Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/JYgzUyiaZYs05bVlx3hglGkBd1Q.roa
File: JYgzUyiaZYs05bVlx3hglGkBd1Q.roa (raw, json)
Hash identifier: BMikKwWOpzTQc4z6QjV3HCSDgmz4fqzntIpupmntBpk=
Subject key identifier: 25:88:33:53:28:9A:65:8B:34:E5:B5:65:C7:78:60:94:69:01:77:54
Certificate issuer: /CN=f635c74dab524f3ef6c96b68be995c3025cf0fe0
Certificate serial: 019C94EC6780D649500F7902F0EA000D59DE
Authority key identifier: F6:35:C7:4D:AB:52:4F:3E:F6:C9:6B:68:BE:99:5C:30:25:CF:0F:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9jXHTatSTz72yWtovplcMCXPD-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/JYgzUyiaZYs05bVlx3hglGkBd1Q.roa
Signing time: Wed 25 Feb 2026 13:10:46 +0000
ROA not before: Wed 25 Feb 2026 13:10:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44489
IP address blocks: 195.88.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/9jXHTatSTz72yWtovplcMCXPD-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/9jXHTatSTz72yWtovplcMCXPD-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/9jXHTatSTz72yWtovplcMCXPD-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:ec:67:80:d6:49:50:0f:79:02:f0:ea:00:0d:59:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f635c74dab524f3ef6c96b68be995c3025cf0fe0
Validity
Not Before: Feb 25 13:10:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25883353289a658b34e5b565c778609469017754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5f:62:6c:62:06:16:ea:30:2b:c6:c8:55:97:
50:39:40:c1:76:c8:c6:f7:50:b0:29:68:2d:f8:2e:
cb:18:32:5f:4b:2f:7f:e5:d8:89:ff:61:c8:84:7f:
e6:a0:16:09:41:db:56:30:43:0d:07:55:3b:32:57:
bc:6e:39:17:bb:de:0f:7d:eb:d5:8b:fa:09:a8:36:
f5:98:2d:f3:45:04:1b:a6:33:02:c7:ef:73:a4:9f:
a0:ff:02:c4:2e:77:65:9e:fa:de:6e:10:98:a5:9a:
f2:60:d8:52:1b:87:95:3b:e0:44:5f:ba:9b:8c:dd:
11:ab:8e:03:83:d9:d7:0f:6f:1e:0f:ab:df:9b:66:
59:65:d5:2f:07:ab:74:a2:fb:a5:0e:50:2d:0b:d7:
fc:95:7e:02:b4:ea:f0:f0:1c:f7:5f:15:e8:8f:b5:
ca:ff:0d:df:7e:6c:b3:76:72:13:ba:08:b3:bd:c9:
f7:30:b6:7a:1b:d6:cd:1d:da:95:cb:b6:5e:5c:61:
e1:fd:23:08:30:7a:e9:97:f3:e0:e9:cf:80:8b:76:
37:d3:7b:35:54:e9:bc:75:1d:3d:d2:34:db:1c:e8:
92:37:dc:f3:ed:09:ea:8b:86:e4:08:b8:7e:b2:ff:
e7:b0:6e:e4:a4:68:a1:c2:7c:2e:5b:95:d8:d6:19:
1a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:88:33:53:28:9A:65:8B:34:E5:B5:65:C7:78:60:94:69:01:77:54
X509v3 Authority Key Identifier:
keyid:F6:35:C7:4D:AB:52:4F:3E:F6:C9:6B:68:BE:99:5C:30:25:CF:0F:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9jXHTatSTz72yWtovplcMCXPD-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/JYgzUyiaZYs05bVlx3hglGkBd1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/90e80b-402c-4a6d-9737-a8f918435543/1/9jXHTatSTz72yWtovplcMCXPD-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.142.0/23
Signature Algorithm: sha256WithRSAEncryption
95:55:e8:48:d7:fa:81:04:31:ba:98:4b:25:12:00:14:0c:e9:
da:4a:4f:bc:69:66:a1:65:ab:7f:7c:ad:ec:87:07:39:30:4c:
23:09:eb:44:02:dd:81:04:f5:dd:ac:28:76:35:2f:3e:45:89:
b8:38:20:53:7c:d9:80:f7:3a:3a:d5:14:4a:d6:37:41:a2:90:
91:f6:72:ba:a5:8c:bc:24:b5:85:b1:1a:9d:7b:ad:5d:81:de:
fc:e8:17:17:65:ef:47:e8:16:ac:74:67:51:95:50:48:5a:e4:
06:b6:14:e1:a0:b5:cb:07:ad:1c:89:93:3e:e2:8f:cb:63:09:
07:b2:31:c5:7c:bd:82:1b:8c:e8:2b:b1:d9:10:d6:b5:4a:b1:
ac:2d:00:9d:9b:05:b3:e3:f6:fe:c3:fc:91:f7:8b:07:26:35:
9b:e5:e3:8b:0c:81:37:6b:d0:d6:a8:c2:23:d7:67:60:64:68:
1e:fa:30:bb:06:97:ae:c2:c7:24:a1:0d:c2:b0:e2:18:98:03:
e5:74:0b:bc:9c:e7:6e:b5:7a:07:00:93:97:4b:40:36:4b:84:
0f:42:64:43:9e:d9:c1:d2:17:43:8e:60:a3:3b:41:b9:1b:04:
1b:e4:37:ba:ff:59:9e:e8:85:ba:34:e4:13:4c:d4:eb:89:0e:
4a:f8:ad:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyU7GeA1klQD3kC8OoADVneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MzVjNzRkYWI1MjRmM2VmNmM5NmI2OGJlOTk1YzMwMjVj
ZjBmZTAwHhcNMjYwMjI1MTMxMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTg4MzM1MzI4OWE2NThiMzRlNWI1NjVjNzc4NjA5NDY5MDE3NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF9ibGIGFuowK8bIVZdQOUDBdsjG
91CwKWgt+C7LGDJfSy9/5diJ/2HIhH/moBYJQdtWMEMNB1U7Mle8bjkXu94PfevV
i/oJqDb1mC3zRQQbpjMCx+9zpJ+g/wLELndlnvrebhCYpZryYNhSG4eVO+BEX7qb
jN0Rq44Dg9nXD28eD6vfm2ZZZdUvB6t0ovulDlAtC9f8lX4CtOrw8Bz3XxXoj7XK
/w3ffmyzdnITugizvcn3MLZ6G9bNHdqVy7ZeXGHh/SMIMHrpl/Pg6c+Ai3Y303s1
VOm8dR090jTbHOiSN9zz7Qnqi4bkCLh+sv/nsG7kpGihwnwuW5XY1hka9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWIM1MommWLNOW1Zcd4YJRpAXdUMB8GA1UdIwQY
MBaAFPY1x02rUk8+9slraL6ZXDAlzw/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpYSFRhdFNUejcyeVd0b3ZwbGNNQ1hQRC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85MGU4MGItNDAyYy00YTZkLTk3Mzct
YThmOTE4NDM1NTQzLzEvSllnelV5aWFaWXMwNWJWbHgzaGdsR2tCZDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85MGU4MGItNDAyYy00YTZkLTk3MzctYThmOTE4NDM1NTQz
LzEvOWpYSFRhdFNUejcyeVd0b3ZwbGNNQ1hQRC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1iOMA0G
CSqGSIb3DQEBCwUAA4IBAQCVVehI1/qBBDG6mEslEgAUDOnaSk+8aWahZat/fK3s
hwc5MEwjCetEAt2BBPXdrCh2NS8+RYm4OCBTfNmA9zo61RRK1jdBopCR9nK6pYy8
JLWFsRqde61dgd786BcXZe9H6BasdGdRlVBIWuQGthThoLXLB60ciZM+4o/LYwkH
sjHFfL2CG4zoK7HZENa1SrGsLQCdmwWz4/b+w/yR94sHJjWb5eOLDIE3a9DWqMIj
12dgZGge+jC7BpeuwsckoQ3CsOIYmAPldAu8nOdutXoHAJOXS0A2S4QPQmRDntnB
0hdDjmCjO0G5GwQb5De6/1me6IW6NOQTTNTriQ5K+K0R
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:14:31 2026 by rpki-client