Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/jdER3phX5mbgg6aj7xFihDYqyto.roa
File: jdER3phX5mbgg6aj7xFihDYqyto.roa (raw, json)
Hash identifier: Gf4TEMTFntYzNK0gZEShHChZxR+vxTAfCM1wkhuszWc=
Subject key identifier: 8D:D1:11:DE:98:57:E6:66:E0:83:A6:A3:EF:11:62:84:36:2A:CA:DA
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 019EA163C2776FFE9543132B9297E8A9EA5E
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/jdER3phX5mbgg6aj7xFihDYqyto.roa
Signing time: Sun 07 Jun 2026 09:22:10 +0000
ROA not before: Sun 07 Jun 2026 09:22:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211056
IP address blocks: 89.47.197.0/24 maxlen: 24
89.47.198.0/24 maxlen: 24
89.47.200.0/24 maxlen: 24
89.47.201.0/24 maxlen: 24
89.47.202.0/24 maxlen: 24
92.114.50.0/24 maxlen: 24
2a01:5500:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a1:63:c2:77:6f:fe:95:43:13:2b:92:97:e8:a9:ea:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Jun 7 09:22:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8dd111de9857e666e083a6a3ef116284362acada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:02:67:88:73:db:47:c7:02:f5:bb:54:bf:
b7:3b:94:92:0e:3f:e5:51:de:62:23:5c:5b:10:68:
72:f3:f4:bf:ae:11:be:56:f9:1a:f6:d5:3f:fb:2e:
e8:27:e2:58:dd:ae:df:15:d0:23:57:b0:fc:5b:20:
48:18:a5:c3:dc:48:92:b5:4c:10:7e:b6:84:c0:b9:
2c:36:36:e3:d3:f4:8a:fb:0d:95:ef:9d:73:c1:d0:
00:71:c5:f6:87:8e:06:51:6d:0c:3f:38:05:52:9b:
2c:d1:07:3f:3e:88:43:86:a6:e7:be:94:18:e4:80:
93:40:93:d7:44:81:c6:e6:b1:64:e2:79:0f:2c:cc:
e3:a7:93:a8:ce:da:c8:17:87:13:d6:6b:37:e6:1d:
ec:78:0f:2a:26:5b:ab:ed:8f:ea:39:d8:96:76:e5:
c6:af:97:0b:f3:c0:86:62:aa:9d:12:bb:39:5a:34:
30:9b:4e:65:29:80:a6:12:11:ca:73:a6:63:40:2d:
2d:c5:f3:6d:45:9a:4f:4f:70:64:12:b9:00:03:51:
cd:e0:4a:c8:cb:0d:92:04:b0:9f:56:28:94:73:cf:
52:ed:c8:6d:44:56:5c:49:f7:c6:b8:eb:19:79:92:
77:c6:6b:ca:6a:0a:9d:d3:cb:64:14:f3:7b:56:bd:
2a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D1:11:DE:98:57:E6:66:E0:83:A6:A3:EF:11:62:84:36:2A:CA:DA
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/jdER3phX5mbgg6aj7xFihDYqyto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.197.0-89.47.198.255
89.47.200.0-89.47.202.255
92.114.50.0/24
IPv6:
2a01:5500:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
1b:14:37:31:91:1c:f9:bd:96:6c:6a:cc:3b:26:e6:c6:61:8a:
0e:32:02:6d:b9:fe:96:4b:04:4f:15:9a:e7:32:f0:8f:b6:23:
03:aa:4d:34:ca:30:0c:43:be:f7:da:cd:0d:6d:0e:b4:d7:31:
19:86:be:4d:95:87:84:8e:73:53:85:f5:a4:b6:c9:ae:fe:c4:
8c:d1:47:56:50:b7:1a:90:b4:ae:47:e5:fe:08:8f:70:1e:fa:
4a:70:94:e2:a0:cb:1b:03:b3:38:2d:fc:64:5d:c0:a0:c1:28:
f1:01:e9:f7:d3:eb:b7:f3:ce:e2:58:08:64:67:d8:5d:1e:80:
a8:a8:6e:56:87:3e:fe:98:48:a8:f6:cc:11:d0:c2:c9:80:dd:
ec:24:e3:2f:2b:d3:64:f7:ad:42:4e:80:aa:43:50:34:20:e9:
81:67:55:b5:29:8b:ab:96:06:81:8d:bb:60:ab:bc:a6:1d:e4:
c3:c2:40:2c:84:17:5a:ef:fd:7e:cd:d4:4c:fa:ef:6d:b7:8f:
f2:ed:d5:e3:70:25:80:80:a4:a9:bb:6b:42:28:bd:25:aa:f4:
9c:ff:90:7b:39:e2:06:21:67:a0:ec:bd:dd:df:f6:dd:ac:b6:
81:13:b8:36:53:02:c8:e8:f2:b7:24:82:33:c4:5b:df:ac:57:
6a:17:8f:28
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ6hY8J3b/6VQxMrkpfoqepeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjYwNjA3MDkyMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQxMTFkZTk4NTdlNjY2ZTA4M2E2YTNlZjExNjI4NDM2MmFjYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPUCZ4hz20fHAvW7VL+3O5SSDj/l
Ud5iI1xbEGhy8/S/rhG+Vvka9tU/+y7oJ+JY3a7fFdAjV7D8WyBIGKXD3EiStUwQ
fraEwLksNjbj0/SK+w2V751zwdAAccX2h44GUW0MPzgFUpss0Qc/PohDhqbnvpQY
5ICTQJPXRIHG5rFk4nkPLMzjp5OoztrIF4cT1ms35h3seA8qJlur7Y/qOdiWduXG
r5cL88CGYqqdErs5WjQwm05lKYCmEhHKc6ZjQC0txfNtRZpPT3BkErkAA1HN4ErI
yw2SBLCfViiUc89S7chtRFZcSffGuOsZeZJ3xmvKagqd08tkFPN7Vr0qOQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI3REd6YV+Zm4IOmo+8RYoQ2KsraMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvamRFUjNwaFg1bWJnZzZhajd4RmloRFlxeXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBABZL8UD
BABZL8YwDAMEA1kvyAMEAFkvygMEAFxyMjAPBAIAAjAJAwcAKgFVAP//MA0GCSqG
SIb3DQEBCwUAA4IBAQAbFDcxkRz5vZZsasw7JubGYYoOMgJtuf6WSwRPFZrnMvCP
tiMDqk00yjAMQ7732s0NbQ601zEZhr5NlYeEjnNThfWktsmu/sSM0UdWULcakLSu
R+X+CI9wHvpKcJTioMsbA7M4LfxkXcCgwSjxAen30+u3887iWAhkZ9hdHoCoqG5W
hz7+mEio9swR0MLJgN3sJOMvK9Nk961CToCqQ1A0IOmBZ1W1KYurlgaBjbtgq7ym
HeTDwkAshBda7/1+zdRM+u9tt4/y7dXjcCWAgKSpu2tCKL0lqvSc/5B7OeIGIWeg
7L3d3/bdrLaBE7g2UwLI6PK3JIIzxFvfrFdqF48o
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:09:14 2026 by rpki-client