Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jjYYmwcu0Z2rmPyH9reksRoeSbE.roa
File: jjYYmwcu0Z2rmPyH9reksRoeSbE.roa (raw, json)
Hash identifier: wAngAIuoSv0sGOzGtP8gPgFhHFlXFBqxrV1dJlnAk1s=
Subject key identifier: 8E:36:18:9B:07:2E:D1:9D:AB:98:FC:87:F6:B7:A4:B1:1A:1E:49:B1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 019EB1B0C36DF195E23ADB12ADE000C88025
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jjYYmwcu0Z2rmPyH9reksRoeSbE.roa
Signing time: Wed 10 Jun 2026 13:20:11 +0000
ROA not before: Wed 10 Jun 2026 13:20:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20632
IP address blocks: 46.47.192.0/18 maxlen: 18
46.47.202.0/24 maxlen: 24
46.151.172.0/24 maxlen: 24
62.16.99.0/24 maxlen: 24
62.16.101.0/24 maxlen: 24
62.16.102.0/24 maxlen: 24
62.16.103.0/24 maxlen: 24
62.16.104.0/24 maxlen: 24
62.16.105.0/24 maxlen: 24
62.16.106.0/24 maxlen: 24
62.16.107.0/24 maxlen: 24
62.16.108.0/24 maxlen: 24
62.16.109.0/24 maxlen: 24
62.16.112.0/24 maxlen: 24
62.16.117.0/24 maxlen: 24
62.16.119.0/24 maxlen: 24
62.182.128.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
81.24.128.0/20 maxlen: 20
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
84.204.132.0/22 maxlen: 22
84.204.136.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
84.204.230.0/24 maxlen: 24
91.193.212.0/22 maxlen: 22
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
94.25.248.0/21 maxlen: 21
95.137.0.0/17 maxlen: 17
109.74.112.0/20 maxlen: 20
109.124.64.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
176.192.126.0/24 maxlen: 24
176.192.127.0/24 maxlen: 24
195.5.128.0/19 maxlen: 19
195.131.14.0/24 maxlen: 24
195.131.38.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.14.160.0/19 maxlen: 19
212.44.64.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
213.154.160.0/21 maxlen: 21
213.154.168.0/21 maxlen: 21
213.154.176.0/21 maxlen: 21
213.154.184.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.172.0.0/19 maxlen: 19
213.182.160.0/19 maxlen: 19
217.195.64.0/19 maxlen: 19
2a03:d000:9008::/46 maxlen: 46
2a03:d000:9008::/48 maxlen: 48
2a03:d000:9009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:b0:c3:6d:f1:95:e2:3a:db:12:ad:e0:00:c8:80:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jun 10 13:20:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e36189b072ed19dab98fc87f6b7a4b11a1e49b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:4c:04:ce:e7:02:e7:2b:d6:34:8a:a5:08:
51:7f:67:28:87:4b:02:4d:00:88:63:32:ed:f4:9f:
98:a5:80:db:48:1f:ba:8f:60:40:d0:bc:9e:42:4f:
88:b0:c1:f4:8c:8c:74:57:20:9e:72:b3:04:66:50:
33:20:5d:40:71:68:67:e8:57:55:07:42:6c:51:c9:
c1:5e:d1:8d:a0:d4:64:a0:9b:68:15:55:54:cd:84:
26:7a:02:ad:ca:f5:07:cb:87:a6:27:ce:23:54:de:
0f:be:6a:3c:8c:3c:ec:88:09:fc:b6:0c:c3:16:70:
24:90:b6:ef:57:d0:22:b6:bb:07:78:25:04:a8:32:
ed:5f:35:c8:07:e9:dc:93:94:30:86:e0:e5:e9:9a:
38:20:ce:78:b3:1c:e8:ad:e1:d2:45:cf:16:d0:4b:
e6:b2:11:62:86:9d:ca:34:1a:7b:08:a4:bc:96:c8:
92:20:55:18:8c:e9:ba:d3:15:0c:f1:b7:f1:98:c9:
02:79:1a:96:5a:72:4f:58:a3:33:87:da:8d:85:14:
32:b1:de:c6:26:4f:df:5d:27:2f:7e:d4:2e:c4:07:
3e:7c:62:c0:3f:2d:13:a9:d7:23:ec:d6:1a:19:50:
bf:36:4b:30:94:fa:bb:30:f1:2d:6a:23:db:63:e2:
01:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:18:9B:07:2E:D1:9D:AB:98:FC:87:F6:B7:A4:B1:1A:1E:49:B1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jjYYmwcu0Z2rmPyH9reksRoeSbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
46.151.172.0/24
62.16.99.0/24
62.16.101.0-62.16.109.255
62.16.112.0/24
62.16.117.0/24
62.16.119.0/24
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
176.192.126.0/23
195.5.128.0/19
195.131.14.0/24
195.131.38.0/24
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/46
Signature Algorithm: sha256WithRSAEncryption
55:7c:06:84:a5:77:c8:42:62:b5:1e:67:89:2f:da:f1:9f:ec:
84:57:d0:00:0c:3f:3d:ac:ce:db:49:97:25:fe:a4:0d:c5:54:
d7:8c:5b:7a:66:31:ad:2a:eb:e8:f2:38:f0:df:73:af:d9:15:
42:95:08:6f:b1:00:14:76:52:7b:f3:d3:b5:33:2c:42:02:05:
ba:66:6a:cb:26:ee:44:ec:c1:55:73:f4:d3:ce:c9:81:8d:53:
50:06:c5:91:be:18:84:7f:58:7d:ed:9b:2a:1c:03:17:d5:2c:
19:e7:79:1a:cb:12:4d:c2:55:a5:94:0c:53:c3:34:e6:7c:41:
3e:e0:27:80:6e:31:eb:22:10:1c:78:dd:d2:68:b3:e9:a8:49:
14:f2:71:6d:21:c0:42:9d:47:62:10:c5:ee:cd:49:70:7a:42:
e3:1c:d0:6c:14:68:c4:05:95:5f:81:dd:27:e7:25:1d:09:03:
10:0d:53:1c:89:5d:7f:0e:da:01:c9:6c:82:e6:db:fd:5f:96:
c8:2b:67:71:a9:2b:5b:2a:09:b8:a6:c2:9d:46:b1:ee:aa:e8:
e3:a7:d2:43:13:b5:2e:aa:fb:a2:f1:c8:03:e7:3f:c9:44:c3:
e2:d8:73:49:ca:11:99:71:c7:29:7e:35:6a:d6:f0:17:c9:5f:
99:4f:9b:ce
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAZ6xsMNt8ZXiOtsSreAAyIAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjYwNjEwMTMyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2MTg5YjA3MmVkMTlkYWI5OGZjODdmNmI3YTRiMTFhMWU0OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1lMBM7nAucr1jSKpQhRf2coh0sC
TQCIYzLt9J+YpYDbSB+6j2BA0LyeQk+IsMH0jIx0VyCecrMEZlAzIF1AcWhn6FdV
B0JsUcnBXtGNoNRkoJtoFVVUzYQmegKtyvUHy4emJ84jVN4Pvmo8jDzsiAn8tgzD
FnAkkLbvV9AitrsHeCUEqDLtXzXIB+nck5QwhuDl6Zo4IM54sxzoreHSRc8W0Evm
shFihp3KNBp7CKS8lsiSIFUYjOm60xUM8bfxmMkCeRqWWnJPWKMzh9qNhRQysd7G
Jk/fXScvftQuxAc+fGLAPy0Tqdcj7NYaGVC/NkswlPq7MPEtaiPbY+IBSQIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFI42GJsHLtGdq5j8h/a3pLEaHkmxMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvampZWW13Y3UwWjJybVB5SDlyZWtzUm9lU2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCAQQEAgABMIH9
AwQGLi/AAwQALpesAwQAPhBjMAwDBAA+EGUDBAE+EGwDBAA+EHADBAA+EHUDBAA+
EHcDBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBG1KcAMEBm18QAMEAbDAfgMEBcMFgAMEAMOD
DgMEAMODJgMEBcOQ4AMEBdQOoAMEBdQsQAMEBdR3oAMEBdWaoAMEBdWoIAMEBdWs
AAMEBdW2oAMEBdnDQDAPBAIAAjAJAwcCKgPQAJAIMA0GCSqGSIb3DQEBCwUAA4IB
AQBVfAaEpXfIQmK1HmeJL9rxn+yEV9AADD89rM7bSZcl/qQNxVTXjFt6ZjGtKuvo
8jjw33Ov2RVClQhvsQAUdlJ789O1MyxCAgW6ZmrLJu5E7MFVc/TTzsmBjVNQBsWR
vhiEf1h97ZsqHAMX1SwZ53kayxJNwlWllAxTwzTmfEE+4CeAbjHrIhAceN3SaLPp
qEkU8nFtIcBCnUdiEMXuzUlwekLjHNBsFGjEBZVfgd0n5yUdCQMQDVMciV1/DtoB
yWyC5tv9X5bIK2dxqStbKgm4psKdRrHuqujjp9JDE7Uuqvui8cgD5z/JRMPi2HNJ
yhGZcccpfjVq1vAXyV+ZT5vO
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:55:24 2026 by rpki-client