Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/jaOFY2ZtjNEufppiRbq6ZFxfpjA.roa
File: jaOFY2ZtjNEufppiRbq6ZFxfpjA.roa (raw, json)
Hash identifier: XLSBQRC8x44WgmkopIPKBYibunN938ImFR6fh1IzVrM=
Subject key identifier: 8D:A3:85:63:66:6D:8C:D1:2E:7E:9A:62:45:BA:BA:64:5C:5F:A6:30
Certificate issuer: /CN=958e6c4a5062f174ff3cd18bf8a41ba5738db076
Certificate serial: 019E6EFC94CF2C8C218E0C002E299A2D5A45
Authority key identifier: 95:8E:6C:4A:50:62:F1:74:FF:3C:D1:8B:F8:A4:1B:A5:73:8D:B0:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/jaOFY2ZtjNEufppiRbq6ZFxfpjA.roa
Signing time: Thu 28 May 2026 14:28:27 +0000
ROA not before: Thu 28 May 2026 14:28:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215778
IP address blocks: 46.247.61.0/24 maxlen: 24
158.94.186.0/24 maxlen: 24
194.187.177.0/24 maxlen: 24
194.187.178.0/24 maxlen: 24
2a0e:7b86::/32 maxlen: 32
2a0e:7b86:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 16:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:fc:94:cf:2c:8c:21:8e:0c:00:2e:29:9a:2d:5a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=958e6c4a5062f174ff3cd18bf8a41ba5738db076
Validity
Not Before: May 28 14:28:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8da38563666d8cd12e7e9a6245baba645c5fa630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:24:d7:cb:c3:79:11:27:f5:d1:13:5d:68:1f:
a8:a7:81:26:3f:82:43:6a:f1:d3:ee:f3:39:be:11:
46:4c:a9:9c:f1:33:c3:dd:1e:9e:55:d1:97:c1:91:
3c:47:3a:16:68:03:94:d4:68:e5:11:96:d1:44:1a:
80:ba:98:bf:19:fb:05:37:b6:cd:09:b9:54:4a:14:
4b:bb:ea:db:1b:71:ba:f1:6b:0e:21:eb:18:93:0f:
1e:0a:fd:6a:7c:35:34:bc:02:84:00:11:0c:f9:33:
12:f7:b6:9d:79:36:0d:79:aa:c2:2f:03:d3:26:23:
c7:d6:7c:cb:3c:56:60:e7:e7:0f:0d:37:d1:b1:d5:
be:3e:d7:00:ca:e8:1b:e3:10:44:4f:db:04:38:1d:
b9:79:21:37:da:92:fb:79:30:62:15:96:a4:a1:11:
c8:de:30:d7:48:cb:54:0d:bd:eb:ee:31:33:d9:52:
4c:b9:17:3d:1f:e3:40:75:a3:11:6c:ef:46:69:82:
b3:6c:20:bc:c1:55:17:9c:de:15:34:41:60:bd:0b:
df:08:f2:e7:b1:48:a4:88:82:1c:3b:59:f2:f9:04:
bc:98:f8:bb:b2:c0:da:4a:3f:7d:ed:97:a4:fa:aa:
74:d4:55:f2:5c:54:88:c1:48:25:4b:d6:02:06:49:
c4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A3:85:63:66:6D:8C:D1:2E:7E:9A:62:45:BA:BA:64:5C:5F:A6:30
X509v3 Authority Key Identifier:
keyid:95:8E:6C:4A:50:62:F1:74:FF:3C:D1:8B:F8:A4:1B:A5:73:8D:B0:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lY5sSlBi8XT_PNGL-KQbpXONsHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/jaOFY2ZtjNEufppiRbq6ZFxfpjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b18d0-077d-423e-a9e0-515208636abb/1/lY5sSlBi8XT_PNGL-KQbpXONsHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.61.0/24
158.94.186.0/24
194.187.177.0-194.187.178.255
IPv6:
2a0e:7b86::/32
Signature Algorithm: sha256WithRSAEncryption
6b:17:05:a0:53:b8:99:d9:34:00:df:1c:ca:79:27:ef:14:ea:
6b:fb:d4:a7:99:ee:57:cb:55:c8:fd:fc:2d:c8:c3:7f:02:e1:
15:04:52:fd:98:76:02:e4:c7:37:ca:ae:e6:0a:a7:27:2e:57:
a6:48:cd:74:15:27:32:3c:8b:b3:1e:f0:49:36:8d:3c:cd:01:
e7:f6:c2:25:6b:85:1f:52:50:0d:42:9a:3c:f9:ad:9a:b0:6e:
90:56:c2:41:0e:59:6f:a7:25:c7:47:ff:89:ce:93:29:c3:cd:
4c:0c:aa:70:9b:4f:f4:0a:f4:18:de:9a:80:e7:80:f2:27:d5:
38:ce:1d:e7:3c:62:ce:ec:84:05:5b:9e:87:48:47:3f:e5:17:
35:96:60:2b:92:3b:a4:2a:1f:c3:c9:c5:1a:0f:d5:66:85:eb:
d9:70:ef:de:d9:13:a7:fb:bb:12:40:0c:fe:9c:ed:f9:a8:b3:
5a:6d:33:65:d4:88:25:73:d9:2c:13:2b:cf:4b:7f:0a:02:ab:
f5:80:18:f9:21:eb:15:9d:bc:2d:76:a5:5c:2d:9a:43:6b:a3:
88:90:82:1c:21:47:41:79:25:96:43:e2:67:b4:07:a0:e1:04:
26:3b:5f:1c:16:22:d7:f0:d6:c4:fb:82:94:78:db:9e:6a:3a:
8f:d8:64:99
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ5u/JTPLIwhjgwALimaLVpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OGU2YzRhNTA2MmYxNzRmZjNjZDE4YmY4YTQxYmE1NzM4
ZGIwNzYwHhcNMjYwNTI4MTQyODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEzODU2MzY2NmQ4Y2QxMmU3ZTlhNjI0NWJhYmE2NDVjNWZhNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiTXy8N5ESf10RNdaB+op4EmP4JD
avHT7vM5vhFGTKmc8TPD3R6eVdGXwZE8RzoWaAOU1GjlEZbRRBqAupi/GfsFN7bN
CblUShRLu+rbG3G68WsOIesYkw8eCv1qfDU0vAKEABEM+TMS97adeTYNearCLwPT
JiPH1nzLPFZg5+cPDTfRsdW+PtcAyugb4xBET9sEOB25eSE32pL7eTBiFZakoRHI
3jDXSMtUDb3r7jEz2VJMuRc9H+NAdaMRbO9GaYKzbCC8wVUXnN4VNEFgvQvfCPLn
sUikiIIcO1ny+QS8mPi7ssDaSj997Zek+qp01FXyXFSIwUglS9YCBknEewIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFI2jhWNmbYzRLn6aYkW6umRcX6YwMB8GA1UdIwQY
MBaAFJWObEpQYvF0/zzRi/ikG6VzjbB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFk1c1NsQmk4WFRfUE5HTC1LUWJwWE9Oc0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wYjE4ZDAtMDc3ZC00MjNlLWE5ZTAt
NTE1MjA4NjM2YWJiLzEvamFPRlkyWnRqTkV1ZnBwaVJicTZaRnhmcGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wYjE4ZDAtMDc3ZC00MjNlLWE5ZTAtNTE1MjA4NjM2YWJi
LzEvbFk1c1NsQmk4WFRfUE5HTC1LUWJwWE9Oc0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQALvc9AwQA
nl66MAwDBADCu7EDBADCu7IwDQQCAAIwBwMFACoOe4YwDQYJKoZIhvcNAQELBQAD
ggEBAGsXBaBTuJnZNADfHMp5J+8U6mv71KeZ7lfLVcj9/C3Iw38C4RUEUv2YdgLk
xzfKruYKpycuV6ZIzXQVJzI8i7Me8Ek2jTzNAef2wiVrhR9SUA1Cmjz5rZqwbpBW
wkEOWW+nJcdH/4nOkynDzUwMqnCbT/QK9BjemoDngPIn1TjOHec8Ys7shAVbnodI
Rz/lFzWWYCuSO6QqH8PJxRoP1WaF69lw797ZE6f7uxJADP6c7fmos1ptM2XUiCVz
2SwTK89LfwoCq/WAGPkh6xWdvC12pVwtmkNro4iQghwhR0F5JZZD4me0B6DhBCY7
XxwWItfw1sT7gpR4255qOo/YZJk=
-----END CERTIFICATE-----
Generated at Mon Jun 1 22:24:15 2026 by rpki-client