Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j2jb4GIOlwTTLYgVkLrYqB2woFc.roa
File: j2jb4GIOlwTTLYgVkLrYqB2woFc.roa (raw, json)
Hash identifier: sAdOn6Fx2Vn/TFhtRphmwdj921mQqr/aHKC+DaZ0NPY=
Subject key identifier: 8F:68:DB:E0:62:0E:97:04:D3:2D:88:15:90:BA:D8:A8:1D:B0:A0:57
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019EE00510436D3BAA56ABE09A1683890445
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j2jb4GIOlwTTLYgVkLrYqB2woFc.roa
Signing time: Fri 19 Jun 2026 13:14:48 +0000
ROA not before: Fri 19 Jun 2026 13:14:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210495
IP address blocks: 195.162.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:05:10:43:6d:3b:aa:56:ab:e0:9a:16:83:89:04:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 19 13:14:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f68dbe0620e9704d32d881590bad8a81db0a057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ef:d7:7e:1a:0b:d0:be:c3:0b:05:25:91:78:
dc:6d:38:b4:88:50:d8:4c:65:df:5a:9e:71:4f:61:
cc:e2:d2:6f:ce:4e:be:78:82:8d:27:1f:39:a9:36:
38:19:7e:31:f7:0d:21:f2:ff:2a:70:34:28:12:fb:
1a:5a:bd:33:20:23:ac:fb:7a:c9:39:19:1e:d1:30:
74:8e:ed:39:7a:de:83:f7:04:ed:de:27:c9:35:46:
3d:4c:05:da:ee:82:a9:76:e1:01:d5:ad:60:0e:6f:
8a:63:07:21:b0:eb:45:6f:66:46:85:73:04:78:e5:
3f:08:b8:a0:da:cb:77:8a:ef:61:fe:22:97:ef:13:
23:21:c2:0c:b6:84:ac:f9:1b:ec:aa:cb:03:cc:83:
fa:05:0d:f9:f4:a9:5e:b4:27:67:4f:54:73:fe:73:
f1:d3:ed:88:3b:00:49:bd:34:8f:58:5f:fe:75:2c:
ad:6b:c1:1e:2a:24:da:e8:7b:01:8c:a6:88:a4:0f:
37:b1:df:0c:57:20:b1:09:d0:bd:7a:5d:8a:47:f5:
4c:64:ce:4f:ae:96:a1:1d:19:85:65:d2:ef:28:7a:
24:77:d6:41:f4:a1:32:d7:e3:3e:ef:3b:fb:46:b6:
48:dd:51:d8:2d:5c:17:01:11:79:e2:77:22:70:8e:
e4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:68:DB:E0:62:0E:97:04:D3:2D:88:15:90:BA:D8:A8:1D:B0:A0:57
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j2jb4GIOlwTTLYgVkLrYqB2woFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.162.243.0/24
Signature Algorithm: sha256WithRSAEncryption
31:e5:59:e0:47:ab:01:ae:96:e3:69:ce:57:05:f5:61:56:ed:
91:cf:55:7a:31:87:a1:12:61:d9:d7:f3:1b:02:ff:bf:45:84:
2b:35:11:6e:18:ac:91:3b:10:50:c8:90:35:d8:8c:7f:bc:05:
c8:b6:fd:0d:47:0a:c9:ae:76:07:e3:b4:49:c4:cf:67:42:e5:
45:98:25:fe:43:ca:8c:97:70:e7:0c:bd:3c:40:2b:c1:01:75:
ce:62:4c:e8:5e:b6:58:29:b2:a7:03:56:7f:66:b3:f4:ee:42:
17:eb:77:c0:ea:f6:ef:04:02:98:14:c0:c8:de:dc:11:0c:f0:
6f:ba:29:2e:fe:d3:b4:4a:1d:15:f9:a7:42:9d:2c:75:ad:1e:
8d:0c:44:4e:02:e6:68:0b:3e:4d:72:94:3b:82:1a:7e:a9:90:
4a:7f:51:c0:48:a4:3c:60:96:78:d7:38:82:bd:6b:d7:86:6a:
cb:70:11:26:a1:05:e1:11:46:ac:4c:0e:ed:f8:2f:b0:89:82:
b9:8a:31:93:50:17:27:9f:e0:81:4e:d0:2a:04:9d:99:2e:8a:
7a:8e:95:50:50:90:0c:64:60:0b:11:ef:d1:07:88:58:ab:ad:
46:20:d5:1b:45:ea:3d:26:93:21:56:8f:59:70:f6:0c:f1:9f:
fd:6b:ad:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ7gBRBDbTuqVqvgmhaDiQRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNjE5MTMxNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY4ZGJlMDYyMGU5NzA0ZDMyZDg4MTU5MGJhZDhhODFkYjBhMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO/XfhoL0L7DCwUlkXjcbTi0iFDY
TGXfWp5xT2HM4tJvzk6+eIKNJx85qTY4GX4x9w0h8v8qcDQoEvsaWr0zICOs+3rJ
ORke0TB0ju05et6D9wTt3ifJNUY9TAXa7oKpduEB1a1gDm+KYwchsOtFb2ZGhXME
eOU/CLig2st3iu9h/iKX7xMjIcIMtoSs+RvsqssDzIP6BQ359KletCdnT1Rz/nPx
0+2IOwBJvTSPWF/+dSyta8EeKiTa6HsBjKaIpA83sd8MVyCxCdC9el2KR/VMZM5P
rpahHRmFZdLvKHokd9ZB9KEy1+M+7zv7RrZI3VHYLVwXARF54ncicI7kUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9o2+BiDpcE0y2IFZC62KgdsKBXMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvajJqYjRHSU9sd1RUTFlnVmtMcllxQjJ3b0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6LzMA0G
CSqGSIb3DQEBCwUAA4IBAQAx5VngR6sBrpbjac5XBfVhVu2Rz1V6MYehEmHZ1/Mb
Av+/RYQrNRFuGKyROxBQyJA12Ix/vAXItv0NRwrJrnYH47RJxM9nQuVFmCX+Q8qM
l3DnDL08QCvBAXXOYkzoXrZYKbKnA1Z/ZrP07kIX63fA6vbvBAKYFMDI3twRDPBv
uiku/tO0Sh0V+adCnSx1rR6NDEROAuZoCz5NcpQ7ghp+qZBKf1HASKQ8YJZ41ziC
vWvXhmrLcBEmoQXhEUasTA7t+C+wiYK5ijGTUBcnn+CBTtAqBJ2ZLop6jpVQUJAM
ZGALEe/RB4hYq61GINUbReo9JpMhVo9ZcPYM8Z/9a61U
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:31:07 2026 by rpki-client