Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JEyEvKrGPoeGVW_p9SqKYznFCQE.roa
File: JEyEvKrGPoeGVW_p9SqKYznFCQE.roa (raw, json)
Hash identifier: Y109U8wM5Vhd85DB72aKLrjq6IpLiDZ1xIt0tiCz1wc=
Subject key identifier: 24:4C:84:BC:AA:C6:3E:87:86:55:6F:E9:F5:2A:8A:63:39:C5:09:01
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0198140C6333763D3694DD00503194A34D08
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JEyEvKrGPoeGVW_p9SqKYznFCQE.roa
Signing time: Wed 16 Jul 2025 16:23:32 +0000
ROA not before: Wed 16 Jul 2025 16:23:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 2a12:bec4:1520::/48 maxlen: 48
2a12:bec4:1521::/48 maxlen: 48
2a12:bec4:1522::/48 maxlen: 48
2a12:bec4:152f::/48 maxlen: 48
2a12:bec4:1651::/48 maxlen: 48
2a12:bec4:1652::/48 maxlen: 48
2a12:bec4:1653::/48 maxlen: 48
2a12:bec4:1654::/48 maxlen: 48
2a12:bec4:1655::/48 maxlen: 48
2a12:bec4:1656::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:14:0c:63:33:76:3d:36:94:dd:00:50:31:94:a3:4d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jul 16 16:23:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=244c84bcaac63e8786556fe9f52a8a6339c50901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:37:28:6c:98:cc:95:a1:89:91:58:00:71:d0:
5a:1c:6a:9e:01:72:71:09:61:6f:32:45:f0:a0:25:
d7:fc:c1:09:27:a9:a9:43:d7:91:be:a9:db:0e:03:
26:e7:16:54:20:b1:03:2f:e1:12:1b:4c:e3:2b:61:
33:c1:ee:66:f1:cb:4f:c1:f3:f9:63:da:71:4c:e8:
cc:59:d9:de:0f:d8:87:8c:93:69:d5:7c:17:94:ac:
89:c0:15:1e:da:fb:f0:ce:3a:ed:e0:4a:ad:0c:38:
9d:82:59:ad:38:de:13:94:c8:dc:74:71:6f:32:f3:
83:f3:c8:6f:5a:e4:a8:f8:3c:4b:8f:e2:67:28:2c:
08:ee:3e:f7:20:74:8f:65:51:a6:a5:43:8e:31:80:
d7:cf:87:ba:1e:80:48:aa:bd:d5:f9:d2:be:2a:41:
40:2c:71:30:1d:81:5c:84:09:a3:45:59:0a:00:42:
bf:20:dd:d4:7f:50:fb:cc:b1:ea:2c:58:0d:49:d0:
84:be:e7:8c:58:54:4f:0c:8c:c8:a5:dc:8f:10:e7:
6c:05:96:3e:86:b6:bd:cf:ae:1a:06:dc:75:22:7c:
d2:94:7b:be:3c:a7:26:72:83:f4:56:ad:78:ce:be:
89:69:26:2c:f2:d9:74:9a:0b:9b:44:f4:74:14:b2:
ac:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4C:84:BC:AA:C6:3E:87:86:55:6F:E9:F5:2A:8A:63:39:C5:09:01
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JEyEvKrGPoeGVW_p9SqKYznFCQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1520::-2a12:bec4:1522:ffff:ffff:ffff:ffff:ffff
2a12:bec4:152f::/48
2a12:bec4:1651::-2a12:bec4:1656:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:a5:20:08:be:35:7c:b3:15:7f:22:8d:d7:4c:86:31:ef:d7:
f3:fa:c2:f1:80:4a:5c:3d:2b:05:d5:e8:63:ac:a1:44:0f:b7:
d5:c2:f9:8e:97:8a:b7:4f:8b:29:1f:e8:fc:9b:4c:0c:ac:97:
6b:93:18:07:38:71:b7:7e:08:8d:c0:ac:cd:d9:02:0d:62:41:
72:7c:a8:64:85:92:00:4a:d4:f3:a0:5d:db:69:5f:6d:88:89:
ca:30:c5:c9:f4:a4:26:3d:23:6c:96:5c:99:03:6a:96:0b:b2:
69:6e:cb:1a:76:a2:f1:8a:ae:9b:35:44:aa:16:12:67:4e:db:
d0:93:ee:f0:0b:e6:7f:0d:2d:3b:42:71:68:40:59:88:dc:0b:
7d:f1:33:97:c7:ae:ea:77:77:cc:9a:aa:17:5e:aa:e1:de:b9:
3a:27:24:ca:e2:a0:c3:0c:54:7d:1c:0c:e7:92:82:bd:04:73:
5b:13:1c:5c:5a:33:65:a6:ee:57:81:b7:28:d7:72:92:05:1a:
40:71:1c:63:03:45:3f:e7:f0:81:3a:b0:ac:4c:22:32:74:bd:
fe:26:4a:b9:57:83:17:71:45:1a:57:2c:51:08:9a:0e:59:22:
ee:ad:53:c2:5d:e4:8e:32:da:99:bd:e8:4a:07:03:22:29:e5:
1c:39:99:86
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZgUDGMzdj02lN0AUDGUo00IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNzE2MTYyMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRjODRiY2FhYzYzZTg3ODY1NTZmZTlmNTJhOGE2MzM5YzUwOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TcobJjMlaGJkVgAcdBaHGqeAXJx
CWFvMkXwoCXX/MEJJ6mpQ9eRvqnbDgMm5xZUILEDL+ESG0zjK2Ezwe5m8ctPwfP5
Y9pxTOjMWdneD9iHjJNp1XwXlKyJwBUe2vvwzjrt4EqtDDidglmtON4TlMjcdHFv
MvOD88hvWuSo+DxLj+JnKCwI7j73IHSPZVGmpUOOMYDXz4e6HoBIqr3V+dK+KkFA
LHEwHYFchAmjRVkKAEK/IN3Uf1D7zLHqLFgNSdCEvueMWFRPDIzIpdyPEOdsBZY+
hra9z64aBtx1InzSlHu+PKcmcoP0Vq14zr6JaSYs8tl0mgubRPR0FLKsvQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCRMhLyqxj6HhlVv6fUqimM5xQkBMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSkV5RXZLckdQb2VHVldfcDlTcUtZem5GQ1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwUqEr7E
FSADBwAqEr7EFSIDBwAqEr7EFS8wEgMHACoSvsQWUQMHACoSvsQWVjANBgkqhkiG
9w0BAQsFAAOCAQEAIaUgCL41fLMVfyKN10yGMe/X8/rC8YBKXD0rBdXoY6yhRA+3
1cL5jpeKt0+LKR/o/JtMDKyXa5MYBzhxt34IjcCszdkCDWJBcnyoZIWSAErU86Bd
22lfbYiJyjDFyfSkJj0jbJZcmQNqlguyaW7LGnai8YqumzVEqhYSZ07b0JPu8Avm
fw0tO0JxaEBZiNwLffEzl8eu6nd3zJqqF16q4d65OickyuKgwwxUfRwM55KCvQRz
WxMcXFozZabuV4G3KNdykgUaQHEcYwNFP+fwgTqwrEwiMnS9/iZKuVeDF3FFGlcs
UQiaDlki7q1Twl3kjjLamb3oSgcDIinlHDmZhg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:25:18 2025 by rpki-client