Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/Ja7890_tG369n2EpikrlxKOH7eo.roa
File: Ja7890_tG369n2EpikrlxKOH7eo.roa (raw, json)
Hash identifier: dUDn7iA585Me0xPD3yCTHJGFysgJ0UVLXEuuoAzLUoE=
Subject key identifier: 25:AE:FC:F7:4F:ED:1B:7E:BD:9F:61:29:8A:4A:E5:C4:A3:87:ED:EA
Certificate issuer: /CN=d238778f1349b575418c19e383d0571aebeea2df
Certificate serial: 019DF29F72B5D0DF2311B4D2E3832888C8C7
Authority key identifier: D2:38:77:8F:13:49:B5:75:41:8C:19:E3:83:D0:57:1A:EB:EE:A2:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jh3jxNJtXVBjBnjg9BXGuvuot8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/Ja7890_tG369n2EpikrlxKOH7eo.roa
Signing time: Mon 04 May 2026 10:53:49 +0000
ROA not before: Mon 04 May 2026 10:53:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200850
IP address blocks: 2a0c:cd40::/29 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/0jh3jxNJtXVBjBnjg9BXGuvuot8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/0jh3jxNJtXVBjBnjg9BXGuvuot8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0jh3jxNJtXVBjBnjg9BXGuvuot8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:9f:72:b5:d0:df:23:11:b4:d2:e3:83:28:88:c8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d238778f1349b575418c19e383d0571aebeea2df
Validity
Not Before: May 4 10:53:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=25aefcf74fed1b7ebd9f61298a4ae5c4a387edea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0f:22:28:9f:f9:e3:68:ff:73:e8:e4:e5:1f:
cb:79:51:3f:96:19:00:c6:ef:34:6b:6e:79:6e:65:
4a:7b:05:2d:78:be:ba:2b:70:54:b1:58:f6:e3:ba:
6f:1d:66:3d:85:42:f6:5c:74:09:99:8b:51:d0:40:
47:f7:7c:00:b9:ab:16:61:a5:0d:9e:ee:a6:fd:a1:
43:81:e2:bd:1e:b4:de:7a:18:9b:41:44:e6:67:01:
af:1c:b9:a1:39:42:b9:56:dd:8b:e5:97:19:e1:e3:
ac:04:95:fa:2e:cd:e5:c3:d1:01:d1:96:2f:0e:85:
43:90:e9:e3:91:87:2c:2e:f8:7d:a0:2e:ea:49:aa:
02:28:35:63:66:d6:90:8c:05:3a:3a:1b:40:ea:9b:
f6:dc:54:7b:e1:62:c5:db:b5:2a:22:67:db:3a:f5:
22:18:d4:a2:87:52:1e:3c:34:3c:e3:ec:b7:0e:85:
6f:3e:73:92:8c:86:c7:85:5a:2d:95:51:6d:f9:4f:
03:04:ba:f1:f6:5f:c9:46:a4:5f:7e:b6:82:99:ad:
fc:2e:2e:6e:0f:0d:34:ee:31:f8:82:c9:72:95:ce:
97:8d:b1:f1:e3:35:c4:f1:40:85:51:39:6c:24:5c:
fe:a1:60:8b:7a:de:ed:b8:e3:ea:7b:a2:82:8c:c1:
f5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AE:FC:F7:4F:ED:1B:7E:BD:9F:61:29:8A:4A:E5:C4:A3:87:ED:EA
X509v3 Authority Key Identifier:
keyid:D2:38:77:8F:13:49:B5:75:41:8C:19:E3:83:D0:57:1A:EB:EE:A2:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jh3jxNJtXVBjBnjg9BXGuvuot8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/Ja7890_tG369n2EpikrlxKOH7eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5f72bc-caf4-4edf-9432-ec2c19eb67f6/1/0jh3jxNJtXVBjBnjg9BXGuvuot8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
45:ec:a5:8b:35:b9:4f:73:6a:90:22:fe:9e:4e:45:ae:00:9e:
52:2c:15:36:a4:83:35:72:8d:75:c6:b8:e0:47:51:68:2f:95:
a2:e9:c3:d6:9d:85:68:a6:eb:42:23:b8:45:22:e3:e4:d5:e5:
da:50:81:b8:f0:df:2e:6b:e6:ed:af:97:7f:7a:9c:80:11:b5:
60:01:8f:3c:78:78:b0:ba:74:5e:ae:f5:b1:6c:d7:27:72:a6:
99:ed:fd:3e:4e:ae:37:72:b2:27:30:24:11:68:c8:40:ae:85:
e5:d4:49:ef:ee:e4:cc:9a:b9:4b:87:07:98:6b:45:c8:b8:aa:
01:1f:2f:4b:2c:9d:17:68:ff:56:e1:9c:ed:65:74:5d:a3:4f:
04:6e:28:86:c8:33:e1:fb:b8:b7:77:e6:fa:31:a7:09:41:a1:
9b:4d:cd:3a:ee:34:e4:99:13:01:d1:58:d8:90:b3:7a:a9:9f:
5c:25:6f:96:db:20:bd:b3:8f:6d:73:3e:4d:21:f6:68:83:f2:
23:40:93:12:59:13:6f:80:cb:b4:ce:71:27:a5:90:9d:24:81:
e6:da:57:48:37:58:36:3a:a4:f0:36:17:1c:93:04:b6:3a:37:
63:52:f1:ce:81:22:23:0c:d9:92:b5:e0:3f:ea:51:c0:c1:a4:
c8:10:23:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ3yn3K10N8jEbTS44MoiMjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg3NzhmMTM0OWI1NzU0MThjMTllMzgzZDA1NzFhZWJl
ZWEyZGYwHhcNMjYwNTA0MTA1MzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWFlZmNmNzRmZWQxYjdlYmQ5ZjYxMjk4YTRhZTVjNGEzODdlZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg8iKJ/542j/c+jk5R/LeVE/lhkA
xu80a255bmVKewUteL66K3BUsVj247pvHWY9hUL2XHQJmYtR0EBH93wAuasWYaUN
nu6m/aFDgeK9HrTeehibQUTmZwGvHLmhOUK5Vt2L5ZcZ4eOsBJX6Ls3lw9EB0ZYv
DoVDkOnjkYcsLvh9oC7qSaoCKDVjZtaQjAU6OhtA6pv23FR74WLF27UqImfbOvUi
GNSih1IePDQ84+y3DoVvPnOSjIbHhVotlVFt+U8DBLrx9l/JRqRffraCma38Li5u
Dw007jH4gslylc6XjbHx4zXE8UCFUTlsJFz+oWCLet7tuOPqe6KCjMH1KQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCWu/PdP7Rt+vZ9hKYpK5cSjh+3qMB8GA1UdIwQY
MBaAFNI4d48TSbV1QYwZ44PQVxrr7qLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpoM2p4Tkp0WFZCakJuamc5QlhHdXZ1b3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ZjcyYmMtY2FmNC00ZWRmLTk0MzIt
ZWMyYzE5ZWI2N2Y2LzEvSmE3ODkwX3RHMzY5bjJFcGlrcmx4S09IN2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81ZjcyYmMtY2FmNC00ZWRmLTk0MzItZWMyYzE5ZWI2N2Y2
LzEvMGpoM2p4Tkp0WFZCakJuamc5QlhHdXZ1b3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgzNQDAN
BgkqhkiG9w0BAQsFAAOCAQEAReylizW5T3NqkCL+nk5FrgCeUiwVNqSDNXKNdca4
4EdRaC+VounD1p2FaKbrQiO4RSLj5NXl2lCBuPDfLmvm7a+Xf3qcgBG1YAGPPHh4
sLp0Xq71sWzXJ3Kmme39Pk6uN3KyJzAkEWjIQK6F5dRJ7+7kzJq5S4cHmGtFyLiq
AR8vSyydF2j/VuGc7WV0XaNPBG4ohsgz4fu4t3fm+jGnCUGhm03NOu405JkTAdFY
2JCzeqmfXCVvltsgvbOPbXM+TSH2aIPyI0CTElkTb4DLtM5xJ6WQnSSB5tpXSDdY
Njqk8DYXHJMEtjo3Y1LxzoEiIwzZkrXgP+pRwMGkyBAjgQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:36 2026 by rpki-client