Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/_JOKPZqcfiucPtK6kvV2lQrbnr0.roa
File: _JOKPZqcfiucPtK6kvV2lQrbnr0.roa (raw, json)
Hash identifier: nm260FM+WPlu0nfW5ryQo/yh5QD+PAvLx2X4UhvgpfE=
Subject key identifier: FC:93:8A:3D:9A:9C:7E:2B:9C:3E:D2:BA:92:F5:76:95:0A:DB:9E:BD
Certificate issuer: /CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Certificate serial: 019E73246ABAA2D3375B603E42E995741388
Authority key identifier: C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/_JOKPZqcfiucPtK6kvV2lQrbnr0.roa
Signing time: Fri 29 May 2026 09:50:26 +0000
ROA not before: Fri 29 May 2026 09:50:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43578
IP address blocks: 5.226.168.0/24 maxlen: 24
5.226.172.0/24 maxlen: 24
2a04:b880::/48 maxlen: 48
2a04:b880:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.mft
rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:24:6a:ba:a2:d3:37:5b:60:3e:42:e9:95:74:13:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Validity
Not Before: May 29 09:50:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc938a3d9a9c7e2b9c3ed2ba92f576950adb9ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:72:25:aa:4d:95:f9:b8:38:60:9b:fd:1f:b9:
f5:bb:9c:44:f7:88:d1:6e:4a:5e:68:70:c7:94:6c:
34:23:0f:62:51:a4:e5:4b:61:d4:ed:a8:6f:a7:8e:
d1:6d:20:1c:fa:17:46:23:ec:db:c4:31:3d:9c:9c:
21:bf:0d:0b:aa:5d:f6:90:c2:f1:74:e1:ea:95:3c:
0d:4a:c9:97:a6:6a:71:06:4a:b6:dd:cc:8e:bb:7d:
7d:9d:7c:d9:8c:64:6e:de:e6:34:ab:be:75:c3:25:
10:11:61:c0:4b:6a:8b:d0:ca:32:3c:2a:eb:1d:8b:
42:07:52:9d:14:d7:1a:c1:06:6b:d1:ed:1a:a8:24:
f2:54:13:3e:8b:ec:8a:60:6f:dd:6a:ad:46:9b:31:
18:93:3f:d0:b8:6e:6e:1b:46:e4:3a:23:ea:91:01:
1c:b1:7a:e0:3f:58:04:88:7b:24:48:7a:4b:81:bf:
81:b8:c2:4d:07:8d:02:b5:51:e7:02:6d:3c:22:9a:
de:49:25:fd:5f:c5:0a:da:04:e6:05:4f:5d:4d:0a:
01:4d:3f:e9:65:aa:27:cd:7b:17:f1:02:33:a6:47:
bb:5b:32:1d:e3:ba:db:3d:38:02:1d:1d:30:5c:cc:
8b:53:72:78:47:e0:b0:94:0d:70:21:d7:12:e6:86:
85:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:93:8A:3D:9A:9C:7E:2B:9C:3E:D2:BA:92:F5:76:95:0A:DB:9E:BD
X509v3 Authority Key Identifier:
keyid:C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/_JOKPZqcfiucPtK6kvV2lQrbnr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.168.0/24
5.226.172.0/24
IPv6:
2a04:b880::/48
2a04:b880:5::/48
Signature Algorithm: sha256WithRSAEncryption
0d:e3:08:29:e5:31:e6:27:15:03:df:43:8d:0d:3e:6a:a9:de:
44:c0:e3:f1:30:69:f1:4a:94:95:e0:65:9f:b2:ba:05:8d:f9:
1d:67:bd:de:8c:bb:15:66:13:38:22:1f:a4:53:b0:3f:93:00:
cb:92:50:47:b4:a6:ce:e0:8f:65:e2:57:fe:0a:6c:45:b4:85:
fa:34:c9:75:6f:be:a9:02:47:c7:0f:19:77:a9:4f:50:b3:1d:
50:19:77:37:54:52:0e:66:53:66:2f:86:2a:fe:22:7f:c6:3b:
45:08:59:4b:8b:62:f5:f4:78:94:4b:3a:e1:5e:1c:5e:ea:ce:
22:0b:c2:d3:6d:7a:79:b1:f3:54:b1:87:b7:cb:a9:ed:ae:ff:
cf:4d:e9:d7:52:ad:fa:ea:2b:6c:f1:6f:39:9e:3f:b3:5f:fa:
e2:8b:0c:c7:da:35:22:ba:8e:86:f6:2b:88:f7:8e:f0:6c:ac:
5c:c6:9c:94:e3:5b:a9:74:85:f0:f3:8b:0a:b2:66:71:c1:bb:
48:59:2e:41:3b:5b:e3:4d:a2:b0:2d:b9:e5:fd:cc:81:84:76:
72:a8:99:6f:8b:64:3a:a9:7c:43:dc:71:4d:15:56:f7:9a:89:
6e:52:fc:60:2a:f8:75:a8:5b:28:45:b4:fc:6f:19:8a:24:bd:
f3:2b:d1:4b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ5zJGq6otM3W2A+QumVdBOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzM0ODFkM2ZhNDg3MTBkY2I5NzNmZGNkMjkzNDBkZWRi
NjIyOWEwHhcNMjYwNTI5MDk1MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzkzOGEzZDlhOWM3ZTJiOWMzZWQyYmE5MmY1NzY5NTBhZGI5ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XIlqk2V+bg4YJv9H7n1u5xE94jR
bkpeaHDHlGw0Iw9iUaTlS2HU7ahvp47RbSAc+hdGI+zbxDE9nJwhvw0Lql32kMLx
dOHqlTwNSsmXpmpxBkq23cyOu319nXzZjGRu3uY0q751wyUQEWHAS2qL0MoyPCrr
HYtCB1KdFNcawQZr0e0aqCTyVBM+i+yKYG/daq1GmzEYkz/QuG5uG0bkOiPqkQEc
sXrgP1gEiHskSHpLgb+BuMJNB40CtVHnAm08IpreSSX9X8UK2gTmBU9dTQoBTT/p
ZaonzXsX8QIzpke7WzId47rbPTgCHR0wXMyLU3J4R+CwlA1wIdcS5oaFuwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPyTij2anH4rnD7SupL1dpUK2569MB8GA1UdIwQY
MBaAFMkzSB0/pIcQ3Llz/c0pNA3ttiKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUt
ZmVmZDM3NjY2NzQxLzEvX0pPS1BacWNmaXVjUHRLNmt2VjJsUXJibnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUtZmVmZDM3NjY2NzQx
LzEveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABeKoAwQA
BeKsMBgEAgACMBIDBwAqBLiAAAADBwAqBLiAAAUwDQYJKoZIhvcNAQELBQADggEB
AA3jCCnlMeYnFQPfQ40NPmqp3kTA4/EwafFKlJXgZZ+yugWN+R1nvd6MuxVmEzgi
H6RTsD+TAMuSUEe0ps7gj2XiV/4KbEW0hfo0yXVvvqkCR8cPGXepT1CzHVAZdzdU
Ug5mU2Yvhir+In/GO0UIWUuLYvX0eJRLOuFeHF7qziILwtNtenmx81Sxh7fLqe2u
/89N6ddSrfrqK2zxbzmeP7Nf+uKLDMfaNSK6job2K4j3jvBsrFzGnJTjW6l0hfDz
iwqyZnHBu0hZLkE7W+NNorAtueX9zIGEdnKomW+LZDqpfEPccU0VVveaiW5S/GAq
+HWoWyhFtPxvGYokvfMr0Us=
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:28:49 2026 by rpki-client