Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/jqDtuj7TQwmpeAsrgDGo2tnzoOs.roa
File: jqDtuj7TQwmpeAsrgDGo2tnzoOs.roa (raw, json)
Hash identifier: N6eOebDyK+/ryuWDEq7in+7iHQ+eGbjFMKpLIcyazdY=
Subject key identifier: 8E:A0:ED:BA:3E:D3:43:09:A9:78:0B:2B:80:31:A8:DA:D9:F3:A0:EB
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019832C8525370319AC09B2A4EB17D7EF87F
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/jqDtuj7TQwmpeAsrgDGo2tnzoOs.roa
Signing time: Tue 22 Jul 2025 15:37:25 +0000
ROA not before: Tue 22 Jul 2025 15:37:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31479
IP address blocks: 49.0.184.0/21 maxlen: 21
80.66.116.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
185.28.48.0/23 maxlen: 23
185.216.128.0/22 maxlen: 22
201.77.58.0/24 maxlen: 24
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:c8:52:53:70:31:9a:c0:9b:2a:4e:b1:7d:7e:f8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 22 15:37:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea0edba3ed34309a9780b2b8031a8dad9f3a0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:14:48:d9:bb:62:ae:1c:da:8c:fe:c3:2f:
8f:3d:8b:7f:66:23:98:c2:07:09:5a:2c:30:9f:7b:
66:59:b2:b0:2b:09:09:f6:1e:d7:d3:2d:7c:ac:10:
65:90:a6:6b:35:a1:9a:4e:53:de:09:7f:0f:4a:5f:
c4:fb:03:3a:ce:c0:c7:18:dd:c7:31:d9:06:22:08:
af:54:6d:10:e6:2d:e3:7f:81:02:38:b9:10:5a:29:
c5:3d:60:67:f6:f6:ff:a4:d3:9a:e9:2e:38:7f:1b:
4b:90:18:6d:cd:49:4d:76:77:4d:98:8f:e8:a1:53:
68:7a:97:c9:d1:f2:6b:1b:39:f8:c9:47:d0:ea:25:
7f:d9:8d:74:45:a3:c2:74:02:37:c3:b3:2a:91:07:
8e:61:4d:bc:1a:95:e1:39:19:89:da:27:ab:b3:25:
0c:f9:ff:40:dd:0e:65:23:ae:b4:78:92:60:d4:5f:
5e:9b:20:52:0a:0a:43:eb:d3:a8:e6:93:b2:b9:52:
e1:3f:18:b4:9b:12:62:4c:7f:d5:25:a4:11:77:28:
d8:62:b7:15:4c:eb:c3:04:07:1b:34:35:3e:1f:66:
6f:13:5a:ee:b4:8b:f8:f7:0d:40:6c:74:05:28:97:
29:2c:bc:0e:ac:3f:af:e4:9a:15:2a:bd:ca:62:cc:
95:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A0:ED:BA:3E:D3:43:09:A9:78:0B:2B:80:31:A8:DA:D9:F3:A0:EB
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/jqDtuj7TQwmpeAsrgDGo2tnzoOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
49.0.184.0/21
80.66.116.0/24
94.198.46.0/24
178.19.32.0/23
185.28.48.0/23
185.216.128.0/22
201.77.58.0/24
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
08:3c:36:7c:a2:96:67:98:93:ef:5e:fe:d5:78:d5:c6:89:99:
50:df:46:fc:ee:7e:fe:1e:66:73:4a:ad:3b:82:30:5a:8f:33:
57:48:4a:b0:65:31:3b:5e:e5:47:f7:8a:5d:de:9c:b3:85:e5:
44:55:cc:67:c2:1d:f2:de:35:31:74:07:7b:95:6c:46:e1:5c:
aa:83:41:43:68:fc:9f:45:7a:eb:04:c3:97:f5:dc:85:19:2e:
4f:64:36:c8:f3:89:f6:ea:90:c8:ef:56:cb:86:bd:99:22:b9:
9a:12:ac:42:70:0e:4f:4c:61:48:c2:91:de:ab:b9:4a:ca:70:
78:33:20:b8:ae:54:12:e8:e6:38:c2:1d:8d:f3:43:66:5f:89:
6a:23:70:64:4b:cd:88:c0:be:6c:aa:26:2d:ca:8a:15:50:c8:
f1:76:7a:83:b3:64:5e:8e:06:dc:5c:1c:d2:93:5e:05:1c:f3:
e8:c3:fe:24:2c:f0:f6:d3:90:d0:7a:5f:f6:43:04:f4:70:57:
63:f5:0e:6b:14:01:ea:d2:6a:ce:83:42:94:78:bf:90:8d:32:
7d:3f:1c:01:69:2b:91:ad:dc:57:bc:0f:eb:eb:22:20:e2:c6:
a4:d5:a7:24:9b:3b:68:52:b4:cb:0d:7d:41:4a:ec:15:4f:14:
eb:bc:02:db
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZgyyFJTcDGawJsqTrF9fvh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNzIyMTUzNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWEwZWRiYTNlZDM0MzA5YTk3ODBiMmI4MDMxYThkYWQ5ZjNhMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKkUSNm7Yq4c2oz+wy+PPYt/ZiOY
wgcJWiwwn3tmWbKwKwkJ9h7X0y18rBBlkKZrNaGaTlPeCX8PSl/E+wM6zsDHGN3H
MdkGIgivVG0Q5i3jf4ECOLkQWinFPWBn9vb/pNOa6S44fxtLkBhtzUlNdndNmI/o
oVNoepfJ0fJrGzn4yUfQ6iV/2Y10RaPCdAI3w7MqkQeOYU28GpXhORmJ2iersyUM
+f9A3Q5lI660eJJg1F9emyBSCgpD69Oo5pOyuVLhPxi0mxJiTH/VJaQRdyjYYrcV
TOvDBAcbNDU+H2ZvE1rutIv49w1AbHQFKJcpLLwOrD+v5JoVKr3KYsyVPwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI6g7bo+00MJqXgLK4AxqNrZ86DrMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvanFEdHVqN1RRd21wZUFzcmdER28ydG56b09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDMQC4AwQA
UEJ0AwQAXsYuAwQBshMgAwQBuRwwAwQCudiAAwQAyU06MA0EAgACMAcDBQAgAUAw
MA0GCSqGSIb3DQEBCwUAA4IBAQAIPDZ8opZnmJPvXv7VeNXGiZlQ30b87n7+HmZz
Sq07gjBajzNXSEqwZTE7XuVH94pd3pyzheVEVcxnwh3y3jUxdAd7lWxG4Vyqg0FD
aPyfRXrrBMOX9dyFGS5PZDbI84n26pDI71bLhr2ZIrmaEqxCcA5PTGFIwpHeq7lK
ynB4MyC4rlQS6OY4wh2N80NmX4lqI3BkS82IwL5sqiYtyooVUMjxdnqDs2Rejgbc
XBzSk14FHPPow/4kLPD205DQel/2QwT0cFdj9Q5rFAHq0mrOg0KUeL+QjTJ9PxwB
aSuRrdxXvA/r6yIg4sak1ackmztoUrTLDX1BSuwVTxTrvALb
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:01:50 2025 by rpki-client