Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/njSBcVLAvQR9uFj47kbXfrlt2sQ.roa
File: njSBcVLAvQR9uFj47kbXfrlt2sQ.roa (raw, json)
Hash identifier: IZp3x0N+x9HBz8DheFAVChV8fz6jDlTyTD7xFGvQeis=
Subject key identifier: 9E:34:81:71:52:C0:BD:04:7D:B8:58:F8:EE:46:D7:7E:B9:6D:DA:C4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019CD7152039908D1ACEA87C3975273BDC99
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/njSBcVLAvQR9uFj47kbXfrlt2sQ.roa
Signing time: Tue 10 Mar 2026 09:30:11 +0000
ROA not before: Tue 10 Mar 2026 09:30:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51821
IP address blocks: 192.176.243.0/24 maxlen: 24
193.234.102.0/23 maxlen: 23
194.103.133.0/24 maxlen: 24
194.103.192.0/24 maxlen: 24
194.103.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:15:20:39:90:8d:1a:ce:a8:7c:39:75:27:3b:dc:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 10 09:30:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e34817152c0bd047db858f8ee46d77eb96ddac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c4:62:94:1a:0d:95:ee:b0:28:18:3b:fe:76:
82:64:c2:b3:d5:a4:ed:64:97:27:d1:bf:9a:0b:1c:
90:35:9e:82:64:52:31:cd:54:7d:70:81:51:60:44:
7f:95:db:90:5a:d8:9a:75:88:55:24:38:52:8e:bb:
be:82:2b:ec:36:80:ea:4b:f1:35:05:0d:f4:0f:0d:
ff:04:f4:d1:38:ee:0c:4b:49:b4:62:e2:8a:36:3e:
2e:cf:57:ad:1e:b1:44:9f:23:6f:28:d4:09:49:29:
d8:a0:2e:95:34:37:38:7c:e7:36:a2:ba:15:03:65:
3e:83:35:72:c6:f5:d2:61:f8:9b:51:4a:87:a5:63:
7a:55:26:2b:23:cb:7d:02:24:10:80:bc:e4:c1:6d:
3b:1e:83:d6:37:31:46:f8:5c:fc:6c:e0:c9:75:78:
68:7f:35:dd:44:20:eb:30:7a:71:f4:b7:8c:e0:c7:
e3:dc:2c:e5:2d:dd:3a:fd:c2:59:48:11:be:05:b6:
d8:b9:dd:0b:a2:6d:97:0c:20:3c:93:5e:56:19:20:
0a:1a:8c:f5:5e:b8:aa:90:59:20:9f:eb:99:b4:b5:
9f:ef:e0:c2:2a:0d:6d:c3:77:c4:af:2f:1e:25:e9:
48:c1:73:b8:9c:77:f1:cb:85:6e:c7:24:52:43:d3:
3a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:34:81:71:52:C0:BD:04:7D:B8:58:F8:EE:46:D7:7E:B9:6D:DA:C4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/njSBcVLAvQR9uFj47kbXfrlt2sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.176.243.0/24
193.234.102.0/23
194.103.133.0/24
194.103.192.0/24
194.103.198.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:83:6a:45:97:ea:eb:a3:0e:0e:77:5d:da:25:da:0c:f9:72:
c4:77:ae:d6:7d:d3:6e:9d:2f:ec:ea:3b:7b:5c:27:1f:6f:3b:
28:40:38:53:b0:91:8e:ad:e4:9e:0c:ca:eb:32:d4:8c:12:94:
35:78:4f:1b:29:ac:f5:cc:b1:37:91:70:42:7c:9a:76:a3:8a:
a6:c2:c7:9c:df:21:41:bc:f8:4b:20:bb:e4:06:34:98:ad:ef:
76:de:8b:ce:0c:ce:c7:88:30:12:10:fe:49:59:78:2b:8f:c0:
58:9f:cd:83:54:60:60:44:99:81:dd:4f:76:a4:4f:9c:40:7e:
b5:2d:64:ea:f2:d4:c1:f1:3e:5f:23:ed:2a:a9:4c:04:44:03:
41:b5:f2:98:16:5a:4d:a9:a8:fe:46:87:d4:4e:47:e5:d6:f0:
23:43:b8:fd:98:83:f9:90:b6:85:9c:8c:58:72:72:9c:70:2d:
50:f9:d4:f6:0b:9e:f4:9a:47:d2:cd:ef:55:2f:14:92:ae:da:
19:aa:c8:28:2b:19:3a:57:3b:19:7b:62:1d:8a:16:c4:a6:f4:
51:5c:89:d4:f2:4a:fa:99:11:39:12:91:14:44:33:d5:8b:46:
28:66:f6:09:0a:a5:42:08:a9:1c:9d:e4:91:cc:a9:05:f9:ae:
12:8d:c5:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZzXFSA5kI0azqh8OXUnO9yZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzEwMDkzMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTM0ODE3MTUyYzBiZDA0N2RiODU4ZjhlZTQ2ZDc3ZWI5NmRkYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMRilBoNle6wKBg7/naCZMKz1aTt
ZJcn0b+aCxyQNZ6CZFIxzVR9cIFRYER/lduQWtiadYhVJDhSjru+givsNoDqS/E1
BQ30Dw3/BPTROO4MS0m0YuKKNj4uz1etHrFEnyNvKNQJSSnYoC6VNDc4fOc2oroV
A2U+gzVyxvXSYfibUUqHpWN6VSYrI8t9AiQQgLzkwW07HoPWNzFG+Fz8bODJdXho
fzXdRCDrMHpx9LeM4Mfj3CzlLd06/cJZSBG+BbbYud0Lom2XDCA8k15WGSAKGoz1
XriqkFkgn+uZtLWf7+DCKg1tw3fEry8eJelIwXO4nHfxy4VuxyRSQ9M6RwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ40gXFSwL0EfbhY+O5G1365bdrEMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbmpTQmNWTEF2UVI5dUZqNDdrYlhmcmx0MnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwLDzAwQB
wepmAwQAwmeFAwQAwmfAAwQBwmfGMA0GCSqGSIb3DQEBCwUAA4IBAQAKg2pFl+rr
ow4Od13aJdoM+XLEd67WfdNunS/s6jt7XCcfbzsoQDhTsJGOreSeDMrrMtSMEpQ1
eE8bKaz1zLE3kXBCfJp2o4qmwsec3yFBvPhLILvkBjSYre923ovODM7HiDASEP5J
WXgrj8BYn82DVGBgRJmB3U92pE+cQH61LWTq8tTB8T5fI+0qqUwERANBtfKYFlpN
qaj+RofUTkfl1vAjQ7j9mIP5kLaFnIxYcnKccC1Q+dT2C570mkfSze9VLxSSrtoZ
qsgoKxk6VzsZe2IdihbEpvRRXInU8kr6mRE5EpEURDPVi0YoZvYJCqVCCKkcneSR
zKkF+a4SjcXY
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:32 2026 by rpki-client