Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/_Jb5MQL-SwYsiaZAEwlAEPZaGwY.roa
File: _Jb5MQL-SwYsiaZAEwlAEPZaGwY.roa (raw, json)
Hash identifier: MIMB2XZpuhd7zAatrimOYWSebI/zGxcY2dCKE8yVj7Q=
Subject key identifier: FC:96:F9:31:02:FE:4B:06:2C:89:A6:40:13:09:40:10:F6:5A:1B:06
Certificate issuer: /CN=8f084f3a80b4a1df4811642aab8d7951639a2e58
Certificate serial: 019B7834D695A158C6DC52088B14B2909689
Authority key identifier: 8F:08:4F:3A:80:B4:A1:DF:48:11:64:2A:AB:8D:79:51:63:9A:2E:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jwhPOoC0od9IEWQqq415UWOaLlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/_Jb5MQL-SwYsiaZAEwlAEPZaGwY.roa
Signing time: Thu 01 Jan 2026 06:18:07 +0000
ROA not before: Thu 01 Jan 2026 06:18:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49447
IP address blocks: 45.9.148.0/24 maxlen: 24
45.9.149.0/24 maxlen: 24
45.9.150.0/23 maxlen: 23
2a0e:fa00::/48 maxlen: 48
2a0e:fa00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/jwhPOoC0od9IEWQqq415UWOaLlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/jwhPOoC0od9IEWQqq415UWOaLlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jwhPOoC0od9IEWQqq415UWOaLlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:d6:95:a1:58:c6:dc:52:08:8b:14:b2:90:96:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f084f3a80b4a1df4811642aab8d7951639a2e58
Validity
Not Before: Jan 1 06:18:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc96f93102fe4b062c89a64013094010f65a1b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f8:27:dc:b0:8e:e0:21:11:15:f9:c5:22:90:
77:80:f3:6f:84:2f:27:54:f7:f6:8b:09:b7:03:2c:
a4:0e:0c:16:42:28:73:ed:86:f9:69:1f:84:28:59:
e1:c1:a6:69:b4:00:01:ab:9c:a5:74:0a:18:5e:19:
9e:47:e5:b3:a0:1a:d1:4f:92:2c:7f:89:78:79:18:
57:c1:a9:1a:a4:0c:34:cf:58:ac:27:9c:2b:3b:fa:
7e:e8:a9:31:82:09:82:64:e3:94:91:d4:e8:90:76:
3c:0b:ac:29:90:69:d1:96:4a:72:b5:4b:1b:3f:64:
a7:d5:cd:06:96:3f:c2:f5:be:bc:76:15:b7:2d:9f:
cc:52:72:eb:f2:f4:77:69:ab:7d:e8:f4:a8:4e:9d:
49:00:2f:25:a3:30:64:33:06:20:2b:2b:62:d8:25:
9d:19:a0:63:6b:6e:ac:5e:f3:32:77:3e:c0:13:37:
bf:b8:1d:e4:4c:c3:1f:cd:48:48:6c:b3:4b:46:51:
16:c7:dd:90:a7:f2:b4:f3:8b:57:f7:c7:2e:c8:dc:
15:43:a1:13:9c:7a:6d:1d:6f:c4:09:5e:88:b0:84:
a8:9e:cc:be:d1:50:32:00:d8:4d:b9:63:2f:ae:60:
59:db:04:72:c9:8b:16:6b:3c:0d:a3:52:70:03:d3:
14:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:96:F9:31:02:FE:4B:06:2C:89:A6:40:13:09:40:10:F6:5A:1B:06
X509v3 Authority Key Identifier:
keyid:8F:08:4F:3A:80:B4:A1:DF:48:11:64:2A:AB:8D:79:51:63:9A:2E:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jwhPOoC0od9IEWQqq415UWOaLlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/_Jb5MQL-SwYsiaZAEwlAEPZaGwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8c5f5f-a1b8-4a2c-9b3c-b0f6ccd46387/1/jwhPOoC0od9IEWQqq415UWOaLlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.148.0/22
IPv6:
2a0e:fa00::/47
Signature Algorithm: sha256WithRSAEncryption
07:3b:44:17:2f:b2:c7:1d:44:33:1d:cc:da:40:7e:6e:d3:ed:
bb:00:97:6a:31:a2:4f:16:35:e3:13:af:43:4c:a7:ce:3c:50:
37:1b:2b:31:59:db:7e:3e:52:97:9b:bf:17:b5:09:32:4e:b7:
05:73:af:46:3d:7c:79:14:96:02:7e:28:7c:4d:db:2f:1b:84:
3d:3d:b2:57:2f:9b:a5:f8:2f:c4:8a:c1:c7:e6:18:b4:cc:22:
d5:45:2c:54:57:f0:1f:5f:65:d3:e6:ec:bb:40:5c:f0:95:43:
1d:f4:b9:7f:b0:e5:91:c4:42:04:9d:f6:3b:4c:7b:83:bf:45:
06:c7:fb:9e:cb:1f:c7:fb:5b:9e:e8:4a:c7:aa:1f:0c:ca:8f:
f3:7d:d1:cb:58:17:8e:b5:07:04:5f:62:af:e0:ec:30:bd:ae:
22:c1:f5:77:86:6f:74:55:8d:7c:59:a7:91:ed:a9:85:87:01:
69:5d:0a:6c:9c:8e:68:f4:5e:bb:e2:f6:a6:d8:1e:a3:31:09:
8d:7e:77:f5:2f:f7:7a:10:8f:e5:39:1e:33:f2:27:6c:82:fb:
6f:a2:82:5f:02:4c:fc:98:79:dd:eb:af:a0:52:0d:44:1c:18:
40:fa:c5:c1:77:06:e1:2e:d7:fd:13:bb:b9:ba:88:88:85:73:
b4:69:d1:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt4NNaVoVjG3FIIixSykJaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMDg0ZjNhODBiNGExZGY0ODExNjQyYWFiOGQ3OTUxNjM5
YTJlNTgwHhcNMjYwMTAxMDYxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk2ZjkzMTAyZmU0YjA2MmM4OWE2NDAxMzA5NDAxMGY2NWExYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fgn3LCO4CERFfnFIpB3gPNvhC8n
VPf2iwm3AyykDgwWQihz7Yb5aR+EKFnhwaZptAABq5yldAoYXhmeR+WzoBrRT5Is
f4l4eRhXwakapAw0z1isJ5wrO/p+6KkxggmCZOOUkdTokHY8C6wpkGnRlkpytUsb
P2Sn1c0Glj/C9b68dhW3LZ/MUnLr8vR3aat96PSoTp1JAC8lozBkMwYgKyti2CWd
GaBja26sXvMydz7AEze/uB3kTMMfzUhIbLNLRlEWx92Qp/K084tX98cuyNwVQ6ET
nHptHW/ECV6IsISonsy+0VAyANhNuWMvrmBZ2wRyyYsWazwNo1JwA9MU5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPyW+TEC/ksGLImmQBMJQBD2WhsGMB8GA1UdIwQY
MBaAFI8ITzqAtKHfSBFkKquNeVFjmi5YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvandoUE9vQzBvZDlJRVdRcXE0MTVVV09hTGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84YzVmNWYtYTFiOC00YTJjLTliM2Mt
YjBmNmNjZDQ2Mzg3LzEvX0piNU1RTC1Td1lzaWFaQUV3bEFFUFphR3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84YzVmNWYtYTFiOC00YTJjLTliM2MtYjBmNmNjZDQ2Mzg3
LzEvandoUE9vQzBvZDlJRVdRcXE0MTVVV09hTGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLQmUMA8E
AgACMAkDBwEqDvoAAAAwDQYJKoZIhvcNAQELBQADggEBAAc7RBcvsscdRDMdzNpA
fm7T7bsAl2oxok8WNeMTr0NMp848UDcbKzFZ234+Upebvxe1CTJOtwVzr0Y9fHkU
lgJ+KHxN2y8bhD09slcvm6X4L8SKwcfmGLTMItVFLFRX8B9fZdPm7LtAXPCVQx30
uX+w5ZHEQgSd9jtMe4O/RQbH+57LH8f7W57oSseqHwzKj/N90ctYF461BwRfYq/g
7DC9riLB9XeGb3RVjXxZp5HtqYWHAWldCmycjmj0Xrvi9qbYHqMxCY1+d/Uv93oQ
j+U5HjPyJ2yC+2+igl8CTPyYed3rr6BSDUQcGED6xcF3BuEu1/0Tu7m6iIiFc7Rp
0QY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:24:13 2026 by rpki-client