Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/J8kQv0XGjpc4v1Zd8q7lDlYb6Ho.roa
File: J8kQv0XGjpc4v1Zd8q7lDlYb6Ho.roa (raw, json)
Hash identifier: 95rJhHlF52GT5mkU447e3TdNj0Ome8WEB0hywqK5iRo=
Subject key identifier: 27:C9:10:BF:45:C6:8E:97:38:BF:56:5D:F2:AE:E5:0E:56:1B:E8:7A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019E28BA460C018903C89B8E2B9BB04DCA24
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/J8kQv0XGjpc4v1Zd8q7lDlYb6Ho.roa
Signing time: Thu 14 May 2026 23:02:36 +0000
ROA not before: Thu 14 May 2026 23:02:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6282
IP address blocks: 31.131.8.0/23 maxlen: 23
31.131.10.0/23 maxlen: 23
64.43.100.0/22 maxlen: 22
77.36.24.0/22 maxlen: 22
81.161.0.0/23 maxlen: 23
81.161.2.0/23 maxlen: 23
93.120.16.0/22 maxlen: 22
93.120.20.0/22 maxlen: 22
176.96.52.0/22 maxlen: 22
176.111.160.0/23 maxlen: 23
176.111.162.0/23 maxlen: 23
176.116.32.0/22 maxlen: 22
176.116.36.0/22 maxlen: 22
178.159.144.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:ba:46:0c:01:89:03:c8:9b:8e:2b:9b:b0:4d:ca:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 14 23:02:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27c910bf45c68e9738bf565df2aee50e561be87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:52:28:04:95:dc:2d:c0:bd:d0:6e:a4:bf:b5:
56:ea:7d:a7:ba:a2:bc:e2:3d:b7:d4:17:ea:02:66:
41:2b:12:9a:52:2d:72:7d:e4:0e:f9:6e:7e:93:5c:
92:01:f7:c0:67:14:37:aa:d9:23:72:e3:a7:2b:62:
6c:b0:fd:19:16:a4:b6:57:77:86:fa:f8:e2:5c:d5:
67:ff:ef:be:d3:62:03:90:19:9d:23:cf:00:e7:c6:
0c:fb:ab:56:d5:8e:36:98:fc:56:11:1f:93:c6:a2:
df:64:1a:57:d2:5d:17:c0:d2:c8:f8:50:47:7f:83:
39:da:e6:26:f7:0c:00:cd:03:dc:12:75:4a:27:bd:
b7:6e:44:94:69:44:35:ab:ff:e4:ce:4c:7b:80:f5:
4a:bb:9b:bc:c1:84:7a:da:56:59:4c:7c:1a:45:e7:
c0:65:9c:a6:1f:cb:f2:fb:9d:02:95:2e:6a:db:a9:
0f:48:1c:50:13:ab:5c:f5:bb:05:cb:bd:f7:e0:fe:
5d:ee:4b:4c:c0:8f:8b:45:68:2f:ec:18:fa:6b:a3:
a5:e5:33:62:74:e2:68:6a:0f:ac:0d:72:da:35:7f:
15:80:fa:7c:89:bd:12:61:3d:c0:8b:70:48:65:34:
cf:53:8f:a0:81:e9:6e:28:cd:c2:bf:a3:80:1d:d4:
c2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C9:10:BF:45:C6:8E:97:38:BF:56:5D:F2:AE:E5:0E:56:1B:E8:7A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/J8kQv0XGjpc4v1Zd8q7lDlYb6Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
64.43.100.0/22
77.36.24.0/22
81.161.0.0/22
93.120.16.0/21
176.96.52.0/22
176.111.160.0/22
176.116.32.0/21
178.159.144.0/23
Signature Algorithm: sha256WithRSAEncryption
52:3f:cc:89:87:d2:c7:49:fa:85:ea:19:8a:b8:94:ef:d0:bd:
7c:12:54:12:e1:e8:00:20:2d:40:58:ad:c1:41:e9:91:5f:3f:
dc:bb:93:c9:f8:36:db:a3:9b:df:82:35:fa:25:06:7f:44:87:
88:7b:9a:df:a1:c0:a7:8e:ad:d5:0c:c9:82:ff:12:00:ff:8e:
f6:ae:b8:49:4e:61:e1:fc:9c:9b:34:0d:d9:c2:88:5f:43:76:
fa:76:69:d2:9b:e5:70:f2:55:af:17:46:c4:a6:a3:49:84:c7:
55:7d:08:04:c4:0d:b7:93:d3:5c:ed:90:00:eb:5e:ca:e4:95:
a7:1f:19:ee:f1:b0:3d:9a:d9:a3:4d:7a:7e:1a:8d:62:b4:46:
7e:e1:0d:84:dc:78:2c:58:ab:fd:a6:d1:08:c6:00:58:73:6c:
ea:ad:53:4d:98:cf:af:8a:a0:ec:10:a2:1e:c8:58:99:f2:86:
8a:23:8e:79:a2:92:0f:1d:56:94:2f:ae:2e:e8:2f:35:87:5e:
b6:8f:db:0f:99:24:92:d3:84:10:b2:54:30:13:53:62:b5:94:
ef:93:d3:9b:b2:a8:96:44:d2:6d:f7:9e:8c:0e:7f:0f:ab:79:
85:92:a2:0a:9f:7b:84:d1:c0:98:f5:b1:24:df:f8:e8:e1:84:
0d:1b:c3:5b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ4oukYMAYkDyJuOK5uwTcokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTE0MjMwMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M5MTBiZjQ1YzY4ZTk3MzhiZjU2NWRmMmFlZTUwZTU2MWJlODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71IoBJXcLcC90G6kv7VW6n2nuqK8
4j231BfqAmZBKxKaUi1yfeQO+W5+k1ySAffAZxQ3qtkjcuOnK2JssP0ZFqS2V3eG
+vjiXNVn/+++02IDkBmdI88A58YM+6tW1Y42mPxWER+TxqLfZBpX0l0XwNLI+FBH
f4M52uYm9wwAzQPcEnVKJ723bkSUaUQ1q//kzkx7gPVKu5u8wYR62lZZTHwaRefA
ZZymH8vy+50ClS5q26kPSBxQE6tc9bsFy7334P5d7ktMwI+LRWgv7Bj6a6Ol5TNi
dOJoag+sDXLaNX8VgPp8ib0SYT3Ai3BIZTTPU4+ggeluKM3Cv6OAHdTCCQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCfJEL9Fxo6XOL9WXfKu5Q5WG+h6MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvSjhrUXYwWEdqcGM0djFaZDhxN2xEbFliNkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCH4MIAwQC
QCtkAwQCTSQYAwQCUaEAAwQDXXgQAwQCsGA0AwQCsG+gAwQDsHQgAwQBsp+QMA0G
CSqGSIb3DQEBCwUAA4IBAQBSP8yJh9LHSfqF6hmKuJTv0L18ElQS4egAIC1AWK3B
QemRXz/cu5PJ+Dbbo5vfgjX6JQZ/RIeIe5rfocCnjq3VDMmC/xIA/472rrhJTmHh
/JybNA3ZwohfQ3b6dmnSm+Vw8lWvF0bEpqNJhMdVfQgExA23k9Nc7ZAA617K5JWn
Hxnu8bA9mtmjTXp+Go1itEZ+4Q2E3HgsWKv9ptEIxgBYc2zqrVNNmM+viqDsEKIe
yFiZ8oaKI455opIPHVaUL64u6C81h162j9sPmSSS04QQslQwE1NitZTvk9ObsqiW
RNJt956MDn8Pq3mFkqIKn3uE0cCY9bEk3/jo4YQNG8Nb
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:22 2026 by rpki-client