Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/jzn_75xItj3KyIJmhhPYTg2Y6PQ.roa
File: jzn_75xItj3KyIJmhhPYTg2Y6PQ.roa (raw, json)
Hash identifier: ieKy1kXYNMahlm9LrSc0LnStC9m9sUgw5teAYjTCgaU=
Subject key identifier: 8F:39:FF:EF:9C:48:B6:3D:CA:C8:82:66:86:13:D8:4E:0D:98:E8:F4
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019D85D5946DD87276ED01D0CEA8A4EB3FDD
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/jzn_75xItj3KyIJmhhPYTg2Y6PQ.roa
Signing time: Mon 13 Apr 2026 07:54:20 +0000
ROA not before: Mon 13 Apr 2026 07:54:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62874
IP address blocks: 72.63.12.0/22 maxlen: 22
72.63.68.0/22 maxlen: 22
72.63.72.0/22 maxlen: 22
72.63.80.0/22 maxlen: 22
72.63.100.0/22 maxlen: 22
72.63.104.0/22 maxlen: 22
72.63.112.0/22 maxlen: 22
72.63.116.0/22 maxlen: 22
189.81.2.0/23 maxlen: 23
189.81.4.0/23 maxlen: 23
189.81.34.0/23 maxlen: 23
189.81.106.0/23 maxlen: 23
189.81.170.0/23 maxlen: 23
189.81.204.0/23 maxlen: 23
189.81.230.0/23 maxlen: 23
189.104.4.0/23 maxlen: 23
189.104.34.0/23 maxlen: 23
189.104.66.0/23 maxlen: 23
189.104.102.0/23 maxlen: 23
189.104.132.0/23 maxlen: 23
189.104.172.0/23 maxlen: 23
189.104.202.0/23 maxlen: 23
205.188.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:85:d5:94:6d:d8:72:76:ed:01:d0:ce:a8:a4:eb:3f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 13 07:54:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f39ffef9c48b63dcac882668613d84e0d98e8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:b7:45:49:6f:00:cb:96:d3:a6:83:ec:b6:
7f:99:aa:d7:28:c4:95:c6:f2:78:d5:d8:23:b9:de:
69:bf:b9:5e:43:f4:dc:e0:cc:e1:05:41:8c:2d:a4:
58:e9:65:1a:40:d2:0d:77:38:ea:23:fa:16:48:85:
cb:68:c7:ba:14:d4:66:93:47:b9:80:ae:fb:80:fc:
bc:2d:66:dd:12:5b:2c:35:71:69:6c:7e:b7:0d:74:
72:57:68:16:f9:f0:73:a7:22:f5:0a:e6:90:a4:70:
fc:ad:75:c5:52:79:35:6c:fc:57:60:97:04:c8:75:
73:86:8e:d7:e9:09:3f:a4:e1:bc:33:0b:e0:5d:8c:
0b:b4:cf:4e:0a:98:bf:87:a5:dd:c9:68:af:af:ab:
d1:53:6c:19:a2:94:b8:41:2e:90:b8:a7:ad:67:1a:
9e:f4:1c:d6:97:0f:61:a7:5f:02:54:1b:46:33:4f:
ae:43:4a:12:71:94:ea:29:a9:ee:5c:88:fc:2f:87:
30:7a:b0:fd:7c:d0:20:6b:18:8d:d3:f8:9b:e3:70:
66:ae:df:73:95:0b:9f:47:3f:dd:7a:93:15:b0:09:
e9:0d:ea:b7:f3:ac:a8:b0:39:8c:51:41:25:af:63:
e9:83:c6:a9:4a:77:41:a1:8b:94:51:82:f0:c5:71:
0c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:39:FF:EF:9C:48:B6:3D:CA:C8:82:66:86:13:D8:4E:0D:98:E8:F4
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/jzn_75xItj3KyIJmhhPYTg2Y6PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.12.0/22
72.63.68.0-72.63.75.255
72.63.80.0/22
72.63.100.0-72.63.107.255
72.63.112.0/21
189.81.2.0-189.81.5.255
189.81.34.0/23
189.81.106.0/23
189.81.170.0/23
189.81.204.0/23
189.81.230.0/23
189.104.4.0/23
189.104.34.0/23
189.104.66.0/23
189.104.102.0/23
189.104.132.0/23
189.104.172.0/23
189.104.202.0/23
205.188.140.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:72:c2:3a:63:89:80:9b:8c:65:0a:84:b8:81:b1:e6:19:24:
df:bd:0d:4f:da:a3:0c:89:89:c7:c5:1f:6b:f8:63:54:2d:20:
c8:81:87:08:06:fa:d4:05:a7:a8:08:85:80:94:0f:72:93:1a:
7c:18:dd:84:2e:58:77:91:0f:fb:0d:47:e2:5d:c8:87:05:a8:
0e:95:7c:44:d3:36:b0:bb:de:db:db:ce:6d:ba:82:8a:ff:e6:
07:c9:77:53:e5:97:e1:15:6d:64:39:d3:d0:44:7b:f2:65:a5:
36:b2:9c:79:bc:47:3e:62:2b:10:d5:e3:b4:9d:fb:75:89:0b:
a9:9f:83:7e:7a:61:02:b0:c9:4a:58:8d:2a:cc:39:9a:70:7c:
41:17:6b:0d:35:d1:47:52:54:06:8c:71:c4:fb:d9:9e:ed:fa:
0b:4b:e6:8d:c8:a4:8d:08:d7:fe:a4:b0:d9:71:0c:8f:37:2e:
a7:fb:be:6a:0e:82:fe:e9:2c:54:2a:ca:ea:6c:da:59:52:6b:
6d:59:2f:16:ce:2b:15:31:b7:b4:11:ba:14:10:9d:ef:33:0e:
76:28:81:3b:c0:f2:94:57:01:8b:c3:74:2e:b6:5f:ae:8a:1e:
b6:80:d2:18:27:4b:b0:3b:94:dc:bc:b9:60:3e:ea:de:7f:c5:
9f:a8:4f:90
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ2F1ZRt2HJ27QHQzqik6z/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNDEzMDc1NDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM5ZmZlZjljNDhiNjNkY2FjODgyNjY4NjEzZDg0ZTBkOThlOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIC3RUlvAMuW06aD7LZ/marXKMSV
xvJ41dgjud5pv7leQ/Tc4MzhBUGMLaRY6WUaQNINdzjqI/oWSIXLaMe6FNRmk0e5
gK77gPy8LWbdElssNXFpbH63DXRyV2gW+fBzpyL1CuaQpHD8rXXFUnk1bPxXYJcE
yHVzho7X6Qk/pOG8MwvgXYwLtM9OCpi/h6XdyWivr6vRU2wZopS4QS6QuKetZxqe
9BzWlw9hp18CVBtGM0+uQ0oScZTqKanuXIj8L4cwerD9fNAgaxiN0/ib43Bmrt9z
lQufRz/depMVsAnpDeq386yosDmMUUElr2Ppg8apSndBoYuUUYLwxXEMlQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFI85/++cSLY9ysiCZoYT2E4NmOj0MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvanpuXzc1eEl0ajNLeUlKbWhoUFlUZzJZNlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAJI
PwwwDAMEAkg/RAMEAkg/SAMEAkg/UDAMAwQCSD9kAwQCSD9oAwQDSD9wMAwDBAG9
UQIDBAG9UQQDBAG9USIDBAG9UWoDBAG9UaoDBAG9UcwDBAG9UeYDBAG9aAQDBAG9
aCIDBAG9aEIDBAG9aGYDBAG9aIQDBAG9aKwDBAG9aMoDBALNvIwwDQYJKoZIhvcN
AQELBQADggEBAG9ywjpjiYCbjGUKhLiBseYZJN+9DU/aowyJicfFH2v4Y1QtIMiB
hwgG+tQFp6gIhYCUD3KTGnwY3YQuWHeRD/sNR+JdyIcFqA6VfETTNrC73tvbzm26
gor/5gfJd1Pll+EVbWQ509BEe/JlpTaynHm8Rz5iKxDV47Sd+3WJC6mfg356YQKw
yUpYjSrMOZpwfEEXaw010UdSVAaMccT72Z7t+gtL5o3IpI0I1/6ksNlxDI83Lqf7
vmoOgv7pLFQqyups2llSa21ZLxbOKxUxt7QRuhQQne8zDnYogTvA8pRXAYvDdC62
X66KHraA0hgnS7A7lNy8uWA+6t5/xZ+oT5A=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:51:01 2026 by rpki-client