Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JBp_aDUAcmmOYvoNltT8ivTCKmc.roa
File: JBp_aDUAcmmOYvoNltT8ivTCKmc.roa (raw, json)
Hash identifier: +QCEUdkIa88BsMZAnyUFk5UxBP2HF0dPBIId6zCs260=
Subject key identifier: 24:1A:7F:68:35:00:72:69:8E:62:FA:0D:96:D4:FC:8A:F4:C2:2A:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E08004BE8B2A9F3968D3A437399A3F3E0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JBp_aDUAcmmOYvoNltT8ivTCKmc.roa
Signing time: Fri 08 May 2026 14:31:37 +0000
ROA not before: Fri 08 May 2026 14:31:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402215
IP address blocks: 81.5.183.0/24 maxlen: 24
81.168.70.0/24 maxlen: 24
81.168.110.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
89.28.234.0/24 maxlen: 24
89.213.0.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
109.176.83.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
185.49.126.0/24 maxlen: 24
213.210.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:08:00:4b:e8:b2:a9:f3:96:8d:3a:43:73:99:a3:f3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 8 14:31:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=241a7f68350072698e62fa0d96d4fc8af4c22a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:51:1a:3a:2c:0b:9e:d6:a9:d1:77:ff:5b:
87:fe:fb:6a:cb:38:3f:75:18:a8:ed:bf:8d:7b:7d:
f9:0a:31:77:51:85:36:14:a7:01:28:1f:e1:ec:67:
06:19:0a:15:ee:66:0c:db:c7:db:bc:5e:5a:a0:cf:
ad:35:77:26:d2:3c:3d:66:87:2b:40:79:87:d0:62:
ce:ec:b5:bb:12:a4:2b:39:42:b9:34:4c:c1:94:dc:
a3:b9:f1:76:fd:3f:9a:d8:29:b2:3c:5b:80:f8:5e:
eb:51:80:d4:4c:5f:65:2a:b5:e6:0d:0e:8a:23:4a:
fb:ca:bb:78:14:2d:5d:15:4a:18:e4:b2:b1:db:b8:
b0:85:bf:90:63:53:46:a1:47:45:37:3c:8d:f6:25:
7c:56:35:12:b7:31:37:5b:5f:0a:8e:57:5d:55:3c:
88:21:1d:7d:f8:bb:9d:29:96:38:6a:fd:47:71:70:
8b:6a:6a:71:ab:6a:02:ad:68:6e:f5:1a:b5:18:d6:
2f:ac:46:a7:df:d5:13:cc:ca:d4:cc:cb:1a:30:fd:
07:f6:49:df:d5:3d:6e:62:c5:8e:71:2c:0a:81:63:
82:0e:30:f5:52:34:7a:da:ac:c9:a1:c9:a9:f1:33:
ac:08:a1:2e:c6:53:bb:46:a1:9c:b5:22:04:d0:47:
25:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:1A:7F:68:35:00:72:69:8E:62:FA:0D:96:D4:FC:8A:F4:C2:2A:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JBp_aDUAcmmOYvoNltT8ivTCKmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.183.0/24
81.168.70.0/24
81.168.110.0/24
82.152.253.0/24
89.28.234.0/24
89.213.0.0/24
89.213.5.0-89.213.6.255
89.213.167.0/24
109.176.83.0/24
109.176.242.0/24
185.49.126.0/24
213.210.40.0/24
Signature Algorithm: sha256WithRSAEncryption
33:40:9a:89:2b:c9:6a:83:6e:02:39:fe:f6:b5:c2:ab:1d:70:
28:a8:a2:9b:38:24:b2:f2:c1:1e:2f:06:30:a7:42:0d:6c:d8:
a0:0a:c8:8f:84:f8:3b:4a:62:d9:af:ed:36:c4:43:26:a5:99:
3e:a8:af:24:f8:b2:1b:10:21:ca:3b:13:80:e1:f6:17:d0:ab:
62:ef:9d:96:ff:a8:ec:87:80:7e:6c:94:94:95:89:da:00:81:
e3:96:e4:47:9a:98:bf:17:86:82:10:ad:4b:bb:c6:2c:72:f8:
58:ea:26:d3:a2:5f:c8:67:9e:13:01:50:20:8b:5e:33:e3:0a:
9a:e5:3a:b8:e0:fd:60:d6:17:ec:b1:d8:b6:d6:73:7e:3d:e4:
51:0e:dd:4a:0c:93:41:62:1d:cf:c9:6c:1e:39:c7:fc:b7:42:
f8:e9:3d:65:9b:38:2b:69:86:2e:fc:b6:c4:18:cd:f0:6f:96:
f2:a4:da:22:e3:3b:0c:be:8c:22:12:66:41:1a:e8:f0:a4:aa:
1d:e0:00:3a:8b:d6:6e:8c:93:91:48:79:11:1d:a9:d7:33:5c:
b7:a2:e9:ba:2b:53:96:7d:b7:e7:da:87:46:3f:97:ef:e9:64:
59:3a:4e:06:6d:03:32:d6:77:b8:82:7d:3f:20:86:06:f3:3d:
d5:97:a9:80
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ4IAEvosqnzlo06Q3OZo/PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA4MTQzMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDFhN2Y2ODM1MDA3MjY5OGU2MmZhMGQ5NmQ0ZmM4YWY0YzIyYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCxRGjosC57WqdF3/1uH/vtqyzg/
dRio7b+Ne335CjF3UYU2FKcBKB/h7GcGGQoV7mYM28fbvF5aoM+tNXcm0jw9Zocr
QHmH0GLO7LW7EqQrOUK5NEzBlNyjufF2/T+a2CmyPFuA+F7rUYDUTF9lKrXmDQ6K
I0r7yrt4FC1dFUoY5LKx27iwhb+QY1NGoUdFNzyN9iV8VjUStzE3W18KjlddVTyI
IR19+LudKZY4av1HcXCLampxq2oCrWhu9Rq1GNYvrEan39UTzMrUzMsaMP0H9knf
1T1uYsWOcSwKgWOCDjD1UjR62qzJocmp8TOsCKEuxlO7RqGctSIE0EclLwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCQaf2g1AHJpjmL6DZbU/Ir0wipnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSkJwX2FEVUFjbW1PWXZvTmx0VDhpdlRDS21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUQW3AwQA
UahGAwQAUahuAwQAUpj9AwQAWRzqAwQAWdUAMAwDBABZ1QUDBABZ1QYDBABZ1acD
BABtsFMDBABtsPIDBAC5MX4DBADV0igwDQYJKoZIhvcNAQELBQADggEBADNAmokr
yWqDbgI5/va1wqsdcCioops4JLLywR4vBjCnQg1s2KAKyI+E+DtKYtmv7TbEQyal
mT6oryT4shsQIco7E4Dh9hfQq2LvnZb/qOyHgH5slJSVidoAgeOW5EeamL8XhoIQ
rUu7xixy+FjqJtOiX8hnnhMBUCCLXjPjCprlOrjg/WDWF+yx2LbWc3495FEO3UoM
k0FiHc/JbB45x/y3QvjpPWWbOCtphi78tsQYzfBvlvKk2iLjOwy+jCISZkEa6PCk
qh3gADqL1m6Mk5FIeREdqdczXLei6borU5Z9t+fah0Y/l+/pZFk6TgZtAzLWd7iC
fT8ghgbzPdWXqYA=
-----END CERTIFICATE-----
Generated at Wed May 13 01:15:21 2026 by rpki-client