Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/JI_r9K0-LkcSyG98BxVkc7JK5xY.roa
File: JI_r9K0-LkcSyG98BxVkc7JK5xY.roa (raw, json)
Hash identifier: cw5iwpz3wjpD/BbbDfLqY8anORRMStVtEeP0kas97Jg=
Subject key identifier: 24:8F:EB:F4:AD:3E:2E:47:12:C8:6F:7C:07:15:64:73:B2:4A:E7:16
Certificate issuer: /CN=16be9e0916ecd49b20d542ff3a410e416b7585b4
Certificate serial: 019E646404777F5E5516AFF28BB02F5DE51A
Authority key identifier: 16:BE:9E:09:16:EC:D4:9B:20:D5:42:FF:3A:41:0E:41:6B:75:85:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/JI_r9K0-LkcSyG98BxVkc7JK5xY.roa
Signing time: Tue 26 May 2026 13:05:36 +0000
ROA not before: Tue 26 May 2026 13:05:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56595
IP address blocks: 45.149.252.0/22 maxlen: 22
46.226.0.0/21 maxlen: 21
89.32.88.0/21 maxlen: 21
91.239.46.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.228.0/22 maxlen: 22
185.34.8.0/22 maxlen: 22
185.34.8.0/24 maxlen: 24
185.34.9.0/24 maxlen: 24
185.34.10.0/24 maxlen: 24
185.34.11.0/24 maxlen: 24
185.73.152.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
185.122.64.0/22 maxlen: 22
185.240.200.0/22 maxlen: 22
188.241.20.0/22 maxlen: 22
193.33.125.0/24 maxlen: 24
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:64:04:77:7f:5e:55:16:af:f2:8b:b0:2f:5d:e5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16be9e0916ecd49b20d542ff3a410e416b7585b4
Validity
Not Before: May 26 13:05:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=248febf4ad3e2e4712c86f7c07156473b24ae716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:43:12:d5:7f:5c:be:51:ef:d2:3d:00:70:a5:
18:75:9a:e5:24:6b:44:e6:75:96:91:78:b2:e2:fc:
82:34:e6:5e:95:a2:7a:bf:64:90:d8:71:c4:e8:9b:
2f:66:93:6b:aa:a9:bc:e0:2d:42:00:20:4a:4e:9c:
08:32:28:b6:3e:4c:e9:26:a8:64:b1:3d:e6:cc:7f:
b7:4c:63:14:a0:38:a3:70:10:8c:66:ac:34:10:03:
89:3c:e4:db:d8:3c:aa:a4:49:6b:81:5f:be:fe:61:
40:ea:7c:ec:bf:7d:e3:4d:39:68:3e:20:d1:29:80:
de:dd:b4:52:e2:2f:9f:34:d6:b0:d5:8b:7c:65:2f:
75:ee:52:2b:d4:50:79:47:e9:b6:4f:bc:16:87:7d:
44:32:a9:d0:16:c9:3a:45:86:f1:18:3e:63:bb:33:
ea:aa:39:51:4d:ce:c1:e1:42:06:2c:2a:ec:53:a4:
1c:2a:2b:b6:0f:7b:43:2e:13:e2:1d:36:be:2a:ec:
da:40:7e:1e:5d:58:17:3a:72:17:0f:f3:56:77:12:
e0:e3:51:d5:38:54:02:37:89:76:b4:72:53:df:95:
f7:56:8e:4c:b5:76:49:0d:cb:83:71:a2:2f:da:13:
9c:c2:4b:79:4e:9e:c7:a4:96:09:71:63:e6:c3:69:
b8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:EB:F4:AD:3E:2E:47:12:C8:6F:7C:07:15:64:73:B2:4A:E7:16
X509v3 Authority Key Identifier:
keyid:16:BE:9E:09:16:EC:D4:9B:20:D5:42:FF:3A:41:0E:41:6B:75:85:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/JI_r9K0-LkcSyG98BxVkc7JK5xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9850c0-d5c9-401c-8c09-20babb9766c8/1/Fr6eCRbs1Jsg1UL_OkEOQWt1hbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.252.0/22
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
75:c0:80:e4:97:b5:a2:3b:1f:e0:a1:e6:0f:31:31:2d:eb:c1:
fc:e1:5e:d4:b1:08:c2:62:d0:cd:ba:10:94:4b:d9:18:ba:b2:
ee:98:de:6d:db:67:73:a6:4a:08:78:02:8b:ce:49:01:0c:6e:
e5:7c:2d:c1:c1:f7:08:56:7e:31:29:a8:a6:27:d1:43:1e:34:
c5:17:10:5c:fe:97:24:1f:ec:df:59:a2:de:0a:6b:99:4e:af:
cb:d4:5c:9c:9c:34:2b:44:23:b4:e3:69:62:71:d7:31:6d:80:
5a:1e:32:97:13:dc:09:ec:c4:c1:09:be:22:0e:29:22:47:f4:
dc:05:dd:da:31:72:7b:79:ba:ed:4c:45:a6:fb:a4:97:e0:15:
14:c6:a3:95:9b:75:a0:8e:ea:42:d8:16:73:37:18:f8:69:1c:
38:31:be:2d:c2:f5:5f:96:47:9d:b0:b2:8a:56:58:32:21:07:
36:91:5b:71:1b:1d:fb:6f:4b:ed:60:f2:3a:f6:80:2d:57:95:
24:e6:61:64:b4:15:32:31:2f:69:30:b1:d0:ec:e9:ce:9e:46:
ef:e7:f4:15:fb:50:3d:38:14:6c:fe:84:19:d2:9a:2d:59:b7:
5f:b1:48:68:5e:50:b1:b5:67:40:d1:b5:c3:e0:bf:98:c5:f0:
88:20:c5:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZ5kZAR3f15VFq/yi7AvXeUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YmU5ZTA5MTZlY2Q0OWIyMGQ1NDJmZjNhNDEwZTQxNmI3
NTg1YjQwHhcNMjYwNTI2MTMwNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhmZWJmNGFkM2UyZTQ3MTJjODZmN2MwNzE1NjQ3M2IyNGFlNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0MS1X9cvlHv0j0AcKUYdZrlJGtE
5nWWkXiy4vyCNOZelaJ6v2SQ2HHE6JsvZpNrqqm84C1CACBKTpwIMii2PkzpJqhk
sT3mzH+3TGMUoDijcBCMZqw0EAOJPOTb2DyqpElrgV++/mFA6nzsv33jTTloPiDR
KYDe3bRS4i+fNNaw1Yt8ZS917lIr1FB5R+m2T7wWh31EMqnQFsk6RYbxGD5juzPq
qjlRTc7B4UIGLCrsU6QcKiu2D3tDLhPiHTa+KuzaQH4eXVgXOnIXD/NWdxLg41HV
OFQCN4l2tHJT35X3Vo5MtXZJDcuDcaIv2hOcwkt5Tp7HpJYJcWPmw2m4nwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFCSP6/StPi5HEshvfAcVZHOySucWMB8GA1UdIwQY
MBaAFBa+ngkW7NSbINVC/zpBDkFrdYW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnI2ZUNSYnMxSnNnMVVMX09rRU9RV3QxaGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85ODUwYzAtZDVjOS00MDFjLThjMDkt
MjBiYWJiOTc2NmM4LzEvSklfcjlLMC1Ma2NTeUc5OEJ4VmtjN0pLNXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85ODUwYzAtZDVjOS00MDFjLThjMDktMjBiYWJiOTc2NmM4
LzEvRnI2ZUNSYnMxSnNnMVVMX09rRU9RV3QxaGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAi2V/AME
Ay7iAAMEA1kgWAMEAFvvLgMEAFvwrgMEAF/XCQMEArkH5AMEArkiCAMEArlJmAME
ArlkRAMEArl6QAMEArnwyAMEArzxFAMEAMEhfQMEAMPmezANBAIAAjAHAwUAKgCm
ADANBgkqhkiG9w0BAQsFAAOCAQEAdcCA5Je1ojsf4KHmDzExLevB/OFe1LEIwmLQ
zboQlEvZGLqy7pjebdtnc6ZKCHgCi85JAQxu5XwtwcH3CFZ+MSmopifRQx40xRcQ
XP6XJB/s31mi3gprmU6vy9RcnJw0K0QjtONpYnHXMW2AWh4ylxPcCezEwQm+Ig4p
Ikf03AXd2jFye3m67UxFpvukl+AVFMajlZt1oI7qQtgWczcY+GkcODG+LcL1X5ZH
nbCyilZYMiEHNpFbcRsd+29L7WDyOvaALVeVJOZhZLQVMjEvaTCx0Ozpzp5G7+f0
FftQPTgUbP6EGdKaLVm3X7FIaF5QsbVnQNG1w+C/mMXwiCDFUA==
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:37:31 2026 by rpki-client