Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Jgb-CQ574c8w41VAimF-h3OcYwQ.roa
File: Jgb-CQ574c8w41VAimF-h3OcYwQ.roa (raw, json)
Hash identifier: bxY5erYfbDbcf7HgBlobKwULQhi3tZndzBzfASjRfR4=
Subject key identifier: 26:06:FE:09:0E:7B:E1:CF:30:E3:55:40:8A:61:7E:87:73:9C:63:04
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 019CD71172EC7E03328B91278981E22FF9A3
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Jgb-CQ574c8w41VAimF-h3OcYwQ.roa
Signing time: Tue 10 Mar 2026 09:26:10 +0000
ROA not before: Tue 10 Mar 2026 09:26:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.99.64.0/18 maxlen: 18
31.99.128.0/18 maxlen: 18
31.99.208.0/20 maxlen: 20
31.99.224.0/19 maxlen: 19
91.110.0.0/17 maxlen: 17
91.110.128.0/17 maxlen: 17
178.98.0.0/15 maxlen: 15
178.100.0.0/14 maxlen: 14
178.106.0.0/16 maxlen: 16
178.107.32.0/19 maxlen: 19
178.107.64.0/18 maxlen: 18
178.107.128.0/17 maxlen: 17
185.102.192.0/22 maxlen: 22
185.102.196.0/22 maxlen: 22
185.102.200.0/22 maxlen: 22
194.36.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:11:72:ec:7e:03:32:8b:91:27:89:81:e2:2f:f9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Mar 10 09:26:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2606fe090e7be1cf30e355408a617e87739c6304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a4:6e:41:a6:5d:b7:da:06:b0:68:30:4a:7a:
69:61:c3:92:47:ed:a0:3c:82:9e:84:ea:fc:ca:03:
43:6b:12:72:6b:74:81:a0:90:35:c4:ea:5b:17:9d:
dd:a8:ca:17:1a:dd:9a:f3:21:e9:a1:df:75:fb:5e:
4c:5c:82:25:83:bb:36:bf:02:f7:37:a1:68:eb:c9:
9a:26:f6:e7:68:39:fc:8e:b7:6a:07:3c:b4:2f:1e:
0e:48:72:0f:6e:40:7c:70:97:af:eb:38:2f:0d:59:
43:55:89:45:4e:f0:1e:f3:f0:b6:d1:95:c3:79:22:
6a:f8:42:e9:03:b2:6f:23:24:ac:10:71:f7:38:69:
2b:e3:21:8e:bd:f1:32:55:3b:51:82:db:a0:79:96:
d4:db:2d:c1:f0:95:e4:c1:22:4e:33:cf:9a:de:01:
cc:32:7b:61:db:c8:3c:01:19:0c:a7:6a:1f:0b:1e:
6e:b0:3f:01:e0:64:d7:61:b7:3b:ff:95:89:71:34:
55:7e:68:89:2c:bf:52:b5:7f:7d:dd:c9:21:b8:1d:
68:20:e8:ad:b4:0e:b2:30:2c:80:7e:a3:41:25:aa:
19:71:a8:be:ab:a5:94:dd:ec:3a:2b:8c:e9:19:96:
8c:fe:3b:ff:73:4f:ef:89:f6:fe:aa:74:32:a4:39:
7f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:06:FE:09:0E:7B:E1:CF:30:E3:55:40:8A:61:7E:87:73:9C:63:04
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Jgb-CQ574c8w41VAimF-h3OcYwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.64.0-31.99.191.255
31.99.208.0-31.99.255.255
91.110.0.0/16
178.98.0.0-178.103.255.255
178.106.0.0/16
178.107.32.0-178.107.255.255
185.102.192.0-185.102.203.255
194.36.212.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:2d:9a:e1:53:a2:45:f4:93:04:2a:5f:ff:90:6f:47:9f:51:
05:43:a9:e3:95:d1:70:73:62:fd:01:25:bb:b2:30:e1:36:55:
87:74:27:63:67:68:b7:95:ac:7a:7b:5e:78:87:d5:8c:08:1b:
a7:38:44:68:8f:7f:90:e6:dd:75:2e:2b:23:1a:28:cf:1a:1e:
08:18:09:fc:23:54:68:f8:f4:86:36:21:62:0f:87:6b:58:8e:
bc:7e:dc:c7:cc:df:3e:05:6d:7a:d4:02:2c:24:81:b5:87:8c:
0d:07:43:41:4a:fd:00:34:33:fd:b6:4f:2c:9f:34:43:db:4f:
38:28:13:86:9b:66:15:2d:2c:53:5d:fd:ae:15:45:3b:1c:f5:
cc:a9:c6:dc:ac:3a:f0:c6:0d:db:a3:dc:96:ef:db:ce:59:b3:
88:f3:77:d7:ed:5d:c7:f6:c4:a4:a8:22:f1:f9:c8:de:94:e0:
66:0a:91:2a:ed:56:b8:a5:90:68:b6:77:f5:3d:26:e3:48:a8:
fd:53:63:58:69:3e:b5:76:60:2a:e6:f0:2d:01:2d:16:9a:00:
73:1d:0b:27:7d:d2:52:3e:9b:02:f9:0d:80:bf:3b:f9:e8:46:
9e:e4:1d:bf:b8:2d:36:3d:b5:55:ab:2b:a6:27:c2:6f:50:50:
d5:00:54:4f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZzXEXLsfgMyi5EniYHiL/mjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjYwMzEwMDkyNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA2ZmUwOTBlN2JlMWNmMzBlMzU1NDA4YTYxN2U4NzczOWM2MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKRuQaZdt9oGsGgwSnppYcOSR+2g
PIKehOr8ygNDaxJya3SBoJA1xOpbF53dqMoXGt2a8yHpod91+15MXIIlg7s2vwL3
N6Fo68maJvbnaDn8jrdqBzy0Lx4OSHIPbkB8cJev6zgvDVlDVYlFTvAe8/C20ZXD
eSJq+ELpA7JvIySsEHH3OGkr4yGOvfEyVTtRgtugeZbU2y3B8JXkwSJOM8+a3gHM
Mnth28g8ARkMp2ofCx5usD8B4GTXYbc7/5WJcTRVfmiJLL9StX993ckhuB1oIOit
tA6yMCyAfqNBJaoZcai+q6WU3ew6K4zpGZaM/jv/c0/vifb+qnQypDl/gQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFCYG/gkOe+HPMONVQIphfodznGMEMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvSmdiLUNRNTc0Yzh3NDFWQWltRi1oM09jWXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBAYfY0AD
BAYfY4AwCwMEBB9j0AMDAh9gAwMAW24wCgMDAbJiAwMDsmADAwCyajALAwQFsmsg
AwMCsmgwDAMEBrlmwAMEArlmyAMEAsIk1DANBgkqhkiG9w0BAQsFAAOCAQEAjC2a
4VOiRfSTBCpf/5BvR59RBUOp45XRcHNi/QElu7Iw4TZVh3QnY2dot5WsenteeIfV
jAgbpzhEaI9/kObddS4rIxoozxoeCBgJ/CNUaPj0hjYhYg+Ha1iOvH7cx8zfPgVt
etQCLCSBtYeMDQdDQUr9ADQz/bZPLJ80Q9tPOCgThptmFS0sU139rhVFOxz1zKnG
3Kw68MYN26Pclu/bzlmziPN31+1dx/bEpKgi8fnI3pTgZgqRKu1WuKWQaLZ39T0m
40io/VNjWGk+tXZgKubwLQEtFpoAcx0LJ33SUj6bAvkNgL87+ehGnuQdv7gtNj21
VasrpifCb1BQ1QBUTw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 09:53:05 2026 by rpki-client