Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jSRl8jct3oc9IPAREV9kyCvUEv4.roa
File: jSRl8jct3oc9IPAREV9kyCvUEv4.roa (raw, json)
Hash identifier: KhKKtOOQncfkvamW5IOeJNFBZWevqaXGFhsyP7C4G9I=
Subject key identifier: 8D:24:65:F2:37:2D:DE:87:3D:20:F0:11:11:5F:64:C8:2B:D4:12:FE
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 0197C9A23E486D1C13F1CB566FEE2A400F69
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jSRl8jct3oc9IPAREV9kyCvUEv4.roa
Signing time: Wed 02 Jul 2025 05:35:42 +0000
ROA not before: Wed 02 Jul 2025 05:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 45.80.228.0/22 maxlen: 24
45.93.62.0/23 maxlen: 23
178.159.94.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.232.18.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
185.246.216.0/24 maxlen: 24
185.246.217.0/24 maxlen: 24
185.253.24.0/24 maxlen: 24
194.113.238.0/24 maxlen: 24
194.113.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:a2:3e:48:6d:1c:13:f1:cb:56:6f:ee:2a:40:0f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jul 2 05:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d2465f2372dde873d20f011115f64c82bd412fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:51:53:b5:f9:b6:8b:82:0a:ce:dd:7e:c0:ec:
42:2e:e7:3b:23:71:80:3b:57:2d:bd:e1:c6:4b:70:
bf:96:8e:6d:21:90:c7:f1:a5:26:46:58:49:8f:02:
c8:8f:38:5a:7e:e4:c4:55:bb:a2:51:77:cc:ea:d9:
3c:d0:e9:74:2f:c5:d2:e3:95:b2:8f:9c:00:94:75:
3f:36:9d:57:4c:88:cc:83:3d:1a:f3:5a:80:31:06:
35:52:be:1c:82:92:16:6b:de:c3:07:a8:8b:2c:c7:
d6:81:ff:7d:d9:0a:f2:e1:7a:74:0b:c4:f6:ae:78:
20:7c:f1:f7:98:0f:66:e9:d1:78:41:43:01:aa:37:
31:b9:eb:05:62:01:64:60:48:0a:5a:04:f7:f5:5e:
56:d3:73:e6:52:44:f5:b4:1b:06:c0:97:56:75:71:
7b:37:26:09:e3:f8:3c:7e:d4:7c:56:f6:88:aa:58:
f6:9b:73:c6:3a:d5:07:be:f5:ab:f8:26:7f:d0:d5:
31:80:8a:cb:2b:28:f5:77:7b:3c:18:42:bc:6b:48:
98:20:e7:6c:2e:6d:fa:78:78:19:b6:a1:bf:45:34:
f7:8f:20:41:f0:61:f1:15:4d:76:b2:b6:5c:cd:02:
71:ae:94:f7:d5:26:08:71:b7:0a:4a:59:9a:64:49:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:24:65:F2:37:2D:DE:87:3D:20:F0:11:11:5F:64:C8:2B:D4:12:FE
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jSRl8jct3oc9IPAREV9kyCvUEv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.228.0/22
45.93.62.0/23
178.159.94.0/24
185.221.196.0/23
185.232.18.0/23
185.238.88.0/22
185.246.216.0/23
185.253.24.0/24
194.113.238.0/23
Signature Algorithm: sha256WithRSAEncryption
43:08:f2:be:3b:c3:86:50:ab:36:64:d2:4d:ae:92:85:1b:dc:
e2:77:fc:59:62:b5:04:77:8e:de:78:c9:1c:86:6e:8c:72:b4:
21:5b:d5:d8:97:05:ea:98:31:b7:f4:98:cb:f8:d2:81:2c:f7:
a5:88:e2:53:d9:b7:b6:ea:ad:86:5a:cb:26:3b:fb:31:69:c2:
82:93:ed:4b:b8:3a:b6:8d:02:ec:44:0a:d5:25:d8:02:5e:25:
9c:33:3b:63:8b:2d:94:99:e3:f4:dd:30:1b:5d:b8:06:81:1d:
d1:47:fe:04:3b:85:74:85:74:8b:4d:bb:3c:90:3f:a8:97:71:
41:b7:7a:66:c6:3a:40:78:61:c7:a2:e0:58:8a:91:93:18:af:
10:78:87:db:21:21:aa:39:88:20:83:df:86:a5:14:5d:f4:d0:
84:65:2d:8c:ea:5b:5b:ee:fb:58:2f:ca:74:d5:a1:87:ef:72:
2a:6f:13:7f:9c:f9:1b:0b:34:17:5d:23:30:d8:06:c7:65:2b:
cf:26:3e:cb:65:52:66:51:36:af:46:f9:8f:67:a3:dd:62:77:
7c:de:a5:b4:12:9d:0f:41:e4:7d:8a:04:11:ea:95:03:93:ae:
d6:8c:cb:47:b2:08:89:6e:c9:28:0a:7a:9e:82:70:5d:e1:b3:
f7:5b:fd:76
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZfJoj5IbRwT8ctWb+4qQA9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjUwNzAyMDUzNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDI0NjVmMjM3MmRkZTg3M2QyMGYwMTExMTVmNjRjODJiZDQxMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFFTtfm2i4IKzt1+wOxCLuc7I3GA
O1ctveHGS3C/lo5tIZDH8aUmRlhJjwLIjzhafuTEVbuiUXfM6tk80Ol0L8XS45Wy
j5wAlHU/Np1XTIjMgz0a81qAMQY1Ur4cgpIWa97DB6iLLMfWgf992Qry4Xp0C8T2
rnggfPH3mA9m6dF4QUMBqjcxuesFYgFkYEgKWgT39V5W03PmUkT1tBsGwJdWdXF7
NyYJ4/g8ftR8VvaIqlj2m3PGOtUHvvWr+CZ/0NUxgIrLKyj1d3s8GEK8a0iYIOds
Lm36eHgZtqG/RTT3jyBB8GHxFU12srZczQJxrpT31SYIcbcKSlmaZEmM0QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI0kZfI3Ld6HPSDwERFfZMgr1BL+MB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvalNSbDhqY3Qzb2M5SVBBUkVWOWt5Q3ZVRXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLVDkAwQB
LV0+AwQAsp9eAwQBud3EAwQBuegSAwQCue5YAwQBufbYAwQAuf0YAwQBwnHuMA0G
CSqGSIb3DQEBCwUAA4IBAQBDCPK+O8OGUKs2ZNJNrpKFG9zid/xZYrUEd47eeMkc
hm6McrQhW9XYlwXqmDG39JjL+NKBLPeliOJT2be26q2GWssmO/sxacKCk+1LuDq2
jQLsRArVJdgCXiWcMztjiy2UmeP03TAbXbgGgR3RR/4EO4V0hXSLTbs8kD+ol3FB
t3pmxjpAeGHHouBYipGTGK8QeIfbISGqOYggg9+GpRRd9NCEZS2M6ltb7vtYL8p0
1aGH73IqbxN/nPkbCzQXXSMw2AbHZSvPJj7LZVJmUTavRvmPZ6PdYnd83qW0Ep0P
QeR9igQR6pUDk67WjMtHsgiJbskoCnqegnBd4bP3W/12
-----END CERTIFICATE-----
Generated at Thu Jul 24 20:45:07 2025 by rpki-client