Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/0dqhDjFn-2-qPUte7jTPRclO0pU.roa
File: 0dqhDjFn-2-qPUte7jTPRclO0pU.roa (raw, json)
Hash identifier: ppcirQvCqZUgHYuzJ0DvV6unoRLg4sEatnLvqjFyMug=
Subject key identifier: D1:DA:A1:0E:31:67:FB:6F:AA:3D:4B:5E:EE:34:CF:45:C9:4E:D2:95
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019E185929F3F205DE00CDCBD1551DF77059
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/0dqhDjFn-2-qPUte7jTPRclO0pU.roa
Signing time: Mon 11 May 2026 18:42:37 +0000
ROA not before: Mon 11 May 2026 18:42:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 194.231.131.0/24 maxlen: 24
194.231.148.0/24 maxlen: 24
194.231.200.0/24 maxlen: 24
194.231.214.0/24 maxlen: 24
194.231.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:18:59:29:f3:f2:05:de:00:cd:cb:d1:55:1d:f7:70:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 11 18:42:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1daa10e3167fb6faa3d4b5eee34cf45c94ed295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cf:a8:13:2b:45:d9:7f:a2:3a:a4:55:33:52:
ee:df:9c:05:d5:ea:c8:de:e2:21:01:e7:41:ca:0c:
88:be:f1:cb:b3:e5:01:51:d2:07:37:10:43:5f:d7:
55:ee:dc:1a:10:46:7d:69:20:9f:df:88:10:c9:de:
d4:99:4d:7c:52:f3:f7:bc:fb:f0:6f:c0:31:6a:60:
12:2e:27:f1:f8:a8:fe:5d:52:b0:0e:08:64:df:ad:
65:95:36:53:49:a8:80:c1:89:66:0e:42:34:c2:e2:
24:44:55:02:8d:15:19:49:60:1b:ca:d9:73:2f:d8:
a6:31:68:72:83:e0:c1:2e:65:f6:28:6f:30:37:2b:
22:10:78:32:41:cf:e6:76:09:74:18:25:40:e2:38:
08:7a:14:80:83:30:3d:cd:e0:40:79:64:02:28:be:
82:68:a7:85:40:6d:60:b2:44:ea:e5:d3:73:9a:d9:
68:13:80:fb:cd:77:fa:12:a6:61:c5:ae:c2:a1:c8:
ca:ae:38:f4:82:2c:34:4e:29:aa:a3:20:c8:c6:1c:
c3:37:b7:e6:cc:91:3b:00:8a:34:d0:ed:1a:90:1f:
48:dc:36:f3:51:c5:5a:6f:9b:ba:3c:2d:70:2d:e5:
a1:38:3c:89:2c:f2:b2:d7:bd:3f:77:90:77:34:19:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DA:A1:0E:31:67:FB:6F:AA:3D:4B:5E:EE:34:CF:45:C9:4E:D2:95
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/0dqhDjFn-2-qPUte7jTPRclO0pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.131.0/24
194.231.148.0/24
194.231.200.0/24
194.231.214.0/24
194.231.218.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:0c:a8:11:92:4e:38:13:9b:53:14:2b:c0:2b:f1:b6:77:8f:
08:0c:85:f7:65:26:d1:eb:d4:0a:d2:8d:a8:e5:63:ef:4b:f1:
3a:25:73:29:e7:3a:bc:7c:90:1f:14:9f:2d:52:f7:7b:0b:38:
2d:51:7d:94:9d:ee:51:7e:ab:c3:22:e1:47:78:ed:0f:54:20:
8a:41:2c:9c:26:24:9e:29:06:02:3e:ff:91:31:52:fe:eb:0f:
49:b7:4e:6b:cb:9c:a2:1b:5f:3f:7e:6d:8f:62:37:60:c9:97:
9d:6c:6e:e0:48:c6:11:8e:f7:3c:07:dd:b6:8e:2f:b7:6d:d2:
68:6b:23:f1:eb:74:38:de:0a:8f:d8:9c:59:36:0a:9a:f3:50:
67:e6:0d:b4:52:e7:87:04:26:3b:aa:81:82:93:82:d6:37:f4:
8b:3c:a2:7e:4e:0d:3b:a3:09:d2:5b:47:56:34:2a:4c:bc:d4:
cc:10:30:be:ba:85:00:7c:4e:4d:02:9f:43:e1:a2:3a:d1:13:
5b:8b:c4:a0:e5:93:65:37:68:c9:ef:ac:25:2c:4f:95:19:e4:
a1:87:77:96:be:17:ea:3f:56:1e:01:1d:65:0a:1b:29:d2:69:
b0:63:8e:d1:59:4f:fb:58:8d:87:c3:bc:df:af:dc:98:05:4b:
f5:15:d0:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4YWSnz8gXeAM3L0VUd93BZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNTExMTg0MjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRhYTEwZTMxNjdmYjZmYWEzZDRiNWVlZTM0Y2Y0NWM5NGVkMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58+oEytF2X+iOqRVM1Lu35wF1erI
3uIhAedBygyIvvHLs+UBUdIHNxBDX9dV7twaEEZ9aSCf34gQyd7UmU18UvP3vPvw
b8AxamASLifx+Kj+XVKwDghk361llTZTSaiAwYlmDkI0wuIkRFUCjRUZSWAbytlz
L9imMWhyg+DBLmX2KG8wNysiEHgyQc/mdgl0GCVA4jgIehSAgzA9zeBAeWQCKL6C
aKeFQG1gskTq5dNzmtloE4D7zXf6EqZhxa7CocjKrjj0giw0TimqoyDIxhzDN7fm
zJE7AIo00O0akB9I3DbzUcVab5u6PC1wLeWhODyJLPKy170/d5B3NBkQLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNHaoQ4xZ/tvqj1LXu40z0XJTtKVMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvMGRxaERqRm4tMi1xUFV0ZTdqVFBSY2xPMHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwueDAwQA
wueUAwQAwufIAwQAwufWAwQAwufaMA0GCSqGSIb3DQEBCwUAA4IBAQBdDKgRkk44
E5tTFCvAK/G2d48IDIX3ZSbR69QK0o2o5WPvS/E6JXMp5zq8fJAfFJ8tUvd7Czgt
UX2Une5RfqvDIuFHeO0PVCCKQSycJiSeKQYCPv+RMVL+6w9Jt05ry5yiG18/fm2P
YjdgyZedbG7gSMYRjvc8B922ji+3bdJoayPx63Q43gqP2JxZNgqa81Bn5g20UueH
BCY7qoGCk4LWN/SLPKJ+Tg07ownSW0dWNCpMvNTMEDC+uoUAfE5NAp9D4aI60RNb
i8Sg5ZNlN2jJ76wlLE+VGeShh3eWvhfqP1YeAR1lChsp0mmwY47RWU/7WI2Hw7zf
r9yYBUv1FdB2
-----END CERTIFICATE-----
Generated at Wed May 13 10:42:28 2026 by rpki-client