Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/JOrg_jS0vxQOIdFFBC6fcvYuyxE.roa
File: JOrg_jS0vxQOIdFFBC6fcvYuyxE.roa (raw, json)
Hash identifier: MGcUOYiphLUuihI9dKYr9Cy/Zku2Fvx0q3Nh003/scw=
Subject key identifier: 24:EA:E0:FE:34:B4:BF:14:0E:21:D1:45:04:2E:9F:72:F6:2E:CB:11
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D218F654F5AE7DC86E7D24EBFD44FA733
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/JOrg_jS0vxQOIdFFBC6fcvYuyxE.roa
Signing time: Tue 24 Mar 2026 20:35:38 +0000
ROA not before: Tue 24 Mar 2026 20:35:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 37.148.128.0/22 maxlen: 24
93.88.153.0/24 maxlen: 24
93.88.157.0/24 maxlen: 24
93.88.158.0/24 maxlen: 24
95.155.128.0/23 maxlen: 24
95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.133.0/24 maxlen: 24
95.155.136.0/24 maxlen: 24
95.155.137.0/24 maxlen: 24
95.155.145.0/24 maxlen: 24
95.155.146.0/23 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/23 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.152.0/22 maxlen: 24
95.155.160.0/20 maxlen: 24
95.155.176.0/21 maxlen: 24
152.89.84.0/24 maxlen: 24
152.89.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:8f:65:4f:5a:e7:dc:86:e7:d2:4e:bf:d4:4f:a7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 24 20:35:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=24eae0fe34b4bf140e21d145042e9f72f62ecb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:91:b8:69:01:94:02:a7:e9:1b:ca:0a:77:88:
11:5c:27:ce:c5:c2:ca:26:95:f8:da:cd:6f:c2:40:
00:37:2d:a5:16:43:66:79:89:d8:cc:62:47:e3:9e:
bb:da:cb:bc:97:82:89:3c:0b:49:f5:8c:70:e2:cb:
70:98:33:b4:f4:76:e4:e5:2f:22:f1:4a:ae:00:04:
2f:d8:01:01:26:9f:c2:b8:79:99:a2:68:6e:72:b3:
b9:58:08:73:f3:4e:b9:89:a6:00:05:17:f2:23:bb:
f8:2f:b1:ca:fb:61:07:5d:eb:be:d1:ef:19:ad:bf:
e4:f9:c4:c6:a9:f5:88:0d:64:99:23:2b:53:dd:2b:
e4:57:21:b2:8e:34:82:7e:4a:10:f3:50:ed:fb:3f:
bd:a8:b8:ec:c1:48:f3:b2:8b:63:a1:5e:4b:1b:09:
e6:a1:74:7e:f0:2a:a2:19:3d:e6:6c:8d:12:5d:c7:
3e:2d:47:0d:e7:4b:66:92:ed:18:53:bf:67:70:99:
d9:ee:50:ad:ad:68:e5:81:7a:56:92:1d:4f:73:78:
b7:29:b1:40:70:e3:52:bc:b9:dc:66:f0:d9:e2:dc:
33:ab:cb:d5:ef:3f:bf:91:6f:e4:30:ec:46:ed:cb:
d5:f2:4c:1e:0e:b9:bb:89:d8:d8:2a:6d:5a:98:6f:
52:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EA:E0:FE:34:B4:BF:14:0E:21:D1:45:04:2E:9F:72:F6:2E:CB:11
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/JOrg_jS0vxQOIdFFBC6fcvYuyxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.128.0/22
93.88.153.0/24
93.88.157.0-93.88.158.255
95.155.128.0/23
95.155.133.0/24
95.155.136.0/23
95.155.145.0-95.155.150.255
95.155.152.0/22
95.155.160.0-95.155.183.255
152.89.84.0/24
152.89.87.0/24
Signature Algorithm: sha256WithRSAEncryption
07:33:84:63:9d:95:68:d7:76:63:89:57:4a:2f:eb:b5:77:00:
b0:67:12:5f:c3:8a:89:fb:f7:09:01:6e:ca:fe:ba:5f:26:e9:
b3:5e:3d:05:35:e0:1f:b8:f3:66:8a:77:4a:54:3a:ca:36:ca:
1e:cc:24:0f:06:53:94:c2:ef:33:cf:35:4c:d4:93:e1:e7:26:
ea:99:82:83:cb:94:62:49:10:7f:c2:ae:48:13:4c:00:e5:ad:
13:be:2a:1a:95:e5:9b:57:f6:6b:16:87:1c:11:65:40:66:b1:
41:0c:ac:61:be:89:8d:13:66:3f:89:37:cf:b6:29:09:0a:04:
42:19:66:e4:e8:f6:af:5d:6f:2c:d7:eb:12:4b:d8:f3:df:f3:
93:10:5c:7c:d7:3f:b2:66:8f:59:a4:1a:21:eb:e6:66:9b:c6:
30:45:e6:7f:2e:71:3d:e2:bb:d9:60:99:5a:02:fc:8c:e5:22:
48:5d:e7:99:df:89:e0:b0:54:b2:50:0d:15:79:d5:79:9f:4a:
a7:42:99:e8:37:0c:54:02:1a:00:14:87:7f:bd:9c:7d:1f:28:
0c:c3:e4:0d:52:9f:bf:cd:92:eb:25:5f:89:77:42:3d:2f:98:
14:4b:e0:af:6a:a9:de:ac:1e:df:99:a9:b5:bf:f6:ce:2f:a4:
2f:cc:09:b9
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ0hj2VPWufchufSTr/UT6czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzI0MjAzNTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVhZTBmZTM0YjRiZjE0MGUyMWQxNDUwNDJlOWY3MmY2MmVjYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpG4aQGUAqfpG8oKd4gRXCfOxcLK
JpX42s1vwkAANy2lFkNmeYnYzGJH45672su8l4KJPAtJ9Yxw4stwmDO09Hbk5S8i
8UquAAQv2AEBJp/CuHmZomhucrO5WAhz8065iaYABRfyI7v4L7HK+2EHXeu+0e8Z
rb/k+cTGqfWIDWSZIytT3SvkVyGyjjSCfkoQ81Dt+z+9qLjswUjzsotjoV5LGwnm
oXR+8CqiGT3mbI0SXcc+LUcN50tmku0YU79ncJnZ7lCtrWjlgXpWkh1Pc3i3KbFA
cONSvLncZvDZ4twzq8vV7z+/kW/kMOxG7cvV8kweDrm7idjYKm1amG9SsQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCTq4P40tL8UDiHRRQQun3L2LssRMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvSk9yZ19qUzB2eFFPSWRGRkJDNmZjdll1eXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCJZSAAwQA
XViZMAwDBABdWJ0DBABdWJ4DBAFfm4ADBABfm4UDBAFfm4gwDAMEAF+bkQMEAF+b
lgMEAl+bmDAMAwQFX5ugAwQDX5uwAwQAmFlUAwQAmFlXMA0GCSqGSIb3DQEBCwUA
A4IBAQAHM4RjnZVo13ZjiVdKL+u1dwCwZxJfw4qJ+/cJAW7K/rpfJumzXj0FNeAf
uPNmindKVDrKNsoezCQPBlOUwu8zzzVM1JPh5ybqmYKDy5RiSRB/wq5IE0wA5a0T
vioaleWbV/ZrFoccEWVAZrFBDKxhvomNE2Y/iTfPtikJCgRCGWbk6PavXW8s1+sS
S9jz3/OTEFx81z+yZo9ZpBoh6+Zmm8YwReZ/LnE94rvZYJlaAvyM5SJIXeeZ34ng
sFSyUA0VedV5n0qnQpnoNwxUAhoAFId/vZx9HygMw+QNUp+/zZLrJV+Jd0I9L5gU
S+CvaqnerB7fmam1v/bOL6QvzAm5
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:00 2026 by rpki-client