Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/ljZjgEZ9hW8cqxzlDtOAe4H1ql4.roa
File: ljZjgEZ9hW8cqxzlDtOAe4H1ql4.roa (raw, json)
Hash identifier: Z1WL6d9QfuUEoOquGksnlFUMW7fVN0+PQc/OczyRZHI=
Subject key identifier: 96:36:63:80:46:7D:85:6F:1C:AB:1C:E5:0E:D3:80:7B:81:F5:AA:5E
Certificate issuer: /CN=f2386c3c51e915676fd91302acb9dcbb99e8f14c
Certificate serial: 019D684416AABE701E6A2A1DCAFFC44F70DC
Authority key identifier: F2:38:6C:3C:51:E9:15:67:6F:D9:13:02:AC:B9:DC:BB:99:E8:F1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8jhsPFHpFWdv2RMCrLncu5no8Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/ljZjgEZ9hW8cqxzlDtOAe4H1ql4.roa
Signing time: Tue 07 Apr 2026 14:06:25 +0000
ROA not before: Tue 07 Apr 2026 14:06:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205460
IP address blocks: 185.218.8.0/24 maxlen: 24
185.218.9.0/24 maxlen: 24
185.218.10.0/24 maxlen: 24
185.218.11.0/24 maxlen: 24
192.175.1.0/24 maxlen: 24
194.55.140.0/24 maxlen: 24
194.55.141.0/24 maxlen: 24
194.55.142.0/24 maxlen: 24
194.55.143.0/24 maxlen: 24
2a09:c380:0:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/8jhsPFHpFWdv2RMCrLncu5no8Uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/8jhsPFHpFWdv2RMCrLncu5no8Uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8jhsPFHpFWdv2RMCrLncu5no8Uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:44:16:aa:be:70:1e:6a:2a:1d:ca:ff:c4:4f:70:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2386c3c51e915676fd91302acb9dcbb99e8f14c
Validity
Not Before: Apr 7 14:06:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96366380467d856f1cab1ce50ed3807b81f5aa5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:42:27:91:a2:c5:f9:ca:58:24:69:c5:9c:
7f:ba:7e:7d:63:eb:7e:d7:2a:cb:97:b6:89:ec:79:
1b:22:8a:61:9a:b4:f9:5a:d0:a0:f7:74:a3:e8:d1:
2a:b7:5e:ff:9a:10:c7:85:42:a1:f5:8b:70:ce:2f:
79:64:0a:50:f2:76:3f:cd:be:0f:47:51:d5:12:46:
e9:a7:42:86:d5:58:ea:b3:ba:e4:01:c0:53:ff:8f:
1a:d9:12:b4:11:3d:a7:d2:f4:53:c7:23:05:3e:1b:
2e:cd:a6:95:37:a6:a7:7e:21:ab:35:d1:66:d1:28:
84:96:0f:c4:cf:85:16:bf:b0:f2:12:89:82:5f:9c:
cf:1d:6e:c1:e5:2b:e6:8b:f8:83:66:06:c2:81:e7:
7e:32:46:0c:00:f9:6f:ac:62:78:6e:5b:e9:62:cb:
2d:dc:02:1a:75:f1:b4:75:8f:c5:50:09:31:49:dd:
a2:db:8d:c1:c6:7d:56:9f:1b:76:13:34:6d:ad:00:
a8:84:6d:d8:67:ef:f7:47:1d:1d:d3:d6:5b:3b:89:
d9:ad:47:0f:8c:ea:1a:79:1d:5f:cb:b5:10:2c:b7:
4a:41:91:c5:6c:bb:44:5d:a7:35:1b:a3:78:d0:65:
18:e7:29:0d:80:65:3e:10:bf:3b:fa:e9:b9:dc:a0:
28:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:36:63:80:46:7D:85:6F:1C:AB:1C:E5:0E:D3:80:7B:81:F5:AA:5E
X509v3 Authority Key Identifier:
keyid:F2:38:6C:3C:51:E9:15:67:6F:D9:13:02:AC:B9:DC:BB:99:E8:F1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8jhsPFHpFWdv2RMCrLncu5no8Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/ljZjgEZ9hW8cqxzlDtOAe4H1ql4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f1f385-aeaf-4875-b4f5-d21c5fd73532/1/8jhsPFHpFWdv2RMCrLncu5no8Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.8.0/22
192.175.1.0/24
194.55.140.0/22
IPv6:
2a09:c380:0:1::/64
Signature Algorithm: sha256WithRSAEncryption
cd:33:bc:63:ea:6d:f4:9f:c2:0d:fb:e1:a2:45:f3:6b:40:ff:
c8:92:54:20:ea:ca:5d:a3:d4:5c:49:8c:0d:e6:32:25:66:d4:
93:db:60:a6:9d:73:87:b6:8a:3e:8a:3f:ac:0a:aa:90:35:c8:
43:a8:d1:94:63:fa:ee:08:16:d0:42:fa:c3:4f:42:72:30:73:
64:c0:38:a1:9a:36:10:26:be:6d:52:30:e4:e3:e1:36:b1:a6:
e4:35:b3:1f:c0:30:95:75:f2:ed:ac:ce:6c:19:51:1f:e7:fd:
92:cf:03:9b:b0:a4:d6:99:d3:9e:82:7c:ae:6f:c8:20:50:2c:
ed:1c:e2:7e:4e:23:65:a1:08:e0:f5:4b:aa:ef:12:1c:a9:62:
13:4c:5e:9f:4c:83:73:4a:d8:34:70:ce:81:61:b1:78:3f:72:
13:b4:72:85:11:48:78:ce:c5:ec:48:18:f3:69:89:d9:2a:b1:
fe:77:a2:01:7b:2a:f6:7f:56:68:e9:ab:cf:7a:50:12:f1:ba:
25:dd:cf:18:90:0d:e2:b4:a1:22:b4:7d:6c:c9:79:ad:bd:2c:
5b:7e:02:ac:4b:94:24:c6:73:c6:21:ce:e0:93:1b:b2:23:b4:
03:40:20:22:a4:38:52:2d:94:a7:f0:17:7e:5d:31:33:fb:1f:
fd:40:88:2b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ1oRBaqvnAeaiodyv/ET3DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMzg2YzNjNTFlOTE1Njc2ZmQ5MTMwMmFjYjlkY2JiOTll
OGYxNGMwHhcNMjYwNDA3MTQwNjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM2NjM4MDQ2N2Q4NTZmMWNhYjFjZTUwZWQzODA3YjgxZjVhYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFNCJ5GixfnKWCRpxZx/un59Y+t+
1yrLl7aJ7HkbIophmrT5WtCg93Sj6NEqt17/mhDHhUKh9Ytwzi95ZApQ8nY/zb4P
R1HVEkbpp0KG1Vjqs7rkAcBT/48a2RK0ET2n0vRTxyMFPhsuzaaVN6anfiGrNdFm
0SiElg/Ez4UWv7DyEomCX5zPHW7B5Svmi/iDZgbCged+MkYMAPlvrGJ4blvpYsst
3AIadfG0dY/FUAkxSd2i243Bxn1Wnxt2EzRtrQCohG3YZ+/3Rx0d09ZbO4nZrUcP
jOoaeR1fy7UQLLdKQZHFbLtEXac1G6N40GUY5ykNgGU+EL87+um53KAoQQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJY2Y4BGfYVvHKsc5Q7TgHuB9apeMB8GA1UdIwQY
MBaAFPI4bDxR6RVnb9kTAqy53LuZ6PFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGpoc1BGSHBGV2R2MlJNQ3JMbmN1NW5vOFV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mMWYzODUtYWVhZi00ODc1LWI0ZjUt
ZDIxYzVmZDczNTMyLzEvbGpaamdFWjloVzhjcXh6bER0T0FlNEgxcWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mMWYzODUtYWVhZi00ODc1LWI0ZjUtZDIxYzVmZDczNTMy
LzEvOGpoc1BGSHBGV2R2MlJNQ3JMbmN1NW5vOFV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAYBAIAATASAwQCudoIAwQA
wK8BAwQCwjeMMBEEAgACMAsDCQAqCcOAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEA
zTO8Y+pt9J/CDfvhokXza0D/yJJUIOrKXaPUXEmMDeYyJWbUk9tgpp1zh7aKPoo/
rAqqkDXIQ6jRlGP67ggW0EL6w09CcjBzZMA4oZo2ECa+bVIw5OPhNrGm5DWzH8Aw
lXXy7azObBlRH+f9ks8Dm7Ck1pnTnoJ8rm/IIFAs7Rzifk4jZaEI4PVLqu8SHKli
E0xen0yDc0rYNHDOgWGxeD9yE7RyhRFIeM7F7EgY82mJ2Sqx/neiAXsq9n9WaOmr
z3pQEvG6Jd3PGJAN4rShIrR9bMl5rb0sW34CrEuUJMZzxiHO4JMbsiO0A0AgIqQ4
Ui2Up/AXfl0xM/sf/UCIKw==
-----END CERTIFICATE-----
Generated at Wed May 13 05:48:20 2026 by rpki-client