Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/JRIyKdyc2cQ9oa7XFWr9XIpsovI.roa
File: JRIyKdyc2cQ9oa7XFWr9XIpsovI.roa (raw, json)
Hash identifier: TMLrmCQ4xRmffIHbq4FYbVGgIE4Qw9ew/wXkINr4IJo=
Subject key identifier: 25:12:32:29:DC:9C:D9:C4:3D:A1:AE:D7:15:6A:FD:5C:8A:6C:A2:F2
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019DF45A91DA16D86E2DF6156C164CBE86B5
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/JRIyKdyc2cQ9oa7XFWr9XIpsovI.roa
Signing time: Mon 04 May 2026 18:57:49 +0000
ROA not before: Mon 04 May 2026 18:57:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 138.249.117.0/24 maxlen: 24
138.249.141.0/24 maxlen: 24
138.249.149.0/24 maxlen: 24
170.168.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:5a:91:da:16:d8:6e:2d:f6:15:6c:16:4c:be:86:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: May 4 18:57:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25123229dc9cd9c43da1aed7156afd5c8a6ca2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:15:bd:bf:12:94:02:98:cb:2b:c3:11:21:35:
88:91:63:af:8e:68:7e:3d:5c:4e:77:c1:00:6a:a4:
a6:2d:a2:c3:9e:a0:c0:51:a2:86:63:65:d1:c1:f9:
b3:4c:63:fc:70:ac:0d:62:42:a8:99:57:30:eb:99:
a5:a1:21:64:c9:7e:9f:b5:fd:73:17:cd:1a:82:e8:
8f:6b:fa:1d:59:2f:ce:dd:53:f8:4b:9a:7f:31:da:
ad:95:f6:ac:ac:9f:6a:25:ec:ba:16:2e:6c:d1:64:
79:2b:55:ce:4c:74:66:e7:18:3b:93:94:7b:14:91:
3c:47:20:d5:3f:11:23:9a:f0:1b:24:63:b8:8d:95:
5e:18:3b:a7:5d:79:16:74:96:c9:ca:cd:3d:3e:77:
79:66:f3:47:77:aa:00:90:45:07:ec:23:51:0d:03:
3b:11:e4:18:d7:24:03:ed:ce:54:e7:b2:f5:c8:73:
c6:ea:ad:02:b2:be:94:6c:a5:6e:3f:b3:22:0a:35:
5d:3d:33:75:e6:ad:a5:3d:10:07:86:ce:81:cb:01:
ec:50:68:59:f7:8a:c6:b5:f7:12:78:b7:27:92:91:
2b:c2:cd:b8:9c:fe:ca:9a:ab:63:ed:73:d3:50:1d:
3f:4f:5e:48:6d:45:be:c2:b8:d1:d3:f7:67:ea:f1:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:12:32:29:DC:9C:D9:C4:3D:A1:AE:D7:15:6A:FD:5C:8A:6C:A2:F2
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/JRIyKdyc2cQ9oa7XFWr9XIpsovI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.117.0/24
138.249.141.0/24
138.249.149.0/24
170.168.91.0/24
Signature Algorithm: sha256WithRSAEncryption
67:7f:7f:08:5a:75:9d:5e:12:78:4b:39:3b:1f:18:8a:25:de:
e4:97:5b:53:b2:ee:20:6b:c1:90:02:eb:86:ca:52:8d:1c:fa:
37:ef:02:91:e1:8a:ed:9c:ea:65:8a:6e:06:c3:c2:7a:6a:a4:
2c:ca:cf:10:7a:a8:02:0a:3f:76:dc:f3:d3:e0:53:a8:41:98:
23:13:c7:9e:c0:88:57:e5:07:fc:e8:18:66:aa:3b:83:9b:a8:
19:59:3d:18:9a:e7:8b:ae:0f:24:d8:43:5e:56:5a:38:38:bd:
b1:c3:90:7d:5b:02:0b:c0:9e:f1:28:e8:e7:47:4a:cb:82:36:
97:34:3e:61:0b:4c:c8:31:21:75:4e:78:e9:65:0f:15:90:26:
c0:1e:23:29:e6:09:91:93:49:65:2c:68:21:0b:4c:4f:62:a6:
ad:24:d8:93:10:44:c7:87:1a:6d:f9:01:80:d8:11:46:17:1b:
25:f8:bd:37:49:22:a6:ff:84:be:d1:85:ba:d7:fe:c3:42:16:
f0:18:d3:c7:39:42:86:38:59:0a:c0:06:5d:db:10:99:08:5e:
29:c4:3c:c0:66:78:62:73:54:f3:c1:2e:c1:dc:ec:b2:19:49:
c1:23:41:71:a3:f0:dd:3d:f5:2d:8a:c1:6d:bc:f8:fb:8c:fe:
f2:94:7a:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ30WpHaFthuLfYVbBZMvoa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNTA0MTg1NzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTEyMzIyOWRjOWNkOWM0M2RhMWFlZDcxNTZhZmQ1YzhhNmNhMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBW9vxKUApjLK8MRITWIkWOvjmh+
PVxOd8EAaqSmLaLDnqDAUaKGY2XRwfmzTGP8cKwNYkKomVcw65mloSFkyX6ftf1z
F80aguiPa/odWS/O3VP4S5p/MdqtlfasrJ9qJey6Fi5s0WR5K1XOTHRm5xg7k5R7
FJE8RyDVPxEjmvAbJGO4jZVeGDunXXkWdJbJys09Pnd5ZvNHd6oAkEUH7CNRDQM7
EeQY1yQD7c5U57L1yHPG6q0Csr6UbKVuP7MiCjVdPTN15q2lPRAHhs6BywHsUGhZ
94rGtfcSeLcnkpErws24nP7Kmqtj7XPTUB0/T15IbUW+wrjR0/dn6vHq1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUSMincnNnEPaGu1xVq/VyKbKLyMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvSlJJeUtkeWMyY1E5b2E3WEZXcjlYSXBzb3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAivl1AwQA
ivmNAwQAivmVAwQAqqhbMA0GCSqGSIb3DQEBCwUAA4IBAQBnf38IWnWdXhJ4Szk7
HxiKJd7kl1tTsu4ga8GQAuuGylKNHPo37wKR4YrtnOplim4Gw8J6aqQsys8QeqgC
Cj923PPT4FOoQZgjE8eewIhX5Qf86BhmqjuDm6gZWT0YmueLrg8k2ENeVlo4OL2x
w5B9WwILwJ7xKOjnR0rLgjaXND5hC0zIMSF1TnjpZQ8VkCbAHiMp5gmRk0llLGgh
C0xPYqatJNiTEETHhxpt+QGA2BFGFxsl+L03SSKm/4S+0YW61/7DQhbwGNPHOUKG
OFkKwAZd2xCZCF4pxDzAZnhic1TzwS7B3OyyGUnBI0Fxo/DdPfUtisFtvPj7jP7y
lHo7
-----END CERTIFICATE-----
Generated at Wed May 6 04:14:48 2026 by rpki-client