Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/jf5uHxrszKQSuQYGdA__Shppl9Q.roa
File: jf5uHxrszKQSuQYGdA__Shppl9Q.roa (raw, json)
Hash identifier: /NiMq9OomnHYD9C1AKbBaKLno//7V0tj4EGyTCM/hbo=
Subject key identifier: 8D:FE:6E:1F:1A:EC:CC:A4:12:B9:06:06:74:0F:FF:4A:1A:69:97:D4
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 019D9ADCE3656BED9174CA613B26B8A4D214
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/jf5uHxrszKQSuQYGdA__Shppl9Q.roa
Signing time: Fri 17 Apr 2026 09:54:20 +0000
ROA not before: Fri 17 Apr 2026 09:54:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15703
IP address blocks: 80.247.220.0/24 maxlen: 24
87.233.0.0/16 maxlen: 24
193.28.152.0/24 maxlen: 24
213.193.192.0/21 maxlen: 24
213.193.193.0/24 maxlen: 24
213.193.208.0/21 maxlen: 24
213.193.210.0/24 maxlen: 24
213.193.234.0/24 maxlen: 24
213.193.240.0/21 maxlen: 24
213.193.247.0/24 maxlen: 24
213.239.136.0/24 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:dc:e3:65:6b:ed:91:74:ca:61:3b:26:b8:a4:d2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Apr 17 09:54:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8dfe6e1f1aeccca412b90606740fff4a1a6997d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:16:9f:77:f9:c2:6e:9a:43:27:47:cc:04:52:
db:96:62:ff:76:0e:4b:f5:07:88:1b:40:86:5d:19:
a2:46:4f:5d:02:28:fe:89:a6:db:71:92:3d:3c:91:
31:3a:cb:09:cb:80:ae:1e:a3:f8:14:f2:a2:4a:43:
4c:9d:bf:b2:11:6e:d3:9f:f4:2c:78:a5:ab:25:58:
5a:1e:68:1e:7f:44:0c:69:2a:1e:81:55:9b:d0:c7:
1c:c1:d6:1a:2c:6a:b4:39:fa:56:ab:18:ea:eb:4c:
79:5f:22:64:cd:08:6d:d1:03:26:7e:b9:68:c5:db:
8a:71:b5:b9:55:4a:6c:05:04:37:55:5c:ed:f0:87:
98:72:7e:04:0c:26:c3:17:b7:93:36:05:cf:ba:c4:
82:40:d5:04:9c:bc:b5:1f:0f:29:ab:a7:81:63:3f:
bb:cb:89:fd:81:5a:6d:24:86:26:bd:07:0b:4b:87:
51:a8:33:4e:67:4c:db:39:5a:c0:8c:3a:8b:d7:b6:
ad:bc:3a:b6:e7:2b:4b:64:79:25:bd:c3:1c:de:a1:
d1:60:62:16:b4:87:e1:c9:e1:d3:9e:d2:4f:72:39:
a7:f8:16:a6:d8:71:7d:6b:34:97:34:20:57:ba:11:
29:7a:1a:a6:ca:35:b5:52:70:ef:69:a0:a2:42:0d:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FE:6E:1F:1A:EC:CC:A4:12:B9:06:06:74:0F:FF:4A:1A:69:97:D4
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/jf5uHxrszKQSuQYGdA__Shppl9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.220.0/24
87.233.0.0/16
193.28.152.0/24
213.193.192.0/21
213.193.208.0/21
213.193.234.0/24
213.193.240.0/21
213.239.136.0/24
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
b1:ed:f4:ff:18:cd:b7:49:21:36:00:43:45:08:04:08:a4:ac:
a1:08:92:4b:c0:33:98:a9:fe:23:79:da:56:b6:4d:f1:bc:a5:
5a:50:2b:c9:32:d7:b1:d8:44:9c:da:0c:4e:9e:b1:3c:58:7e:
79:ab:8c:ce:3d:42:1b:9e:2b:91:ae:2b:2f:45:96:dd:55:99:
9e:5d:90:c8:6e:37:61:9b:f4:da:f2:53:ef:da:0c:8d:ca:91:
ce:9e:4a:64:75:88:65:22:40:3b:49:0d:bf:0a:6b:55:67:ce:
5d:f2:17:d4:b1:a9:65:fc:85:f9:33:f3:29:2a:37:9c:d8:be:
a7:9a:9e:bb:28:9f:88:79:8c:9c:7e:6c:2b:17:5b:ce:11:28:
2b:fc:c9:04:ac:47:92:09:a4:dd:aa:43:73:28:6c:ae:62:87:
de:b5:f4:20:a8:ca:cb:7a:81:c8:f0:50:4e:94:68:03:16:e2:
a4:8a:e5:7a:b9:f1:a6:52:a2:03:ba:40:db:34:bd:37:a2:50:
57:cf:c2:c2:ee:b7:ab:b1:95:cb:71:ab:8c:ed:8f:09:70:b8:
73:33:6d:2b:3d:cf:29:99:41:93:3e:10:87:da:d8:4e:44:0c:
3e:a4:c2:34:b9:e7:2d:44:1a:38:b9:b0:f1:bc:d2:76:cb:9b:
0f:78:c3:3f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ2a3ONla+2RdMphOya4pNIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjYwNDE3MDk1NDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZlNmUxZjFhZWNjY2E0MTJiOTA2MDY3NDBmZmY0YTFhNjk5N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRafd/nCbppDJ0fMBFLblmL/dg5L
9QeIG0CGXRmiRk9dAij+iabbcZI9PJExOssJy4CuHqP4FPKiSkNMnb+yEW7Tn/Qs
eKWrJVhaHmgef0QMaSoegVWb0MccwdYaLGq0OfpWqxjq60x5XyJkzQht0QMmfrlo
xduKcbW5VUpsBQQ3VVzt8IeYcn4EDCbDF7eTNgXPusSCQNUEnLy1Hw8pq6eBYz+7
y4n9gVptJIYmvQcLS4dRqDNOZ0zbOVrAjDqL17atvDq25ytLZHklvcMc3qHRYGIW
tIfhyeHTntJPcjmn+Bam2HF9azSXNCBXuhEpehqmyjW1UnDvaaCiQg20SwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFI3+bh8a7MykErkGBnQP/0oaaZfUMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvamY1dUh4cnN6S1FTdVFZR2RBX19TaHBwbDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA1BAIAATAvAwQAUPfcAwMA
V+kDBADBHJgDBAPVwcADBAPVwdADBADVweoDBAPVwfADBADV74gwFAQCAAIwDgMF
ACABCZADBQAgAQmoMA0GCSqGSIb3DQEBCwUAA4IBAQCx7fT/GM23SSE2AENFCAQI
pKyhCJJLwDOYqf4jedpWtk3xvKVaUCvJMtex2ESc2gxOnrE8WH55q4zOPUIbniuR
risvRZbdVZmeXZDIbjdhm/Ta8lPv2gyNypHOnkpkdYhlIkA7SQ2/CmtVZ85d8hfU
sall/IX5M/MpKjec2L6nmp67KJ+IeYycfmwrF1vOESgr/MkErEeSCaTdqkNzKGyu
YofetfQgqMrLeoHI8FBOlGgDFuKkiuV6ufGmUqIDukDbNL03olBXz8LC7rersZXL
cauM7Y8JcLhzM20rPc8pmUGTPhCH2thORAw+pMI0uectRBo4ubDxvNJ2y5sPeMM/
-----END CERTIFICATE-----
Generated at Wed May 13 04:55:09 2026 by rpki-client