Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JsVGeI37kf8ftX-YLzgr4Z6lC98.roa
File: JsVGeI37kf8ftX-YLzgr4Z6lC98.roa (raw, json)
Hash identifier: alYWLWSYpxstR2F3yRZ9/jYkbNKwxhhRBaAv3PIAthQ=
Subject key identifier: 26:C5:46:78:8D:FB:91:FF:1F:B5:7F:98:2F:38:2B:E1:9E:A5:0B:DF
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019ECA9AA9C1756DB7F0892277CE1D5DA1F5
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JsVGeI37kf8ftX-YLzgr4Z6lC98.roa
Signing time: Mon 15 Jun 2026 09:26:33 +0000
ROA not before: Mon 15 Jun 2026 09:26:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.180.232.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
85.208.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:9a:a9:c1:75:6d:b7:f0:89:22:77:ce:1d:5d:a1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 15 09:26:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26c546788dfb91ff1fb57f982f382be19ea50bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:ed:2f:40:71:a6:89:9e:17:8d:fb:e5:8e:
68:ee:24:ee:d1:b2:0e:26:7c:8f:51:69:38:e7:a3:
1e:63:62:37:c6:cd:5b:e3:44:b4:00:cd:67:b3:d2:
0a:0a:57:99:ff:5e:cd:ec:e6:4c:f6:0d:0a:6e:8b:
a8:91:6e:47:13:11:94:29:c7:9d:06:be:1e:77:79:
d5:60:c4:09:7f:97:88:f1:e3:c6:f3:cd:d7:ab:87:
86:93:2b:b2:78:04:ea:41:c0:5d:b8:a8:69:f2:88:
81:f1:c3:c4:e8:7b:53:12:70:d7:43:88:c8:3d:6e:
42:09:bb:f9:20:aa:85:99:f9:76:89:ab:74:bb:99:
0c:99:5f:11:9d:ef:27:06:9f:8e:ba:ae:5c:05:41:
4e:51:bf:5d:74:fa:e4:ff:64:8a:de:3f:9b:5d:77:
37:e2:73:d1:e8:e4:81:70:fd:af:be:f6:f1:03:cd:
01:b8:5f:04:62:d4:8e:42:82:8c:7e:f5:e3:01:be:
2f:62:1d:bc:8a:5a:a0:99:e4:07:0e:13:16:ee:1b:
ec:8e:bf:ba:83:2b:0b:55:df:9c:44:5f:85:3d:bd:
19:47:a5:bf:b6:43:df:6d:44:8c:fc:9e:ca:3b:00:
c5:04:13:b0:1e:8b:68:1f:23:fa:b9:81:86:70:2a:
40:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C5:46:78:8D:FB:91:FF:1F:B5:7F:98:2F:38:2B:E1:9E:A5:0B:DF
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JsVGeI37kf8ftX-YLzgr4Z6lC98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.232.0/24
45.8.253.0/24
45.9.0.0/24
85.208.105.0/24
Signature Algorithm: sha256WithRSAEncryption
35:be:74:cb:a7:c7:84:c7:67:aa:b8:8f:00:d7:0d:89:6c:db:
0a:84:e3:cc:9c:09:79:71:78:70:e1:ec:e6:2a:2b:70:2c:7d:
cd:92:97:99:f9:01:8b:f6:37:98:e8:ce:e1:ae:86:10:ed:55:
34:a8:63:84:b6:0f:e8:7b:11:91:f5:b9:97:96:b0:c6:f0:f6:
62:cd:e6:00:4e:e4:a6:60:b1:7a:2f:d5:71:d9:43:12:37:a5:
93:90:64:db:5d:19:1f:0c:85:5c:b6:54:5d:98:7a:af:5a:88:
5b:a6:da:d0:d4:79:d1:1e:9f:97:e7:51:37:ee:19:01:65:21:
b2:e6:e2:35:8d:02:bf:eb:5e:cb:a9:d6:46:2f:e1:e9:c9:d1:
9c:48:46:59:33:18:94:80:de:06:7c:4d:25:e7:37:bd:0a:f0:
da:23:57:07:01:b6:1d:c0:13:69:29:6d:f6:be:4f:24:3d:ea:
29:67:67:b5:2e:a4:5a:33:8a:6a:c6:a4:86:68:e4:96:52:3a:
4a:12:3c:33:97:a1:e9:1c:f5:e8:03:92:a9:68:22:6b:b3:0e:
b7:dc:90:c7:1b:ac:ad:dc:fd:d7:93:13:22:5b:ee:31:ae:d8:
05:53:6a:2b:4c:35:da:7c:43:c5:15:91:9b:cc:90:ca:4c:d9:
84:f5:30:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7KmqnBdW238Ikid84dXaH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjE1MDkyNjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM1NDY3ODhkZmI5MWZmMWZiNTdmOTgyZjM4MmJlMTllYTUwYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1btL0BxpomeF4375Y5o7iTu0bIO
JnyPUWk456MeY2I3xs1b40S0AM1ns9IKCleZ/17N7OZM9g0KbouokW5HExGUKced
Br4ed3nVYMQJf5eI8ePG883Xq4eGkyuyeATqQcBduKhp8oiB8cPE6HtTEnDXQ4jI
PW5CCbv5IKqFmfl2iat0u5kMmV8Rne8nBp+Ouq5cBUFOUb9ddPrk/2SK3j+bXXc3
4nPR6OSBcP2vvvbxA80BuF8EYtSOQoKMfvXjAb4vYh28ilqgmeQHDhMW7hvsjr+6
gysLVd+cRF+FPb0ZR6W/tkPfbUSM/J7KOwDFBBOwHotoHyP6uYGGcCpAtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCbFRniN+5H/H7V/mC84K+GepQvfMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSnNWR2VJMzdrZjhmdFgtWUx6Z3I0WjZsQzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbToAwQA
LQj9AwQALQkAAwQAVdBpMA0GCSqGSIb3DQEBCwUAA4IBAQA1vnTLp8eEx2equI8A
1w2JbNsKhOPMnAl5cXhw4ezmKitwLH3NkpeZ+QGL9jeY6M7hroYQ7VU0qGOEtg/o
exGR9bmXlrDG8PZizeYATuSmYLF6L9Vx2UMSN6WTkGTbXRkfDIVctlRdmHqvWohb
ptrQ1HnRHp+X51E37hkBZSGy5uI1jQK/617LqdZGL+HpydGcSEZZMxiUgN4GfE0l
5ze9CvDaI1cHAbYdwBNpKW32vk8kPeopZ2e1LqRaM4pqxqSGaOSWUjpKEjwzl6Hp
HPXoA5KpaCJrsw633JDHG6yt3P3XkxMiW+4xrtgFU2orTDXafEPFFZGbzJDKTNmE
9TAd
-----END CERTIFICATE-----
Generated at Thu Jun 18 03:44:43 2026 by rpki-client