Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JQqr-0JM5NjCNTB6tjh4GejWwNY.roa
File: JQqr-0JM5NjCNTB6tjh4GejWwNY.roa (raw, json)
Hash identifier: V4fYsZxNSUj9GS6SjnKoujS/tQkc0N1v6PLjO3OUBP8=
Subject key identifier: 25:0A:AB:FB:42:4C:E4:D8:C2:35:30:7A:B6:38:78:19:E8:D6:C0:D6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019DA97354313D4F0C6578D8680D4247919D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JQqr-0JM5NjCNTB6tjh4GejWwNY.roa
Signing time: Mon 20 Apr 2026 05:53:20 +0000
ROA not before: Mon 20 Apr 2026 05:53:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209697
IP address blocks: 89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 May 2026 14:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:73:54:31:3d:4f:0c:65:78:d8:68:0d:42:47:91:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 20 05:53:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=250aabfb424ce4d8c235307ab6387819e8d6c0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d1:da:3f:36:ae:cb:bf:9c:38:9b:2d:bc:39:
5c:03:fe:4d:90:43:7b:49:c7:a4:3d:44:eb:d3:39:
f0:df:8a:18:05:5b:5e:bb:74:ac:fb:74:b5:54:34:
05:ab:e1:53:eb:88:9c:f1:85:29:08:86:9c:eb:56:
93:9a:ee:9e:a9:5f:9a:aa:b8:81:4b:60:e7:d0:2f:
9a:98:3e:b6:91:1a:14:32:84:c0:c3:03:9a:d6:d4:
3c:eb:0c:53:8d:c2:8f:cf:9a:29:1a:60:d4:81:d4:
4e:c9:65:bc:8e:6c:32:41:e0:10:e8:60:83:eb:0a:
72:d0:94:ea:44:9c:b6:c2:3e:74:65:77:0d:32:7c:
c1:b0:69:64:be:c5:a6:a9:ab:28:b9:75:a6:a5:6c:
b1:1d:e1:e2:2c:eb:10:bb:00:cc:26:2b:95:07:5d:
59:4e:41:07:b1:78:59:98:51:95:06:05:1d:87:ff:
29:50:42:b9:bb:7c:df:6f:94:87:5a:07:24:50:a3:
c4:98:89:f0:8b:20:bc:71:60:6f:0e:0b:33:5e:7d:
b6:93:30:90:e0:7f:5a:29:92:71:1a:ee:89:86:57:
cf:ac:e2:73:4e:e4:b8:47:82:79:11:1a:31:6c:b2:
48:b9:95:a0:b3:d9:36:d2:60:12:b1:be:5b:d0:cc:
33:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0A:AB:FB:42:4C:E4:D8:C2:35:30:7A:B6:38:78:19:E8:D6:C0:D6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JQqr-0JM5NjCNTB6tjh4GejWwNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.42.92.0/23
89.43.142.0/24
89.46.4.0/24
89.47.123.0-89.47.124.255
Signature Algorithm: sha256WithRSAEncryption
62:c4:c5:36:a4:50:c0:00:4b:94:df:2e:b5:92:51:74:31:4c:
20:e6:c7:f0:ee:ca:25:07:b0:a1:81:54:22:ce:94:d0:af:a7:
3d:3d:b8:48:b4:fd:e2:8b:33:47:6c:7f:91:f0:4a:ea:03:93:
21:0b:65:71:b4:39:43:88:f7:40:da:bc:ee:7b:d9:d4:9d:3a:
f9:c0:6e:be:54:ca:af:c7:8e:af:02:92:83:f8:fb:0a:33:1b:
65:97:68:16:b7:0c:0b:79:21:8a:e1:ff:4c:08:fd:c4:c5:49:
ce:cd:44:4c:53:78:15:43:08:f2:37:c1:49:8b:28:6a:2c:41:
83:33:1d:15:87:28:f5:bf:da:84:32:14:c9:3e:a9:ce:84:e3:
a0:69:51:25:e5:e7:2b:3e:0d:00:dd:64:b1:52:69:7f:95:c0:
da:fb:bb:e9:22:bf:00:bc:d4:7c:15:61:72:e6:3e:c1:4d:aa:
8b:92:0b:da:e8:ef:61:f9:a6:6b:79:38:50:39:fd:83:7f:d7:
c8:00:60:89:b0:53:48:ca:66:e8:c3:29:d2:38:03:cf:d7:19:
e0:74:6d:bd:f4:d2:d7:9f:3e:b8:30:5a:bb:3f:94:6b:6e:84:
a8:19:28:ac:2a:ec:22:60:ae:5d:a8:cf:45:11:dd:f4:96:59:
5c:cb:4d:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2pc1QxPU8MZXjYaA1CR5GdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNDIwMDU1MzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBhYWJmYjQyNGNlNGQ4YzIzNTMwN2FiNjM4NzgxOWU4ZDZjMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltHaPzauy7+cOJstvDlcA/5NkEN7
ScekPUTr0znw34oYBVteu3Ss+3S1VDQFq+FT64ic8YUpCIac61aTmu6eqV+aqriB
S2Dn0C+amD62kRoUMoTAwwOa1tQ86wxTjcKPz5opGmDUgdROyWW8jmwyQeAQ6GCD
6wpy0JTqRJy2wj50ZXcNMnzBsGlkvsWmqasouXWmpWyxHeHiLOsQuwDMJiuVB11Z
TkEHsXhZmFGVBgUdh/8pUEK5u3zfb5SHWgckUKPEmInwiyC8cWBvDgszXn22kzCQ
4H9aKZJxGu6JhlfPrOJzTuS4R4J5ERoxbLJIuZWgs9k20mASsb5b0MwzRQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCUKq/tCTOTYwjUwerY4eBno1sDWMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSlFxci0wSk01TmpDTlRCNnRqaDRHZWpXd05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWSpZAwQB
WSpcAwQAWSuOAwQAWS4EMAwDBABZL3sDBABZL3wwDQYJKoZIhvcNAQELBQADggEB
AGLExTakUMAAS5TfLrWSUXQxTCDmx/DuyiUHsKGBVCLOlNCvpz09uEi0/eKLM0ds
f5HwSuoDkyELZXG0OUOI90DavO572dSdOvnAbr5Uyq/Hjq8CkoP4+wozG2WXaBa3
DAt5IYrh/0wI/cTFSc7NRExTeBVDCPI3wUmLKGosQYMzHRWHKPW/2oQyFMk+qc6E
46BpUSXl5ys+DQDdZLFSaX+VwNr7u+kivwC81HwVYXLmPsFNqouSC9ro72H5pmt5
OFA5/YN/18gAYImwU0jKZujDKdI4A8/XGeB0bb300tefPrgwWrs/lGtuhKgZKKwq
7CJgrl2oz0UR3fSWWVzLTfg=
-----END CERTIFICATE-----
Generated at Mon May 4 21:07:46 2026 by rpki-client