Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/us20DoJCXsVZzbd3x5fHyF61Jik.roa
File: us20DoJCXsVZzbd3x5fHyF61Jik.roa (raw, json)
Hash identifier: 1tw/rfH56Z411UghhNhBV3Cnovjrc0BrKALUNfjqvrI=
Subject key identifier: BA:CD:B4:0E:82:42:5E:C5:59:CD:B7:77:C7:97:C7:C8:5E:B5:26:29
Certificate issuer: /CN=25907f90d9f9d902fcf04bd0b46152c3827a7d50
Certificate serial: 019C68693B3F7EA8D77CC72F2AC386D666A9
Authority key identifier: 25:90:7F:90:D9:F9:D9:02:FC:F0:4B:D0:B4:61:52:C3:82:7A:7D:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZB_kNn52QL88EvQtGFSw4J6fVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/us20DoJCXsVZzbd3x5fHyF61Jik.roa
Signing time: Mon 16 Feb 2026 21:44:12 +0000
ROA not before: Mon 16 Feb 2026 21:44:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199393
IP address blocks: 194.169.183.0/24 maxlen: 24
2a13:c480::/48 maxlen: 48
2a13:c480:1::/48 maxlen: 48
2a13:c480:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/JZB_kNn52QL88EvQtGFSw4J6fVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/JZB_kNn52QL88EvQtGFSw4J6fVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZB_kNn52QL88EvQtGFSw4J6fVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:68:69:3b:3f:7e:a8:d7:7c:c7:2f:2a:c3:86:d6:66:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25907f90d9f9d902fcf04bd0b46152c3827a7d50
Validity
Not Before: Feb 16 21:44:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bacdb40e82425ec559cdb777c797c7c85eb52629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2d:6e:e5:33:c6:c3:4b:16:82:6e:d8:8a:c9:
21:28:6a:fb:ef:8a:9a:f0:f9:5e:4f:74:8c:cb:ed:
67:06:58:f5:14:b4:9e:f1:9c:26:1a:81:e0:0b:ec:
1a:59:d1:31:9f:cf:0b:ec:7e:99:55:53:11:00:dc:
e7:ec:cd:75:54:32:a9:f0:32:92:ae:99:7f:22:f8:
c0:8c:df:80:88:a8:78:7c:1a:9c:4a:8f:6c:0a:ce:
18:20:40:21:21:43:c4:f7:2d:74:25:8d:47:51:25:
61:03:7e:e9:f3:7c:b0:63:12:ef:06:00:ee:aa:31:
7c:63:13:fe:4f:1c:90:8c:3a:a3:eb:2e:2f:19:d6:
81:9f:56:2e:40:46:d6:d5:f4:f3:83:b7:f2:3e:c6:
c9:5b:53:fe:85:f7:c5:f7:13:7d:68:66:cd:cc:24:
84:3e:7c:87:94:68:f2:16:34:35:37:ec:97:22:e4:
16:da:f5:38:9a:44:29:6c:29:d5:d3:c8:0b:b4:d1:
b3:81:fd:a9:a5:7b:38:1f:61:9a:e5:9f:0d:f7:e0:
cc:c0:ef:6c:22:09:5e:18:cd:2a:15:67:11:05:43:
6d:31:32:bd:32:67:f5:40:13:1c:b9:bd:a4:ca:6c:
f2:7d:2b:9e:25:7e:de:59:42:50:c3:2d:5d:f6:56:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CD:B4:0E:82:42:5E:C5:59:CD:B7:77:C7:97:C7:C8:5E:B5:26:29
X509v3 Authority Key Identifier:
keyid:25:90:7F:90:D9:F9:D9:02:FC:F0:4B:D0:B4:61:52:C3:82:7A:7D:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZB_kNn52QL88EvQtGFSw4J6fVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/us20DoJCXsVZzbd3x5fHyF61Jik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/dd1ec7-3446-4709-b93c-089c89ef63c8/1/JZB_kNn52QL88EvQtGFSw4J6fVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.183.0/24
IPv6:
2a13:c480::-2a13:c480:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c4:09:5c:9f:48:cc:fe:68:d2:6e:d8:89:ef:94:c1:e4:0c:81:
6a:56:66:b6:6a:07:59:65:b5:45:9d:45:54:34:6a:d4:92:82:
70:14:66:be:3a:65:f6:d3:4c:7c:54:ca:9e:b7:a4:5c:6d:6f:
0a:8e:9a:4a:01:12:98:4e:cb:bf:9a:77:00:5c:4d:a1:0f:ca:
e0:03:ec:19:7a:37:e0:29:0d:00:5f:32:43:4e:32:05:1f:bf:
e8:e8:5c:04:10:a6:ef:48:db:57:cd:1a:2e:dc:65:ee:23:38:
1b:b4:07:f5:19:48:0f:be:8d:67:44:94:da:d6:65:6c:a3:0d:
5f:55:b0:ba:6c:ae:ae:6b:70:51:00:0f:98:c8:fa:65:06:b4:
8d:16:d4:5a:64:53:5a:ab:a7:4d:91:05:3a:b8:99:02:0a:75:
0e:c6:49:09:9e:2a:14:6b:ae:6a:88:53:9c:be:cb:f7:d6:1b:
59:27:f7:35:97:e6:b6:2d:73:74:77:1c:38:b2:7c:a6:74:e5:
08:31:9a:84:7b:1c:75:fa:e7:61:ea:ab:3a:07:ef:49:b2:a2:
cc:90:6b:2b:04:5d:c1:bc:52:2d:97:02:a7:be:31:bd:92:c4:
73:65:35:19:ba:28:95:82:7e:37:61:0f:58:72:6e:2e:b5:01:
f9:3b:ab:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZxoaTs/fqjXfMcvKsOG1mapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTA3ZjkwZDlmOWQ5MDJmY2YwNGJkMGI0NjE1MmMzODI3
YTdkNTAwHhcNMjYwMjE2MjE0NDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNkYjQwZTgyNDI1ZWM1NTljZGI3NzdjNzk3YzdjODVlYjUyNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i1u5TPGw0sWgm7YiskhKGr774qa
8PleT3SMy+1nBlj1FLSe8ZwmGoHgC+waWdExn88L7H6ZVVMRANzn7M11VDKp8DKS
rpl/IvjAjN+AiKh4fBqcSo9sCs4YIEAhIUPE9y10JY1HUSVhA37p83ywYxLvBgDu
qjF8YxP+TxyQjDqj6y4vGdaBn1YuQEbW1fTzg7fyPsbJW1P+hffF9xN9aGbNzCSE
PnyHlGjyFjQ1N+yXIuQW2vU4mkQpbCnV08gLtNGzgf2ppXs4H2Ga5Z8N9+DMwO9s
IgleGM0qFWcRBUNtMTK9Mmf1QBMcub2kymzyfSueJX7eWUJQwy1d9lZtvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLrNtA6CQl7FWc23d8eXx8hetSYpMB8GA1UdIwQY
MBaAFCWQf5DZ+dkC/PBL0LRhUsOCen1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpCX2tObjUyUUw4OEV2UXRHRlN3NEo2ZlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZDFlYzctMzQ0Ni00NzA5LWI5M2Mt
MDg5Yzg5ZWY2M2M4LzEvdXMyMERvSkNYc1ZaemJkM3g1Zkh5RjYxSmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZDFlYzctMzQ0Ni00NzA5LWI5M2MtMDg5Yzg5ZWY2M2M4
LzEvSlpCX2tObjUyUUw4OEV2UXRHRlN3NEo2ZlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwqm3MBgE
AgACMBIwEAMFByoTxIADBwAqE8SAAAIwDQYJKoZIhvcNAQELBQADggEBAMQJXJ9I
zP5o0m7Yie+UweQMgWpWZrZqB1lltUWdRVQ0atSSgnAUZr46ZfbTTHxUyp63pFxt
bwqOmkoBEphOy7+adwBcTaEPyuAD7Bl6N+ApDQBfMkNOMgUfv+joXAQQpu9I21fN
Gi7cZe4jOBu0B/UZSA++jWdElNrWZWyjDV9VsLpsrq5rcFEAD5jI+mUGtI0W1Fpk
U1qrp02RBTq4mQIKdQ7GSQmeKhRrrmqIU5y+y/fWG1kn9zWX5rYtc3R3HDiyfKZ0
5QgxmoR7HHX652HqqzoH70myosyQaysEXcG8Ui2XAqe+Mb2SxHNlNRm6KJWCfjdh
D1hybi61Afk7q2A=
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:01:49 2026 by rpki-client