Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/jNpTRZNm_bD5BiFoeh5OJnCcQAY.roa
File: jNpTRZNm_bD5BiFoeh5OJnCcQAY.roa (raw, json)
Hash identifier: 1TgeIUZpeprmcZh4MLiiWQfSwXT8XyxkpN223zXb1O8=
Subject key identifier: 8C:DA:53:45:93:66:FD:B0:F9:06:21:68:7A:1E:4E:26:70:9C:40:06
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 019E944CEEF3AC39B19D751F1C61B7B9A01B
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/jNpTRZNm_bD5BiFoeh5OJnCcQAY.roa
Signing time: Thu 04 Jun 2026 20:22:10 +0000
ROA not before: Thu 04 Jun 2026 20:22:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200740
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.240.0/23 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:94:4c:ee:f3:ac:39:b1:9d:75:1f:1c:61:b7:b9:a0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Jun 4 20:22:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8cda53459366fdb0f90621687a1e4e26709c4006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9f:34:f9:4a:6c:e4:d0:71:2d:f0:3d:43:d0:
39:69:7a:ea:c2:8a:61:5a:10:ad:5e:92:88:b1:c6:
dd:06:bc:e4:a7:ce:25:1b:5e:09:8c:63:e2:b0:4a:
67:33:84:38:4f:fa:5d:84:25:5f:67:13:2e:c5:cf:
cc:76:e9:95:02:c6:78:0a:1a:6c:cb:ae:2a:62:69:
ff:c0:35:39:e3:88:40:1c:d8:7e:58:30:b9:21:e3:
5c:77:61:e1:79:e4:c4:5e:ca:bc:20:42:c4:ff:50:
88:00:af:7a:96:6b:94:63:1b:64:f6:fe:20:6c:59:
e5:92:9a:1e:c0:26:14:38:1e:52:58:d4:3c:a7:1c:
45:5d:72:37:fe:c5:3e:b0:d9:10:ce:c1:54:04:dd:
9d:98:f1:b4:49:7d:87:d2:b4:f3:f0:83:44:f8:0a:
30:89:28:a0:98:57:2a:49:78:90:56:93:2a:85:b2:
32:7a:d8:66:64:a8:36:9f:f5:24:43:4a:b4:9b:be:
b5:64:53:9d:c4:c3:2a:41:1c:9e:cf:8f:33:b2:b1:
a0:e8:fe:e5:38:ec:82:f6:a5:ca:46:e4:57:bb:cc:
f7:d0:69:d3:b8:6e:5f:2b:f5:00:2e:41:d4:9a:0a:
13:62:34:22:ff:e0:6e:5e:cb:f9:43:c3:a2:fc:9b:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DA:53:45:93:66:FD:B0:F9:06:21:68:7A:1E:4E:26:70:9C:40:06
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/jNpTRZNm_bD5BiFoeh5OJnCcQAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.240.0/23
91.186.214.0/23
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:2c:cb:c5:23:6b:38:c9:79:82:f9:d1:64:69:72:8a:05:a1:
2f:3d:84:a5:8f:6d:5c:ed:96:4a:e6:c9:de:92:5b:ed:4d:ce:
64:11:c4:3e:4f:5b:72:3e:59:7a:bf:0b:76:42:65:05:ac:5f:
05:10:71:63:e0:95:e1:40:6b:8d:ef:86:45:07:20:81:e0:60:
f5:8f:bf:c5:96:1c:ad:0e:24:45:1e:e5:fa:b3:a2:6f:2e:e1:
c3:ba:df:b7:5c:07:af:b1:f0:99:f3:ca:21:d7:b0:c8:f5:45:
17:43:1e:73:ac:d9:52:1f:f8:59:bc:ff:f5:39:c8:7c:d0:f7:
55:9d:0d:9d:4d:81:3f:34:03:3f:53:00:b7:98:3f:c8:01:da:
83:74:3c:b9:e3:6b:aa:7b:91:53:64:0b:fd:54:52:fb:59:a6:
ab:aa:12:b9:01:f4:e8:f8:98:eb:64:3b:3b:42:dd:5c:4e:cc:
d9:cc:9c:6e:9e:30:0f:22:9b:bf:50:b6:7a:27:c0:08:e3:5f:
2b:61:ea:d9:b1:5f:40:10:15:1e:2a:64:cf:d0:6c:af:06:0c:
0a:64:17:83:4e:0f:1a:6d:cc:91:71:87:78:cd:21:7e:41:53:
b4:f4:a9:39:89:7d:bd:9f:47:e4:87:54:37:0b:ea:58:59:20:
5d:0a:e7:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6UTO7zrDmxnXUfHGG3uaAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjYwNjA0MjAyMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RhNTM0NTkzNjZmZGIwZjkwNjIxNjg3YTFlNGUyNjcwOWM0MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J80+Ups5NBxLfA9Q9A5aXrqwoph
WhCtXpKIscbdBrzkp84lG14JjGPisEpnM4Q4T/pdhCVfZxMuxc/MdumVAsZ4Chps
y64qYmn/wDU544hAHNh+WDC5IeNcd2HheeTEXsq8IELE/1CIAK96lmuUYxtk9v4g
bFnlkpoewCYUOB5SWNQ8pxxFXXI3/sU+sNkQzsFUBN2dmPG0SX2H0rTz8INE+Aow
iSigmFcqSXiQVpMqhbIyethmZKg2n/UkQ0q0m761ZFOdxMMqQRyez48zsrGg6P7l
OOyC9qXKRuRXu8z30GnTuG5fK/UALkHUmgoTYjQi/+BuXsv5Q8Oi/JtJDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIzaU0WTZv2w+QYhaHoeTiZwnEAGMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvak5wVFJaTm1fYkQ1QmlGb2VoNU9KbkNjUUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5PoAwQB
U5PwAwQBW7rWAwQBsv00MA0GCSqGSIb3DQEBCwUAA4IBAQC8LMvFI2s4yXmC+dFk
aXKKBaEvPYSlj21c7ZZK5sneklvtTc5kEcQ+T1tyPll6vwt2QmUFrF8FEHFj4JXh
QGuN74ZFByCB4GD1j7/FlhytDiRFHuX6s6JvLuHDut+3XAevsfCZ88oh17DI9UUX
Qx5zrNlSH/hZvP/1Och80PdVnQ2dTYE/NAM/UwC3mD/IAdqDdDy542uqe5FTZAv9
VFL7WaarqhK5AfTo+JjrZDs7Qt1cTszZzJxunjAPIpu/ULZ6J8AI418rYerZsV9A
EBUeKmTP0GyvBgwKZBeDTg8abcyRcYd4zSF+QVO09Kk5iX29n0fkh1Q3C+pYWSBd
Cud2
-----END CERTIFICATE-----
Generated at Sat Jun 6 15:58:48 2026 by rpki-client