Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j9J8hGTWLz4DudqKKyB8n3tugaA.roa
File: j9J8hGTWLz4DudqKKyB8n3tugaA.roa (raw, json)
Hash identifier: HpidqljploB459QepefoyhEMCz5tOR4Ft9C4oksb92E=
Subject key identifier: 8F:D2:7C:84:64:D6:2F:3E:03:B9:DA:8A:2B:20:7C:9F:7B:6E:81:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019DF84965E5270A1A3CC7A375CC0BB13108
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j9J8hGTWLz4DudqKKyB8n3tugaA.roa
Signing time: Tue 05 May 2026 13:17:32 +0000
ROA not before: Tue 05 May 2026 13:17:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.72.10.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.152.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.57.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.95.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.28.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 03:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:49:65:e5:27:0a:1a:3c:c7:a3:75:cc:0b:b1:31:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 5 13:17:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fd27c8464d62f3e03b9da8a2b207c9f7b6e81a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:b6:de:e2:78:05:63:fc:39:2d:b0:6b:af:
52:2b:9b:ba:e5:2f:0b:bc:db:2b:fe:5a:c0:f5:46:
57:80:fb:33:69:3e:86:09:c2:12:a4:f5:37:42:b1:
b3:3d:67:12:a5:aa:b6:7a:76:69:61:2d:f1:41:c3:
10:55:dc:dd:ac:66:bd:89:fd:bb:7a:7d:27:72:6c:
02:29:36:c6:a7:f8:ef:4e:1c:99:34:62:02:3e:9b:
6f:09:5c:73:7a:26:eb:1a:12:dd:1f:5b:c2:0c:5f:
4e:ab:47:c3:32:69:7a:71:03:5d:a7:6d:27:b0:d0:
20:49:1a:5c:5f:0f:61:e5:65:58:67:df:84:5f:0e:
29:28:54:08:4f:44:39:fe:54:37:03:2d:b3:1d:0d:
d5:8a:36:81:a3:65:95:4e:9f:f3:6d:8d:de:fa:13:
a2:0b:fa:06:1e:96:c5:2c:46:64:22:bb:a3:9b:d6:
aa:ea:17:a3:01:52:45:d0:c9:24:3e:c5:8e:77:33:
da:d9:da:c4:1e:d3:17:7a:8a:dc:fb:55:7a:70:0c:
89:18:09:7e:c5:41:fb:4e:08:64:42:2c:81:f2:4c:
94:2b:a7:da:fd:53:73:78:cc:75:69:ed:58:99:30:
e1:81:ef:40:b7:98:93:8e:8c:96:6b:12:f5:cd:d4:
90:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:7C:84:64:D6:2F:3E:03:B9:DA:8A:2B:20:7C:9F:7B:6E:81:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j9J8hGTWLz4DudqKKyB8n3tugaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.190.0/24
193.124.5.0/24
193.124.7.0/24
194.58.58.0/24
194.58.155.0/24
194.58.223.0/24
194.87.33.0/24
194.87.52.0/23
194.87.59.0/24
194.87.75.0/24
194.87.119.0/24
194.87.122.0/24
194.87.126.0/24
194.87.136.0/24
194.87.152.0/24
194.87.179.0/24
194.87.183.0/24
194.87.192.0/22
194.87.211.0-194.87.212.255
194.87.229.0/24
194.87.231.0/24
194.135.24.0/24
195.133.19.0/24
195.133.24.0/23
195.133.29.0/24
195.133.35.0/24
195.133.40.0/23
195.133.50.0/23
195.133.57.0-195.133.58.255
195.133.72.0/24
195.133.92.0/23
195.133.95.0/24
212.192.241.0-212.192.242.255
212.192.247.0/24
212.192.249.0/24
212.193.0.0/24
212.193.26.0-212.193.28.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
69:60:60:70:d8:f9:3f:2e:cf:3d:aa:df:57:27:69:d0:af:5b:
23:fc:1c:bb:ff:fd:e1:4f:be:71:c6:1f:ab:52:95:8c:c3:9e:
a9:18:a4:58:e0:62:7c:29:53:15:15:0f:a7:ff:c8:7d:19:f0:
59:2a:cc:86:89:7d:de:7a:4a:e2:64:8d:c1:ff:ed:9c:7f:93:
b8:c4:b0:3b:bc:ba:e6:65:14:fa:9b:aa:68:a7:e7:db:1a:3c:
18:51:7b:d2:74:4b:6b:a4:ad:f0:a4:f7:bb:d0:69:5c:b5:a9:
46:cd:e8:34:05:0a:6c:ca:3c:f8:d7:08:f3:e2:93:bf:76:c9:
64:8d:af:6f:4f:2d:d6:da:bd:7f:14:2e:b2:36:3d:e1:83:78:
b7:1a:d3:0c:38:ef:ab:18:b4:70:04:96:25:09:89:8a:d3:69:
c1:b3:5d:50:e3:43:2a:33:81:f5:b1:bc:24:73:1a:21:35:eb:
3a:f4:66:0c:a5:a1:69:38:2f:f9:58:9b:50:1f:d2:77:d0:84:
b8:bb:50:98:fa:fb:ed:b5:31:c6:c5:0c:a5:b7:62:6a:36:00:
53:90:fe:a7:00:97:35:d0:55:ef:1b:94:3c:dc:a9:16:24:eb:
fe:12:e1:71:60:e1:25:72:50:b8:c7:d5:0b:c4:44:04:de:5a:
dc:eb:40:53
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZ34SWXlJwoaPMejdcwLsTEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNTA1MTMxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQyN2M4NDY0ZDYyZjNlMDNiOWRhOGEyYjIwN2M5ZjdiNmU4MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztq23uJ4BWP8OS2wa69SK5u65S8L
vNsr/lrA9UZXgPszaT6GCcISpPU3QrGzPWcSpaq2enZpYS3xQcMQVdzdrGa9if27
en0ncmwCKTbGp/jvThyZNGICPptvCVxzeibrGhLdH1vCDF9Oq0fDMml6cQNdp20n
sNAgSRpcXw9h5WVYZ9+EXw4pKFQIT0Q5/lQ3Ay2zHQ3VijaBo2WVTp/zbY3e+hOi
C/oGHpbFLEZkIrujm9aq6hejAVJF0MkkPsWOdzPa2drEHtMXeorc+1V6cAyJGAl+
xUH7TghkQiyB8kyUK6fa/VNzeMx1ae1YmTDhge9At5iTjoyWaxL1zdSQxwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFI/SfIRk1i8+A7naiisgfJ97boGgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvajlKOGhHVFdMejREdWRxS0t5QjhuM3R1Z2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCAQwEAgABMIIB
BAMEALlICgMEAMB8vgMEAMF8BQMEAMF8BwMEAMI6OgMEAMI6mwMEAMI63wMEAMJX
IQMEAcJXNAMEAMJXOwMEAMJXSwMEAMJXdwMEAMJXegMEAMJXfgMEAMJXiAMEAMJX
mAMEAMJXswMEAMJXtwMEAsJXwDAMAwQAwlfTAwQAwlfUAwQAwlflAwQAwlfnAwQA
wocYAwQAw4UTAwQBw4UYAwQAw4UdAwQAw4UjAwQBw4UoAwQBw4UyMAwDBADDhTkD
BADDhToDBADDhUgDBAHDhVwDBADDhV8wDAMEANTA8QMEANTA8gMEANTA9wMEANTA
+QMEANTBADAMAwQB1MEaAwQA1MEcMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkq
hkiG9w0BAQsFAAOCAQEAaWBgcNj5Py7PParfVydp0K9bI/wcu//94U++ccYfq1KV
jMOeqRikWOBifClTFRUPp//IfRnwWSrMhol93npK4mSNwf/tnH+TuMSwO7y65mUU
+puqaKfn2xo8GFF70nRLa6St8KT3u9BpXLWpRs3oNAUKbMo8+NcI8+KTv3bJZI2v
b08t1tq9fxQusjY94YN4txrTDDjvqxi0cASWJQmJitNpwbNdUONDKjOB9bG8JHMa
ITXrOvRmDKWhaTgv+VibUB/Sd9CEuLtQmPr77bUxxsUMpbdiajYAU5D+pwCXNdBV
7xuUPNypFiTr/hLhcWDhJXJQuMfVC8REBN5a3OtAUw==
-----END CERTIFICATE-----
Generated at Wed May 13 14:34:32 2026 by rpki-client