:
3e:c5:aa:03:94:83:dc:80:d1:31:b3:97:cc:af:02:
30:bd:58:b6:d2:cd:49:00:ba:89:d9:6e:be:1a:88:
5f:6b:68:19:a1:e0:67:7e:65:ca:d8:92:8e:61:f1:
0a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4E:F7:E6:9A:DA:43:90:FB:66:8B:96:E2:7D:76:75:4F:5B:33:EE
X509v3 Authority Key Identifier:
keyid:EE:25:02:6E:59:55:DC:DD:11:14:76:F9:B6:84:9D:72:81:85:46:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iUCbllV3N0RFHb5toSdcoGFRps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/JU735praQ5D7ZouW4n12dU9bM-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/7iUCbllV3N0RFHb5toSdcoGFRps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.4.0/22
185.231.67.0/24
188.64.212.0/22
IPv6:
2a05:1400::/29
Signature Algorithm: sha256WithRSAEncryption
2b:31:f5:5e:0f:a0:8a:bf:4e:ee:2c:82:8d:9d:c6:20:e8:7b:
35:d1:35:9e:87:6a:fb:96:84:a4:92:6c:35:35:2a:dd:7b:a7:
88:c3:99:53:f6:10:30:b2:85:b0:0e:e7:8c:a1:c9:80:bd:c7:
a3:e8:0b:00:fb:01:1b:75:21:81:84:c8:35:37:21:da:d9:51:
52:fa:6f:ee:9e:6f:2f:a9:41:d7:8c:71:f5:f9:fb:20:f7:68:
d4:91:fa:da:15:c4:ef:c5:02:bc:12:7e:1d:11:55:c0:77:91:
d8:a0:46:48:52:4f:ae:fc:b8:15:22:3c:af:31:44:19:8c:2c:
0c:6f:95:11:0c:9f:1a:13:3b:c8:d9:79:f2:3b:80:76:18:5e:
81:26:19:c2:17:ba:cf:85:ed:87:c5:d1:a0:72:54:26:76:30:
3a:e0:07:45:e5:94:50:a6:4e:a3:a2:dd:d3:45:16:22:e6:fe:
3d:ed:5f:90:ab:e0:61:75:35:91:0e:47:16:c0:e2:ca:c4:a2:
e5:b5:4d:5f:83:c8:61:06:ee:bf:b7:29:b5:16:5b:ef:01:c9:
24:9d:0f:c5:f7:aa:b6:c2:2e:b3:f1:96:24:76:c1:c0:16:b3:
95:43:63:40:ab:6f:50:93:bb:b1:40:ef:b8:d6:88:a4:c3:a2:
e8:da:dd:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZxM127bj7qW2InyWBy3/9QeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjUwMjZlNTk1NWRjZGQxMTE0NzZmOWI2ODQ5ZDcyODE4
NTQ2OWIwHhcNMjYwMjExMTMxNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRlZjdlNjlhZGE0MzkwZmI2NjhiOTZlMjdkNzY3NTRmNWIzM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycPgYEmmeYMrbR/aqkjOgDeRo5ki
4Hq1NUxc2usdnss/US6D92fcypMucP4Lf/Kyh+lhJaVbuzSwiqPjpimnSpLJyF6u
cxAFnCMpDUzWwyPPrY2OWNSxeTYhAdJIQJqgm6R8evuSGVfoTkFFUuVgbf+86aWP
6T6hmCJ9g+qtD/CGiCY+lx4oyXAbWculuxWxhJeahWBTu76lKRX/CJ/MmaaW5Z7o
5K182d5E+6R1IQJ+sHNHbrvsBS/e10WOSW1iLmK4cVD4+Ki4WGXf1ZNKDZs+xaoD
lIPcgNExs5fMrwIwvVi20s1JALqJ2W6+Gohfa2gZoeBnfmXK2JKOYfEKOwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCVO9+aa2kOQ+2aLluJ9dnVPWzPuMB8GA1UdIwQY
MBaAFO4lAm5ZVdzdERR2+baEnXKBhUabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lVQ2JsbFYzTjBSRkhiNXRvU2Rjb0dGUnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNzAwNjItYzE2ZC00ZTVjLTlhZTct
MmE0NmY2ZmFjNGNhLzEvSlU3MzVwcmFRNUQ3Wm91VzRuMTJkVTliTS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNzAwNjItYzE2ZC00ZTVjLTlhZTctMmE0NmY2ZmFjNGNh
LzEvN2lVQ2JsbFYzTjBSRkhiNXRvU2Rjb0dGUnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUQEAwQA
uedDAwQCvEDUMA0EAgACMAcDBQMqBRQAMA0GCSqGSIb3DQEBCwUAA4IBAQArMfVe
D6CKv07uLIKNncYg6Hs10TWeh2r7loSkkmw1NSrde6eIw5lT9hAwsoWwDueMocmA
vcej6AsA+wEbdSGBhMg1NyHa2VFS+m/unm8vqUHXjHH1+fsg92jUkfraFcTvxQK8
En4dEVXAd5HYoEZIUk+u/LgVIjyvMUQZjCwMb5URDJ8aEzvI2XnyO4B2GF6BJhnC
F7rPhe2HxdGgclQmdjA64AdF5ZRQpk6jot3TRRYi5v497V+Qq+BhdTWRDkcWwOLK
xKLltU1fg8hhBu6/tym1FlvvAckknQ/F96q2wi6z8ZYkdsHAFrOVQ2NAq29Qk7ux
QO+41oikw6Lo2t0e
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:18:52 2026 by rpki-client