Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/JUsZAIzpUGjx6jJRW74wD5KYdxw.roa
File: JUsZAIzpUGjx6jJRW74wD5KYdxw.roa (raw, json)
Hash identifier: ubfqsLxf7jUqaeE1zzMD7BbyJ0T6FgVrCwi7fEcPsdA=
Subject key identifier: 25:4B:19:00:8C:E9:50:68:F1:EA:32:51:5B:BE:30:0F:92:98:77:1C
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019CE457E369CDD967AC7D7B799840BB4AB5
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/JUsZAIzpUGjx6jJRW74wD5KYdxw.roa
Signing time: Thu 12 Mar 2026 23:18:11 +0000
ROA not before: Thu 12 Mar 2026 23:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33659
IP address blocks: 9.142.0.0/19 maxlen: 19
138.226.0.0/20 maxlen: 20
138.226.88.0/21 maxlen: 21
170.100.128.0/22 maxlen: 22
170.100.192.0/21 maxlen: 21
170.100.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:57:e3:69:cd:d9:67:ac:7d:7b:79:98:40:bb:4a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Mar 12 23:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=254b19008ce95068f1ea32515bbe300f9298771c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:00:d4:29:60:d3:de:e1:59:1d:51:8c:2d:
c8:df:33:d9:b9:4c:f1:2e:2c:90:4a:c4:a6:75:bb:
03:89:6c:9c:2d:3c:06:95:a0:39:b3:a4:3f:d9:b2:
00:2d:4f:5b:43:4c:b8:41:34:4a:b5:e0:55:49:38:
94:50:73:d9:3b:55:f9:ef:1f:e7:26:68:85:1a:a6:
2d:89:6a:c0:b2:26:c5:16:2e:52:35:27:97:33:65:
ef:0b:6a:e1:35:5e:c8:60:6b:73:83:4d:c1:68:de:
11:38:7a:39:b2:cd:a0:37:6e:68:bc:c8:46:6f:df:
9d:1c:68:d0:75:91:cd:e3:15:d3:2b:f0:c9:10:3b:
bc:6e:0a:81:30:f1:c6:e4:4b:2e:1c:b2:2f:09:28:
b4:d4:a6:36:f4:19:06:ba:94:e2:b1:e3:ca:5f:eb:
51:0d:df:8b:e6:34:d8:7e:8c:8b:8c:3f:50:35:1b:
3e:1b:eb:37:35:96:93:e7:5d:b7:df:5e:49:33:a9:
c3:7a:be:70:fd:67:f4:1d:fd:db:b6:4f:42:06:5d:
3e:7b:1d:55:be:1a:80:ab:f5:91:90:d6:2f:d0:90:
24:b2:2c:4e:d8:28:b6:21:1c:ec:99:d6:2d:21:62:
c3:19:c9:41:b6:0a:e6:1f:af:5b:3a:66:ce:57:97:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4B:19:00:8C:E9:50:68:F1:EA:32:51:5B:BE:30:0F:92:98:77:1C
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/JUsZAIzpUGjx6jJRW74wD5KYdxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.142.0.0/19
138.226.0.0/20
138.226.88.0/21
170.100.128.0/22
170.100.192.0-170.100.203.255
Signature Algorithm: sha256WithRSAEncryption
44:3d:ec:9d:01:9d:a1:4a:9d:5a:40:4d:2a:e4:8c:30:a9:d9:
c1:d9:4e:5c:26:01:2c:ee:e8:dd:2d:b5:92:d3:4c:b6:a2:28:
fb:af:b3:03:36:29:20:a7:30:b9:d1:5f:0f:fe:84:c7:65:2d:
f6:3d:ec:67:95:00:eb:26:c8:77:17:f9:0a:bd:05:d3:ca:0e:
2b:ba:13:3a:5a:1b:7d:d9:9c:f8:54:0c:f1:52:28:ff:4f:af:
ff:cd:8f:1c:7e:b4:a0:cf:30:dc:3b:5d:ae:f8:ea:16:bf:05:
cc:48:42:ba:9a:7c:68:a0:18:8d:e5:a4:79:5c:06:30:9f:fb:
4d:89:77:f9:ec:79:f4:74:74:19:7f:65:ed:12:30:c2:18:4b:
0e:61:d4:a3:54:0a:8c:5b:23:a9:4e:7e:93:b4:04:32:b6:66:
a1:57:68:16:22:5c:80:c0:8e:96:3b:01:d0:36:c5:f0:a9:af:
8f:8e:50:d3:ce:18:7f:57:0b:d2:f1:82:a7:5e:29:35:5a:77:
60:52:41:1a:68:28:3d:52:2a:93:f3:3e:b6:c7:99:fa:e6:d3:
b8:67:37:55:92:76:43:4e:a0:a2:41:51:93:26:e7:72:f0:90:
2e:71:fa:e1:f3:b1:35:0e:b1:19:b5:5b:a1:64:93:f1:9a:d4:
4e:45:7d:fc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZzkV+NpzdlnrH17eZhAu0q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwMzEyMjMxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRiMTkwMDhjZTk1MDY4ZjFlYTMyNTE1YmJlMzAwZjkyOTg3NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1kA1Clg097hWR1RjC3I3zPZuUzx
LiyQSsSmdbsDiWycLTwGlaA5s6Q/2bIALU9bQ0y4QTRKteBVSTiUUHPZO1X57x/n
JmiFGqYtiWrAsibFFi5SNSeXM2XvC2rhNV7IYGtzg03BaN4ROHo5ss2gN25ovMhG
b9+dHGjQdZHN4xXTK/DJEDu8bgqBMPHG5EsuHLIvCSi01KY29BkGupTisePKX+tR
Dd+L5jTYfoyLjD9QNRs+G+s3NZaT5123315JM6nDer5w/Wf0Hf3btk9CBl0+ex1V
vhqAq/WRkNYv0JAksixO2Ci2IRzsmdYtIWLDGclBtgrmH69bOmbOV5cvyQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCVLGQCM6VBo8eoyUVu+MA+SmHccMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvSlVzWkFJenBVR2p4NmpKUlc3NHdENUtZZHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQFCY4AAwQE
iuIAAwQDiuJYAwQCqmSAMAwDBAaqZMADBAKqZMgwDQYJKoZIhvcNAQELBQADggEB
AEQ97J0BnaFKnVpATSrkjDCp2cHZTlwmASzu6N0ttZLTTLaiKPuvswM2KSCnMLnR
Xw/+hMdlLfY97GeVAOsmyHcX+Qq9BdPKDiu6EzpaG33ZnPhUDPFSKP9Pr//Njxx+
tKDPMNw7Xa746ha/BcxIQrqafGigGI3lpHlcBjCf+02Jd/nsefR0dBl/Ze0SMMIY
Sw5h1KNUCoxbI6lOfpO0BDK2ZqFXaBYiXIDAjpY7AdA2xfCpr4+OUNPOGH9XC9Lx
gqdeKTVad2BSQRpoKD1SKpPzPrbHmfrm07hnN1WSdkNOoKJBUZMm53LwkC5x+uHz
sTUOsRm1W6Fkk/Ga1E5Fffw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:39:54 2026 by rpki-client