Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/JKdvv1QAYbOX_pZXm3TAJbKAklQ.roa
File: JKdvv1QAYbOX_pZXm3TAJbKAklQ.roa (raw, json)
Hash identifier: Zhr1jf+vfEhpYP37GfGTX0mdaI+oa5pateSnk6/0QO4=
Subject key identifier: 24:A7:6F:BF:54:00:61:B3:97:FE:96:57:9B:74:C0:25:B2:80:92:54
Certificate issuer: /CN=0c05ca111c0093b56514215be467b515dda56c06
Certificate serial: 019E175E4EBF03363FB43D84A3004C66070B
Authority key identifier: 0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/JKdvv1QAYbOX_pZXm3TAJbKAklQ.roa
Signing time: Mon 11 May 2026 14:08:36 +0000
ROA not before: Mon 11 May 2026 14:08:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203682
IP address blocks: 165.217.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:5e:4e:bf:03:36:3f:b4:3d:84:a3:00:4c:66:07:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c05ca111c0093b56514215be467b515dda56c06
Validity
Not Before: May 11 14:08:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=24a76fbf540061b397fe96579b74c025b2809254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fe:ba:7d:9b:82:d4:c5:5a:79:14:81:cf:80:
bc:32:ab:76:bd:05:10:b1:66:fd:59:98:e7:84:d5:
8f:e7:d7:d2:dd:87:6f:ee:09:89:76:c6:57:ce:e0:
ab:dc:72:11:fb:dd:a4:5c:ae:7b:74:d2:bf:c2:f6:
70:fe:b9:e8:03:03:4f:e9:0b:c6:bc:f0:9a:c9:d0:
76:a4:7e:01:d6:4c:85:7e:f7:6a:11:ec:22:cd:69:
4a:35:43:40:5e:ba:a7:db:1d:6b:88:88:c2:9e:19:
de:08:d2:fe:35:13:90:2a:c1:88:ea:aa:7d:4f:64:
45:e2:a8:f8:b9:3c:ff:0d:44:37:f6:f3:1c:60:4c:
14:79:98:ce:fa:63:57:46:87:9b:70:b6:66:69:0a:
34:1b:9b:06:61:96:2f:d6:10:88:bd:93:aa:48:c0:
ca:8e:9c:d6:f5:b3:e8:53:84:59:61:7d:b8:ed:b5:
d0:48:f9:d8:78:e0:f3:91:76:b0:2a:ab:75:2b:eb:
20:bc:a3:83:90:fa:73:2f:6b:f6:14:e0:32:14:5c:
3a:92:aa:7e:72:48:49:7f:ed:df:88:59:75:0b:76:
0f:be:b7:41:a1:09:2c:04:6c:d5:d2:4b:15:5a:82:
29:25:2d:8f:40:9a:cd:c4:33:ad:9e:ae:57:cf:ff:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A7:6F:BF:54:00:61:B3:97:FE:96:57:9B:74:C0:25:B2:80:92:54
X509v3 Authority Key Identifier:
keyid:0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/JKdvv1QAYbOX_pZXm3TAJbKAklQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.217.160.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ea:bc:67:02:5b:52:59:34:83:11:0d:4a:cd:e6:b1:c0:bd:
81:56:f0:b4:36:14:13:b8:60:c4:0e:cf:9e:bc:0a:d3:68:3b:
d8:32:52:3f:25:9f:e7:eb:2e:f7:79:c3:c4:26:c3:be:9c:c6:
9b:9c:bc:7f:f1:2d:2c:df:c4:9f:ac:11:7f:5d:91:62:ab:ae:
1e:af:e8:98:b1:d9:2a:20:46:ba:1a:83:f3:f2:26:43:02:68:
7b:5f:1b:24:cd:40:8f:79:aa:ef:c9:f4:c9:4b:60:9a:a5:4b:
05:88:31:97:57:d9:3d:73:4b:af:cc:ac:30:ab:5f:bf:0b:16:
37:f8:30:70:f1:cb:35:fe:7e:92:ac:6f:63:81:19:89:83:ed:
b9:68:20:5b:d3:21:a2:80:0c:39:9c:d1:c5:d2:29:da:14:35:
d0:06:df:5f:29:6d:bb:d9:65:cd:aa:c8:a1:24:90:9b:c3:eb:
b6:25:b0:73:9a:68:94:95:67:53:e1:56:8d:f4:a6:3f:52:2c:
7e:9e:51:81:63:3f:fa:88:b8:3f:a6:97:1c:ff:26:f0:b2:a5:
1e:42:ca:d4:e7:98:d1:f5:f7:52:a5:83:60:07:59:a2:1d:2c:
ab:6d:4d:67:2e:81:8f:3b:d3:66:a3:21:90:f5:8b:39:f6:9c:
dd:8d:a3:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4XXk6/AzY/tD2EowBMZgcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDVjYTExMWMwMDkzYjU2NTE0MjE1YmU0NjdiNTE1ZGRh
NTZjMDYwHhcNMjYwNTExMTQwODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGE3NmZiZjU0MDA2MWIzOTdmZTk2NTc5Yjc0YzAyNWIyODA5MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/66fZuC1MVaeRSBz4C8Mqt2vQUQ
sWb9WZjnhNWP59fS3Ydv7gmJdsZXzuCr3HIR+92kXK57dNK/wvZw/rnoAwNP6QvG
vPCaydB2pH4B1kyFfvdqEewizWlKNUNAXrqn2x1riIjCnhneCNL+NROQKsGI6qp9
T2RF4qj4uTz/DUQ39vMcYEwUeZjO+mNXRoebcLZmaQo0G5sGYZYv1hCIvZOqSMDK
jpzW9bPoU4RZYX247bXQSPnYeODzkXawKqt1K+sgvKODkPpzL2v2FOAyFFw6kqp+
ckhJf+3fiFl1C3YPvrdBoQksBGzV0ksVWoIpJS2PQJrNxDOtnq5Xz//VswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSnb79UAGGzl/6WV5t0wCWygJJUMB8GA1UdIwQY
MBaAFAwFyhEcAJO1ZRQhW+RntRXdpWwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQt
NmEzNjcwNWJiYTZmLzEvSktkdnYxUUFZYk9YX3BaWG0zVEFKYktBa2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQtNmEzNjcwNWJiYTZm
LzEvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApdmgMA0G
CSqGSIb3DQEBCwUAA4IBAQBL6rxnAltSWTSDEQ1KzeaxwL2BVvC0NhQTuGDEDs+e
vArTaDvYMlI/JZ/n6y73ecPEJsO+nMabnLx/8S0s38SfrBF/XZFiq64er+iYsdkq
IEa6GoPz8iZDAmh7XxskzUCPearvyfTJS2CapUsFiDGXV9k9c0uvzKwwq1+/CxY3
+DBw8cs1/n6SrG9jgRmJg+25aCBb0yGigAw5nNHF0inaFDXQBt9fKW272WXNqsih
JJCbw+u2JbBzmmiUlWdT4VaN9KY/Uix+nlGBYz/6iLg/ppcc/ybwsqUeQsrU55jR
9fdSpYNgB1miHSyrbU1nLoGPO9NmoyGQ9Ys59pzdjaOI
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:50 2026 by rpki-client