Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/b4mQrv2JTgcWO8F1cjJyeYQBVb8.roa
File: b4mQrv2JTgcWO8F1cjJyeYQBVb8.roa (raw, json)
Hash identifier: iaSN44aIIFU4B37XMu9thx+iSA2kuFPJ2xwDFwtro2U=
Subject key identifier: 6F:89:90:AE:FD:89:4E:07:16:3B:C1:75:72:32:72:79:84:01:55:BF
Certificate issuer: /CN=8c575211b8f1f04cee0abddbadab2a06cc34e600
Certificate serial: 019C4BF377B0EDC535DB39CCF45619232A51
Authority key identifier: 8C:57:52:11:B8:F1:F0:4C:EE:0A:BD:DB:AD:AB:2A:06:CC:34:E6:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jFdSEbjx8EzuCr3brasqBsw05gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/b4mQrv2JTgcWO8F1cjJyeYQBVb8.roa
Signing time: Wed 11 Feb 2026 09:06:12 +0000
ROA not before: Wed 11 Feb 2026 09:06:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201751
IP address blocks: 131.222.131.0/24 maxlen: 24
2a0b:5180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/jFdSEbjx8EzuCr3brasqBsw05gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/jFdSEbjx8EzuCr3brasqBsw05gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jFdSEbjx8EzuCr3brasqBsw05gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4b:f3:77:b0:ed:c5:35:db:39:cc:f4:56:19:23:2a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c575211b8f1f04cee0abddbadab2a06cc34e600
Validity
Not Before: Feb 11 09:06:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f8990aefd894e07163bc17572327279840155bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:24:39:ee:54:cd:20:97:9d:6b:c5:5f:c2:5e:
da:98:f2:86:c6:20:e7:61:f4:fe:7f:43:d9:07:c3:
4e:27:19:1d:e1:62:4d:fb:ac:9b:6c:2e:b5:d5:87:
ad:0a:02:b6:44:4a:5c:35:ad:b3:19:fa:07:93:be:
43:f9:02:4d:7d:e0:03:af:39:82:76:9f:6a:91:4e:
26:d9:bb:c9:81:da:96:a3:74:bb:67:ed:83:43:a7:
52:cf:2c:01:b4:4a:0f:55:28:ca:22:5c:c9:03:f6:
3d:07:d1:e1:06:11:40:c3:aa:92:dc:6f:53:05:1f:
3c:2d:e8:b7:4e:6c:e0:e8:90:de:ca:80:4c:92:ca:
57:f2:ab:82:72:d9:c1:62:b2:96:16:ed:5c:38:17:
a3:ca:a0:b7:d2:25:9c:94:0b:6c:51:39:8b:da:13:
39:70:b5:c3:22:51:de:72:7a:95:31:9d:69:c0:84:
9f:a9:e8:e7:62:fc:ad:3c:bf:2c:64:15:aa:df:c8:
52:3c:65:24:18:c1:b7:98:7d:0b:7b:93:4e:5a:03:
92:28:13:21:60:22:e3:78:87:21:91:a6:6e:20:2b:
8f:89:50:07:3f:d8:f3:80:66:7c:76:e4:16:c7:e0:
ae:c1:ef:2a:01:d9:09:81:93:cc:21:19:ce:18:45:
e6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:89:90:AE:FD:89:4E:07:16:3B:C1:75:72:32:72:79:84:01:55:BF
X509v3 Authority Key Identifier:
keyid:8C:57:52:11:B8:F1:F0:4C:EE:0A:BD:DB:AD:AB:2A:06:CC:34:E6:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFdSEbjx8EzuCr3brasqBsw05gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/b4mQrv2JTgcWO8F1cjJyeYQBVb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/9df70c-8eea-4484-9602-c6f8518e628d/1/jFdSEbjx8EzuCr3brasqBsw05gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.131.0/24
IPv6:
2a0b:5180::/29
Signature Algorithm: sha256WithRSAEncryption
a3:33:9b:a8:89:44:79:96:01:f9:2d:4a:a0:73:8f:b9:d8:78:
9a:2e:05:a0:06:bb:55:59:24:08:d1:00:ef:f9:e4:c4:a5:50:
e2:1d:a3:d6:c2:bb:32:a7:94:89:89:da:0c:84:98:22:30:fd:
bf:10:07:65:87:0b:a2:83:fe:de:c7:83:5a:0b:cc:64:70:62:
29:eb:54:a5:b5:85:9c:f4:9f:23:ba:95:03:0b:8b:3c:00:9e:
86:94:0a:57:35:b7:1a:1e:29:35:52:7e:69:96:9e:6b:bd:57:
af:fa:7f:28:13:d7:69:fa:05:e7:08:c7:cf:9e:2e:b0:ff:2b:
e8:20:6e:d1:2f:4b:7d:25:c8:68:15:4a:c6:19:dd:df:aa:20:
8c:bf:53:d2:6c:bd:d8:65:07:d6:61:ab:c3:81:1b:2c:b2:c4:
ac:45:6f:4f:e9:10:9f:1e:49:3c:12:92:3a:6b:dd:f3:1a:42:
65:22:76:7c:77:04:d0:09:e2:74:af:d8:c9:36:1d:98:61:b8:
d3:da:48:ca:a6:78:8b:7f:22:88:2a:0a:74:09:e3:fb:d5:35:
5f:81:ce:07:ec:74:d9:26:96:19:bd:6a:71:46:22:a2:ba:cb:
98:fd:44:1a:64:fb:b6:5b:1c:a2:64:e5:8c:4e:13:36:8f:25:
dc:f6:3a:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZxL83ew7cU12znM9FYZIypRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTc1MjExYjhmMWYwNGNlZTBhYmRkYmFkYWIyYTA2Y2Mz
NGU2MDAwHhcNMjYwMjExMDkwNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg5OTBhZWZkODk0ZTA3MTYzYmMxNzU3MjMyNzI3OTg0MDE1NWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iQ57lTNIJeda8Vfwl7amPKGxiDn
YfT+f0PZB8NOJxkd4WJN+6ybbC611YetCgK2REpcNa2zGfoHk75D+QJNfeADrzmC
dp9qkU4m2bvJgdqWo3S7Z+2DQ6dSzywBtEoPVSjKIlzJA/Y9B9HhBhFAw6qS3G9T
BR88Lei3Tmzg6JDeyoBMkspX8quCctnBYrKWFu1cOBejyqC30iWclAtsUTmL2hM5
cLXDIlHecnqVMZ1pwISfqejnYvytPL8sZBWq38hSPGUkGMG3mH0Le5NOWgOSKBMh
YCLjeIchkaZuICuPiVAHP9jzgGZ8duQWx+Cuwe8qAdkJgZPMIRnOGEXm5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG+JkK79iU4HFjvBdXIycnmEAVW/MB8GA1UdIwQY
MBaAFIxXUhG48fBM7gq9262rKgbMNOYAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZkU0Viang4RXp1Q3IzYnJhc3FCc3cwNWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC85ZGY3MGMtOGVlYS00NDg0LTk2MDIt
YzZmODUxOGU2MjhkLzEvYjRtUXJ2MkpUZ2NXTzhGMWNqSnllWVFCVmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC85ZGY3MGMtOGVlYS00NDg0LTk2MDItYzZmODUxOGU2Mjhk
LzEvakZkU0Viang4RXp1Q3IzYnJhc3FCc3cwNWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAg96DMA0E
AgACMAcDBQMqC1GAMA0GCSqGSIb3DQEBCwUAA4IBAQCjM5uoiUR5lgH5LUqgc4+5
2HiaLgWgBrtVWSQI0QDv+eTEpVDiHaPWwrsyp5SJidoMhJgiMP2/EAdlhwuig/7e
x4NaC8xkcGIp61SltYWc9J8jupUDC4s8AJ6GlApXNbcaHik1Un5plp5rvVev+n8o
E9dp+gXnCMfPni6w/yvoIG7RL0t9JchoFUrGGd3fqiCMv1PSbL3YZQfWYavDgRss
ssSsRW9P6RCfHkk8EpI6a93zGkJlInZ8dwTQCeJ0r9jJNh2YYbjT2kjKpniLfyKI
Kgp0CeP71TVfgc4H7HTZJpYZvWpxRiKiusuY/UQaZPu2WxyiZOWMThM2jyXc9jrT
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:12:39 2026 by rpki-client