Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Jbdgr8MRrMn2ctpZqmGbDv1TOe8.roa
File: Jbdgr8MRrMn2ctpZqmGbDv1TOe8.roa (raw, json)
Hash identifier: 7kHoBxC5LM1XhA9j1iE63mn9gnRUO14PlRYGHfs2BQ4=
Subject key identifier: 25:B7:60:AF:C3:11:AC:C9:F6:72:DA:59:AA:61:9B:0E:FD:53:39:EF
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D2F94DB2FBC165E4FDFB084E0E7B7AE93
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Jbdgr8MRrMn2ctpZqmGbDv1TOe8.roa
Signing time: Fri 27 Mar 2026 13:56:17 +0000
ROA not before: Fri 27 Mar 2026 13:56:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 150293
IP address blocks: 37.148.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 19:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:94:db:2f:bc:16:5e:4f:df:b0:84:e0:e7:b7:ae:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 27 13:56:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25b760afc311acc9f672da59aa619b0efd5339ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:8c:83:67:46:83:5f:0f:8f:fd:06:17:b0:c9:
7c:53:34:a2:b3:63:f5:2c:ff:91:06:a7:c6:f5:11:
79:03:2e:ea:36:48:f1:4a:0a:c4:4d:b7:0b:9c:7b:
62:e9:fe:c8:9d:b8:97:d8:d3:e2:bd:36:10:92:26:
93:a3:91:2f:57:94:2f:a0:17:44:4e:ce:2b:40:c9:
e1:c8:cd:5c:9a:14:fe:06:1d:8e:2d:a8:bc:2c:df:
0e:d1:98:56:60:10:06:f6:57:56:67:a1:3a:f7:02:
0e:a5:a0:57:8e:53:b3:23:51:d7:67:8c:97:83:7d:
fd:9f:8d:9a:2c:ef:b3:27:5e:77:7f:e6:8b:4c:12:
e7:9f:84:24:ed:f2:d2:9c:b2:05:88:d4:79:b3:94:
96:94:f4:0e:78:db:dc:24:79:f6:5f:83:06:63:b1:
0c:1c:bd:4a:74:d9:46:b7:b7:76:c1:7e:01:89:b8:
4d:99:5c:f9:10:3b:8b:09:bf:f5:3f:df:05:84:6b:
87:29:c0:85:43:67:83:83:de:ea:8b:61:6c:2d:1c:
a6:3b:32:a9:3a:be:dc:d8:f7:45:0e:c5:c2:8d:ed:
47:8d:98:77:8a:5c:48:70:d5:b7:17:49:6d:74:23:
51:91:7f:38:2f:d5:fb:d3:1e:82:7f:02:0a:be:c4:
f5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B7:60:AF:C3:11:AC:C9:F6:72:DA:59:AA:61:9B:0E:FD:53:39:EF
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Jbdgr8MRrMn2ctpZqmGbDv1TOe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6f:65:41:ce:64:6a:95:0e:27:fa:4e:d9:03:61:e6:ac:46:
62:c8:a4:88:8c:9d:be:0d:f9:08:d1:65:9a:da:30:f9:3f:36:
33:97:6c:0f:97:78:61:b0:e3:fd:3f:ed:8d:16:fe:40:6e:c3:
76:e6:0f:00:60:4c:b8:f9:c9:57:1f:ab:6e:7a:e8:93:1c:76:
54:17:a6:36:e7:98:5f:8a:aa:af:7c:ea:ae:ac:53:a4:c8:d8:
3d:9a:fc:70:97:f1:7c:dc:02:83:80:9a:8c:4e:41:03:c1:d4:
d5:5a:22:c7:bd:48:07:0d:d6:79:cb:70:57:a7:aa:ba:cc:de:
bf:0e:b4:16:8d:a5:e4:5f:80:3f:3e:ba:76:bf:5f:cb:01:74:
9d:0d:6a:39:a3:dc:19:95:9a:da:74:52:14:77:fe:31:f8:64:
7f:a6:27:b0:76:77:ad:e7:46:b0:7c:4c:57:89:81:e3:d3:4c:
9a:17:39:2f:9a:80:1a:d7:01:d2:9d:32:3f:d5:65:e6:0e:30:
30:37:f3:1c:3a:fb:78:71:76:bb:04:f1:f9:e2:4b:b9:6e:26:
a1:93:4e:c0:6d:bf:e0:39:3b:35:83:ed:d0:fd:01:b3:1a:7c:
63:5f:a6:ba:96:3f:f6:b6:93:87:43:d8:4b:d4:af:50:b1:cf:
21:e7:72:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0vlNsvvBZeT9+whODnt66TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzI3MTM1NjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWI3NjBhZmMzMTFhY2M5ZjY3MmRhNTlhYTYxOWIwZWZkNTMzOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YyDZ0aDXw+P/QYXsMl8UzSis2P1
LP+RBqfG9RF5Ay7qNkjxSgrETbcLnHti6f7InbiX2NPivTYQkiaTo5EvV5QvoBdE
Ts4rQMnhyM1cmhT+Bh2OLai8LN8O0ZhWYBAG9ldWZ6E69wIOpaBXjlOzI1HXZ4yX
g339n42aLO+zJ153f+aLTBLnn4Qk7fLSnLIFiNR5s5SWlPQOeNvcJHn2X4MGY7EM
HL1KdNlGt7d2wX4BibhNmVz5EDuLCb/1P98FhGuHKcCFQ2eDg97qi2FsLRymOzKp
Or7c2PdFDsXCje1HjZh3ilxIcNW3F0ltdCNRkX84L9X70x6CfwIKvsT1YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCW3YK/DEazJ9nLaWaphmw79UznvMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvSmJkZ3I4TVJyTW4yY3RwWnFtR2JEdjFUT2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZSBMA0G
CSqGSIb3DQEBCwUAA4IBAQA9b2VBzmRqlQ4n+k7ZA2HmrEZiyKSIjJ2+DfkI0WWa
2jD5PzYzl2wPl3hhsOP9P+2NFv5AbsN25g8AYEy4+clXH6tueuiTHHZUF6Y255hf
iqqvfOqurFOkyNg9mvxwl/F83AKDgJqMTkEDwdTVWiLHvUgHDdZ5y3BXp6q6zN6/
DrQWjaXkX4A/Prp2v1/LAXSdDWo5o9wZlZradFIUd/4x+GR/piewdnet50awfExX
iYHj00yaFzkvmoAa1wHSnTI/1WXmDjAwN/McOvt4cXa7BPH54ku5biahk07Abb/g
OTs1g+3Q/QGzGnxjX6a6lj/2tpOHQ9hL1K9Qsc8h53LK
-----END CERTIFICATE-----
Generated at Tue Mar 31 02:10:03 2026 by rpki-client