Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1JjRaRRW2K3wz2Hdduzi3d2suxc.roa
File: 1JjRaRRW2K3wz2Hdduzi3d2suxc.roa (raw, json)
Hash identifier: nUSzXfmr2cdphuYUdrD/ZkWr+uiRPDmKNfacAmNwiQQ=
Subject key identifier: D4:98:D1:69:14:56:D8:AD:F0:CF:61:DD:76:EC:E2:DD:DD:AC:BB:17
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019D6717CD96FBFD4005E2F1EB4E933C44F4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1JjRaRRW2K3wz2Hdduzi3d2suxc.roa
Signing time: Tue 07 Apr 2026 08:38:26 +0000
ROA not before: Tue 07 Apr 2026 08:38:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.158.0/24 maxlen: 24
2.63.159.0/24 maxlen: 24
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
2.63.225.0/24 maxlen: 24
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
78.31.216.0/24 maxlen: 24
78.31.217.0/24 maxlen: 24
78.31.218.0/24 maxlen: 24
78.31.219.0/24 maxlen: 24
78.31.220.0/24 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:17:cd:96:fb:fd:40:05:e2:f1:eb:4e:93:3c:44:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 7 08:38:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d498d1691456d8adf0cf61dd76ece2ddddacbb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ec:fc:39:90:45:d3:4a:08:5d:78:da:2e:c3:
02:fa:7f:d3:03:63:e5:87:7a:73:22:0d:6e:08:74:
cd:00:42:51:1e:6a:78:b7:87:5c:53:71:b4:72:00:
a0:96:e6:39:e4:73:81:aa:09:d2:28:86:68:08:c5:
09:79:f2:a6:51:e3:2b:28:7f:02:67:c3:16:d6:40:
89:9f:93:1d:ae:4a:e5:2e:0f:59:7c:e2:fb:ae:e1:
88:c2:a0:f5:c6:1f:54:31:9e:07:2d:35:e0:50:16:
d0:ce:ab:f2:04:b1:45:ab:ff:b8:a0:ef:96:42:ca:
98:63:9a:5d:d4:0d:9a:6b:7a:02:0b:c2:1d:a0:d2:
06:82:bc:12:90:01:ed:db:ca:e1:3f:bf:88:83:74:
37:d0:4f:a1:d8:3c:63:1f:3c:f2:58:98:5b:6e:b8:
c5:a4:0a:b0:f1:5c:81:2f:53:a0:58:e2:75:ba:6b:
97:af:67:75:c5:84:bf:4a:cc:39:28:a2:c7:0c:2f:
e0:ab:19:85:44:9e:07:38:68:c8:c1:ac:2c:a2:2f:
cc:41:cc:91:6e:92:eb:c6:48:a6:53:4a:1d:02:0d:
d6:a3:0a:8e:b6:25:4d:ad:c1:39:fb:84:6d:5c:5e:
72:b3:88:2b:58:4a:c8:00:2e:61:d8:ed:49:7f:ef:
b3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:98:D1:69:14:56:D8:AD:F0:CF:61:DD:76:EC:E2:DD:DD:AC:BB:17
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1JjRaRRW2K3wz2Hdduzi3d2suxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
78.31.216.0-78.31.220.255
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
63:1c:77:65:38:9e:19:da:c5:be:b9:84:93:c4:d6:7b:cb:1c:
ab:fc:8a:b0:ce:c7:41:fb:e3:ad:d0:6c:6b:6a:e6:f8:11:dc:
a4:46:e2:ca:48:22:38:6b:4a:02:ee:0a:5b:bb:e9:e5:c2:c2:
fe:5c:f2:06:83:b7:b9:39:b3:f0:0e:58:5a:ec:2a:30:f3:d5:
eb:e8:54:40:a4:c4:89:32:b9:63:b7:f4:1b:39:93:ee:3f:b3:
38:c0:c1:33:5f:2d:e6:59:cc:4c:88:87:41:33:e8:62:9e:36:
02:4a:59:44:9f:ce:c1:fa:04:18:74:26:75:c3:68:bf:6d:4e:
b4:7b:48:cd:2a:d2:b2:65:79:31:a1:3d:b2:3e:0d:b4:7d:2d:
07:73:e9:4c:fe:10:e4:6e:0f:90:f3:a0:12:ee:db:3d:4d:04:
6e:19:88:53:44:3a:47:de:13:8a:2a:3b:5d:e0:5b:9a:2f:6b:
1a:74:81:1b:b7:1a:cf:e0:f5:02:74:b1:23:b6:0b:60:8b:3d:
bc:4b:4b:0c:44:05:b4:61:86:fe:ff:0e:0f:ae:e2:86:a0:fe:
a3:a0:e7:77:74:f1:b5:b6:44:61:27:72:38:f3:86:7d:33:19:
ab:d3:32:1d:b3:17:0f:ad:32:b3:15:35:f1:e6:3e:f3:da:5a:
f2:78:02:e8
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ1nF82W+/1ABeLx606TPET0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNDA3MDgzODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDk4ZDE2OTE0NTZkOGFkZjBjZjYxZGQ3NmVjZTJkZGRkYWNiYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOz8OZBF00oIXXjaLsMC+n/TA2Pl
h3pzIg1uCHTNAEJRHmp4t4dcU3G0cgCgluY55HOBqgnSKIZoCMUJefKmUeMrKH8C
Z8MW1kCJn5MdrkrlLg9ZfOL7ruGIwqD1xh9UMZ4HLTXgUBbQzqvyBLFFq/+4oO+W
QsqYY5pd1A2aa3oCC8IdoNIGgrwSkAHt28rhP7+Ig3Q30E+h2DxjHzzyWJhbbrjF
pAqw8VyBL1OgWOJ1umuXr2d1xYS/Ssw5KKLHDC/gqxmFRJ4HOGjIwawsoi/MQcyR
bpLrxkimU0odAg3WowqOtiVNrcE5+4RtXF5ys4grWErIAC5h2O1Jf++zbQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNSY0WkUVtit8M9h3Xbs4t3drLsXMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMUpqUmFSUlcySzN3ejJIZGR1emkzZDJzdXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31MAwDBANOH9gDBABOH9wDBAJUKlwDBARVrpAD
BAFcMswwDAMEALB3qQMEALB3rAMEALDQSgMEArDTeAMEAbyATAMEAbz+ejANBgkq
hkiG9w0BAQsFAAOCAQEAYxx3ZTieGdrFvrmEk8TWe8scq/yKsM7HQfvjrdBsa2rm
+BHcpEbiykgiOGtKAu4KW7vp5cLC/lzyBoO3uTmz8A5YWuwqMPPV6+hUQKTEiTK5
Y7f0GzmT7j+zOMDBM18t5lnMTIiHQTPoYp42AkpZRJ/OwfoEGHQmdcNov21OtHtI
zSrSsmV5MaE9sj4NtH0tB3PpTP4Q5G4PkPOgEu7bPU0EbhmIU0Q6R94Tiio7XeBb
mi9rGnSBG7caz+D1AnSxI7YLYIs9vEtLDEQFtGGG/v8OD67ihqD+o6Dnd3TxtbZE
YSdyOPOGfTMZq9MyHbMXD60ysxU18eY+89pa8ngC6A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:30:59 2026 by rpki-client