Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/JoeiFWNjjvIPOlROi_VGGMgQhvU.roa
File: JoeiFWNjjvIPOlROi_VGGMgQhvU.roa (raw, json)
Hash identifier: zb+eHGR6nD50fILOA3y9cV4VqzOKkbibkd0YSA6RbyM=
Subject key identifier: 26:87:A2:15:63:63:8E:F2:0F:3A:54:4E:8B:F5:46:18:C8:10:86:F5
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 019CE70FF93CB9905F7F46D5309510B8A0B8
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/JoeiFWNjjvIPOlROi_VGGMgQhvU.roa
Signing time: Fri 13 Mar 2026 11:58:29 +0000
ROA not before: Fri 13 Mar 2026 11:58:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213224
IP address blocks: 66.71.160.0/20 maxlen: 24
66.71.184.0/21 maxlen: 24
85.235.158.0/23 maxlen: 24
209.227.208.0/20 maxlen: 24
209.227.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:0f:f9:3c:b9:90:5f:7f:46:d5:30:95:10:b8:a0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Mar 13 11:58:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2687a21563638ef20f3a544e8bf54618c81086f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:92:ae:6a:cd:82:44:f1:88:48:98:b5:10:f4:
f8:73:a8:01:a3:49:27:32:ec:0d:2a:44:86:ee:e3:
9f:bc:c1:62:30:f7:ed:09:1d:09:33:5b:52:0e:c7:
74:78:d2:70:b4:15:77:50:5f:7e:35:c9:77:f2:31:
ea:1c:7a:e8:e9:1d:76:65:e4:23:f3:07:13:65:04:
86:bd:58:9a:d6:d7:10:2f:72:d9:09:ae:66:50:3a:
50:21:3a:21:ef:c8:0f:70:0b:47:22:8a:e3:35:f9:
2f:0e:6a:76:3f:d8:cb:2f:f8:8a:44:67:7f:26:57:
79:3e:68:30:7d:51:b5:a2:29:e1:92:8c:a1:cb:29:
95:2b:ad:d0:66:ff:65:ec:1f:00:3e:2d:2b:2f:c0:
06:07:58:98:4c:27:a4:4a:fa:10:2c:62:6c:61:aa:
eb:c0:a1:fe:33:37:66:8a:18:61:7e:c4:28:c7:4a:
cc:0e:65:1b:60:aa:99:8a:4f:fa:cc:19:b8:84:fd:
62:24:cf:89:2d:5e:89:eb:93:13:5d:b6:51:9a:6a:
87:99:9a:17:0e:5a:9b:f8:29:27:86:3a:ca:1d:f4:
30:30:ec:b9:b2:2f:7c:6e:35:6d:17:10:72:16:71:
3f:a8:f5:01:73:94:0b:82:8c:fa:99:e5:08:74:97:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:87:A2:15:63:63:8E:F2:0F:3A:54:4E:8B:F5:46:18:C8:10:86:F5
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/JoeiFWNjjvIPOlROi_VGGMgQhvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.71.160.0/20
66.71.184.0/21
85.235.158.0/23
209.227.208.0/20
209.227.240.0/20
Signature Algorithm: sha256WithRSAEncryption
10:c9:36:28:77:fa:fc:02:49:d5:b6:87:79:94:17:fd:30:5d:
62:ee:b2:0a:ce:d0:8a:10:fe:9a:9c:69:b2:ec:a6:db:ea:f5:
89:03:50:3d:32:8b:ca:ae:40:cb:78:0b:7e:ef:79:16:25:ae:
db:54:02:1e:fb:7f:36:c2:10:82:33:c5:4a:ef:6a:fa:6b:12:
bf:7e:19:2f:ee:80:e4:86:df:d1:7e:d7:4c:cc:f0:f0:9a:94:
26:9c:b4:21:08:07:d8:34:24:03:ce:06:88:4a:18:26:a7:8a:
2b:47:0e:68:87:79:0d:72:bc:61:93:f8:6a:d5:bb:82:e7:a9:
27:68:b8:8c:c4:c3:0e:ff:89:a9:52:dc:a7:48:c9:73:c0:33:
fa:8b:c5:6d:83:12:48:1b:46:b5:73:a1:b1:96:f0:9e:6c:bf:
1a:57:5d:06:b5:df:e8:d4:0f:6b:19:24:d8:d0:80:3d:9e:21:
db:d5:cf:c3:c9:f8:24:ac:2b:db:34:a5:52:3e:6f:76:67:75:
36:e1:11:3b:51:99:1a:62:1d:95:50:e0:d8:30:13:14:c6:9f:
5e:b3:00:2d:de:6d:e4:c4:06:cb:5a:16:57:17:73:04:d3:09:
3d:49:6d:d2:98:a2:2b:b6:fc:41:f5:39:62:93:51:07:e1:b1:
09:ec:b0:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZznD/k8uZBff0bVMJUQuKC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjYwMzEzMTE1ODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjg3YTIxNTYzNjM4ZWYyMGYzYTU0NGU4YmY1NDYxOGM4MTA4NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopKuas2CRPGISJi1EPT4c6gBo0kn
MuwNKkSG7uOfvMFiMPftCR0JM1tSDsd0eNJwtBV3UF9+Ncl38jHqHHro6R12ZeQj
8wcTZQSGvVia1tcQL3LZCa5mUDpQIToh78gPcAtHIorjNfkvDmp2P9jLL/iKRGd/
Jld5PmgwfVG1oinhkoyhyymVK63QZv9l7B8APi0rL8AGB1iYTCekSvoQLGJsYarr
wKH+MzdmihhhfsQox0rMDmUbYKqZik/6zBm4hP1iJM+JLV6J65MTXbZRmmqHmZoX
Dlqb+CknhjrKHfQwMOy5si98bjVtFxByFnE/qPUBc5QLgoz6meUIdJfgBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCaHohVjY47yDzpUTov1RhjIEIb1MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvSm9laUZXTmpqdklQT2xST2lfVkdHTWdRaHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEQkegAwQD
Qke4AwQBVeueAwQE0ePQAwQE0ePwMA0GCSqGSIb3DQEBCwUAA4IBAQAQyTYod/r8
AknVtod5lBf9MF1i7rIKztCKEP6anGmy7Kbb6vWJA1A9MovKrkDLeAt+73kWJa7b
VAIe+382whCCM8VK72r6axK/fhkv7oDkht/RftdMzPDwmpQmnLQhCAfYNCQDzgaI
Shgmp4orRw5oh3kNcrxhk/hq1buC56knaLiMxMMO/4mpUtynSMlzwDP6i8VtgxJI
G0a1c6GxlvCebL8aV10Gtd/o1A9rGSTY0IA9niHb1c/DyfgkrCvbNKVSPm92Z3U2
4RE7UZkaYh2VUODYMBMUxp9eswAt3m3kxAbLWhZXF3ME0wk9SW3SmKIrtvxB9Tli
k1EH4bEJ7LBS
-----END CERTIFICATE-----
Generated at Fri Mar 27 01:32:52 2026 by rpki-client