Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/rjAJbLG2Zw4o_Pjxfe1qJfc4HJE.roa
File: rjAJbLG2Zw4o_Pjxfe1qJfc4HJE.roa (raw, json)
Hash identifier: PgUAFIkeOTWwErAjDkjVk0mJqFSxps5oqsCSRQBUIgw=
Subject key identifier: AE:30:09:6C:B1:B6:67:0E:28:FC:F8:F1:7D:ED:6A:25:F7:38:1C:91
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 019ECFE95A88C6BCF5548AE2438B49A12081
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/rjAJbLG2Zw4o_Pjxfe1qJfc4HJE.roa
Signing time: Tue 16 Jun 2026 10:10:37 +0000
ROA not before: Tue 16 Jun 2026 10:10:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62041
IP address blocks: 91.108.4.0/22 maxlen: 22
91.108.4.0/23 maxlen: 23
91.108.4.0/24 maxlen: 24
91.108.5.0/24 maxlen: 24
91.108.6.0/23 maxlen: 23
91.108.6.0/24 maxlen: 24
91.108.7.0/24 maxlen: 24
91.108.8.0/22 maxlen: 22
91.108.8.0/23 maxlen: 23
91.108.8.0/24 maxlen: 24
91.108.9.0/24 maxlen: 24
91.108.10.0/23 maxlen: 23
91.108.10.0/24 maxlen: 24
91.108.11.0/24 maxlen: 24
91.108.56.0/22 maxlen: 22
91.108.56.0/23 maxlen: 23
91.108.56.0/24 maxlen: 24
91.108.57.0/24 maxlen: 24
91.108.58.0/23 maxlen: 23
91.108.58.0/24 maxlen: 24
91.108.59.0/24 maxlen: 24
95.161.64.0/20 maxlen: 20
95.161.64.0/21 maxlen: 21
95.161.72.0/21 maxlen: 21
149.154.160.0/22 maxlen: 22
149.154.160.0/23 maxlen: 23
149.154.160.0/24 maxlen: 24
149.154.161.0/24 maxlen: 24
149.154.162.0/23 maxlen: 23
149.154.162.0/24 maxlen: 24
149.154.163.0/24 maxlen: 24
149.154.164.0/22 maxlen: 22
149.154.164.0/23 maxlen: 23
149.154.164.0/24 maxlen: 24
149.154.165.0/24 maxlen: 24
149.154.166.0/23 maxlen: 23
149.154.166.0/24 maxlen: 24
149.154.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 09:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cf:e9:5a:88:c6:bc:f5:54:8a:e2:43:8b:49:a1:20:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jun 16 10:10:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae30096cb1b6670e28fcf8f17ded6a25f7381c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:1e:46:51:3c:12:8b:cc:10:dc:88:77:b0:
a6:12:1a:17:d9:5a:a4:d3:7e:0a:8b:83:9e:d9:ba:
7c:b9:7f:e2:00:94:24:e6:e2:d3:c5:c2:cc:fd:60:
5e:c5:5a:ed:4b:96:97:6d:0e:21:68:65:d8:92:ee:
fc:38:3c:87:62:d9:8a:eb:e7:00:a4:b0:a8:9e:47:
79:ea:37:be:8a:a4:92:10:f6:b5:83:11:b1:60:33:
ab:74:d5:f7:8c:51:27:bc:ed:e8:70:f9:4e:e4:04:
8c:65:5f:07:4a:c8:c1:84:73:38:03:71:e0:e9:4a:
99:2e:f1:59:66:1e:a4:6e:8e:d5:be:d8:59:5a:f1:
43:95:0d:66:82:d4:6c:91:65:f4:e3:2e:23:70:bc:
a8:0a:88:80:80:af:64:17:0c:9d:ad:7e:fe:f0:9a:
eb:fa:0e:fd:95:1e:2f:4a:e3:e2:3f:47:a3:33:64:
77:f1:25:a8:fe:75:52:2b:7b:dc:74:5e:b1:a8:91:
24:c5:9b:65:ad:6e:8c:65:44:3d:be:ca:2d:69:88:
8e:db:b0:b9:a6:67:47:f8:7f:5a:f0:49:6b:5e:4d:
67:4a:90:6d:dd:1d:4d:e8:6f:54:35:96:75:a0:06:
8c:a9:c9:58:7b:d3:17:bd:01:18:2f:5b:9d:01:92:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:30:09:6C:B1:B6:67:0E:28:FC:F8:F1:7D:ED:6A:25:F7:38:1C:91
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/rjAJbLG2Zw4o_Pjxfe1qJfc4HJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.4.0-91.108.11.255
91.108.56.0/22
95.161.64.0/20
149.154.160.0/21
Signature Algorithm: sha256WithRSAEncryption
61:df:a6:19:6a:a4:c0:73:b0:3c:f8:86:6c:9a:a8:e6:cc:33:
71:a2:d1:d0:ce:b3:28:5f:c8:71:d7:d8:19:55:4a:bc:68:af:
1a:8b:b3:97:f1:1a:6a:84:6d:f4:f4:e4:c7:4b:1c:5e:af:af:
9c:92:c2:a9:d6:05:ad:b4:45:6c:df:49:b0:14:b3:08:7a:27:
9e:ab:1a:07:c4:df:79:43:e1:bc:91:f9:dc:1e:f5:f7:2d:2b:
44:78:38:8a:5f:4b:a0:cb:76:d6:b2:6b:a8:56:0c:90:63:83:
f7:d0:b1:d2:f5:dd:ca:2b:1a:5c:ec:d6:7f:fe:80:dc:e4:01:
2d:d9:08:45:c9:03:9a:7c:8b:2a:68:fc:97:59:df:eb:0c:f9:
10:11:7f:c1:d5:0a:5e:a2:64:f3:d1:7a:6e:24:42:4a:68:01:
41:c9:86:d2:0a:0e:ae:f2:4b:cf:73:76:45:e1:b8:47:f5:80:
70:b3:91:fb:3b:9a:1c:66:07:ab:47:e3:b8:f0:e9:7f:44:03:
a1:3b:e5:03:25:61:16:c8:09:a4:98:09:25:de:a5:2f:ad:7d:
b9:61:ca:57:47:64:a4:13:37:59:87:c0:02:c3:db:0a:dc:d5:
90:56:81:b0:18:b9:86:13:fe:a6:b0:0a:85:12:bc:9d:78:63:
34:c4:2c:a1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ7P6VqIxrz1VIriQ4tJoSCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjYwNjE2MTAxMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMwMDk2Y2IxYjY2NzBlMjhmY2Y4ZjE3ZGVkNmEyNWY3MzgxYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+YeRlE8EovMENyId7CmEhoX2Vqk
034Ki4Oe2bp8uX/iAJQk5uLTxcLM/WBexVrtS5aXbQ4haGXYku78ODyHYtmK6+cA
pLConkd56je+iqSSEPa1gxGxYDOrdNX3jFEnvO3ocPlO5ASMZV8HSsjBhHM4A3Hg
6UqZLvFZZh6kbo7VvthZWvFDlQ1mgtRskWX04y4jcLyoCoiAgK9kFwydrX7+8Jrr
+g79lR4vSuPiP0ejM2R38SWo/nVSK3vcdF6xqJEkxZtlrW6MZUQ9vsotaYiO27C5
pmdH+H9a8ElrXk1nSpBt3R1N6G9UNZZ1oAaMqclYe9MXvQEYL1udAZKQCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK4wCWyxtmcOKPz48X3taiX3OByRMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvcmpBSmJMRzJadzRvX1BqeGZlMXFKZmM0SEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJbbAQD
BAJbbAgDBAJbbDgDBARfoUADBAOVmqAwDQYJKoZIhvcNAQELBQADggEBAGHfphlq
pMBzsDz4hmyaqObMM3Gi0dDOsyhfyHHX2BlVSrxorxqLs5fxGmqEbfT05MdLHF6v
r5ySwqnWBa20RWzfSbAUswh6J56rGgfE33lD4byR+dwe9fctK0R4OIpfS6DLdtay
a6hWDJBjg/fQsdL13corGlzs1n/+gNzkAS3ZCEXJA5p8iypo/JdZ3+sM+RARf8HV
Cl6iZPPRem4kQkpoAUHJhtIKDq7yS89zdkXhuEf1gHCzkfs7mhxmB6tH47jw6X9E
A6E75QMlYRbICaSYCSXepS+tfblhyldHZKQTN1mHwALD2wrc1ZBWgbAYuYYT/qaw
CoUSvJ14YzTELKE=
-----END CERTIFICATE-----
Generated at Mon Jun 29 16:30:37 2026 by rpki-client