Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/JU90aQ8JffWPKUNs4WRBmjC5fmg.roa
File: JU90aQ8JffWPKUNs4WRBmjC5fmg.roa (raw, json)
Hash identifier: RTDjP0CmxRz9mg1HQcbaHVAmbmYErR/CAHIxD2kjR7M=
Subject key identifier: 25:4F:74:69:0F:09:7D:F5:8F:29:43:6C:E1:64:41:9A:30:B9:7E:68
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 019DD885EDE801B16CDD1075AEDC9620F0F8
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/JU90aQ8JffWPKUNs4WRBmjC5fmg.roa
Signing time: Wed 29 Apr 2026 09:15:49 +0000
ROA not before: Wed 29 Apr 2026 09:15:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15659
IP address blocks: 80.202.0.0/16 maxlen: 16
84.48.0.0/18 maxlen: 18
84.49.128.0/17 maxlen: 17
89.10.0.0/16 maxlen: 16
89.10.0.0/17 maxlen: 17
89.10.128.0/17 maxlen: 17
89.11.0.0/17 maxlen: 17
213.145.160.0/19 maxlen: 19
213.187.160.0/19 maxlen: 19
213.187.190.0/24 maxlen: 24
217.13.0.0/19 maxlen: 19
2a04:980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:85:ed:e8:01:b1:6c:dd:10:75:ae:dc:96:20:f0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: Apr 29 09:15:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=254f74690f097df58f29436ce164419a30b97e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ab:a3:9c:74:3e:6e:cb:7a:58:86:7b:cf:15:
5a:03:49:72:e0:82:9e:84:26:79:c4:f6:a5:c7:79:
1f:b9:a4:61:9e:7c:04:10:54:ba:f5:73:1c:69:39:
1e:40:ed:51:3d:3f:5a:fd:a2:92:86:e7:48:45:97:
a6:40:91:7e:e7:fd:d5:66:52:93:ec:83:d2:22:94:
2d:7f:9f:3f:37:30:26:ec:ef:9b:e3:49:76:6a:66:
8f:76:34:23:76:be:b5:e8:00:5d:fb:cd:5a:98:7e:
21:c6:5f:51:5a:3a:1e:78:63:e3:5b:f5:73:1d:b9:
e4:94:03:d2:70:19:e2:9d:00:a2:c3:71:60:b9:f8:
c4:26:f3:33:f6:3e:32:1a:43:a4:3a:4a:5d:83:e1:
75:39:77:9f:7f:f0:87:f9:3e:7f:55:17:c3:2e:64:
7a:4f:b9:53:87:87:9f:35:c7:1d:1d:52:e2:2c:4e:
66:93:fd:07:26:43:4d:8e:c3:75:af:24:cf:17:86:
be:79:3e:2c:fb:4e:18:0c:39:cc:68:74:cf:71:03:
2c:4d:ff:9e:fd:b8:5c:9a:ab:0d:69:fb:d2:1c:29:
41:f2:83:2c:b4:a5:7c:cc:0c:24:99:89:9f:46:22:
99:18:1f:a2:43:3e:3e:99:ec:25:6a:e2:5a:97:d8:
78:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:74:69:0F:09:7D:F5:8F:29:43:6C:E1:64:41:9A:30:B9:7E:68
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/JU90aQ8JffWPKUNs4WRBmjC5fmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
84.48.0.0/18
84.49.128.0/17
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
6d:07:95:02:66:e7:bc:08:7e:19:a7:fc:13:f9:7b:b2:e8:d2:
dd:cb:81:e2:1c:45:43:26:cd:51:1b:31:b5:17:20:d7:f9:00:
4f:bf:35:1a:ec:97:4d:8c:7f:5a:a6:a2:57:a9:f1:73:2e:93:
4a:b4:2f:18:be:57:1a:df:2b:88:4a:d9:da:ab:3c:0a:7d:1c:
fb:9f:5f:76:06:4c:45:18:66:e6:ca:9f:78:ee:ed:5c:11:37:
84:8b:7b:b7:61:e0:4f:e3:8a:d5:89:e3:57:83:d8:e4:35:46:
13:7e:0f:9b:60:1f:47:2d:46:46:f0:0e:e4:54:76:c0:b0:f0:
a4:62:fc:45:5b:24:3d:8d:03:47:35:1b:6d:e2:07:3c:06:9a:
22:42:8a:be:26:2e:50:1d:67:b2:85:77:82:dd:75:1c:19:b1:
cb:57:eb:fe:ef:90:a7:d9:b9:ff:d3:f2:bd:e7:74:f9:86:f4:
20:c9:2a:05:9c:7a:3a:ff:19:45:ba:af:59:fb:d9:97:32:3c:
4a:d8:de:f7:73:53:e8:45:94:31:76:cd:ef:78:69:00:d6:50:
fa:37:40:fc:45:c5:b2:5c:5f:60:44:6d:0f:bc:10:bc:07:01:
04:00:b6:bf:bc:f4:48:fe:70:9a:ff:28:27:94:32:83:d5:b3:
e3:67:77:c8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ3Yhe3oAbFs3RB1rtyWIPD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTgzZjU4YzcxMTBhZDRjYzYwOWY0ZmZiN2NhYjJmODBj
ODM1ODEwHhcNMjYwNDI5MDkxNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRmNzQ2OTBmMDk3ZGY1OGYyOTQzNmNlMTY0NDE5YTMwYjk3ZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ujnHQ+bst6WIZ7zxVaA0ly4IKe
hCZ5xPalx3kfuaRhnnwEEFS69XMcaTkeQO1RPT9a/aKShudIRZemQJF+5/3VZlKT
7IPSIpQtf58/NzAm7O+b40l2amaPdjQjdr616ABd+81amH4hxl9RWjoeeGPjW/Vz
HbnklAPScBninQCiw3FgufjEJvMz9j4yGkOkOkpdg+F1OXeff/CH+T5/VRfDLmR6
T7lTh4efNccdHVLiLE5mk/0HJkNNjsN1ryTPF4a+eT4s+04YDDnMaHTPcQMsTf+e
/bhcmqsNafvSHClB8oMstKV8zAwkmYmfRiKZGB+iQz4+mewlauJal9h4jwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCVPdGkPCX31jylDbOFkQZowuX5oMB8GA1UdIwQY
MBaAFMZYP1jHEQrUzGCfT/t8qy+AyDWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMt
M2Q1OTNlYmU1MjIwLzEvSlU5MGFROEpmZldQS1VOczRXUkJtakM1Zm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMtM2Q1OTNlYmU1MjIw
LzEveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwMAUMoDBAZU
MAADBAdUMYAwCwMDAVkKAwQHWQsAAwQF1ZGgAwQF1bugAwQF2Q0AMA0EAgACMAcD
BQMqBAmAMA0GCSqGSIb3DQEBCwUAA4IBAQBtB5UCZue8CH4Zp/wT+Xuy6NLdy4Hi
HEVDJs1RGzG1FyDX+QBPvzUa7JdNjH9apqJXqfFzLpNKtC8Yvlca3yuIStnaqzwK
fRz7n192BkxFGGbmyp947u1cETeEi3u3YeBP44rVieNXg9jkNUYTfg+bYB9HLUZG
8A7kVHbAsPCkYvxFWyQ9jQNHNRtt4gc8BpoiQoq+Ji5QHWeyhXeC3XUcGbHLV+v+
75Cn2bn/0/K953T5hvQgySoFnHo6/xlFuq9Z+9mXMjxK2N73c1PoRZQxds3veGkA
1lD6N0D8RcWyXF9gRG0PvBC8BwEEALa/vPRI/nCa/ygnlDKD1bPjZ3fI
-----END CERTIFICATE-----
Generated at Wed May 13 05:56:09 2026 by rpki-client