Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/02JNfVWYOVA2OBy17TDgR9y7do8.roa
File: 02JNfVWYOVA2OBy17TDgR9y7do8.roa (raw, json)
Hash identifier: x5I0ROnfJh237cohKlOyZemzpgBQnX/4IqZy8ejhw3c=
Subject key identifier: D3:62:4D:7D:55:98:39:50:36:38:1C:B5:ED:30:E0:47:DC:BB:76:8F
Certificate issuer: /CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Certificate serial: 019CDD67C3AFA1CB3B43FDD402F733B6A7E6
Authority key identifier: C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/02JNfVWYOVA2OBy17TDgR9y7do8.roa
Signing time: Wed 11 Mar 2026 14:58:10 +0000
ROA not before: Wed 11 Mar 2026 14:58:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41589
IP address blocks: 81.25.128.0/20 maxlen: 20
91.142.48.0/20 maxlen: 24
195.34.86.0/23 maxlen: 23
217.171.176.0/20 maxlen: 20
2a02:4d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/xPiLXG5RFuUM8rW99D6HIPHYxg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/xPiLXG5RFuUM8rW99D6HIPHYxg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:67:c3:af:a1:cb:3b:43:fd:d4:02:f7:33:b6:a7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Validity
Not Before: Mar 11 14:58:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d3624d7d5598395036381cb5ed30e047dcbb768f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:17:17:67:e5:15:8d:90:78:f2:12:36:df:4b:
8a:d1:16:b1:90:d0:85:2c:ad:5d:1a:7b:2b:d0:07:
21:37:3a:16:c7:94:c5:3a:db:ac:35:13:b9:01:54:
46:71:0a:77:a3:ce:60:c1:71:8b:54:30:e9:53:6a:
af:6f:2a:3a:90:17:94:3e:63:ef:d7:2e:4f:91:65:
83:f0:c6:86:35:65:fb:96:32:bb:d6:dc:f3:bd:bd:
a7:3b:82:7d:12:60:a0:ca:e9:08:52:7a:fe:55:de:
cc:9e:15:75:b2:95:38:28:95:96:63:fb:07:21:a3:
3a:0f:5d:3b:92:2a:3a:91:01:36:71:0a:89:e2:a1:
ff:25:1e:3a:22:64:75:f7:a6:1b:59:04:7f:9b:63:
f1:da:92:af:27:b8:94:29:df:2c:be:66:05:8c:ef:
6a:ba:f5:14:ea:8c:32:f0:73:b8:7c:ea:71:cb:9f:
87:86:6e:1b:dd:19:0d:61:e5:fc:6d:a7:2b:03:03:
fc:a8:8f:08:a5:69:d2:7d:ac:15:c1:44:d2:eb:62:
c0:08:9b:29:49:4e:dc:c2:3f:aa:1d:19:8d:6c:b3:
0c:b1:65:16:1a:9c:7f:25:df:89:e6:e8:de:11:9a:
f2:d3:9a:68:9b:73:26:a9:94:81:3c:a9:a6:33:b9:
28:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:62:4D:7D:55:98:39:50:36:38:1C:B5:ED:30:E0:47:DC:BB:76:8F
X509v3 Authority Key Identifier:
keyid:C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/02JNfVWYOVA2OBy17TDgR9y7do8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/xPiLXG5RFuUM8rW99D6HIPHYxg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.128.0/20
91.142.48.0/20
195.34.86.0/23
217.171.176.0/20
IPv6:
2a02:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
2d:a6:2f:9a:dc:c4:d1:6b:b6:14:66:34:11:55:d8:bc:a8:4b:
14:27:84:5d:fe:8a:b7:a1:88:0f:b7:c9:5b:14:23:a4:6e:9e:
31:ac:73:83:cf:20:e2:af:0f:fe:60:1f:0b:07:54:2b:a5:73:
87:e8:17:22:78:48:14:35:87:9e:f5:9a:5e:d6:db:56:4e:56:
5a:5a:ff:c2:f6:94:02:3d:d0:ca:a8:ae:0a:ff:45:e5:4b:2c:
e2:49:5b:41:d4:ef:5d:36:38:a4:ff:3d:e2:1e:1d:96:6d:a0:
e3:71:ae:42:27:b2:78:f9:b0:64:4b:e1:bb:d1:95:39:fe:3e:
06:12:b0:8a:85:4f:b8:e3:65:6e:5d:79:2a:d0:2b:eb:89:63:
d7:b0:39:b5:51:6d:73:ca:cf:b2:7c:4e:1d:b9:dc:bd:cc:69:
7f:bc:7f:d4:36:a2:d4:92:97:4c:8c:21:b6:46:f0:7d:88:1e:
2c:b9:26:2a:66:64:09:b7:42:56:c9:d0:60:8c:62:c2:70:14:
8c:6c:9b:f0:7d:9b:17:c3:06:10:8f:76:e4:df:f7:67:f3:83:
42:b6:17:4a:7d:21:74:f3:bb:ce:34:52:3e:74:e7:5c:0a:f0:
0a:c3:e3:fb:23:09:21:aa:4c:e4:91:39:cf:69:88:fb:38:29:
6d:3d:ec:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZzdZ8Ovocs7Q/3UAvcztqfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Zjg4YjVjNmU1MTE2ZTUwY2YyYjViZGY0M2U4NzIwZjFk
OGM2MGYwHhcNMjYwMzExMTQ1ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYyNGQ3ZDU1OTgzOTUwMzYzODFjYjVlZDMwZTA0N2RjYmI3NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhcXZ+UVjZB48hI230uK0RaxkNCF
LK1dGnsr0AchNzoWx5TFOtusNRO5AVRGcQp3o85gwXGLVDDpU2qvbyo6kBeUPmPv
1y5PkWWD8MaGNWX7ljK71tzzvb2nO4J9EmCgyukIUnr+Vd7MnhV1spU4KJWWY/sH
IaM6D107kio6kQE2cQqJ4qH/JR46ImR196YbWQR/m2Px2pKvJ7iUKd8svmYFjO9q
uvUU6owy8HO4fOpxy5+Hhm4b3RkNYeX8bacrAwP8qI8IpWnSfawVwUTS62LACJsp
SU7cwj+qHRmNbLMMsWUWGpx/Jd+J5ujeEZry05pom3MmqZSBPKmmM7kosQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNNiTX1VmDlQNjgcte0w4Efcu3aPMB8GA1UdIwQY
MBaAFMT4i1xuURblDPK1vfQ+hyDx2MYPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFBpTFhHNVJGdVVNOHJXOTlENkhJUEhZeGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yNTMwNzgtMGE3Yi00NWJiLWJjNjct
MDczNjM5OTM4NDM3LzEvMDJKTmZWV1lPVkEyT0J5MTdURGdSOXk3ZG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yNTMwNzgtMGE3Yi00NWJiLWJjNjctMDczNjM5OTM4NDM3
LzEveFBpTFhHNVJGdVVNOHJXOTlENkhJUEhZeGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEURmAAwQE
W44wAwQBwyJWAwQE2auwMA0EAgACMAcDBQAqAgTYMA0GCSqGSIb3DQEBCwUAA4IB
AQAtpi+a3MTRa7YUZjQRVdi8qEsUJ4Rd/oq3oYgPt8lbFCOkbp4xrHODzyDirw/+
YB8LB1QrpXOH6BcieEgUNYee9Zpe1ttWTlZaWv/C9pQCPdDKqK4K/0XlSyziSVtB
1O9dNjik/z3iHh2WbaDjca5CJ7J4+bBkS+G70ZU5/j4GErCKhU+442VuXXkq0Cvr
iWPXsDm1UW1zys+yfE4dudy9zGl/vH/UNqLUkpdMjCG2RvB9iB4suSYqZmQJt0JW
ydBgjGLCcBSMbJvwfZsXwwYQj3bk3/dn84NCthdKfSF087vONFI+dOdcCvAKw+P7
IwkhqkzkkTnPaYj7OCltPew9
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:33:21 2026 by rpki-client