Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/JuxIitzUr2hFBOCtFiGnp22yBGQ.roa
File: JuxIitzUr2hFBOCtFiGnp22yBGQ.roa (raw, json)
Hash identifier: 79W8uwreRKkXOWWJ78T/ZxjFFxIlTscrV8quE7vQsjc=
Subject key identifier: 26:EC:48:8A:DC:D4:AF:68:45:04:E0:AD:16:21:A7:A7:6D:B2:04:64
Certificate issuer: /CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Certificate serial: 019B7F8316D68093BF503A8345F27914100A
Authority key identifier: 20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/JuxIitzUr2hFBOCtFiGnp22yBGQ.roa
Signing time: Fri 02 Jan 2026 16:20:55 +0000
ROA not before: Fri 02 Jan 2026 16:20:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209888
IP address blocks: 185.180.216.0/22 maxlen: 24
2a0a:af80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:16:d6:80:93:bf:50:3a:83:45:f2:79:14:10:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Validity
Not Before: Jan 2 16:20:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26ec488adcd4af684504e0ad1621a7a76db20464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:1c:1a:02:6c:ce:8b:2c:f6:13:7b:18:49:
0c:28:02:33:a5:d2:fb:40:5c:e9:14:ee:1e:26:34:
3e:a1:ea:66:d6:66:c9:a7:3d:5b:df:d7:40:86:0c:
55:c2:dc:d7:b3:79:03:a8:ff:5c:84:a5:75:9e:8c:
32:75:de:49:d0:5d:7d:3c:6b:83:71:02:a8:04:e8:
16:cc:68:68:c0:86:a2:a9:74:67:71:5d:96:f8:c3:
80:80:80:32:fc:32:9c:a5:55:47:b2:05:e4:6a:a6:
90:46:01:a9:05:0c:e0:d9:7c:9d:c1:bc:5d:bc:d9:
b7:d9:e3:1a:f6:a3:98:16:45:86:49:ec:76:9a:a1:
01:fa:50:6a:33:35:b4:74:fe:28:60:e3:85:fc:eb:
27:b3:05:73:f2:6c:8c:50:1a:23:7d:c8:97:0d:04:
b3:c6:82:87:eb:34:7e:b2:4a:55:1b:1a:eb:e8:6d:
cf:89:08:9f:6e:10:dd:d1:96:74:dc:bc:53:ff:48:
5e:54:7a:b8:ca:5c:77:30:85:af:18:10:92:fd:51:
0f:77:fb:7d:53:01:14:79:49:39:d4:c1:6c:a2:2f:
69:04:aa:f2:b2:55:dc:e4:1b:b6:89:07:d3:17:8c:
5f:f9:3e:18:4a:d7:60:10:79:8d:b3:15:49:aa:0f:
2a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:EC:48:8A:DC:D4:AF:68:45:04:E0:AD:16:21:A7:A7:6D:B2:04:64
X509v3 Authority Key Identifier:
keyid:20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/JuxIitzUr2hFBOCtFiGnp22yBGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.216.0/22
IPv6:
2a0a:af80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:98:38:50:16:c5:8b:ec:5a:89:8f:68:0e:ae:4e:5c:5f:12:
29:0b:46:9d:20:d3:f4:77:2d:44:a8:30:87:ea:12:f0:81:6c:
28:88:b7:4c:59:00:54:06:70:40:8e:1f:f8:9c:b2:a6:d6:42:
48:5a:9f:3b:31:bc:dc:7f:43:00:e5:60:77:5a:81:cd:e3:91:
36:f3:23:cb:c5:ea:d8:a8:d7:25:ee:07:6e:47:fc:92:6c:23:
c5:ec:e0:40:3e:03:bf:6e:dd:84:55:1a:d1:2e:c1:0f:9e:b3:
3b:4e:39:1f:7a:50:43:bb:dc:40:ca:33:42:cb:f7:33:d4:3b:
f1:b9:00:25:73:ea:95:3f:21:da:f6:6e:fa:6a:2a:76:bb:47:
6a:aa:0f:87:43:59:af:29:eb:f1:d0:93:5d:70:97:3d:76:62:
99:dd:2e:5d:46:ee:22:f9:15:88:dc:b1:54:43:9e:1c:15:56:
7a:1a:19:11:f6:15:84:78:7b:c1:44:17:65:71:3e:d2:86:58:
be:0a:4a:fb:bc:34:8e:f2:df:79:26:e1:7f:f1:f1:f7:95:8b:
b1:26:01:fd:e2:b7:58:3d:06:30:4a:89:7b:c7:04:48:96:69:
08:5a:dc:8f:30:4d:2b:60:18:e3:9c:68:2b:8a:cd:c2:a9:c2:
41:1d:de:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt/gxbWgJO/UDqDRfJ5FBAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmY2ODA4ZTA2MDQ2OTcyNzBmYWEzYzNkYjE1OWY3ZmU5
OGVjZGQwHhcNMjYwMTAyMTYyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmVjNDg4YWRjZDRhZjY4NDUwNGUwYWQxNjIxYTdhNzZkYjIwNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiIcGgJszoss9hN7GEkMKAIzpdL7
QFzpFO4eJjQ+oepm1mbJpz1b39dAhgxVwtzXs3kDqP9chKV1nowydd5J0F19PGuD
cQKoBOgWzGhowIaiqXRncV2W+MOAgIAy/DKcpVVHsgXkaqaQRgGpBQzg2Xydwbxd
vNm32eMa9qOYFkWGSex2mqEB+lBqMzW0dP4oYOOF/OsnswVz8myMUBojfciXDQSz
xoKH6zR+skpVGxrr6G3PiQifbhDd0ZZ03LxT/0heVHq4ylx3MIWvGBCS/VEPd/t9
UwEUeUk51MFsoi9pBKryslXc5Bu2iQfTF4xf+T4YStdgEHmNsxVJqg8qNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCbsSIrc1K9oRQTgrRYhp6dtsgRkMB8GA1UdIwQY
MBaAFCBvaAjgYEaXJw+qPD2xWff+mOzdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUt
ZWI2MmU4YzRkZmE5LzEvSnV4SWl0elVyMmhGQk9DdEZpR25wMjJ5QkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUtZWI2MmU4YzRkZmE5
LzEvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubTYMA0E
AgACMAcDBQMqCq+AMA0GCSqGSIb3DQEBCwUAA4IBAQCMmDhQFsWL7FqJj2gOrk5c
XxIpC0adINP0dy1EqDCH6hLwgWwoiLdMWQBUBnBAjh/4nLKm1kJIWp87Mbzcf0MA
5WB3WoHN45E28yPLxerYqNcl7gduR/ySbCPF7OBAPgO/bt2EVRrRLsEPnrM7Tjkf
elBDu9xAyjNCy/cz1DvxuQAlc+qVPyHa9m76aip2u0dqqg+HQ1mvKevx0JNdcJc9
dmKZ3S5dRu4i+RWI3LFUQ54cFVZ6GhkR9hWEeHvBRBdlcT7Shli+Ckr7vDSO8t95
JuF/8fH3lYuxJgH94rdYPQYwSol7xwRIlmkIWtyPME0rYBjjnGgris3CqcJBHd5Q
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:22:48 2026 by rpki-client