Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JarW-rt4u1eq8CX3FcjMVHluc7c.roa
File: JarW-rt4u1eq8CX3FcjMVHluc7c.roa (raw, json)
Hash identifier: k6pklWUepCGH2s7oBjge6kfvMPg6HKhsUYWxnyghIgo=
Subject key identifier: 25:AA:D6:FA:BB:78:BB:57:AA:F0:25:F7:15:C8:CC:54:79:6E:73:B7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E5FAD5C1E057BC9B36133F81906629AEA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JarW-rt4u1eq8CX3FcjMVHluc7c.roa
Signing time: Mon 25 May 2026 15:07:37 +0000
ROA not before: Mon 25 May 2026 15:07:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:ad:5c:1e:05:7b:c9:b3:61:33:f8:19:06:62:9a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 25 15:07:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25aad6fabb78bb57aaf025f715c8cc54796e73b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:49:65:05:66:64:13:9c:90:66:35:11:7a:2a:
12:c7:1e:f6:76:bf:d6:ba:47:49:28:56:65:cf:92:
05:76:9f:00:c7:46:20:29:3d:71:af:cf:8d:09:61:
9e:a2:b8:54:c1:17:b4:fd:22:82:e1:32:b3:79:60:
1c:bb:8e:a0:df:63:33:ac:5a:01:71:7d:25:7d:6b:
db:bd:a7:23:76:19:f7:5b:1e:58:15:d4:da:49:73:
52:0d:b9:df:84:10:15:38:da:dc:be:02:ee:e8:b3:
d2:17:e0:d9:bb:63:b1:9d:a2:07:15:49:d6:f1:f8:
f5:3e:31:99:77:88:e8:72:42:37:b4:5c:69:f0:4b:
63:5d:cd:99:41:70:bf:b8:e5:2e:93:d7:38:03:53:
a5:4f:10:75:82:b5:6f:ff:19:c3:7c:2c:10:18:39:
d8:8a:1f:de:aa:e4:09:be:4b:cf:d3:2b:93:2f:17:
47:c6:a8:64:1f:00:74:92:e9:68:a1:e4:b6:83:ce:
72:1d:e5:25:16:1c:33:72:c4:73:9f:7a:d0:b8:7f:
d5:89:eb:3d:0b:d8:3e:a1:66:9f:b5:e2:80:b7:ff:
bd:bf:81:e5:f2:9b:54:2b:a6:bc:1e:f1:40:f7:15:
80:6a:35:49:18:16:aa:45:60:4f:7b:f5:c3:c6:72:
e3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AA:D6:FA:BB:78:BB:57:AA:F0:25:F7:15:C8:CC:54:79:6E:73:B7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JarW-rt4u1eq8CX3FcjMVHluc7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.249.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.154.0/24
185.210.233.0/24
185.210.235.0/24
185.214.103.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.225.22.0/24
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.240.120.0/23
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
80:54:82:4f:ac:94:4d:5f:c3:c9:64:ad:6a:d7:2f:1d:e0:24:
fa:09:38:43:99:7a:11:49:cf:76:13:e7:d6:ac:21:45:a9:32:
92:d6:18:08:bc:dd:c1:95:ea:94:16:06:23:9a:49:c3:de:2c:
4d:77:e8:f1:58:cf:54:d3:ca:5e:87:cb:b4:c5:8a:76:d2:aa:
dc:7c:c9:c0:28:62:22:71:89:1d:37:09:89:de:3b:4e:14:66:
d2:41:f7:cf:61:79:9c:df:0d:31:63:84:20:0f:03:13:63:d7:
66:d8:d4:b7:3e:86:2c:7a:bc:87:ae:53:68:42:cf:8c:f4:66:
30:65:2b:74:50:ad:48:94:6b:cb:6f:7f:a9:81:06:2a:23:74:
41:4b:82:63:bd:61:61:45:45:26:67:8e:69:06:0b:c6:e2:cb:
d9:96:5f:82:2f:f4:04:5e:36:68:8a:c3:93:55:17:04:ab:fc:
42:69:13:b2:4d:5c:ba:29:0a:9f:2a:65:db:db:8f:70:2b:c5:
72:95:0d:e4:8a:18:a3:64:b6:06:38:ee:d5:b8:b1:3f:90:9b:
35:8d:47:93:0d:85:f0:97:b6:b0:de:b5:b2:f2:a5:f4:80:f9:
90:b8:74:6a:5a:e2:6b:13:03:6d:33:7e:d5:4d:d9:18:20:a4:
fc:e0:72:26
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAZ5frVweBXvJs2Ez+BkGYprqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTI1MTUwNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWFhZDZmYWJiNzhiYjU3YWFmMDI1ZjcxNWM4Y2M1NDc5NmU3M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkllBWZkE5yQZjUReioSxx72dr/W
ukdJKFZlz5IFdp8Ax0YgKT1xr8+NCWGeorhUwRe0/SKC4TKzeWAcu46g32MzrFoB
cX0lfWvbvacjdhn3Wx5YFdTaSXNSDbnfhBAVONrcvgLu6LPSF+DZu2OxnaIHFUnW
8fj1PjGZd4jockI3tFxp8EtjXc2ZQXC/uOUuk9c4A1OlTxB1grVv/xnDfCwQGDnY
ih/equQJvkvP0yuTLxdHxqhkHwB0kulooeS2g85yHeUlFhwzcsRzn3rQuH/Vies9
C9g+oWafteKAt/+9v4Hl8ptUK6a8HvFA9xWAajVJGBaqRWBPe/XDxnLjtQIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFCWq1vq7eLtXqvAl9xXIzFR5bnO3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSmFyVy1ydDR1MWVxOENYM0Zjak1WSGx1YzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCCASAEAgABMIIB
GAMEAC0IFwMEAC1aEQMEAS2DhgMEALlszAMEALl+UgMEALnHNgMEAbnHngMEALnO
+QMEALnO+wMEALnRJjAMAwQAudFJAwQCudFIAwQAudKaAwQAudLpAwQAudLrAwQA
udZnAwQAudZsAwQAudoUAwQAudplAwQCudz4AwQAud0UAwQBud4cAwQAud9QAwQA
ud+bAwQCueEAAwQAueEWAwQAueJoAwQAueJrAwQAueOQAwQBueOSAwQAueRIAwQA
ueRLAwQAueY1AwQAueZDAwQAuejOAwQAueoWAwQBufB4AwQAufZwMAwDBATBCHAD
BADBCHIDBADBOpADBAHBOpIDBADCBUEDBADCBUMDBADCTKkDBADCfEUwDQYJKoZI
hvcNAQELBQADggEBAIBUgk+slE1fw8lkrWrXLx3gJPoJOEOZehFJz3YT59asIUWp
MpLWGAi83cGV6pQWBiOaScPeLE136PFYz1TTyl6Hy7TFinbSqtx8ycAoYiJxiR03
CYneO04UZtJB989heZzfDTFjhCAPAxNj12bY1Lc+hix6vIeuU2hCz4z0ZjBlK3RQ
rUiUa8tvf6mBBiojdEFLgmO9YWFFRSZnjmkGC8biy9mWX4Iv9AReNmiKw5NVFwSr
/EJpE7JNXLopCp8qZdvbj3ArxXKVDeSKGKNktgY47tW4sT+QmzWNR5MNhfCXtrDe
tbLypfSA+ZC4dGpa4msTA20zftVN2RggpPzgciY=
-----END CERTIFICATE-----
Generated at Mon Jun 1 03:17:35 2026 by rpki-client