Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JsxVtPBjo88RjacGxQJo72SkH00.roa
File: JsxVtPBjo88RjacGxQJo72SkH00.roa (raw, json)
Hash identifier: pyfSu7xjkMr1QtSsi1y9MkFA+THVz3JT4H/7wt4ECLA=
Subject key identifier: 26:CC:55:B4:F0:63:A3:CF:11:8D:A7:06:C5:02:68:EF:64:A4:1F:4D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E6FDCE325D46BD6FBD130B75D20F79DE0
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JsxVtPBjo88RjacGxQJo72SkH00.roa
Signing time: Thu 28 May 2026 18:33:27 +0000
ROA not before: Thu 28 May 2026 18:33:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204968
IP address blocks: 2a0d:ad40::/32 maxlen: 32
2a0d:b843::/32 maxlen: 32
2a0d:b845::/32 maxlen: 32
2a0e:19c2::/32 maxlen: 32
2a12:a503::/32 maxlen: 32
2a12:a504::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:dc:e3:25:d4:6b:d6:fb:d1:30:b7:5d:20:f7:9d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 28 18:33:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26cc55b4f063a3cf118da706c50268ef64a41f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:b1:a2:52:40:76:23:bf:24:75:9f:9a:f4:
4f:e8:53:cb:8d:ea:dc:3a:aa:22:9b:ca:83:57:58:
b0:01:cb:a7:ed:fe:b8:93:b6:ad:82:1a:ca:cf:0d:
b2:e9:94:a3:d1:d5:82:45:8d:de:65:81:2b:60:b0:
55:dc:2d:c0:d8:f4:ce:af:8e:d2:4b:a1:82:ee:e3:
0c:5a:44:19:c6:8c:a9:bf:61:d0:22:31:db:5d:f2:
ba:b1:e2:c0:fa:1b:f0:b2:e1:95:af:4a:32:de:c5:
5a:64:3d:45:3e:e8:19:23:0f:8b:3d:6c:c6:78:b8:
92:e6:60:5a:6a:b7:00:61:a0:62:b4:8d:1e:91:d4:
a5:86:c5:93:39:59:ee:c8:f4:03:30:bd:ad:9f:3c:
f1:48:e2:e3:31:e2:7f:ef:9d:2a:63:fc:6d:a9:e2:
de:31:3b:ce:d6:1e:65:79:f2:9f:e3:31:2a:17:ae:
fe:1a:08:74:45:37:b1:b4:ee:22:12:30:0a:18:8b:
54:3e:25:26:f2:82:67:4a:d5:9f:5d:db:e8:fb:c8:
68:5a:74:78:63:19:53:53:91:d0:85:3d:cc:1a:2b:
21:8b:df:3a:b1:e3:cd:88:f9:e5:e0:6d:19:7b:a9:
d8:cc:4f:56:f7:76:da:bb:f1:05:29:71:3e:8d:23:
8a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:CC:55:B4:F0:63:A3:CF:11:8D:A7:06:C5:02:68:EF:64:A4:1F:4D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JsxVtPBjo88RjacGxQJo72SkH00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ad40::/32
2a0d:b843::/32
2a0d:b845::/32
2a0e:19c2::/32
2a12:a503::-2a12:a504:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
83:b3:e5:9f:bf:b8:f1:6b:82:0e:41:32:0c:bc:f2:a1:de:3d:
c6:6c:3f:4a:42:1c:39:b3:ad:94:26:9b:4f:89:87:9b:bb:e5:
6f:b9:a6:78:05:dc:4e:63:ce:50:40:a6:19:ad:a0:f4:dd:2e:
a9:d2:6f:dc:55:ec:b3:19:68:a2:3e:8c:b5:8e:e8:44:38:5e:
a8:68:e2:36:d1:f0:46:05:83:71:6b:f9:3e:ea:3f:30:09:d3:
44:ee:8f:c8:e5:35:2e:3b:db:c3:92:21:65:fd:84:48:a4:b8:
33:19:4c:2a:90:2b:01:1d:d4:2e:ac:00:73:f4:2b:72:46:82:
b2:ae:1a:c8:31:05:62:e3:6f:24:93:5b:f2:6d:b5:e9:84:85:
6a:6b:b1:05:ce:44:26:1c:0e:19:cd:d9:3c:8a:8d:63:c6:16:
73:1b:ba:f8:de:c7:97:98:57:81:0c:8d:42:37:a1:96:d5:09:
e6:96:22:0f:9f:6f:e3:00:ae:f8:f3:9f:a7:91:99:04:4f:70:
de:ff:03:75:c8:6f:ea:0a:ae:46:21:c9:18:99:3c:4b:e8:6c:
87:51:a2:35:dd:eb:6a:fc:95:7d:f5:60:d9:ce:77:cf:e3:f2:
13:56:7f:39:c8:46:eb:0a:00:8a:e3:16:3f:b4:f9:ff:29:5d:
8b:ca:1a:c4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ5v3OMl1GvW+9Ewt10g953gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTI4MTgzMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmNjNTViNGYwNjNhM2NmMTE4ZGE3MDZjNTAyNjhlZjY0YTQxZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu6xolJAdiO/JHWfmvRP6FPLjerc
Oqoim8qDV1iwAcun7f64k7atghrKzw2y6ZSj0dWCRY3eZYErYLBV3C3A2PTOr47S
S6GC7uMMWkQZxoypv2HQIjHbXfK6seLA+hvwsuGVr0oy3sVaZD1FPugZIw+LPWzG
eLiS5mBaarcAYaBitI0ekdSlhsWTOVnuyPQDML2tnzzxSOLjMeJ/750qY/xtqeLe
MTvO1h5lefKf4zEqF67+Ggh0RTextO4iEjAKGItUPiUm8oJnStWfXdvo+8hoWnR4
YxlTU5HQhT3MGishi986sePNiPnl4G0Ze6nYzE9W93bau/EFKXE+jSOK+wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCbMVbTwY6PPEY2nBsUCaO9kpB9NMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSnN4VnRQQmpvODhSamFjR3hRSm83MlNrSDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUAKg2tQAMF
ACoNuEMDBQAqDbhFAwUAKg4ZwjAOAwUAKhKlAwMFACoSpQQwDQYJKoZIhvcNAQEL
BQADggEBAIOz5Z+/uPFrgg5BMgy88qHePcZsP0pCHDmzrZQmm0+Jh5u75W+5pngF
3E5jzlBAphmtoPTdLqnSb9xV7LMZaKI+jLWO6EQ4Xqho4jbR8EYFg3Fr+T7qPzAJ
00Tuj8jlNS4728OSIWX9hEikuDMZTCqQKwEd1C6sAHP0K3JGgrKuGsgxBWLjbyST
W/JttemEhWprsQXORCYcDhnN2TyKjWPGFnMbuvjex5eYV4EMjUI3oZbVCeaWIg+f
b+MArvjzn6eRmQRPcN7/A3XIb+oKrkYhyRiZPEvobIdRojXd62r8lX31YNnOd8/j
8hNWfznIRusKAIrjFj+0+f8pXYvKGsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:28 2026 by rpki-client