Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nj2pOoHsnxLSwBMEz46es6E8aJQ.roa
File: nj2pOoHsnxLSwBMEz46es6E8aJQ.roa (raw, json)
Hash identifier: 9ocmHznuYBwRl00/FYysmNA+ri8ZhVq4SmmJlDSAi+M=
Subject key identifier: 9E:3D:A9:3A:81:EC:9F:12:D2:C0:13:04:CF:8E:9E:B3:A1:3C:68:94
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019CB23BC3EF5766D20FAD3D41C01E80A214
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nj2pOoHsnxLSwBMEz46es6E8aJQ.roa
Signing time: Tue 03 Mar 2026 05:46:27 +0000
ROA not before: Tue 03 Mar 2026 05:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212706
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
89.23.110.0/24 maxlen: 24
111.88.212.0/24 maxlen: 24
111.88.213.0/24 maxlen: 24
111.88.214.0/24 maxlen: 24
111.88.215.0/24 maxlen: 24
185.159.128.0/24 maxlen: 24
185.159.129.0/24 maxlen: 24
185.159.130.0/24 maxlen: 24
185.159.131.0/24 maxlen: 24
185.228.232.0/24 maxlen: 24
185.228.233.0/24 maxlen: 24
185.228.234.0/24 maxlen: 24
185.230.190.0/24 maxlen: 24
185.230.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 14:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:3b:c3:ef:57:66:d2:0f:ad:3d:41:c0:1e:80:a2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 3 05:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e3da93a81ec9f12d2c01304cf8e9eb3a13c6894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:89:c7:95:81:eb:ba:84:4f:70:4d:3d:1c:a7:
c3:90:7d:8c:6d:e0:32:a9:35:af:04:5f:06:b5:36:
4c:27:ba:69:f3:77:25:1d:33:19:bc:17:39:77:ba:
7f:ca:79:28:84:87:2c:dc:a9:bd:c7:35:36:30:4d:
5d:f1:27:63:3f:78:c9:94:1c:e8:d1:b2:38:cf:30:
d7:85:f1:53:60:f5:a1:5f:23:d0:b5:1e:5a:fe:e7:
9e:a9:b4:d9:8e:fb:cc:f8:c6:90:b8:00:fd:38:39:
e6:c4:57:d5:c4:42:ba:0c:8d:9d:cb:4d:6a:5d:fe:
94:b3:db:f2:3d:46:bf:08:bd:c9:38:74:41:f0:eb:
95:f1:18:b4:6e:33:37:f6:68:2f:b2:f1:7b:40:30:
f3:7a:f7:ed:11:d1:89:c8:0c:bf:dc:0a:b0:40:04:
5a:18:e8:99:fa:73:db:0e:d5:fd:58:a7:1e:66:ca:
5e:02:55:a0:53:a6:2e:62:f1:9f:48:b0:9a:fc:2d:
cc:24:46:01:9a:18:77:0d:1f:51:4a:9d:ed:96:08:
ca:f5:69:50:d4:28:2a:71:af:ab:14:67:c6:e8:7a:
e4:cb:4e:05:9c:08:56:cc:be:3f:01:7e:6b:82:ab:
03:02:0b:d1:6b:0c:60:af:a1:72:86:dd:29:4f:5e:
47:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3D:A9:3A:81:EC:9F:12:D2:C0:13:04:CF:8E:9E:B3:A1:3C:68:94
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nj2pOoHsnxLSwBMEz46es6E8aJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.105.0-89.23.106.255
89.23.110.0/24
111.88.212.0/22
185.159.128.0/22
185.228.232.0-185.228.234.255
185.230.190.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:f1:eb:4b:0b:1b:2d:0a:6d:98:1d:7f:8c:72:83:dc:ad:ed:
be:74:75:fb:65:7e:7b:09:0f:73:f0:58:04:3f:d4:20:6a:63:
bc:ff:95:8a:e4:be:94:86:ac:52:15:5a:11:d4:e1:7d:f5:b4:
f1:6b:ea:56:53:01:cd:03:ec:82:9e:a4:cb:92:b4:26:04:b6:
df:12:1d:d3:f0:ce:c2:83:8d:24:fe:0b:25:6d:b7:17:29:fd:
f5:6e:50:0e:56:54:3d:ab:7a:a0:ce:0f:57:33:06:98:40:be:
5c:a2:c6:47:a3:14:19:d4:33:05:dd:76:8d:7d:16:ec:ff:d6:
1d:98:ff:4e:77:d0:43:66:31:c6:1d:89:ac:5d:f0:0d:ea:e3:
12:55:3c:1e:7b:2a:c2:1e:c4:b9:2a:7f:cd:a3:8c:3e:6d:0b:
83:4f:69:ee:c0:41:60:ae:ad:fd:ec:95:7c:9c:20:9e:e6:1d:
03:c1:14:5c:4a:51:4d:e4:5e:77:a9:69:d2:71:f0:c1:9f:b7:
e7:f8:b3:e3:14:cf:8f:5a:c1:47:0d:28:e4:bc:45:df:01:ec:
4a:cb:53:73:5d:07:a3:27:95:f4:17:78:77:20:63:7c:df:e1:
0e:5f:aa:7a:1f:a8:66:d5:0e:64:bd:a9:37:2a:5d:b8:4c:dc:
a6:cc:86:9e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZyyO8PvV2bSD609QcAegKIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjYwMzAzMDU0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNkYTkzYTgxZWM5ZjEyZDJjMDEzMDRjZjhlOWViM2ExM2M2ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4nHlYHruoRPcE09HKfDkH2MbeAy
qTWvBF8GtTZMJ7pp83clHTMZvBc5d7p/ynkohIcs3Km9xzU2ME1d8SdjP3jJlBzo
0bI4zzDXhfFTYPWhXyPQtR5a/ueeqbTZjvvM+MaQuAD9ODnmxFfVxEK6DI2dy01q
Xf6Us9vyPUa/CL3JOHRB8OuV8Ri0bjM39mgvsvF7QDDzevftEdGJyAy/3AqwQARa
GOiZ+nPbDtX9WKceZspeAlWgU6YuYvGfSLCa/C3MJEYBmhh3DR9RSp3tlgjK9WlQ
1Cgqca+rFGfG6Hrky04FnAhWzL4/AX5rgqsDAgvRawxgr6Fyht0pT15HqwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJ49qTqB7J8S0sATBM+OnrOhPGiUMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbmoycE9vSHNueExTd0JNRXo0NmVzNkU4YUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBABZF2kD
BABZF2oDBABZF24DBAJvWNQDBAK5n4AwDAMEA7nk6AMEALnk6gMEAbnmvjANBgkq
hkiG9w0BAQsFAAOCAQEAzfHrSwsbLQptmB1/jHKD3K3tvnR1+2V+ewkPc/BYBD/U
IGpjvP+ViuS+lIasUhVaEdThffW08WvqVlMBzQPsgp6ky5K0JgS23xId0/DOwoON
JP4LJW23Fyn99W5QDlZUPat6oM4PVzMGmEC+XKLGR6MUGdQzBd12jX0W7P/WHZj/
TnfQQ2Yxxh2JrF3wDerjElU8Hnsqwh7EuSp/zaOMPm0Lg09p7sBBYK6t/eyVfJwg
nuYdA8EUXEpRTeRed6lp0nHwwZ+35/iz4xTPj1rBRw0o5LxF3wHsSstTc10HoyeV
9Bd4dyBjfN/hDl+qeh+oZtUOZL2pNypduEzcpsyGng==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:20 2026 by rpki-client