Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/JNZCYSb0eX2LiAhwYWr792VZYyk.roa
File: JNZCYSb0eX2LiAhwYWr792VZYyk.roa (raw, json)
Hash identifier: 8a/oxkbq80RN3ANPAzfwubbSf0KUQs2EZXuphhCoNP8=
Subject key identifier: 24:D6:42:61:26:F4:79:7D:8B:88:08:70:61:6A:FB:F7:65:59:63:29
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 019CFC5F9AC0F42D1EE33A4511B10B701E0F
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/JNZCYSb0eX2LiAhwYWr792VZYyk.roa
Signing time: Tue 17 Mar 2026 15:17:29 +0000
ROA not before: Tue 17 Mar 2026 15:17:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.181.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fc:5f:9a:c0:f4:2d:1e:e3:3a:45:11:b1:0b:70:1e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Mar 17 15:17:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=24d6426126f4797d8b880870616afbf765596329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9e:e0:0f:1d:d0:85:99:df:3d:bf:89:c3:ea:
f5:20:04:d5:37:c4:8a:25:88:c2:f3:a9:2a:9b:72:
5f:87:b3:e5:e6:71:40:b9:0e:f8:7d:f7:fe:51:ec:
bc:19:56:4a:f6:b7:e9:39:dc:97:d2:93:e5:17:c7:
db:b9:e5:de:70:8f:37:f7:e9:06:72:2e:69:f2:37:
0a:11:05:da:89:b5:49:88:b9:d0:6f:67:f3:4a:f5:
e9:bc:3d:be:f2:79:70:48:14:a4:9a:fd:e1:a8:be:
77:f4:4a:91:67:f4:07:45:b7:c8:3a:4a:dc:b6:22:
d9:e5:53:94:75:97:fd:ac:83:f6:ab:cb:76:7e:23:
86:d3:9e:f1:63:c9:a9:71:ba:6f:b5:0a:f3:03:7e:
c1:0f:a7:5e:d5:fc:ce:45:5d:1c:9f:05:f8:1f:ea:
2e:a6:5b:20:54:90:ae:5f:d8:03:d6:be:9e:f8:34:
80:e5:e4:59:c3:7a:ed:f0:1c:e3:d1:3a:5a:95:90:
bf:0f:fd:0f:13:35:d3:59:c3:95:e0:b1:1a:0f:c4:
92:a3:3a:44:64:e1:c5:53:b7:25:fc:8f:9a:74:33:
66:88:66:6f:53:69:fc:91:c3:15:d1:06:7a:a5:f7:
29:27:fc:66:ee:56:e7:89:9e:cd:d2:01:d5:1d:1c:
77:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D6:42:61:26:F4:79:7D:8B:88:08:70:61:6A:FB:F7:65:59:63:29
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/JNZCYSb0eX2LiAhwYWr792VZYyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.39.97.0/24
93.113.70.0/24
93.119.144.0/24
93.119.201.0/24
188.208.124.0/24
188.214.136.0/24
188.214.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:7c:b0:32:16:d6:6c:ae:1f:67:91:32:a3:55:3f:09:72:82:
19:ba:42:d9:7e:94:9d:0f:df:51:ee:31:b8:7d:fa:73:fd:d8:
f4:91:c2:be:8c:fb:bf:a5:57:46:70:c5:59:7a:ee:04:d8:da:
e1:8c:28:eb:65:e2:af:91:e5:6a:53:4b:a2:cd:cf:12:3b:22:
08:e2:42:5f:af:2a:8b:51:c6:3c:00:01:5d:d6:1a:e9:fe:81:
25:bc:b1:c6:ff:3f:75:63:24:23:f5:e0:a6:0d:22:b1:69:5d:
36:04:53:ee:99:c0:fe:59:88:e6:e7:65:b0:b6:a1:ce:c2:f2:
1a:37:e5:a6:a3:a9:95:5f:ad:43:d3:59:03:67:5d:5b:bf:ca:
ab:b1:b5:02:d7:f8:9e:99:d6:05:36:c8:a7:b2:92:e3:60:49:
67:0b:28:78:9e:09:62:99:4d:e5:61:6f:e6:9b:a6:7d:17:3c:
89:cc:bf:22:81:43:ba:98:38:67:84:be:d8:9f:f2:a4:d7:37:
63:27:e1:63:a2:f6:4b:0d:25:5d:a4:81:5d:a5:02:90:1d:38:
09:5f:e2:3e:00:f1:2b:7d:d0:63:f6:ef:b1:81:a8:39:3b:31:
37:4d:b9:4c:d9:71:4e:74:91:58:8a:be:ee:e7:8c:6f:e2:f4:
f4:03:0c:41
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZz8X5rA9C0e4zpFEbELcB4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjYwMzE3MTUxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQ2NDI2MTI2ZjQ3OTdkOGI4ODA4NzA2MTZhZmJmNzY1NTk2MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ7gDx3QhZnfPb+Jw+r1IATVN8SK
JYjC86kqm3Jfh7Pl5nFAuQ74fff+Uey8GVZK9rfpOdyX0pPlF8fbueXecI839+kG
ci5p8jcKEQXaibVJiLnQb2fzSvXpvD2+8nlwSBSkmv3hqL539EqRZ/QHRbfIOkrc
tiLZ5VOUdZf9rIP2q8t2fiOG057xY8mpcbpvtQrzA37BD6de1fzORV0cnwX4H+ou
plsgVJCuX9gD1r6e+DSA5eRZw3rt8Bzj0TpalZC/D/0PEzXTWcOV4LEaD8SSozpE
ZOHFU7cl/I+adDNmiGZvU2n8kcMV0QZ6pfcpJ/xm7lbniZ7N0gHVHRx37wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCTWQmEm9Hl9i4gIcGFq+/dlWWMpMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvSk5aQ1lTYjBlWDJMaUFod1lXcjc5MlZaWXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVcy1AwQA
Vmk6AwQAVmnTAwQAVmukAwQAWSdhAwQAXXFGAwQAXXeQAwQAXXfJAwQAvNB8AwQA
vNaIAwQAvNaLMA0GCSqGSIb3DQEBCwUAA4IBAQBvfLAyFtZsrh9nkTKjVT8JcoIZ
ukLZfpSdD99R7jG4ffpz/dj0kcK+jPu/pVdGcMVZeu4E2NrhjCjrZeKvkeVqU0ui
zc8SOyII4kJfryqLUcY8AAFd1hrp/oElvLHG/z91YyQj9eCmDSKxaV02BFPumcD+
WYjm52WwtqHOwvIaN+Wmo6mVX61D01kDZ11bv8qrsbUC1/iemdYFNsinspLjYEln
Cyh4nglimU3lYW/mm6Z9FzyJzL8igUO6mDhnhL7Yn/Kk1zdjJ+FjovZLDSVdpIFd
pQKQHTgJX+I+APErfdBj9u+xgag5OzE3TblM2XFOdJFYir7u54xv4vT0AwxB
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:40:59 2026 by rpki-client