Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/J4FFEtQcJC3-DBhRRLtMQex6EYI.roa
File: J4FFEtQcJC3-DBhRRLtMQex6EYI.roa (raw, json)
Hash identifier: iaQJuASwGUMU2i6IS0uW5fUdoLz/JbnfzKlvq/DfoBk=
Subject key identifier: 27:81:45:12:D4:1C:24:2D:FE:0C:18:51:44:BB:4C:41:EC:7A:11:82
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 019E26B26A33D82D0D7E8B703A02812997F8
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/J4FFEtQcJC3-DBhRRLtMQex6EYI.roa
Signing time: Thu 14 May 2026 13:34:47 +0000
ROA not before: Thu 14 May 2026 13:34:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
76.164.202.0/24 maxlen: 24
76.164.203.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
95.133.244.0/24 maxlen: 24
95.133.245.0/24 maxlen: 24
95.133.247.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
162.249.124.0/24 maxlen: 24
162.249.125.0/24 maxlen: 24
162.249.126.0/24 maxlen: 24
162.249.127.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
205.237.109.0/24 maxlen: 24
205.237.110.0/24 maxlen: 24
205.237.111.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
2a12:3200:8000::/36 maxlen: 36
2a12:3200:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 19:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:b2:6a:33:d8:2d:0d:7e:8b:70:3a:02:81:29:97:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: May 14 13:34:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27814512d41c242dfe0c185144bb4c41ec7a1182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:7e:08:97:95:e3:78:5a:2b:d7:2a:05:6f:
8f:9a:67:0a:d7:74:da:f7:15:56:f7:5e:df:dc:43:
5f:4c:e4:76:a9:0e:b0:55:78:4c:a6:07:0c:be:dd:
ff:90:80:85:1b:f3:56:3d:2b:61:fb:e9:bf:0c:f6:
2d:11:f8:06:76:84:cd:26:c3:c2:e5:24:f6:1d:db:
6c:7a:ff:05:ea:8e:57:97:31:b6:80:d9:eb:73:91:
aa:23:17:5d:ae:a4:1a:45:fb:f5:9a:cb:46:42:ad:
7a:a7:e2:c0:28:4f:0e:d8:3e:4e:27:d5:83:10:9b:
2c:d6:b7:ee:ce:09:c6:1a:09:07:71:13:a0:e2:32:
c8:7c:f4:d4:e4:1a:01:a6:44:ae:2e:97:a6:5a:80:
00:86:1a:84:8f:2e:c5:a3:f7:dd:a7:a7:42:5f:36:
b2:e2:52:0a:85:e7:7a:bd:42:e6:2a:29:05:56:4f:
e6:cb:d1:06:5c:6e:fc:85:89:6a:48:ce:cc:df:a2:
05:22:3b:2c:f1:5f:c6:42:8b:60:d4:92:c1:38:f1:
92:49:5b:e1:e0:83:7f:65:af:4a:cb:c4:be:2a:a3:
ce:f6:bb:d6:af:d7:22:21:36:b5:08:1e:93:1c:54:
43:33:b0:c9:10:ac:78:cd:39:f6:a9:22:c8:5f:6c:
82:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:81:45:12:D4:1C:24:2D:FE:0C:18:51:44:BB:4C:41:EC:7A:11:82
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/J4FFEtQcJC3-DBhRRLtMQex6EYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/22
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
95.133.244.0/23
95.133.247.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
162.249.124.0/22
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
205.237.109.0-205.237.111.255
IPv6:
2a12:3200::-2a12:3200:9000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:56:87:75:f9:d6:c8:1b:0a:1d:c7:fe:b8:bb:df:c9:82:a4:
f6:0e:fb:42:04:52:40:df:4a:a3:07:4a:d4:61:f5:9c:48:95:
f0:86:bc:c7:a3:a0:54:28:e9:90:41:bf:1d:e7:fb:27:e7:a3:
01:f0:bf:ef:9f:f6:26:83:3f:5c:a1:13:e5:95:6d:d2:5c:b4:
bb:9b:df:7a:ac:88:8c:83:7e:c7:94:bd:ad:25:9b:9d:97:cc:
a3:08:6c:ab:ce:71:d5:ed:96:30:1b:0c:a8:d1:13:80:68:10:
e1:d3:15:e5:2d:a9:54:bc:e1:70:65:fc:cc:64:14:d2:99:0e:
77:db:3a:e4:0e:5b:b3:be:3f:73:d6:4b:94:09:37:b3:01:40:
ea:05:5e:9f:fd:e2:60:29:08:11:a5:96:95:6c:5c:13:ff:1e:
35:3a:cc:cf:f4:14:a7:45:19:12:4f:2b:5e:2d:fd:22:d4:69:
15:7d:68:e3:b0:ca:2f:ea:10:48:52:b7:34:d6:89:69:e5:f8:
ba:cf:7e:ea:21:aa:70:e4:d0:50:bc:e0:96:61:64:7c:78:93:
00:19:8b:98:be:78:00:b6:71:10:fa:86:44:a4:8f:0f:ed:90:
2b:ad:1c:3b:07:72:7f:69:33:d7:59:62:f9:db:67:15:fb:cf:
ce:fa:26:3b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZ4msmoz2C0NfotwOgKBKZf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjYwNTE0MTMzNDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgxNDUxMmQ0MWMyNDJkZmUwYzE4NTE0NGJiNGM0MWVjN2ExMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA245+CJeV43haK9cqBW+PmmcK13Ta
9xVW917f3ENfTOR2qQ6wVXhMpgcMvt3/kICFG/NWPSth++m/DPYtEfgGdoTNJsPC
5ST2Hdtsev8F6o5XlzG2gNnrc5GqIxddrqQaRfv1mstGQq16p+LAKE8O2D5OJ9WD
EJss1rfuzgnGGgkHcROg4jLIfPTU5BoBpkSuLpemWoAAhhqEjy7Fo/fdp6dCXzay
4lIKhed6vULmKikFVk/my9EGXG78hYlqSM7M36IFIjss8V/GQotg1JLBOPGSSVvh
4IN/Za9Ky8S+KqPO9rvWr9ciITa1CB6THFRDM7DJEKx4zTn2qSLIX2yCnQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFCeBRRLUHCQt/gwYUUS7TEHsehGCMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvSjRGRkV0UWNKQzMtREJoUlJMdE1RZXg2RVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBjQQCAAEwgYYDBAAu
5fMDBAAu5fsDBAAu5f0DBAJMpMgDBABNSnsDBABT5T0DBABVzGsDBABcKmQDBAFf
hfQDBABfhfcDBABncKsDBAFneTADBAFnfjIDBAFn9JADBABn9vgDBAKi+XwDBAC5
aD8DBADDSl0DBADLDiADBADLGWwwDAMEAM3tbQMEBM3tYDAXBAIAAjARMA8DBAEq
EjIDBwAqEjIAkAAwDQYJKoZIhvcNAQELBQADggEBAIdWh3X51sgbCh3H/ri738mC
pPYO+0IEUkDfSqMHStRh9ZxIlfCGvMejoFQo6ZBBvx3n+yfnowHwv++f9iaDP1yh
E+WVbdJctLub33qsiIyDfseUva0lm52XzKMIbKvOcdXtljAbDKjRE4BoEOHTFeUt
qVS84XBl/MxkFNKZDnfbOuQOW7O+P3PWS5QJN7MBQOoFXp/94mApCBGllpVsXBP/
HjU6zM/0FKdFGRJPK14t/SLUaRV9aOOwyi/qEEhStzTWiWnl+LrPfuohqnDk0FC8
4JZhZHx4kwAZi5i+eAC2cRD6hkSkjw/tkCutHDsHcn9pM9dZYvnbZxX7z876Jjs=
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:19:44 2026 by rpki-client