Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jzwnOtuqJqcmvl5BvsqsHlqufZ0.roa
File: jzwnOtuqJqcmvl5BvsqsHlqufZ0.roa (raw, json)
Hash identifier: DnDd0JfA2RBBi9a3FBDY7mx5WQduJOLl2r1u7a00u6o=
Subject key identifier: 8F:3C:27:3A:DB:AA:26:A7:26:BE:5E:41:BE:CA:AC:1E:5A:AE:7D:9D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199BDB1130E98EC927ADA93374C72CF850C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jzwnOtuqJqcmvl5BvsqsHlqufZ0.roa
Signing time: Tue 07 Oct 2025 08:02:02 +0000
ROA not before: Tue 07 Oct 2025 08:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 82.152.248.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:b1:13:0e:98:ec:92:7a:da:93:37:4c:72:cf:85:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 7 08:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f3c273adbaa26a726be5e41becaac1e5aae7d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dd:6c:50:6f:bf:b7:f2:98:7c:50:39:be:b5:
21:ef:98:ab:59:2e:82:dc:86:63:0f:1a:63:86:a5:
27:6d:3b:0f:f4:f8:35:9d:45:88:f4:73:81:fd:67:
64:42:32:b6:3f:40:ae:ef:8b:f1:d2:d0:b7:80:7a:
54:a4:e8:b8:5d:dc:15:57:6d:d5:9b:0a:43:54:14:
3c:82:c4:7f:6e:f7:b5:ef:31:d1:ea:62:7d:81:96:
97:e1:9f:ba:e6:ed:8e:8b:94:3e:12:2c:f3:98:75:
49:b8:f1:9b:e8:dd:38:7b:35:e1:33:ab:22:d3:dd:
31:59:6c:16:16:e2:09:bb:d3:a7:c3:77:89:a8:1a:
b2:ae:43:db:82:29:44:8c:04:0d:30:80:1c:e5:0c:
50:71:cf:80:57:94:5d:97:3e:43:9f:52:a0:b1:76:
43:7e:2a:c4:da:74:41:b5:91:54:9f:6f:5a:60:13:
f2:d3:02:67:4c:7d:de:01:8c:ca:ad:e5:4e:56:7c:
36:f6:e4:17:82:e8:d4:30:10:b0:3e:ae:db:7c:b4:
87:6d:99:55:90:59:bf:6e:70:11:d8:8f:13:29:31:
7e:30:45:fe:6a:64:bf:13:26:62:27:56:b6:5a:10:
ed:54:27:7d:0b:fe:b1:82:80:8e:4e:8f:f0:1f:0b:
81:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3C:27:3A:DB:AA:26:A7:26:BE:5E:41:BE:CA:AC:1E:5A:AE:7D:9D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jzwnOtuqJqcmvl5BvsqsHlqufZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.248.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.132.0/24
89.213.4.0/24
89.213.190.0/24
109.176.247.0/24
109.176.251.0/24
213.210.62.0/24
Signature Algorithm: sha256WithRSAEncryption
42:24:2b:92:b9:f5:62:54:3f:ae:ed:3e:61:c1:d8:25:da:6f:
b0:94:08:2c:fe:56:34:b4:f0:99:27:3f:71:be:d4:84:8e:f6:
21:a4:4f:5e:0a:63:6a:ff:88:21:33:77:ae:6b:fb:e8:7f:5b:
ed:e4:59:51:ab:84:8f:63:03:6b:29:0a:72:fc:6e:f1:37:bb:
6a:1d:36:b1:f6:69:3b:35:a9:15:5a:ca:7b:e9:ff:67:e4:03:
e8:dc:5e:8a:60:12:59:13:f1:5c:0a:ad:22:85:08:29:85:a3:
69:de:62:86:75:7e:24:46:7d:fa:d6:5d:24:48:aa:4b:1f:ec:
79:6c:b6:cd:28:e7:c7:35:b8:18:f4:75:46:23:a2:9f:47:8b:
35:cf:87:98:86:67:df:96:4b:63:e4:d3:d9:be:64:57:a4:b4:
ab:cf:43:4f:69:71:dd:85:a8:10:14:9b:4c:3c:c4:38:16:ec:
5f:73:07:4c:b1:02:86:70:85:7f:ba:70:6e:93:04:58:f1:33:
3e:98:db:04:75:1b:64:3f:f1:3f:18:01:f3:fc:b9:23:60:0c:
0d:7f:bb:d5:d2:47:27:e2:c1:ff:41:79:2e:19:b4:9f:ef:61:
52:c7:8d:03:ce:ee:68:5b:ec:b5:f1:c2:dc:19:dc:74:b5:29:
bf:bc:b3:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZm9sRMOmOySetqTN0xyz4UMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDA3MDgwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNjMjczYWRiYWEyNmE3MjZiZTVlNDFiZWNhYWMxZTVhYWU3ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz91sUG+/t/KYfFA5vrUh75irWS6C
3IZjDxpjhqUnbTsP9Pg1nUWI9HOB/WdkQjK2P0Cu74vx0tC3gHpUpOi4XdwVV23V
mwpDVBQ8gsR/bve17zHR6mJ9gZaX4Z+65u2Oi5Q+EizzmHVJuPGb6N04ezXhM6si
090xWWwWFuIJu9Onw3eJqBqyrkPbgilEjAQNMIAc5QxQcc+AV5Rdlz5Dn1KgsXZD
firE2nRBtZFUn29aYBPy0wJnTH3eAYzKreVOVnw29uQXgujUMBCwPq7bfLSHbZlV
kFm/bnAR2I8TKTF+MEX+amS/EyZiJ1a2WhDtVCd9C/6xgoCOTo/wHwuB8QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFI88JzrbqianJr5eQb7KrB5arn2dMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanp3bk90dXFKcWNtdmw1QnZzcXNIbHF1ZlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUpj4AwQA
Upj+AwQAUpkiAwQAUpklAwQAUpmEAwQAWdUEAwQAWdW+AwQAbbD3AwQAbbD7AwQA
1dI+MA0GCSqGSIb3DQEBCwUAA4IBAQBCJCuSufViVD+u7T5hwdgl2m+wlAgs/lY0
tPCZJz9xvtSEjvYhpE9eCmNq/4ghM3eua/vof1vt5FlRq4SPYwNrKQpy/G7xN7tq
HTax9mk7NakVWsp76f9n5APo3F6KYBJZE/FcCq0ihQgphaNp3mKGdX4kRn361l0k
SKpLH+x5bLbNKOfHNbgY9HVGI6KfR4s1z4eYhmfflktj5NPZvmRXpLSrz0NPaXHd
hagQFJtMPMQ4FuxfcwdMsQKGcIV/unBukwRY8TM+mNsEdRtkP/E/GAHz/LkjYAwN
f7vV0kcn4sH/QXkuGbSf72FSx40Dzu5oW+y18cLcGdx0tSm/vLOy
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:28:00 2025 by rpki-client