Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/jn0JJn7gaoXIjIZG9D82qZbLreU.roa
File: jn0JJn7gaoXIjIZG9D82qZbLreU.roa (raw, json)
Hash identifier: LSPvb66GbUguyzdJ2arG3PXVq5iyU2uqoZTdf33Egv0=
Subject key identifier: 8E:7D:09:26:7E:E0:6A:85:C8:8C:86:46:F4:3F:36:A9:96:CB:AD:E5
Certificate issuer: /CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Certificate serial: 019E6FB757B5F65521AF5E6B62349475E262
Authority key identifier: A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/jn0JJn7gaoXIjIZG9D82qZbLreU.roa
Signing time: Thu 28 May 2026 17:52:26 +0000
ROA not before: Thu 28 May 2026 17:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213160
IP address blocks: 91.194.202.0/23 maxlen: 23
170.255.128.0/17 maxlen: 17
170.255.128.0/18 maxlen: 18
170.255.240.0/21 maxlen: 21
170.255.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:b7:57:b5:f6:55:21:af:5e:6b:62:34:94:75:e2:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Validity
Not Before: May 28 17:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e7d09267ee06a85c88c8646f43f36a996cbade5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:71:b0:8d:30:be:36:e2:d7:9d:30:f2:da:36:
38:27:04:da:eb:39:a5:2f:76:8a:87:08:b1:ca:ba:
c4:12:22:3b:56:cd:d0:ce:97:0e:02:04:91:4a:c2:
cc:4a:a2:2f:1a:40:a2:90:e3:17:22:d1:44:07:a2:
0e:57:81:72:fb:94:ed:1b:47:bf:0e:ff:c4:de:a1:
1c:1a:c4:43:9f:53:2f:72:92:d5:f8:c3:9f:41:bd:
47:b2:e5:71:6f:b3:7f:cb:54:dc:cf:e2:b5:2f:a8:
48:15:43:86:e3:9c:77:a5:6b:06:ac:5c:af:07:00:
15:4e:41:ef:3b:42:67:74:19:ef:a1:54:11:04:0d:
f0:50:73:e4:29:b8:f9:4a:ea:00:91:3d:e8:32:b5:
a4:5f:dd:4c:1a:a7:07:a3:4c:08:22:f0:9d:a6:d5:
0a:ca:61:10:66:7b:b0:74:39:64:6e:56:61:27:e9:
f6:e3:86:92:da:c2:d9:dd:81:4f:63:ea:11:aa:b0:
f2:12:10:ea:bd:a9:bc:b7:8a:68:df:3d:20:f2:be:
da:a8:a3:cc:f1:9a:2d:df:ec:a1:ff:ca:c2:4d:e1:
31:86:92:85:9b:52:68:60:4f:98:6a:04:be:b0:1e:
07:84:f7:80:95:13:73:2b:da:98:71:56:80:df:b3:
e2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7D:09:26:7E:E0:6A:85:C8:8C:86:46:F4:3F:36:A9:96:CB:AD:E5
X509v3 Authority Key Identifier:
keyid:A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/jn0JJn7gaoXIjIZG9D82qZbLreU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.202.0/23
170.255.128.0/17
Signature Algorithm: sha256WithRSAEncryption
6b:17:ee:4c:a5:97:37:7c:80:1f:b5:4d:23:fc:ed:11:d4:ce:
c2:43:0f:47:89:95:30:06:a5:a8:08:fb:17:21:dd:2e:a5:e9:
57:b5:5d:ca:49:d1:f2:90:b0:59:31:81:f2:13:8a:45:4c:95:
1b:bd:02:8b:54:eb:d3:14:4f:ca:9c:b5:b1:de:78:5d:d6:48:
72:45:6f:7c:8e:9e:1a:84:29:da:e9:36:c2:26:e4:ba:d1:c0:
7e:d7:fc:32:4f:28:5c:52:69:d7:7c:1f:ab:64:0a:37:8a:4b:
6b:4c:ef:b6:6f:d8:fc:00:46:90:6a:a0:43:0e:b4:39:82:07:
bc:0f:43:49:4a:4b:4f:3b:17:31:63:eb:98:b1:98:a3:c9:d6:
34:16:3e:27:97:fd:da:cf:2a:07:f0:82:a3:6f:47:8e:b8:0f:
58:5d:92:98:ec:98:1c:4f:a0:1c:50:e4:5a:47:6d:56:82:33:
c3:b7:45:45:97:f6:85:4a:16:6f:d7:e7:87:36:e2:ff:ce:ca:
1d:d8:aa:2f:f4:c1:96:1a:1e:5d:1b:4b:4c:88:87:45:33:19:
d7:e6:2c:95:88:2f:05:c2:53:53:23:3f:3b:cb:fa:c1:4f:0a:
4d:39:f8:6d:9f:63:4b:d6:32:d4:f4:b4:5f:a0:1f:8d:5a:ad:
3b:6b:9b:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5vt1e19lUhr15rYjSUdeJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODJmM2QwZTY2NDI5YjY4NWIxODUwYTlkZmYyNWM3YWEz
N2EwYzYwHhcNMjYwNTI4MTc1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdkMDkyNjdlZTA2YTg1Yzg4Yzg2NDZmNDNmMzZhOTk2Y2JhZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXGwjTC+NuLXnTDy2jY4JwTa6zml
L3aKhwixyrrEEiI7Vs3QzpcOAgSRSsLMSqIvGkCikOMXItFEB6IOV4Fy+5TtG0e/
Dv/E3qEcGsRDn1MvcpLV+MOfQb1HsuVxb7N/y1Tcz+K1L6hIFUOG45x3pWsGrFyv
BwAVTkHvO0JndBnvoVQRBA3wUHPkKbj5SuoAkT3oMrWkX91MGqcHo0wIIvCdptUK
ymEQZnuwdDlkblZhJ+n244aS2sLZ3YFPY+oRqrDyEhDqvam8t4po3z0g8r7aqKPM
8Zot3+yh/8rCTeExhpKFm1JoYE+YagS+sB4HhPeAlRNzK9qYcVaA37PikwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI59CSZ+4GqFyIyGRvQ/NqmWy63lMB8GA1UdIwQY
MBaAFKmC89DmZCm2hbGFCp3/JceqN6DGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQt
OGI0NzkzZjkwZjE1LzEvam4wSkpuN2dhb1hJaklaRzlEODJxWmJMcmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQtOGI0NzkzZjkwZjE1
LzEvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8LKAwQH
qv+AMA0GCSqGSIb3DQEBCwUAA4IBAQBrF+5MpZc3fIAftU0j/O0R1M7CQw9HiZUw
BqWoCPsXId0upelXtV3KSdHykLBZMYHyE4pFTJUbvQKLVOvTFE/KnLWx3nhd1khy
RW98jp4ahCna6TbCJuS60cB+1/wyTyhcUmnXfB+rZAo3iktrTO+2b9j8AEaQaqBD
DrQ5gge8D0NJSktPOxcxY+uYsZijydY0Fj4nl/3azyoH8IKjb0eOuA9YXZKY7Jgc
T6AcUORaR21WgjPDt0VFl/aFShZv1+eHNuL/zsod2Kov9MGWGh5dG0tMiIdFMxnX
5iyViC8FwlNTIz87y/rBTwpNOfhtn2NL1jLU9LRfoB+NWq07a5sv
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:26:27 2026 by rpki-client