Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jmU3X9wtIzN_JSDtowLcCCM19H8.roa
File: jmU3X9wtIzN_JSDtowLcCCM19H8.roa (raw, json)
Hash identifier: S2L4ZURPgwmG7O01WdgzZXSe8zghy5HBy1JAccDoloQ=
Subject key identifier: 8E:65:37:5F:DC:2D:23:33:7F:25:20:ED:A3:02:DC:08:23:35:F4:7F
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019D96DC6A17AE02F267BD4BD2B678172AC2
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jmU3X9wtIzN_JSDtowLcCCM19H8.roa
Signing time: Thu 16 Apr 2026 15:15:20 +0000
ROA not before: Thu 16 Apr 2026 15:15:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206604
IP address blocks: 2a0d:d940:5e0::/44 maxlen: 48
2a0d:d940:2005::/48 maxlen: 48
2a0d:d940:2007::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:dc:6a:17:ae:02:f2:67:bd:4b:d2:b6:78:17:2a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Apr 16 15:15:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e65375fdc2d23337f2520eda302dc082335f47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:38:81:e9:a1:ee:fc:f5:53:5e:d2:cd:c7:c3:
1a:7d:2c:7e:4a:3c:3b:53:c4:be:4a:f2:08:0d:23:
cc:20:64:d1:2e:27:35:20:11:bc:ca:72:1b:29:3c:
04:74:74:e3:08:df:d1:2d:89:20:88:21:1f:f6:21:
9b:ef:c0:fb:c5:c2:fa:ba:12:ec:f9:6a:c0:2e:5f:
3b:00:94:4a:f2:a9:9d:d9:26:c6:0d:db:8f:f9:d5:
84:f0:3e:74:df:95:91:17:af:d5:91:60:b8:e3:10:
4f:72:ab:b3:e2:9e:c4:8e:42:60:13:3b:9b:95:da:
0e:b7:75:1a:d2:d6:f0:6f:5c:8f:f7:22:96:5b:08:
d1:72:59:81:03:12:fa:b6:ed:ec:dc:1d:4d:29:ff:
0e:ef:88:aa:f7:82:59:92:6d:16:49:2b:fe:b8:7d:
ef:00:12:80:98:52:42:0b:25:a0:bf:cb:5c:a2:6b:
74:11:0c:5c:81:d4:b3:8d:29:0b:e9:70:57:52:9d:
15:17:43:7b:3b:49:18:dc:65:00:98:78:dd:7d:82:
dd:82:32:5d:6c:7f:3b:7a:e6:ca:b1:78:c9:c9:82:
8a:89:0c:2d:5e:dc:fa:4e:e0:b9:58:d5:e9:1c:a1:
ba:18:d2:49:87:0b:8f:c8:00:6e:e3:8a:77:e4:a1:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:65:37:5F:DC:2D:23:33:7F:25:20:ED:A3:02:DC:08:23:35:F4:7F
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jmU3X9wtIzN_JSDtowLcCCM19H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:5e0::/44
2a0d:d940:2005::/48
2a0d:d940:2007::/48
Signature Algorithm: sha256WithRSAEncryption
0e:a6:9b:7e:0f:08:e6:30:85:e7:a2:84:92:9f:be:63:ae:86:
a6:c8:88:06:34:85:fd:a8:66:64:0d:e7:8a:5a:71:ed:57:ad:
c4:d9:b0:4d:b4:1d:db:41:cd:44:d3:53:81:28:bc:1d:a9:e1:
7b:6c:52:c8:83:29:be:35:cb:73:1c:f7:c2:28:9d:ab:43:1d:
81:84:79:cb:74:85:71:e7:48:c1:0c:c0:a4:08:1d:7b:eb:e5:
8e:56:91:da:26:9d:80:5c:87:b6:7a:ce:18:86:3c:14:06:6e:
59:2c:e1:25:f5:3d:8d:03:98:94:4c:f1:3d:7f:3c:93:a5:fc:
bf:6e:41:92:d3:a6:45:f6:46:a8:fb:b5:f0:dd:b1:e8:44:23:
c2:ce:61:fa:c2:f8:45:c8:4a:c8:80:91:0d:dc:75:1c:5d:44:
51:ab:46:e9:4c:6e:74:b1:24:e8:73:10:f6:95:6b:e9:0a:75:
c6:3a:24:9d:38:0e:f2:44:9b:77:0e:8a:56:5a:81:c6:2f:2f:
a0:c0:76:d4:72:5e:c3:90:e2:e7:06:11:15:3c:52:4f:6c:85:
3f:4c:b8:cb:4c:b8:b5:d2:02:4e:dd:a8:2e:b9:83:cf:61:aa:
be:16:a9:cb:8d:ac:d4:02:d3:96:19:5f:f0:0f:0c:e1:50:2e:
ff:dc:12:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ2W3GoXrgLyZ71L0rZ4FyrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNDE2MTUxNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTY1Mzc1ZmRjMmQyMzMzN2YyNTIwZWRhMzAyZGMwODIzMzVmNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTiB6aHu/PVTXtLNx8MafSx+Sjw7
U8S+SvIIDSPMIGTRLic1IBG8ynIbKTwEdHTjCN/RLYkgiCEf9iGb78D7xcL6uhLs
+WrALl87AJRK8qmd2SbGDduP+dWE8D5035WRF6/VkWC44xBPcquz4p7EjkJgEzub
ldoOt3Ua0tbwb1yP9yKWWwjRclmBAxL6tu3s3B1NKf8O74iq94JZkm0WSSv+uH3v
ABKAmFJCCyWgv8tcomt0EQxcgdSzjSkL6XBXUp0VF0N7O0kY3GUAmHjdfYLdgjJd
bH87eubKsXjJyYKKiQwtXtz6TuC5WNXpHKG6GNJJhwuPyABu44p35KGqvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI5lN1/cLSMzfyUg7aMC3AgjNfR/MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvam1VM1g5d3RJek5fSlNEdG93TGNDQ00xOUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg3ZQAXg
AwcAKg3ZQCAFAwcAKg3ZQCAHMA0GCSqGSIb3DQEBCwUAA4IBAQAOppt+DwjmMIXn
ooSSn75jroamyIgGNIX9qGZkDeeKWnHtV63E2bBNtB3bQc1E01OBKLwdqeF7bFLI
gym+NctzHPfCKJ2rQx2BhHnLdIVx50jBDMCkCB176+WOVpHaJp2AXIe2es4YhjwU
Bm5ZLOEl9T2NA5iUTPE9fzyTpfy/bkGS06ZF9kao+7Xw3bHoRCPCzmH6wvhFyErI
gJEN3HUcXURRq0bpTG50sSTocxD2lWvpCnXGOiSdOA7yRJt3DopWWoHGLy+gwHbU
cl7DkOLnBhEVPFJPbIU/TLjLTLi10gJO3aguuYPPYaq+FqnLjazUAtOWGV/wDwzh
UC7/3BKo
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:22 2026 by rpki-client