Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/JgneK_9r9jqewyHTU3frpLLV8yA.roa
File: JgneK_9r9jqewyHTU3frpLLV8yA.roa (raw, json)
Hash identifier: ra7/yBkFOj8gUoEmJ8fdLAsPKrAM3h0I0ETAkQIG3EA=
Subject key identifier: 26:09:DE:2B:FF:6B:F6:3A:9E:C3:21:D3:53:77:EB:A4:B2:D5:F3:20
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 019D9AF10859901E8531FEB1C41C0A95008C
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/JgneK_9r9jqewyHTU3frpLLV8yA.roa
Signing time: Fri 17 Apr 2026 10:16:20 +0000
ROA not before: Fri 17 Apr 2026 10:16:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42652
IP address blocks: 5.45.0.0/21 maxlen: 21
5.100.128.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
46.165.128.0/18 maxlen: 18
77.244.96.0/20 maxlen: 20
80.74.48.0/20 maxlen: 22
89.21.96.0/19 maxlen: 19
109.75.208.0/20 maxlen: 20
128.0.96.0/21 maxlen: 21
128.0.100.0/22 maxlen: 22
131.117.144.0/20 maxlen: 20
131.117.152.0/22 maxlen: 22
156.67.128.0/20 maxlen: 20
156.67.128.0/22 maxlen: 22
156.67.132.0/22 maxlen: 22
156.67.136.0/22 maxlen: 22
156.67.140.0/22 maxlen: 22
178.76.128.0/18 maxlen: 18
185.7.208.0/22 maxlen: 22
185.18.128.0/22 maxlen: 22
185.74.180.0/22 maxlen: 22
188.210.0.0/18 maxlen: 18
188.210.56.0/22 maxlen: 22
188.210.60.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
2a01:5c0::/32 maxlen: 32
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:f1:08:59:90:1e:85:31:fe:b1:c4:1c:0a:95:00:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Apr 17 10:16:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2609de2bff6bf63a9ec321d35377eba4b2d5f320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7a:2f:65:1f:7a:f9:d7:3e:0a:45:f0:18:1a:
45:3d:1d:57:2c:ad:8a:6c:c2:f8:d7:5a:f6:9d:37:
e0:79:b3:44:32:d5:3f:eb:94:d7:d4:a0:1c:08:0e:
8f:ff:10:88:1c:bc:21:96:d7:10:87:be:2a:52:f8:
6e:3f:2c:66:8e:20:b8:9d:ba:1c:e2:e0:a9:8c:22:
3f:9f:1d:b9:1f:e1:a4:ec:28:d2:eb:2e:fa:91:04:
38:d3:10:38:bf:14:21:3d:d2:0b:83:2c:b4:5d:74:
86:de:f7:06:ea:2b:34:fd:74:81:af:90:f8:af:f9:
fd:e6:31:e1:f4:88:f9:79:1a:98:52:fc:0e:47:ec:
54:d9:d1:97:22:38:3b:ef:c1:24:60:04:db:26:9b:
97:8e:86:03:96:ab:eb:f3:d8:41:05:28:81:ac:9c:
62:08:4a:c7:6b:6f:cd:9c:cd:c1:f8:fa:51:80:4a:
de:e4:62:70:24:c1:3f:2f:0a:cc:8c:c5:2e:0f:58:
5c:9f:e5:d3:33:a2:c2:ce:c6:80:bc:e2:13:ef:3f:
b2:af:15:83:11:f5:5e:21:10:19:28:8d:22:5a:c2:
73:ee:ba:29:68:44:db:78:83:f3:22:94:78:fe:0c:
62:a7:39:8f:f2:94:f2:70:10:3b:50:c5:d7:f3:c5:
7e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:09:DE:2B:FF:6B:F6:3A:9E:C3:21:D3:53:77:EB:A4:B2:D5:F3:20
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/JgneK_9r9jqewyHTU3frpLLV8yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
80.74.48.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
64:14:7f:96:60:b8:ed:92:2e:ae:f4:42:d7:53:e7:15:c2:48:
ec:3b:cc:e2:c7:11:ce:8e:b6:a9:06:a0:60:82:ba:d0:f3:a5:
7d:bd:49:9c:6f:4b:fb:48:97:71:a8:da:b2:d3:7c:c3:3e:c0:
d9:2e:36:50:98:c0:b6:bc:6d:d7:47:e1:23:42:e1:61:b2:89:
d7:cb:49:90:82:2c:d9:7f:5f:78:f6:9f:a8:7f:b6:2f:9c:c4:
21:6e:f9:b9:28:ec:95:fc:bd:a1:74:76:29:43:da:ea:11:a0:
f8:32:21:04:49:78:0a:12:2d:54:b0:20:2f:37:95:31:4a:79:
c5:5e:82:fc:e4:0b:88:34:84:ff:bd:92:8f:dc:0d:79:7a:f9:
ff:85:05:48:0d:9b:52:88:3a:04:b5:e5:bf:ef:5b:9d:01:6b:
c4:d4:eb:6a:75:f5:6d:e4:60:3c:27:ca:f5:64:8f:77:aa:e9:
8d:e6:09:8d:34:43:0c:29:61:2a:84:ef:d8:d3:f0:6a:84:8d:
ed:91:5a:9a:c3:a8:a2:51:17:02:59:bf:9f:d0:07:66:b6:02:
c4:f5:c9:56:f9:8a:d9:46:be:ee:56:67:b0:46:d9:26:53:c1:
04:3d:a6:fe:a6:b9:d7:67:2f:0e:05:b1:d1:a3:7f:16:73:a0:
a6:df:53:6f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZ2a8QhZkB6FMf6xxBwKlQCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjYwNDE3MTAxNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA5ZGUyYmZmNmJmNjNhOWVjMzIxZDM1Mzc3ZWJhNGIyZDVmMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3ovZR96+dc+CkXwGBpFPR1XLK2K
bML411r2nTfgebNEMtU/65TX1KAcCA6P/xCIHLwhltcQh74qUvhuPyxmjiC4nboc
4uCpjCI/nx25H+Gk7CjS6y76kQQ40xA4vxQhPdILgyy0XXSG3vcG6is0/XSBr5D4
r/n95jHh9Ij5eRqYUvwOR+xU2dGXIjg778EkYATbJpuXjoYDlqvr89hBBSiBrJxi
CErHa2/NnM3B+PpRgEre5GJwJME/LwrMjMUuD1hcn+XTM6LCzsaAvOIT7z+yrxWD
EfVeIRAZKI0iWsJz7ropaETbeIPzIpR4/gxipzmP8pTycBA7UMXX88V+PwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFCYJ3iv/a/Y6nsMh01N366Sy1fMgMB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvSmduZUtfOXI5anFld3lIVFUzZnJwTExWOHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQEUEowAwQFWRVgAwQEbUvQAwQDgABg
AwQEg3WQAwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtA
MBsEAgACMBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEB
AGQUf5ZguO2SLq70QtdT5xXCSOw7zOLHEc6OtqkGoGCCutDzpX29SZxvS/tIl3Go
2rLTfMM+wNkuNlCYwLa8bddH4SNC4WGyidfLSZCCLNl/X3j2n6h/ti+cxCFu+bko
7JX8vaF0dilD2uoRoPgyIQRJeAoSLVSwIC83lTFKecVegvzkC4g0hP+9ko/cDXl6
+f+FBUgNm1KIOgS15b/vW50Ba8TU62p19W3kYDwnyvVkj3eq6Y3mCY00QwwpYSqE
79jT8GqEje2RWprDqKJRFwJZv5/QB2a2AsT1yVb5itlGvu5WZ7BG2SZTwQQ9pv6m
uddnLw4FsdGjfxZzoKbfU28=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:11:18 2026 by rpki-client