Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/VJmYyAY5gDU-GruFnMhu4NvF5fQ.roa
File: VJmYyAY5gDU-GruFnMhu4NvF5fQ.roa (raw, json)
Hash identifier: 0Dz1rJ02bAotpyt4CdIlwNIWTxmO240hUbKpjOyKkLg=
Subject key identifier: 54:99:98:C8:06:39:80:35:3E:1A:BB:85:9C:C8:6E:E0:DB:C5:E5:F4
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019E2089B84989CE6E6616DE119804E6CCC3
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/VJmYyAY5gDU-GruFnMhu4NvF5fQ.roa
Signing time: Wed 13 May 2026 08:52:37 +0000
ROA not before: Wed 13 May 2026 08:52:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 194.231.128.0/22 maxlen: 24
194.231.128.0/24 maxlen: 24
194.231.129.0/24 maxlen: 24
194.231.130.0/24 maxlen: 24
194.231.132.0/22 maxlen: 22
194.231.132.0/24 maxlen: 24
194.231.135.0/24 maxlen: 24
194.231.136.0/22 maxlen: 22
194.231.137.0/24 maxlen: 24
194.231.138.0/24 maxlen: 24
194.231.139.0/24 maxlen: 24
194.231.142.0/24 maxlen: 24
194.231.150.0/24 maxlen: 24
194.231.152.0/22 maxlen: 22
194.231.153.0/24 maxlen: 24
194.231.154.0/24 maxlen: 24
194.231.157.0/24 maxlen: 24
194.231.158.0/24 maxlen: 24
194.231.195.0/24 maxlen: 24
194.231.196.0/22 maxlen: 22
194.231.196.0/24 maxlen: 24
194.231.198.0/24 maxlen: 24
194.231.199.0/24 maxlen: 24
194.231.200.0/22 maxlen: 22
194.231.201.0/24 maxlen: 24
194.231.202.0/23 maxlen: 24
194.231.202.0/24 maxlen: 24
194.231.204.0/22 maxlen: 22
194.231.204.0/23 maxlen: 24
194.231.206.0/23 maxlen: 24
194.231.208.0/23 maxlen: 24
194.231.210.0/23 maxlen: 24
194.231.212.0/22 maxlen: 22
194.231.213.0/24 maxlen: 24
194.231.218.0/23 maxlen: 24
194.231.220.0/22 maxlen: 24
194.231.222.0/24 maxlen: 24
194.231.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:89:b8:49:89:ce:6e:66:16:de:11:98:04:e6:cc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 13 08:52:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=549998c8063980353e1abb859cc86ee0dbc5e5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:6c:96:18:4c:f5:32:81:64:6d:aa:e2:a4:
a9:8d:28:ec:7a:ef:3e:b0:ff:ff:e5:d3:07:2c:90:
f0:d6:b8:55:cb:c8:c7:a7:fb:47:d9:25:79:14:72:
bc:d2:3e:1b:e2:8d:33:f5:86:2c:5b:27:05:b7:6a:
4f:cd:4c:a8:2f:d0:d7:58:c1:e1:ce:4f:75:07:7e:
a8:a6:02:6b:dd:97:6b:70:0e:64:79:f8:ac:fe:76:
9b:69:d6:68:87:35:fc:69:a8:cf:e3:8d:d7:1b:bb:
43:13:a2:e6:ca:45:66:32:a5:bb:e1:f0:21:f8:45:
3f:70:59:5c:e0:80:ba:8b:02:a2:7b:4e:8d:0a:00:
04:15:e0:f1:05:0c:bb:45:5a:d9:4a:7e:1f:7e:7e:
87:3a:32:90:72:8e:32:88:e5:1d:55:50:83:8a:14:
6d:1c:53:87:61:ad:a6:14:16:3f:e6:12:24:51:6b:
86:65:cf:0a:81:5c:f8:fd:cc:cb:4b:21:97:04:08:
b0:25:2a:c1:da:42:d3:a7:bf:ac:e2:f6:e8:9e:dc:
f8:ac:ac:90:cb:56:a0:a9:bb:7f:97:73:0d:69:38:
3a:58:14:94:8e:2e:82:d1:ac:7c:77:46:8d:be:ca:
85:04:df:fd:ae:d4:11:52:cf:4f:e9:aa:2c:0d:e0:
78:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:99:98:C8:06:39:80:35:3E:1A:BB:85:9C:C8:6E:E0:DB:C5:E5:F4
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/VJmYyAY5gDU-GruFnMhu4NvF5fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.128.0-194.231.139.255
194.231.142.0/24
194.231.150.0/24
194.231.152.0/22
194.231.157.0-194.231.158.255
194.231.195.0-194.231.215.255
194.231.218.0-194.231.223.255
Signature Algorithm: sha256WithRSAEncryption
b6:4e:84:8b:be:47:a5:27:8d:ac:16:a1:d5:b0:a8:cd:bc:55:
ce:9e:72:77:05:76:7a:0e:29:36:70:1d:64:a2:12:5c:15:f5:
38:7b:50:f3:42:a6:82:a2:ed:ec:5c:6f:83:70:cb:dc:5c:a2:
c1:4d:a1:0a:3b:60:37:96:bf:ec:cd:70:a3:be:5c:c2:14:be:
9f:5a:7e:2b:20:6b:e6:a6:e8:6f:7d:77:57:8d:77:59:bb:a5:
4d:45:e9:30:67:96:1f:89:2f:e3:d9:d0:21:ad:c2:08:81:84:
22:a5:af:85:7d:5e:65:20:24:61:9a:c6:bd:41:a1:e1:46:0e:
e9:04:71:8b:4a:25:d2:4e:61:19:e8:cc:85:08:b2:d1:15:fd:
43:2c:43:6a:74:76:66:47:46:8f:a9:4a:21:3c:c4:e6:fb:bc:
bd:b1:e3:f3:fd:a5:5d:f6:dc:00:17:31:f7:5c:c1:4f:2d:8e:
e3:02:33:81:4c:e3:c8:7f:d0:7a:19:31:38:64:c1:d3:e1:fb:
e1:6d:14:e4:8d:4c:d6:f4:d4:81:28:4c:fa:02:6c:13:8f:88:
65:b0:c3:96:aa:21:e5:67:84:c3:ea:b7:2d:93:37:f7:0f:c8:
d7:07:cf:0f:0b:d7:3e:0f:86:c4:dc:53:fb:34:3d:2d:4c:9e:
15:61:cb:af
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ4gibhJic5uZhbeEZgE5szDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNTEzMDg1MjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDk5OThjODA2Mzk4MDM1M2UxYWJiODU5Y2M4NmVlMGRiYzVlNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlNslhhM9TKBZG2q4qSpjSjseu8+
sP//5dMHLJDw1rhVy8jHp/tH2SV5FHK80j4b4o0z9YYsWycFt2pPzUyoL9DXWMHh
zk91B36opgJr3ZdrcA5kefis/nabadZohzX8aajP443XG7tDE6LmykVmMqW74fAh
+EU/cFlc4IC6iwKie06NCgAEFeDxBQy7RVrZSn4ffn6HOjKQco4yiOUdVVCDihRt
HFOHYa2mFBY/5hIkUWuGZc8KgVz4/czLSyGXBAiwJSrB2kLTp7+s4vbontz4rKyQ
y1agqbt/l3MNaTg6WBSUji6C0ax8d0aNvsqFBN/9rtQRUs9P6aosDeB4SQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFFSZmMgGOYA1Phq7hZzIbuDbxeX0MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvVkptWXlBWTVnRFUtR3J1Rm5NaHU0TnZGNWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAfC54AD
BALC54gDBADC544DBADC55YDBALC55gwDAMEAMLnnQMEAMLnnjAMAwQAwufDAwQD
wufQMAwDBAHC59oDBAXC58AwDQYJKoZIhvcNAQELBQADggEBALZOhIu+R6UnjawW
odWwqM28Vc6ecncFdnoOKTZwHWSiElwV9Th7UPNCpoKi7excb4Nwy9xcosFNoQo7
YDeWv+zNcKO+XMIUvp9afisga+am6G99d1eNd1m7pU1F6TBnlh+JL+PZ0CGtwgiB
hCKlr4V9XmUgJGGaxr1BoeFGDukEcYtKJdJOYRnozIUIstEV/UMsQ2p0dmZHRo+p
SiE8xOb7vL2x4/P9pV323AAXMfdcwU8tjuMCM4FM48h/0HoZMThkwdPh++FtFOSN
TNb01IEoTPoCbBOPiGWww5aqIeVnhMPqty2TN/cPyNcHzw8L1z4PhsTcU/s0PS1M
nhVhy68=
-----END CERTIFICATE-----
Generated at Wed May 13 14:47:42 2026 by rpki-client