Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JO6iXW3nyYeSB1MUPxKdOrwCgWU.roa
File: JO6iXW3nyYeSB1MUPxKdOrwCgWU.roa (raw, json)
Hash identifier: nRde/+dfOAPqOLy2pz/5nzGOkiNJvqOHoWPxKti7BCY=
Subject key identifier: 24:EE:A2:5D:6D:E7:C9:87:92:07:53:14:3F:12:9D:3A:BC:02:81:65
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DBDF8BA199C44B77FE818FF2252FD8C1A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JO6iXW3nyYeSB1MUPxKdOrwCgWU.roa
Signing time: Fri 24 Apr 2026 05:31:27 +0000
ROA not before: Fri 24 Apr 2026 05:31:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199123
IP address blocks: 31.13.231.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 05:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bd:f8:ba:19:9c:44:b7:7f:e8:18:ff:22:52:fd:8c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 05:31:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=24eea25d6de7c987920753143f129d3abc028165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6e:fc:61:bd:50:6d:06:9e:79:32:0f:32:f9:
b2:64:9f:c5:bf:af:ee:cb:3b:89:9e:b9:af:5d:14:
60:50:3c:11:c3:2a:9f:64:b3:e6:ac:76:ed:8c:f7:
c4:0e:3c:c0:3d:df:ca:a3:ea:b4:ad:17:2a:ea:d6:
32:c0:fe:75:81:60:98:d0:b0:29:5b:d7:17:81:c0:
f0:88:97:ce:b5:ed:80:3a:54:bf:29:f8:50:4b:79:
3c:1f:20:df:c4:92:47:57:a1:47:99:50:00:95:3d:
f4:0a:a9:70:d3:86:2b:e6:2a:31:da:8a:39:54:c0:
23:10:1f:c6:a3:5d:50:93:72:d8:67:04:c4:4a:75:
f7:a8:a9:fb:6d:9a:a7:94:a7:99:76:45:68:98:21:
cf:49:cd:7e:0e:38:e5:0e:00:43:c0:79:49:d1:89:
2a:4e:15:5c:dd:58:d4:79:9b:5b:f2:33:aa:b2:f3:
f9:d2:d7:a4:9b:c0:a4:57:65:89:2e:c1:83:b0:cc:
06:9f:45:4c:46:2c:10:ad:35:e7:06:3e:45:3a:e4:
e4:0d:c8:37:3e:9f:8b:20:f6:37:07:ff:74:c0:f2:
0a:f5:60:e8:cb:9e:d5:65:16:06:11:9a:05:9a:a1:
53:49:67:9f:d5:7b:a0:36:25:d8:81:28:b3:f8:c9:
ee:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EE:A2:5D:6D:E7:C9:87:92:07:53:14:3F:12:9D:3A:BC:02:81:65
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JO6iXW3nyYeSB1MUPxKdOrwCgWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.231.0/24
45.141.158.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e9:72:3f:87:f3:86:46:39:30:4b:34:99:f7:ff:57:4c:82:
ef:bd:2b:9c:7b:dc:05:a7:8d:bc:d3:a6:17:62:8e:c6:8c:aa:
55:6a:85:f3:6f:64:2f:32:15:ea:c7:b2:d7:23:cc:45:e6:6f:
ac:ce:16:35:eb:9a:98:1a:17:98:77:d1:d5:03:39:2a:28:4d:
e0:d6:05:fc:ab:f9:e6:c7:bb:10:59:82:87:1c:0d:0b:5f:1c:
7f:7e:67:d0:3d:f9:4f:6e:62:02:ff:c6:9c:80:ea:e1:94:5b:
50:03:f2:0d:85:d4:9a:97:25:99:65:0b:91:ba:71:eb:a7:38:
c3:48:0f:30:db:02:d0:54:2a:04:52:1f:77:b4:64:b7:55:85:
4d:5a:88:53:41:4d:07:a9:2c:b1:fc:9d:52:7d:ac:a4:2a:3c:
18:ac:f9:1b:19:f5:26:61:62:4f:14:87:01:18:43:52:a5:3d:
7d:07:54:72:9e:e4:37:96:20:8f:23:b1:26:23:2f:3a:b7:b4:
24:fd:00:1a:e0:dc:35:f7:c6:88:58:bb:a1:1d:b5:64:0f:cb:
1d:58:38:6d:c8:54:25:bb:64:12:44:16:87:42:4a:b0:ac:40:
b2:06:03:28:4c:71:15:8b:86:e8:27:18:86:ea:a8:03:68:7f:
bf:9b:1d:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ29+LoZnES3f+gY/yJS/YwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDI0MDUzMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVlYTI1ZDZkZTdjOTg3OTIwNzUzMTQzZjEyOWQzYWJjMDI4MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5m78Yb1QbQaeeTIPMvmyZJ/Fv6/u
yzuJnrmvXRRgUDwRwyqfZLPmrHbtjPfEDjzAPd/Ko+q0rRcq6tYywP51gWCY0LAp
W9cXgcDwiJfOte2AOlS/KfhQS3k8HyDfxJJHV6FHmVAAlT30Cqlw04Yr5iox2oo5
VMAjEB/Go11Qk3LYZwTESnX3qKn7bZqnlKeZdkVomCHPSc1+DjjlDgBDwHlJ0Ykq
ThVc3VjUeZtb8jOqsvP50tekm8CkV2WJLsGDsMwGn0VMRiwQrTXnBj5FOuTkDcg3
Pp+LIPY3B/90wPIK9WDoy57VZRYGEZoFmqFTSWef1XugNiXYgSiz+Mnu0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTuol1t58mHkgdTFD8SnTq8AoFlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSk82aVhXM255WWVTQjFNVVB4S2RPcndDZ1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw3nAwQA
LY2eMA0GCSqGSIb3DQEBCwUAA4IBAQB46XI/h/OGRjkwSzSZ9/9XTILvvSuce9wF
p42806YXYo7GjKpVaoXzb2QvMhXqx7LXI8xF5m+szhY165qYGheYd9HVAzkqKE3g
1gX8q/nmx7sQWYKHHA0LXxx/fmfQPflPbmIC/8acgOrhlFtQA/INhdSalyWZZQuR
unHrpzjDSA8w2wLQVCoEUh93tGS3VYVNWohTQU0HqSyx/J1SfaykKjwYrPkbGfUm
YWJPFIcBGENSpT19B1RynuQ3liCPI7EmIy86t7Qk/QAa4Nw198aIWLuhHbVkD8sd
WDhtyFQlu2QSRBaHQkqwrECyBgMoTHEVi4boJxiG6qgDaH+/mx0t
-----END CERTIFICATE-----
Generated at Fri Apr 24 11:26:56 2026 by rpki-client