Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/jbum_D98f7wXxL3zfJIV6BCwD8g.roa
File: jbum_D98f7wXxL3zfJIV6BCwD8g.roa (raw, json)
Hash identifier: C+K78EzxF6K+3h9zUKmt0tIENTKcf8CCLlSHEr+JL70=
Subject key identifier: 8D:BB:A6:FC:3F:7C:7F:BC:17:C4:BD:F3:7C:92:15:E8:10:B0:0F:C8
Certificate issuer: /CN=f879baa89e214133ccf6460f24206ad2c86670eb
Certificate serial: 019B78A34CE6237B8069A883122F72A9726E
Authority key identifier: F8:79:BA:A8:9E:21:41:33:CC:F6:46:0F:24:20:6A:D2:C8:66:70:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/jbum_D98f7wXxL3zfJIV6BCwD8g.roa
Signing time: Thu 01 Jan 2026 08:18:46 +0000
ROA not before: Thu 01 Jan 2026 08:18:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44772
IP address blocks: 185.129.56.0/22 maxlen: 32
195.28.14.0/23 maxlen: 32
2a04:8c00::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a3:4c:e6:23:7b:80:69:a8:83:12:2f:72:a9:72:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f879baa89e214133ccf6460f24206ad2c86670eb
Validity
Not Before: Jan 1 08:18:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8dbba6fc3f7c7fbc17c4bdf37c9215e810b00fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:81:38:3b:54:7b:0a:25:27:fd:15:28:99:
62:65:87:7f:b0:8b:dd:12:9b:d3:94:45:ec:fe:86:
15:5e:6c:2f:37:6c:c5:1b:dd:a4:c1:d6:47:f1:75:
2b:0a:81:46:d8:f4:11:3c:d7:dd:96:0e:79:74:1f:
48:3b:9b:23:11:bc:9a:65:78:5b:8b:24:ac:70:e6:
04:30:82:1b:66:eb:27:fc:7e:37:c2:08:a0:be:4c:
f1:24:92:ef:49:9d:ee:a6:5b:ee:ef:d7:cd:9f:01:
e7:05:b5:7f:44:c9:c1:e4:d4:85:0e:d8:1b:b4:33:
2b:5f:de:17:3c:24:d4:4a:ab:05:fd:da:d8:e1:c4:
d4:b9:35:83:78:92:0b:05:ad:21:09:d2:02:82:b6:
eb:db:d0:d2:db:16:19:b8:dc:70:9c:6a:22:d0:3c:
04:ba:db:77:14:41:cd:3f:06:e5:7b:5d:67:f8:cd:
f7:86:5b:f8:02:ba:cc:c1:8a:4c:b6:58:86:20:68:
b3:8f:50:de:56:4e:5d:53:1a:9a:31:62:cd:ba:fe:
1d:69:f8:8b:3c:b7:8f:00:9f:c1:08:1e:e7:1f:65:
bd:69:92:30:89:42:af:f8:78:3f:c0:14:e9:cf:57:
3d:e7:81:76:97:e9:16:1f:25:6c:38:42:dc:62:d2:
d2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BB:A6:FC:3F:7C:7F:BC:17:C4:BD:F3:7C:92:15:E8:10:B0:0F:C8
X509v3 Authority Key Identifier:
keyid:F8:79:BA:A8:9E:21:41:33:CC:F6:46:0F:24:20:6A:D2:C8:66:70:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/jbum_D98f7wXxL3zfJIV6BCwD8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cefab-4775-4258-b971-4fcf84c85b63/1/1-Hm6qJ4hQTPM9kYPJCBq0shmcOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.56.0/22
195.28.14.0/23
IPv6:
2a04:8c00::/29
Signature Algorithm: sha256WithRSAEncryption
94:7f:3e:08:47:0b:10:65:69:19:52:91:dc:e9:e0:3e:ea:7f:
e8:c8:dd:5b:82:d1:93:8c:7c:e3:24:ad:12:6c:92:17:5d:72:
cf:23:db:e6:66:c8:c7:ea:3f:77:e3:e8:e7:ad:2b:1a:14:13:
5f:6c:25:e8:e3:9f:c7:43:25:11:bb:1a:a9:67:6d:a5:b7:52:
b8:3d:8e:c1:60:2a:09:52:a2:ab:9e:fc:ac:52:78:c6:7a:09:
cd:f2:ad:8c:82:97:b6:ee:8f:30:75:8e:32:0b:00:54:d0:31:
7c:70:82:e2:e8:f1:90:9c:a3:7d:98:20:f7:56:35:ee:64:7e:
02:48:21:e0:2f:02:ae:19:7e:36:ad:32:a5:65:d1:91:7e:73:
e6:f8:1c:12:ad:53:7c:50:99:ed:01:1a:0b:7c:55:f6:e5:1c:
0b:88:00:e4:35:be:9b:06:33:d4:28:35:d7:64:1e:71:1a:b5:
e2:05:92:11:3e:55:0d:81:b4:cc:e4:ac:83:d9:29:fe:d9:0f:
f0:61:0e:23:48:dd:7a:21:41:5d:b8:e5:9f:1b:2f:23:df:f4:
32:95:99:ae:19:66:a4:86:90:85:41:0b:e6:03:b2:98:9c:93:
d3:15:c5:e0:ab:50:61:49:ba:8c:69:f0:04:34:ac:5d:13:2a:
43:92:58:c4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZt4o0zmI3uAaaiDEi9yqXJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NzliYWE4OWUyMTQxMzNjY2Y2NDYwZjI0MjA2YWQyYzg2
NjcwZWIwHhcNMjYwMTAxMDgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJiYTZmYzNmN2M3ZmJjMTdjNGJkZjM3YzkyMTVlODEwYjAwZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskiBODtUewolJ/0VKJliZYd/sIvd
EpvTlEXs/oYVXmwvN2zFG92kwdZH8XUrCoFG2PQRPNfdlg55dB9IO5sjEbyaZXhb
iySscOYEMIIbZusn/H43wgigvkzxJJLvSZ3uplvu79fNnwHnBbV/RMnB5NSFDtgb
tDMrX94XPCTUSqsF/drY4cTUuTWDeJILBa0hCdICgrbr29DS2xYZuNxwnGoi0DwE
utt3FEHNPwble11n+M33hlv4ArrMwYpMtliGIGizj1DeVk5dUxqaMWLNuv4dafiL
PLePAJ/BCB7nH2W9aZIwiUKv+Hg/wBTpz1c954F2l+kWHyVsOELcYtLSNwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI27pvw/fH+8F8S983ySFegQsA/IMB8GA1UdIwQY
MBaAFPh5uqieIUEzzPZGDyQgatLIZnDrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IbTZxSjRoUVRQTTlrWVBKQ0JxMHNobWNPcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNGNlZmFiLTQ3NzUtNDI1OC1iOTcx
LTRmY2Y4NGM4NWI2My8xL2pidW1fRDk4Zjd3WHhMM3pmSklWNkJDd0Q4Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvNGNlZmFiLTQ3NzUtNDI1OC1iOTcxLTRmY2Y4NGM4NWI2
My8xLzEtSG02cUo0aFFUUE05a1lQSkNCcTBzaG1jT3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5gTgD
BAHDHA4wDQQCAAIwBwMFAyoEjAAwDQYJKoZIhvcNAQELBQADggEBAJR/PghHCxBl
aRlSkdzp4D7qf+jI3VuC0ZOMfOMkrRJskhddcs8j2+ZmyMfqP3fj6OetKxoUE19s
Jejjn8dDJRG7GqlnbaW3Urg9jsFgKglSoque/KxSeMZ6Cc3yrYyCl7bujzB1jjIL
AFTQMXxwguLo8ZCco32YIPdWNe5kfgJIIeAvAq4ZfjatMqVl0ZF+c+b4HBKtU3xQ
me0BGgt8VfblHAuIAOQ1vpsGM9QoNddkHnEateIFkhE+VQ2BtMzkrIPZKf7ZD/Bh
DiNI3XohQV245Z8bLyPf9DKVma4ZZqSGkIVBC+YDspick9MVxeCrUGFJuoxp8AQ0
rF0TKkOSWMQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:36:58 2026 by rpki-client