Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/J4mXmms4TiP28PN9LBCVFRM01HA.roa
File: J4mXmms4TiP28PN9LBCVFRM01HA.roa (raw, json)
Hash identifier: VUMEpxKdTm7c58+fUJJlRr+8yRrKuCjq0GD1rQWYd3c=
Subject key identifier: 27:89:97:9A:6B:38:4E:23:F6:F0:F3:7D:2C:10:95:15:13:34:D4:70
Certificate issuer: /CN=e1b605d6660e98331c2e204980f2a576fdf49619
Certificate serial: 019D23B4B7574A9E88D94D71E87CD5358EFE
Authority key identifier: E1:B6:05:D6:66:0E:98:33:1C:2E:20:49:80:F2:A5:76:FD:F4:96:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bYF1mYOmDMcLiBJgPKldv30lhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/J4mXmms4TiP28PN9LBCVFRM01HA.roa
Signing time: Wed 25 Mar 2026 06:35:39 +0000
ROA not before: Wed 25 Mar 2026 06:35:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8256
IP address blocks: 212.51.192.0/21 maxlen: 21
212.51.204.0/24 maxlen: 24
212.51.207.0/24 maxlen: 24
212.51.208.0/20 maxlen: 20
212.191.0.0/17 maxlen: 17
2001:b10::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/4bYF1mYOmDMcLiBJgPKldv30lhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/4bYF1mYOmDMcLiBJgPKldv30lhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4bYF1mYOmDMcLiBJgPKldv30lhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:23:b4:b7:57:4a:9e:88:d9:4d:71:e8:7c:d5:35:8e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b605d6660e98331c2e204980f2a576fdf49619
Validity
Not Before: Mar 25 06:35:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2789979a6b384e23f6f0f37d2c1095151334d470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:87:8c:ee:4e:94:f3:4c:61:9c:85:72:cb:
cb:09:3d:e2:bf:25:59:92:65:9a:aa:61:c8:a6:70:
1e:3b:64:02:39:dd:03:89:4d:a7:b8:c9:e7:22:d8:
ab:ea:56:ce:2c:2f:b6:a2:83:14:82:e2:51:b6:e0:
90:40:96:81:45:1f:dd:1c:46:ad:03:1d:dc:56:b5:
56:b0:d3:c5:8a:b5:96:45:0a:f6:b9:17:25:fc:d5:
d4:1a:14:ce:cd:5b:fd:93:80:bb:07:8b:38:9b:d3:
76:66:3e:29:f7:ff:c9:0b:24:3d:6c:07:d5:c7:7a:
4f:f2:fb:78:7a:96:b0:a5:2d:0f:ad:69:fe:9a:60:
bd:f3:da:17:81:58:13:08:e8:c5:14:a3:bb:a9:81:
5f:15:72:1d:2c:4a:66:a4:3a:22:e6:06:69:19:6d:
70:6a:61:4a:ee:4e:8e:53:ae:b1:f9:e5:7c:67:3b:
2c:a3:ec:3e:90:8e:8c:02:58:e8:e4:c1:b1:fb:fc:
23:b7:18:b0:6b:7d:c9:d7:db:33:73:0e:bf:d9:0a:
77:a1:aa:b8:79:a0:29:30:2c:2c:60:62:f5:3f:6a:
0d:87:d6:ff:60:c9:c9:98:8f:2a:00:8d:61:56:d7:
d9:14:d6:b0:81:0f:02:f3:f8:73:c8:6d:7e:54:c9:
dc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:89:97:9A:6B:38:4E:23:F6:F0:F3:7D:2C:10:95:15:13:34:D4:70
X509v3 Authority Key Identifier:
keyid:E1:B6:05:D6:66:0E:98:33:1C:2E:20:49:80:F2:A5:76:FD:F4:96:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bYF1mYOmDMcLiBJgPKldv30lhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/J4mXmms4TiP28PN9LBCVFRM01HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b809c4-4b54-4e39-98bd-64a992205f51/1/4bYF1mYOmDMcLiBJgPKldv30lhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.51.192.0/21
212.51.204.0/24
212.51.207.0-212.51.223.255
212.191.0.0/17
IPv6:
2001:b10::/35
Signature Algorithm: sha256WithRSAEncryption
72:1e:72:3b:03:33:79:1c:3e:2a:62:b4:2b:a1:d4:6f:fa:a6:
ec:5b:cd:58:e4:76:1e:87:4e:6b:d9:de:97:ee:38:77:5e:44:
06:c1:4c:2f:55:c6:ab:c4:e5:37:e5:b3:fb:87:cc:fc:96:3c:
0f:b1:3a:e2:d2:25:9b:f0:6a:40:6d:c4:aa:84:c7:ad:77:53:
a2:df:7c:06:e2:41:4a:08:72:2c:28:51:d4:78:e2:20:35:3d:
18:0d:b0:69:fb:8d:7c:60:51:d2:c2:a8:a2:b0:0b:7f:81:c9:
34:50:05:ad:91:9f:bc:3e:6c:20:7a:3a:21:6e:63:e9:45:1b:
31:58:2f:ff:2b:2b:76:07:29:40:d8:b3:b1:59:79:1f:1f:e4:
1b:aa:4e:8c:a5:6f:c1:74:f1:ff:07:19:ea:c6:51:6e:32:d2:
1d:a5:4a:30:7a:26:85:ff:91:35:81:7b:d9:9f:22:13:00:4d:
f5:64:74:0f:22:0a:7b:21:6d:d2:3c:06:1c:aa:a1:90:d2:68:
a3:e9:2a:a9:16:88:68:9a:ae:9d:fd:52:ce:59:36:d9:21:1b:
b2:01:54:26:38:6f:3d:73:b0:a6:62:11:2c:7d:c3:20:75:a8:
5e:cc:6c:7a:8a:91:ca:1d:f7:a3:97:7a:26:d5:7b:79:44:99:
f7:80:ab:3d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ0jtLdXSp6I2U1x6HzVNY7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjYwNWQ2NjYwZTk4MzMxYzJlMjA0OTgwZjJhNTc2ZmRm
NDk2MTkwHhcNMjYwMzI1MDYzNTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg5OTc5YTZiMzg0ZTIzZjZmMGYzN2QyYzEwOTUxNTEzMzRkNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK6HjO5OlPNMYZyFcsvLCT3ivyVZ
kmWaqmHIpnAeO2QCOd0DiU2nuMnnItir6lbOLC+2ooMUguJRtuCQQJaBRR/dHEat
Ax3cVrVWsNPFirWWRQr2uRcl/NXUGhTOzVv9k4C7B4s4m9N2Zj4p9//JCyQ9bAfV
x3pP8vt4epawpS0PrWn+mmC989oXgVgTCOjFFKO7qYFfFXIdLEpmpDoi5gZpGW1w
amFK7k6OU66x+eV8Zzsso+w+kI6MAljo5MGx+/wjtxiwa33J19szcw6/2Qp3oaq4
eaApMCwsYGL1P2oNh9b/YMnJmI8qAI1hVtfZFNawgQ8C8/hzyG1+VMncqwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCeJl5prOE4j9vDzfSwQlRUTNNRwMB8GA1UdIwQY
MBaAFOG2BdZmDpgzHC4gSYDypXb99JYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJZRjFtWU9tRE1jTGlCSmdQS2xkdjMwbGhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iODA5YzQtNGI1NC00ZTM5LTk4YmQt
NjRhOTkyMjA1ZjUxLzEvSjRtWG1tczRUaVAyOFBOOUxCQ1ZGUk0wMUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iODA5YzQtNGI1NC00ZTM5LTk4YmQtNjRhOTkyMjA1ZjUx
LzEvNGJZRjFtWU9tRE1jTGlCSmdQS2xkdjMwbGhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAmBAIAATAgAwQD1DPAAwQA
1DPMMAwDBADUM88DBAXUM8ADBAfUvwAwDgQCAAIwCAMGBSABCxAAMA0GCSqGSIb3
DQEBCwUAA4IBAQByHnI7AzN5HD4qYrQrodRv+qbsW81Y5HYeh05r2d6X7jh3XkQG
wUwvVcarxOU35bP7h8z8ljwPsTri0iWb8GpAbcSqhMetd1Oi33wG4kFKCHIsKFHU
eOIgNT0YDbBp+418YFHSwqiisAt/gck0UAWtkZ+8PmwgejohbmPpRRsxWC//Kyt2
BylA2LOxWXkfH+Qbqk6MpW/BdPH/BxnqxlFuMtIdpUoweiaF/5E1gXvZnyITAE31
ZHQPIgp7IW3SPAYcqqGQ0mij6SqpFohomq6d/VLOWTbZIRuyAVQmOG89c7CmYhEs
fcMgdahezGx6ipHKHfejl3om1Xt5RJn3gKs9
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:59:09 2026 by rpki-client