Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JUbhkL74BEZ7CDxHaFSJD6U1dok.roa
File: JUbhkL74BEZ7CDxHaFSJD6U1dok.roa (raw, json)
Hash identifier: xTGle2H1wlbPtdyEsFCaVK99XRjdI3Jsd2JNn1Ml0MY=
Subject key identifier: 25:46:E1:90:BE:F8:04:46:7B:08:3C:47:68:54:89:0F:A5:35:76:89
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E3F546AC3A283D60AA38CE3838D430EAA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JUbhkL74BEZ7CDxHaFSJD6U1dok.roa
Signing time: Tue 19 May 2026 08:22:37 +0000
ROA not before: Tue 19 May 2026 08:22:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402487
IP address blocks: 82.153.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:54:6a:c3:a2:83:d6:0a:a3:8c:e3:83:8d:43:0e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 19 08:22:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2546e190bef804467b083c476854890fa5357689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:e4:ac:d2:ba:34:c7:00:a0:05:24:4e:37:
cb:1d:c9:80:9b:5f:3f:d3:61:d6:7e:a6:3f:4a:cf:
d3:a1:71:61:13:b7:33:2f:7b:f7:8e:51:70:35:98:
14:bf:bd:82:d8:50:21:0c:03:b0:20:aa:e5:51:a1:
5e:0f:83:28:1a:45:58:3a:79:88:0d:86:a1:00:bd:
fc:3c:f1:af:d0:02:d1:f8:6e:8b:f0:bd:fb:75:3d:
d1:61:09:83:05:3c:79:82:b4:c2:9b:35:dc:c2:02:
6c:a2:3f:31:45:2f:79:4a:63:f6:cd:61:5c:15:69:
03:47:e9:a7:24:c3:62:0c:ca:38:5c:4c:2d:69:22:
5a:a5:fb:a5:14:f0:07:a6:0e:a4:43:bd:e9:d4:f8:
76:b5:eb:e7:0e:71:e4:3e:e0:08:51:7b:04:2d:0b:
a4:5d:da:1a:02:fc:66:08:3d:8d:3a:6f:c9:1c:1d:
2e:8a:94:d5:20:cb:74:4a:c2:7b:d2:20:89:fd:1f:
af:58:84:22:c9:3f:78:75:d4:31:fb:0b:c8:c4:58:
e2:a1:0d:e5:f1:56:26:d1:e1:4e:bc:6c:88:1f:b7:
4e:90:21:91:bb:bd:77:37:aa:a8:33:5d:38:3a:ad:
63:c6:a0:80:c3:ab:ce:09:1a:77:47:8d:50:da:23:
24:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:46:E1:90:BE:F8:04:46:7B:08:3C:47:68:54:89:0F:A5:35:76:89
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JUbhkL74BEZ7CDxHaFSJD6U1dok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.113.0/24
Signature Algorithm: sha256WithRSAEncryption
33:5c:c0:ea:03:df:87:f8:f8:8a:bc:f2:b0:30:ec:7d:0d:bf:
28:83:be:30:20:01:cb:d0:05:bc:69:03:db:95:66:7c:ae:3c:
88:cb:d1:6a:80:71:81:bf:81:8b:f5:6d:ca:10:c7:86:ae:69:
2f:32:2d:a9:95:a2:c4:e6:a7:a9:5d:b5:2a:d1:7d:c4:b2:24:
ef:cc:02:88:89:07:91:07:f9:a1:a3:5e:cd:d6:4d:40:cc:be:
cf:53:98:42:67:cb:d1:07:c7:e1:c6:00:e8:51:90:af:e8:79:
e3:19:97:64:a7:68:37:65:88:de:7b:01:6b:05:d4:9c:ba:64:
44:02:dd:91:ed:83:66:e0:3f:fa:77:20:54:86:bf:3c:0c:c8:
93:26:95:21:06:d5:92:39:13:13:19:59:99:d8:a7:b7:70:c7:
50:fd:91:54:5e:23:02:f9:15:ea:a6:5e:5c:99:ef:b8:04:71:
86:d4:86:e0:87:b1:c1:4b:f8:59:8c:9d:e1:a3:f2:e9:eb:01:
a3:67:2f:25:1f:06:48:1f:85:d2:8f:47:ec:d3:8a:ae:55:3f:
89:9a:3f:c1:94:f3:bf:67:7c:a1:e4:3f:16:3e:22:a3:06:07:
0b:25:fc:64:08:60:76:97:2d:de:97:79:4e:66:32:ea:f5:cf:
ca:ed:38:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4/VGrDooPWCqOM44ONQw6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTE5MDgyMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ2ZTE5MGJlZjgwNDQ2N2IwODNjNDc2ODU0ODkwZmE1MzU3Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBHkrNK6NMcAoAUkTjfLHcmAm18/
02HWfqY/Ss/ToXFhE7czL3v3jlFwNZgUv72C2FAhDAOwIKrlUaFeD4MoGkVYOnmI
DYahAL38PPGv0ALR+G6L8L37dT3RYQmDBTx5grTCmzXcwgJsoj8xRS95SmP2zWFc
FWkDR+mnJMNiDMo4XEwtaSJapfulFPAHpg6kQ73p1Ph2tevnDnHkPuAIUXsELQuk
XdoaAvxmCD2NOm/JHB0uipTVIMt0SsJ70iCJ/R+vWIQiyT94ddQx+wvIxFjioQ3l
8VYm0eFOvGyIH7dOkCGRu713N6qoM104Oq1jxqCAw6vOCRp3R41Q2iMkkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVG4ZC++ARGewg8R2hUiQ+lNXaJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlViaGtMNzRCRVo3Q0R4SGFGU0pENlUxZG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplxMA0G
CSqGSIb3DQEBCwUAA4IBAQAzXMDqA9+H+PiKvPKwMOx9Db8og74wIAHL0AW8aQPb
lWZ8rjyIy9FqgHGBv4GL9W3KEMeGrmkvMi2plaLE5qepXbUq0X3EsiTvzAKIiQeR
B/mho17N1k1AzL7PU5hCZ8vRB8fhxgDoUZCv6HnjGZdkp2g3ZYjeewFrBdScumRE
At2R7YNm4D/6dyBUhr88DMiTJpUhBtWSORMTGVmZ2Ke3cMdQ/ZFUXiMC+RXqpl5c
me+4BHGG1Ibgh7HBS/hZjJ3ho/Lp6wGjZy8lHwZIH4XSj0fs04quVT+Jmj/BlPO/
Z3yh5D8WPiKjBgcLJfxkCGB2ly3el3lOZjLq9c/K7TjO
-----END CERTIFICATE-----
Generated at Sun May 24 11:36:50 2026 by rpki-client