Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/JE0qSqnrDvpmqnPdeXtfY3ANrng.roa
File: JE0qSqnrDvpmqnPdeXtfY3ANrng.roa (raw, json)
Hash identifier: X1IyMy+PkbmsuUsMO+dutHfTqsCVh+3kH50SqPaLXA0=
Subject key identifier: 24:4D:2A:4A:A9:EB:0E:FA:66:AA:73:DD:79:7B:5F:63:70:0D:AE:78
Certificate issuer: /CN=0f4207ce80855a5cc97c0ba473b95872c7c193c4
Certificate serial: 019E03156ED4B671275133461249A7024DA0
Authority key identifier: 0F:42:07:CE:80:85:5A:5C:C9:7C:0B:A4:73:B9:58:72:C7:C1:93:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/JE0qSqnrDvpmqnPdeXtfY3ANrng.roa
Signing time: Thu 07 May 2026 15:36:36 +0000
ROA not before: Thu 07 May 2026 15:36:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215020
IP address blocks: 217.180.12.0/23 maxlen: 23
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
2a12:8040::/29 maxlen: 29
2a12:8047:fff1::/48 maxlen: 48
2a12:8047:fff2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:15:6e:d4:b6:71:27:51:33:46:12:49:a7:02:4d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f4207ce80855a5cc97c0ba473b95872c7c193c4
Validity
Not Before: May 7 15:36:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=244d2a4aa9eb0efa66aa73dd797b5f63700dae78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5a:aa:ad:0e:59:2e:89:9b:e5:a1:f2:b8:54:
99:12:06:db:db:a8:49:cc:a2:9b:50:4d:1a:61:7d:
64:66:29:17:e5:8b:d9:ee:91:86:78:38:58:e0:0e:
a4:33:c6:a8:10:b0:aa:a0:16:b0:e2:a6:31:6f:d6:
b1:a1:cc:48:eb:fb:a2:b2:1b:35:02:74:cb:f4:d4:
a0:7f:46:a0:95:53:82:3f:46:18:08:3c:e1:e6:5c:
48:2c:05:43:94:8c:b5:8b:96:71:37:50:78:66:66:
75:4b:e9:b5:c9:79:2c:dc:46:03:eb:8e:b8:bb:e3:
4f:f1:e2:41:69:0d:4d:07:6b:62:c8:09:a0:0b:22:
8f:48:9d:87:25:f0:8e:8d:80:0f:c8:3f:c4:e5:7d:
48:18:9e:5c:bf:ee:ec:ca:2a:9d:27:a3:fe:94:27:
c9:4c:88:4d:20:1d:54:da:56:52:09:f6:7d:ea:a2:
ee:c5:71:dd:96:3a:e8:3c:03:97:a5:d6:5f:01:0b:
f9:76:d0:ec:d2:ed:ef:f5:78:ba:5f:89:ba:6d:a5:
03:fc:6e:43:f4:4c:7c:80:60:87:38:21:f9:c7:1d:
56:88:f2:5b:e1:00:c0:4d:17:6d:d5:05:48:49:ba:
6e:a8:56:67:e3:37:ad:2c:5c:b2:9d:e1:21:59:e9:
66:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4D:2A:4A:A9:EB:0E:FA:66:AA:73:DD:79:7B:5F:63:70:0D:AE:78
X509v3 Authority Key Identifier:
keyid:0F:42:07:CE:80:85:5A:5C:C9:7C:0B:A4:73:B9:58:72:C7:C1:93:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/JE0qSqnrDvpmqnPdeXtfY3ANrng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.12.0/23
IPv6:
2a12:8040::/29
Signature Algorithm: sha256WithRSAEncryption
53:35:d2:de:09:1e:30:34:bf:f9:cd:4c:66:80:40:ce:10:aa:
20:9b:c6:fc:75:fa:60:49:55:89:2d:f7:ca:56:a1:85:2e:75:
b5:36:d9:7b:5e:45:7d:ff:64:fc:8b:02:a9:ae:72:b5:8d:a6:
21:ed:b3:63:1e:f8:47:78:3d:8b:da:3d:1e:c1:50:7a:02:66:
9b:a1:b6:77:d7:b3:7d:e6:8c:fd:6b:fd:00:29:f6:c1:50:03:
33:28:71:a0:7e:56:5e:20:a8:a4:dd:a2:92:2d:f0:63:91:68:
ef:c3:f3:80:41:cb:52:93:82:aa:60:2a:de:1d:15:ad:31:8f:
21:ae:9e:2c:ea:67:96:0e:f9:74:eb:ec:c8:aa:f8:59:f6:2c:
75:22:5b:20:5d:d2:c6:28:6a:76:64:8c:d0:7f:74:7f:db:84:
10:80:1f:da:70:56:e1:5b:22:de:0f:3d:cc:27:66:04:14:1d:
9e:88:59:e9:df:45:0f:84:9a:c0:2e:a0:f0:81:24:e5:0a:1f:
1d:1b:62:24:9f:4a:a1:9f:1e:7d:be:a5:5a:f1:fa:13:cb:6e:
be:0a:63:c1:76:ca:4c:ab:ca:55:42:b9:28:ed:d5:03:e1:56:
af:c0:7c:74:32:87:d1:5f:5b:71:9a:75:0f:e7:d4:6a:d9:8c:
45:bd:88:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ4DFW7UtnEnUTNGEkmnAk2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDIwN2NlODA4NTVhNWNjOTdjMGJhNDczYjk1ODcyYzdj
MTkzYzQwHhcNMjYwNTA3MTUzNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRkMmE0YWE5ZWIwZWZhNjZhYTczZGQ3OTdiNWY2MzcwMGRhZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1qqrQ5ZLomb5aHyuFSZEgbb26hJ
zKKbUE0aYX1kZikX5YvZ7pGGeDhY4A6kM8aoELCqoBaw4qYxb9axocxI6/uishs1
AnTL9NSgf0aglVOCP0YYCDzh5lxILAVDlIy1i5ZxN1B4ZmZ1S+m1yXks3EYD6464
u+NP8eJBaQ1NB2tiyAmgCyKPSJ2HJfCOjYAPyD/E5X1IGJ5cv+7syiqdJ6P+lCfJ
TIhNIB1U2lZSCfZ96qLuxXHdljroPAOXpdZfAQv5dtDs0u3v9Xi6X4m6baUD/G5D
9Ex8gGCHOCH5xx1WiPJb4QDATRdt1QVISbpuqFZn4zetLFyyneEhWelmiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCRNKkqp6w76Zqpz3Xl7X2NwDa54MB8GA1UdIwQY
MBaAFA9CB86AhVpcyXwLpHO5WHLHwZPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBJSHpvQ0ZXbHpKZkF1a2M3bFljc2ZCazhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85MDE5NTctNGU3MS00Y2YzLWFjYjgt
ZmIyYzhhODE0MzQ3LzEvSkUwcVNxbnJEdnBtcW5QZGVYdGZZM0FOcm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85MDE5NTctNGU3MS00Y2YzLWFjYjgtZmIyYzhhODE0MzQ3
LzEvRDBJSHpvQ0ZXbHpKZkF1a2M3bFljc2ZCazhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB2bQMMA0E
AgACMAcDBQMqEoBAMA0GCSqGSIb3DQEBCwUAA4IBAQBTNdLeCR4wNL/5zUxmgEDO
EKogm8b8dfpgSVWJLffKVqGFLnW1Ntl7XkV9/2T8iwKprnK1jaYh7bNjHvhHeD2L
2j0ewVB6AmabobZ317N95oz9a/0AKfbBUAMzKHGgflZeIKik3aKSLfBjkWjvw/OA
QctSk4KqYCreHRWtMY8hrp4s6meWDvl06+zIqvhZ9ix1IlsgXdLGKGp2ZIzQf3R/
24QQgB/acFbhWyLeDz3MJ2YEFB2eiFnp30UPhJrALqDwgSTlCh8dG2Ikn0qhnx59
vqVa8foTy26+CmPBdspMq8pVQrko7dUD4VavwHx0MofRX1txmnUP59Rq2YxFvYig
-----END CERTIFICATE-----
Generated at Wed May 13 02:37:38 2026 by rpki-client