Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jkAInhI5UMnrh23J1S-imzcRT58.roa
File: jkAInhI5UMnrh23J1S-imzcRT58.roa (raw, json)
Hash identifier: NtRK79L61uwBNS0OEmTjdG2WuWsH81eT5TP4HMGduj8=
Subject key identifier: 8E:40:08:9E:12:39:50:C9:EB:87:6D:C9:D5:2F:A2:9B:37:11:4F:9F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019EFE053BF4A4B72EBACE8672EE323E8C2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jkAInhI5UMnrh23J1S-imzcRT58.roa
Signing time: Thu 25 Jun 2026 09:03:36 +0000
ROA not before: Thu 25 Jun 2026 09:03:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:b107:2691::/48 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
2a10:ccc1:1333::/48 maxlen: 48
2a10:ccc1:1337::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Jun 2026 08:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fe:05:3b:f4:a4:b7:2e:ba:ce:86:72:ee:32:3e:8c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 25 09:03:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e40089e123950c9eb876dc9d52fa29b37114f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:4e:e8:9d:8e:06:67:9d:6f:ce:91:4c:29:
ce:f0:89:ed:0e:d5:57:c2:73:e6:0e:f1:60:0b:c6:
32:b4:00:61:60:56:6f:d4:25:02:d0:b0:6f:f7:7f:
33:bf:f0:8c:8c:a0:67:2b:7a:c5:0b:3f:b3:57:93:
c5:50:36:d0:b1:b0:7e:e2:17:c5:94:3a:99:ee:64:
78:14:a2:7e:d8:01:02:58:7e:eb:4e:b0:6a:bc:66:
3e:1d:a7:cd:b4:aa:52:67:e8:0a:08:94:d7:cb:8d:
d4:ff:ce:c3:8a:fa:bb:ae:dc:e3:77:7f:af:a1:0d:
7e:f8:b2:f1:fe:59:da:37:eb:26:80:14:7a:e0:8e:
25:5b:7e:27:4e:bb:d0:fd:6b:11:f4:78:86:a4:df:
3d:9e:3e:b0:d0:3b:c7:97:e8:f1:1d:61:45:60:ce:
4d:49:b6:a4:a0:17:10:d9:e0:37:46:4b:6b:05:cc:
3e:74:7f:82:6c:5d:e0:31:86:ba:c1:88:8a:b0:28:
be:cb:df:9d:3d:8a:2d:33:34:0d:00:f8:3b:82:3e:
d7:33:bc:76:be:ac:13:72:6e:7f:d4:58:ea:6d:65:
b5:35:ca:dd:2e:b1:64:da:11:fd:2f:8f:f8:91:87:
8e:f0:cc:5b:75:a0:71:b3:05:aa:cc:02:b6:e1:2e:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:40:08:9E:12:39:50:C9:EB:87:6D:C9:D5:2F:A2:9B:37:11:4F:9F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jkAInhI5UMnrh23J1S-imzcRT58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2691::/48
2a0e:b107:278a::/48
2a10:ccc1:1333::/48
2a10:ccc1:1337::/48
Signature Algorithm: sha256WithRSAEncryption
12:c9:26:4f:e0:f0:e6:40:8b:8d:b9:65:67:8e:ca:86:b1:0d:
9a:96:8b:d9:61:15:2e:b2:af:a7:19:ba:d8:32:17:dc:fd:68:
89:02:02:45:90:20:17:22:1a:5e:05:3c:18:8d:52:a0:ac:94:
4f:63:99:7e:c5:38:df:cc:a8:94:81:56:55:22:f2:a1:55:a0:
95:07:15:cc:08:2e:da:7c:3e:60:73:8b:9d:37:78:8b:44:e5:
cf:11:2a:f5:23:89:ce:d9:c1:6c:bd:f3:5e:19:14:c5:50:fe:
ac:ee:d1:96:64:3e:72:62:20:a8:59:b3:f3:c3:9b:5e:9b:54:
63:c3:08:5f:63:14:4f:b6:b5:53:d1:78:b6:0e:ba:a3:56:e3:
23:48:20:1b:9f:2b:13:b4:8f:89:34:01:d9:fa:59:55:fc:1f:
88:a7:e7:cb:94:65:60:9c:6c:1f:a0:e5:dd:d1:d4:d1:3d:c1:
91:db:c5:84:25:43:45:dc:9d:1d:d0:37:b7:f0:e1:cf:2f:3f:
a1:89:58:4e:52:23:c7:18:9f:09:40:15:34:f5:cd:f8:e0:56:
2b:74:68:bb:9a:af:8b:7e:44:be:a5:0c:89:84:37:b8:b5:37:
a6:d2:0f:c0:ae:29:12:97:6a:bb:80:54:ec:e5:19:55:06:c9:
ba:68:b3:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ7+BTv0pLcuus6Gcu4yPowsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjYwNjI1MDkwMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQwMDg5ZTEyMzk1MGM5ZWI4NzZkYzlkNTJmYTI5YjM3MTE0ZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovlO6J2OBmedb86RTCnO8IntDtVX
wnPmDvFgC8YytABhYFZv1CUC0LBv938zv/CMjKBnK3rFCz+zV5PFUDbQsbB+4hfF
lDqZ7mR4FKJ+2AECWH7rTrBqvGY+HafNtKpSZ+gKCJTXy43U/87Divq7rtzjd3+v
oQ1++LLx/lnaN+smgBR64I4lW34nTrvQ/WsR9HiGpN89nj6w0DvHl+jxHWFFYM5N
SbakoBcQ2eA3RktrBcw+dH+CbF3gMYa6wYiKsCi+y9+dPYotMzQNAPg7gj7XM7x2
vqwTcm5/1FjqbWW1NcrdLrFk2hH9L4/4kYeO8MxbdaBxswWqzAK24S5hSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI5ACJ4SOVDJ64dtydUvops3EU+fMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvamtBSW5oSTVVTW5yaDIzSjFTLWltemNSVDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKg6xByaR
AwcAKg6xByeKAwcAKhDMwRMzAwcAKhDMwRM3MA0GCSqGSIb3DQEBCwUAA4IBAQAS
ySZP4PDmQIuNuWVnjsqGsQ2alovZYRUusq+nGbrYMhfc/WiJAgJFkCAXIhpeBTwY
jVKgrJRPY5l+xTjfzKiUgVZVIvKhVaCVBxXMCC7afD5gc4udN3iLROXPESr1I4nO
2cFsvfNeGRTFUP6s7tGWZD5yYiCoWbPzw5tem1RjwwhfYxRPtrVT0Xi2DrqjVuMj
SCAbnysTtI+JNAHZ+llV/B+Ip+fLlGVgnGwfoOXd0dTRPcGR28WEJUNF3J0d0De3
8OHPLz+hiVhOUiPHGJ8JQBU09c344FYrdGi7mq+LfkS+pQyJhDe4tTem0g/ArikS
l2q7gFTs5RlVBsm6aLPM
-----END CERTIFICATE-----
Generated at Thu Jun 25 19:00:53 2026 by rpki-client