Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Odjj-u2TSs7qU3fL1ebBmcnnWJM.roa
File: Odjj-u2TSs7qU3fL1ebBmcnnWJM.roa (raw, json)
Hash identifier: zN9ZMfpE5vjr+v9Iu12SBMJ3Y8f/82esbM0j2zPywJw=
Subject key identifier: 39:D8:E3:FA:ED:93:4A:CE:EA:53:77:CB:D5:E6:C1:99:C9:E7:58:93
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019E5EB0AC2004D235DD18B68D068706BB9F
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Odjj-u2TSs7qU3fL1ebBmcnnWJM.roa
Signing time: Mon 25 May 2026 10:31:37 +0000
ROA not before: Mon 25 May 2026 10:31:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51396
IP address blocks: 138.249.120.0/24 maxlen: 24
138.249.121.0/24 maxlen: 24
138.249.122.0/24 maxlen: 24
138.249.124.0/24 maxlen: 24
138.249.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:b0:ac:20:04:d2:35:dd:18:b6:8d:06:87:06:bb:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: May 25 10:31:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=39d8e3faed934aceea5377cbd5e6c199c9e75893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:27:51:9b:8f:40:14:62:a6:d7:9e:e2:bf:b2:
a8:e8:35:10:38:4b:74:bc:8a:3f:5c:62:6b:9d:b7:
d3:54:b3:e2:79:ab:f6:00:11:4e:f6:88:49:5c:ad:
d3:5b:cc:24:34:c8:b2:88:52:07:cf:6a:87:b8:b8:
c8:3d:b9:d1:b6:2f:05:bf:a0:49:73:8c:56:49:22:
53:04:5a:15:b8:ea:ac:4b:e1:44:b1:ed:94:84:e9:
a1:33:7f:03:f1:59:55:99:be:30:ff:78:e1:e0:77:
55:51:51:c9:23:8f:e2:d7:90:49:08:1a:a0:f7:a7:
f8:dd:c4:d2:cf:be:c2:c7:33:be:f4:01:aa:7f:43:
3d:8e:c9:65:1c:a5:07:61:c3:e7:23:53:ed:e3:7f:
74:90:b8:86:b7:be:e9:19:46:99:89:4e:fd:e9:a6:
ae:e9:c8:76:e9:fc:76:a9:b7:72:8a:4a:92:40:a2:
83:11:63:66:3e:00:d3:46:49:3c:76:bb:df:b7:26:
79:3a:1f:79:fb:22:fe:63:79:70:2d:79:8e:bd:6e:
d9:41:0a:56:9f:38:76:e3:0e:23:f5:1c:41:f4:0a:
3e:17:8a:f1:07:81:8c:3b:86:49:77:b9:3c:41:d4:
f0:42:d3:02:06:6b:b5:ea:fe:11:89:84:a8:fc:89:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D8:E3:FA:ED:93:4A:CE:EA:53:77:CB:D5:E6:C1:99:C9:E7:58:93
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Odjj-u2TSs7qU3fL1ebBmcnnWJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.120.0-138.249.122.255
138.249.124.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e2:dc:8e:08:b4:15:8c:a0:77:d2:1a:3e:b9:85:0c:b0:4d:
68:12:98:2e:e1:a0:31:73:d6:26:eb:47:f5:90:a1:8c:1b:b3:
c1:a0:a0:3f:23:c9:6d:1d:41:f4:48:0c:f9:72:16:11:84:6d:
d4:b9:61:96:e5:e9:58:76:08:d4:25:b4:5f:8f:fb:27:fb:e8:
0d:e7:f1:84:16:04:71:ab:32:2d:82:ba:ae:ef:5e:d4:69:91:
84:a0:c3:1a:63:26:e8:d0:e8:37:1a:5b:68:dd:63:16:2f:eb:
b1:c1:3a:02:87:bf:89:d6:4f:7c:86:33:80:39:5c:6f:28:e2:
2a:89:9d:8a:27:f0:b4:e0:d5:16:42:fc:b1:66:d5:0c:52:93:
c0:1e:62:f9:a0:41:57:9a:c4:ad:a4:22:37:60:f9:5d:ec:8b:
b3:12:db:d1:81:6d:a2:2d:41:3a:e4:0d:46:0e:28:94:80:ab:
b5:8d:94:3e:09:48:e4:16:92:b3:7c:f1:18:85:b1:b3:3d:09:
93:c5:22:9b:a9:ef:32:fa:f0:d4:26:c3:26:ab:25:4a:0c:c9:
7e:96:25:42:2a:06:97:a6:6c:22:6b:49:03:d5:37:82:c1:de:
1d:8e:1a:27:84:2b:ff:79:c0:bf:cf:44:f3:9f:b0:e1:62:0e:
0c:44:db:1d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ5esKwgBNI13Ri2jQaHBrufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNTI1MTAzMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ4ZTNmYWVkOTM0YWNlZWE1Mzc3Y2JkNWU2YzE5OWM5ZTc1ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmydRm49AFGKm157iv7Ko6DUQOEt0
vIo/XGJrnbfTVLPieav2ABFO9ohJXK3TW8wkNMiyiFIHz2qHuLjIPbnRti8Fv6BJ
c4xWSSJTBFoVuOqsS+FEse2UhOmhM38D8VlVmb4w/3jh4HdVUVHJI4/i15BJCBqg
96f43cTSz77CxzO+9AGqf0M9jsllHKUHYcPnI1Pt4390kLiGt77pGUaZiU796aau
6ch26fx2qbdyikqSQKKDEWNmPgDTRkk8drvftyZ5Oh95+yL+Y3lwLXmOvW7ZQQpW
nzh24w4j9RxB9Ao+F4rxB4GMO4ZJd7k8QdTwQtMCBmu16v4RiYSo/ImKgQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDnY4/rtk0rO6lN3y9XmwZnJ51iTMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvT2Rqai11MlRTczdxVTNmTDFlYkJtY25uV0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAOK+XgD
BACK+XoDBAGK+XwwDQYJKoZIhvcNAQELBQADggEBADLi3I4ItBWMoHfSGj65hQyw
TWgSmC7hoDFz1ibrR/WQoYwbs8GgoD8jyW0dQfRIDPlyFhGEbdS5YZbl6Vh2CNQl
tF+P+yf76A3n8YQWBHGrMi2Cuq7vXtRpkYSgwxpjJujQ6DcaW2jdYxYv67HBOgKH
v4nWT3yGM4A5XG8o4iqJnYon8LTg1RZC/LFm1QxSk8AeYvmgQVeaxK2kIjdg+V3s
i7MS29GBbaItQTrkDUYOKJSAq7WNlD4JSOQWkrN88RiFsbM9CZPFIpup7zL68NQm
wyarJUoMyX6WJUIqBpembCJrSQPVN4LB3h2OGieEK/95wL/PRPOfsOFiDgxE2x0=
-----END CERTIFICATE-----
Generated at Thu Jun 11 13:02:22 2026 by rpki-client