Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JRZ918RYMIyC6vSjPKMFOfv9Ojg.roa
File: JRZ918RYMIyC6vSjPKMFOfv9Ojg.roa (raw, json)
Hash identifier: ldZ8QsJK0Vbd9Hsok1yuaaZk/NLjwUPisAGTW8HPTfE=
Subject key identifier: 25:16:7D:D7:C4:58:30:8C:82:EA:F4:A3:3C:A3:05:39:FB:FD:3A:38
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019928688F34595DD27984200972224ADB29
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JRZ918RYMIyC6vSjPKMFOfv9Ojg.roa
Signing time: Mon 08 Sep 2025 08:19:24 +0000
ROA not before: Mon 08 Sep 2025 08:19:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:28:68:8f:34:59:5d:d2:79:84:20:09:72:22:4a:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 8 08:19:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25167dd7c458308c82eaf4a33ca30539fbfd3a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b4:2a:27:ba:60:18:5b:3e:98:1a:63:cf:61:
c9:5f:60:e2:c5:6f:65:7f:3a:08:43:80:ab:cb:62:
00:e7:47:95:6f:37:c8:0e:72:cc:69:37:9f:9f:f4:
7b:d7:06:88:7d:0c:01:e1:f1:71:3e:04:b6:2e:c8:
93:39:10:43:31:c6:51:fb:65:cd:0b:fc:7a:69:8c:
cc:c4:9a:52:58:f3:95:c2:a1:72:40:bd:95:d9:4d:
d5:c0:fe:27:c3:db:55:e5:fc:68:ec:06:8f:4e:6e:
b6:97:0d:59:25:f1:e0:c7:40:96:8b:0a:24:87:87:
28:84:de:7c:3b:93:e7:54:b4:e1:3a:7d:f3:d6:be:
12:98:02:8c:5a:d4:bf:77:a7:9c:bc:29:bc:4d:01:
66:4a:89:e4:4c:f6:27:c5:12:63:75:ba:9c:ec:0c:
60:f8:59:4a:d9:11:fa:f9:15:7b:b1:c7:ce:04:bc:
8a:8b:f8:8f:c5:2e:16:47:48:67:00:02:52:ad:ea:
72:4a:da:4c:62:90:18:68:ee:55:e8:01:7a:a9:5f:
23:77:12:3c:1f:2f:18:27:31:d5:af:a1:f6:b9:b2:
c4:3a:e8:94:34:2a:0b:98:1a:68:ab:07:12:c3:fd:
9f:35:3e:0b:d7:bb:ac:f3:5d:6d:54:52:91:37:33:
d3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:16:7D:D7:C4:58:30:8C:82:EA:F4:A3:3C:A3:05:39:FB:FD:3A:38
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JRZ918RYMIyC6vSjPKMFOfv9Ojg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
82.153.208.0/22
89.213.58.0/24
89.213.60.0/23
89.213.147.0/24
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f4:32:a5:ba:d3:03:de:dd:f4:25:8f:52:50:88:63:1d:45:
be:24:de:46:75:0d:03:1b:95:bc:f0:9e:a3:7d:98:e2:3f:8e:
52:eb:62:06:d5:6e:6e:1b:a3:84:fe:b0:39:fd:e7:2d:fa:04:
2b:a1:72:ed:c2:7d:44:b1:44:79:c4:7c:00:e7:c9:5a:62:6b:
0d:a2:08:50:d5:32:6e:c4:8d:37:9c:d8:e3:86:66:34:43:b2:
80:a7:85:48:bf:f8:89:3c:10:b6:d7:4e:6a:c2:7c:d2:5b:23:
4e:6a:53:23:c3:35:fa:67:cc:a3:d5:8c:c9:6b:1b:02:63:0f:
84:a7:0e:63:46:27:cd:40:cd:28:65:35:39:13:d9:07:33:25:
9c:fb:09:fb:98:6c:b9:5d:42:a6:84:a3:e5:d5:b8:92:a0:86:
18:0c:f9:be:e0:ec:8a:45:45:77:4c:4b:c3:f8:15:b9:f2:83:
97:75:2c:68:0c:c0:da:5b:b7:7d:1e:c1:71:b6:9f:93:3e:55:
e7:23:58:83:18:5f:b3:8c:b9:62:b3:6f:b9:45:18:3e:79:41:
63:d3:8d:6a:58:80:a4:80:d1:e6:7d:16:af:c9:a0:66:7b:45:
51:65:af:89:e1:1f:2e:31:dd:29:98:ba:ec:3c:40:2d:10:8d:
f3:a5:2a:af
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZkoaI80WV3SeYQgCXIiStspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTA4MDgxOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE2N2RkN2M0NTgzMDhjODJlYWY0YTMzY2EzMDUzOWZiZmQzYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bQqJ7pgGFs+mBpjz2HJX2DixW9l
fzoIQ4Cry2IA50eVbzfIDnLMaTefn/R71waIfQwB4fFxPgS2LsiTORBDMcZR+2XN
C/x6aYzMxJpSWPOVwqFyQL2V2U3VwP4nw9tV5fxo7AaPTm62lw1ZJfHgx0CWiwok
h4cohN58O5PnVLThOn3z1r4SmAKMWtS/d6ecvCm8TQFmSonkTPYnxRJjdbqc7Axg
+FlK2RH6+RV7scfOBLyKi/iPxS4WR0hnAAJSrepyStpMYpAYaO5V6AF6qV8jdxI8
Hy8YJzHVr6H2ubLEOuiUNCoLmBpoqwcSw/2fNT4L17us811tVFKRNzPTTwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCUWfdfEWDCMgur0ozyjBTn7/To4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlJaOTE4UllNSXlDNnZTalBLTUZPZnY5T2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBUpiuAwQC
UpnQAwQAWdU6AwQBWdU8AwQAWdWTMAwDBAFZ1cYDBAFZ1cwDBABZ1eQDBABZ1fkw
DQYJKoZIhvcNAQELBQADggEBAKj0MqW60wPe3fQlj1JQiGMdRb4k3kZ1DQMblbzw
nqN9mOI/jlLrYgbVbm4bo4T+sDn95y36BCuhcu3CfUSxRHnEfADnyVpiaw2iCFDV
Mm7EjTec2OOGZjRDsoCnhUi/+Ik8ELbXTmrCfNJbI05qUyPDNfpnzKPVjMlrGwJj
D4SnDmNGJ81AzShlNTkT2QczJZz7CfuYbLldQqaEo+XVuJKghhgM+b7g7IpFRXdM
S8P4Fbnyg5d1LGgMwNpbt30ewXG2n5M+VecjWIMYX7OMuWKzb7lFGD55QWPTjWpY
gKSA0eZ9Fq/JoGZ7RVFlr4nhHy4x3SmYuuw8QC0QjfOlKq8=
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:28:33 2025 by rpki-client