Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JX0G_CRwNJLdeA0A9Np70GHR-mk.roa
File: JX0G_CRwNJLdeA0A9Np70GHR-mk.roa (raw, json)
Hash identifier: 6aD8gcE88LzslO2SJBgLRRcw5G9FbfU4p9AkyU0gKNA=
Subject key identifier: 25:7D:06:FC:24:70:34:92:DD:78:0D:00:F4:DA:7B:D0:61:D1:FA:69
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E135CEAA4C291BD0456948C2328FB282E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JX0G_CRwNJLdeA0A9Np70GHR-mk.roa
Signing time: Sun 10 May 2026 19:28:36 +0000
ROA not before: Sun 10 May 2026 19:28:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 81.18.48.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.224.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
212.69.8.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:13:5c:ea:a4:c2:91:bd:04:56:94:8c:23:28:fb:28:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 10 19:28:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=257d06fc24703492dd780d00f4da7bd061d1fa69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:68:4b:57:69:1c:61:3a:e9:e0:ef:2e:da:ac:
e3:d0:1d:64:f9:6a:4e:27:3f:37:6f:01:0e:16:a0:
d1:89:bf:e1:e7:94:8d:79:91:b1:6f:a0:21:53:ec:
01:a1:62:9d:b6:fb:ab:6c:76:17:67:0a:02:4a:97:
30:05:73:7d:ff:13:d0:79:4f:a3:1e:57:e1:37:2c:
15:d8:d9:5d:34:45:76:0c:2e:40:cc:e7:69:75:69:
07:03:cc:30:47:f9:9b:20:b8:84:da:f7:68:be:6b:
fe:4c:f2:dc:36:68:65:4c:0d:b8:03:2c:d7:7c:ab:
f4:a8:aa:aa:dd:d9:4f:00:73:84:29:ad:c0:b9:3f:
98:96:df:6b:13:ab:46:19:d9:ef:0c:f0:15:01:19:
d3:b2:c3:7f:f2:cb:bd:a0:90:32:3e:d9:d4:79:9f:
23:51:51:73:ab:a0:33:0d:e9:84:d9:ca:7d:b1:d6:
e1:92:1f:1d:78:ba:32:28:8e:7a:b5:54:c6:bf:1b:
3e:4e:d9:7b:f8:8a:0f:f2:0e:f9:a9:ef:14:65:da:
83:8f:18:a1:45:e9:a3:74:81:dc:82:56:95:60:c8:
89:f9:97:17:a3:ba:b9:31:45:34:97:1b:ab:e2:a5:
49:1b:42:d9:3e:a0:38:a2:8a:e8:2c:e0:b2:74:e6:
60:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7D:06:FC:24:70:34:92:DD:78:0D:00:F4:DA:7B:D0:61:D1:FA:69
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JX0G_CRwNJLdeA0A9Np70GHR-mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
178.219.6.0/24
178.253.224.0/24
185.47.91.0/24
188.255.198.0/24
212.69.8.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:24:83:d7:76:e8:c1:e7:d3:e8:70:b1:de:d1:83:af:5e:b6:
fd:4e:da:e2:6e:ad:f9:69:8f:53:38:fd:43:65:05:ab:d0:94:
29:cc:18:8b:a8:9e:42:65:d4:a2:0c:c6:5e:00:aa:7b:d5:aa:
06:b5:83:71:68:a4:14:aa:04:bd:6c:a5:a4:cc:99:95:25:49:
4e:59:95:98:cd:f7:75:6f:74:14:41:b5:27:16:f0:50:7b:ba:
8b:72:a5:f0:ad:b1:89:ee:2f:12:20:7f:0e:5e:df:7a:92:02:
6f:54:4f:e2:50:1b:ba:c5:59:78:7a:f8:c6:a5:b8:8e:9c:24:
99:16:b5:0f:5a:c1:65:8c:aa:4b:57:3d:39:be:3e:be:22:1f:
24:95:5c:df:dc:c0:57:b9:d7:83:6b:01:1e:42:e2:46:0b:a1:
b6:db:57:fb:7a:87:29:eb:8b:62:8d:5b:73:06:7c:7c:ae:d2:
4b:d6:18:24:0c:fd:a5:ba:62:e9:bd:8c:4b:bb:9e:54:1d:c9:
93:2c:de:94:23:c1:9f:19:4c:cc:72:89:04:05:7c:07:7f:ff:
e8:f0:78:06:8d:c3:21:f9:c1:18:55:1c:a5:99:4f:bc:9c:02:
f0:5a:26:5e:30:c9:38:f3:fd:09:ac:b4:35:ef:1f:52:2d:30:
23:f0:c5:a6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4TXOqkwpG9BFaUjCMo+yguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNTEwMTkyODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdkMDZmYzI0NzAzNDkyZGQ3ODBkMDBmNGRhN2JkMDYxZDFmYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2hLV2kcYTrp4O8u2qzj0B1k+WpO
Jz83bwEOFqDRib/h55SNeZGxb6AhU+wBoWKdtvurbHYXZwoCSpcwBXN9/xPQeU+j
HlfhNywV2NldNEV2DC5AzOdpdWkHA8wwR/mbILiE2vdovmv+TPLcNmhlTA24AyzX
fKv0qKqq3dlPAHOEKa3AuT+Ylt9rE6tGGdnvDPAVARnTssN/8su9oJAyPtnUeZ8j
UVFzq6AzDemE2cp9sdbhkh8deLoyKI56tVTGvxs+Ttl7+IoP8g75qe8UZdqDjxih
RemjdIHcglaVYMiJ+ZcXo7q5MUU0lxur4qVJG0LZPqA4ooroLOCydOZgBwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCV9BvwkcDSS3XgNAPTae9Bh0fppMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSlgwR19DUndOSkxkZUEwQTlOcDcwR0hSLW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAURIwAwQA
stsGAwQAsv3gAwQAuS9bAwQAvP/GAwQA1EUIAwQA1EULMA0GCSqGSIb3DQEBCwUA
A4IBAQAOJIPXdujB59PocLHe0YOvXrb9Ttribq35aY9TOP1DZQWr0JQpzBiLqJ5C
ZdSiDMZeAKp71aoGtYNxaKQUqgS9bKWkzJmVJUlOWZWYzfd1b3QUQbUnFvBQe7qL
cqXwrbGJ7i8SIH8OXt96kgJvVE/iUBu6xVl4evjGpbiOnCSZFrUPWsFljKpLVz05
vj6+Ih8klVzf3MBXudeDawEeQuJGC6G221f7eocp64tijVtzBnx8rtJL1hgkDP2l
umLpvYxLu55UHcmTLN6UI8GfGUzMcokEBXwHf//o8HgGjcMh+cEYVRylmU+8nALw
WiZeMMk48/0JrLQ17x9SLTAj8MWm
-----END CERTIFICATE-----
Generated at Wed May 13 07:45:44 2026 by rpki-client