
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JMwtLbHfa57z9FUz3aOTJgpEBHU.roa
File: JMwtLbHfa57z9FUz3aOTJgpEBHU.roa (raw, json)
Hash identifier: a/dtXWzXDiMTkEaZAi13ZGnDweb2ZEr1o1551HGTqv0=
Subject key identifier: 24:CC:2D:2D:B1:DF:6B:9E:F3:F4:55:33:DD:A3:93:26:0A:44:04:75
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019809336B09E1C228E158B16E1D29E8F22B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JMwtLbHfa57z9FUz3aOTJgpEBHU.roa
Signing time: Mon 14 Jul 2025 13:50:21 +0000
ROA not before: Mon 14 Jul 2025 13:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 2a0a:9300::/32 maxlen: 32
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0b:da00::/32 maxlen: 32
2a0b:da01::/32 maxlen: 32
2a0b:da02::/32 maxlen: 32
2a0b:da03::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:33:6b:09:e1:c2:28:e1:58:b1:6e:1d:29:e8:f2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 14 13:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24cc2d2db1df6b9ef3f45533dda393260a440475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:01:d8:66:be:b0:11:ff:62:b8:f8:0a:6d:60:
17:56:41:04:2d:b7:b3:f6:53:35:ee:a3:95:08:e4:
b0:2b:11:fb:19:0f:72:72:5b:04:7e:3c:9b:fc:5d:
cf:4a:1c:9d:19:6c:31:e5:11:f0:1b:ca:1f:73:47:
f1:06:24:d5:8d:a4:13:8b:38:84:45:9d:24:29:7e:
f9:dc:ba:28:5c:02:70:06:5e:9f:03:86:20:26:fe:
73:f5:bf:09:c6:8d:db:49:78:3b:85:90:9e:88:01:
e6:c6:6b:a0:51:a5:f0:9e:68:6e:6e:96:4d:3e:1d:
74:63:12:c4:1f:45:a8:e5:23:44:32:be:71:12:8f:
e5:57:43:fa:bb:08:9e:f0:73:25:27:6b:47:2a:8a:
8b:a0:9b:06:46:d0:06:4d:5f:dd:3f:b8:06:49:d5:
cb:70:da:d1:e4:0a:e6:d5:56:de:37:ba:6d:69:7a:
f8:cb:c9:6d:e2:a5:35:0e:03:52:05:ee:71:30:67:
e7:9c:64:f0:79:a9:c4:a3:36:c1:80:14:27:40:52:
ab:00:1c:fe:1b:f3:49:64:76:1a:f7:81:bb:94:51:
77:39:8e:63:f6:75:68:43:19:ad:5c:d5:f1:5e:b9:
c0:0d:cb:57:04:a6:35:79:f3:67:76:de:80:4b:89:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CC:2D:2D:B1:DF:6B:9E:F3:F4:55:33:DD:A3:93:26:0A:44:04:75
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JMwtLbHfa57z9FUz3aOTJgpEBHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:9300::/32
2a0b:da00::/30
Signature Algorithm: sha256WithRSAEncryption
43:fa:b3:12:14:a7:86:7b:aa:b1:ef:27:2e:ce:7e:08:4e:73:
f3:3a:c9:54:21:d8:48:a0:99:b6:07:7b:b5:80:d6:85:53:2f:
b8:e9:9a:8d:02:0a:f4:11:6d:a1:53:04:57:f5:3d:62:4c:ba:
b7:c8:0a:fa:41:1c:43:3f:91:13:4b:1d:9e:c3:16:1d:4b:1a:
0d:d1:45:65:dc:78:81:0e:e1:ef:35:39:a9:8b:df:bd:4c:3a:
3f:31:b2:13:cb:58:34:db:19:06:d0:8e:f6:d3:55:e0:3a:90:
69:d7:ec:36:bd:02:57:2e:05:c0:4b:af:18:72:17:3e:a0:4e:
23:b8:7b:07:d3:ee:18:68:67:fa:80:d8:98:ef:40:10:7d:e0:
e6:72:be:e0:4e:84:30:55:64:4c:0c:94:b5:3c:6c:d6:cb:ff:
84:b3:12:d3:80:c7:8a:64:e3:7c:20:ac:bf:ce:30:78:b6:d7:
c7:31:13:0e:97:a2:a5:33:bd:92:f4:67:5c:7f:fb:af:ba:68:
43:e0:0f:9d:48:eb:d2:75:f2:b5:55:5a:19:e1:56:7c:18:a7:
7a:aa:f9:c0:0c:af:49:f0:fc:d0:a2:92:03:e1:e6:90:5f:b0:
2b:a3:8c:05:a3:7f:f3:a9:25:da:1c:66:1d:68:d7:05:d1:b2:
c6:d2:bf:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZgJM2sJ4cIo4Vixbh0p6PIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzE0MTM1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNjMmQyZGIxZGY2YjllZjNmNDU1MzNkZGEzOTMyNjBhNDQwNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAHYZr6wEf9iuPgKbWAXVkEELbez
9lM17qOVCOSwKxH7GQ9yclsEfjyb/F3PShydGWwx5RHwG8ofc0fxBiTVjaQTiziE
RZ0kKX753LooXAJwBl6fA4YgJv5z9b8Jxo3bSXg7hZCeiAHmxmugUaXwnmhubpZN
Ph10YxLEH0Wo5SNEMr5xEo/lV0P6uwie8HMlJ2tHKoqLoJsGRtAGTV/dP7gGSdXL
cNrR5Arm1VbeN7ptaXr4y8lt4qU1DgNSBe5xMGfnnGTweanEozbBgBQnQFKrABz+
G/NJZHYa94G7lFF3OY5j9nVoQxmtXNXxXrnADctXBKY1efNndt6AS4loGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCTMLS2x32ue8/RVM92jkyYKRAR1MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSk13dExiSGZhNTd6OUZVejNhT1RKZ3BFQkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgqTAAMF
AioL2gAwDQYJKoZIhvcNAQELBQADggEBAEP6sxIUp4Z7qrHvJy7OfghOc/M6yVQh
2EigmbYHe7WA1oVTL7jpmo0CCvQRbaFTBFf1PWJMurfICvpBHEM/kRNLHZ7DFh1L
Gg3RRWXceIEO4e81OamL371MOj8xshPLWDTbGQbQjvbTVeA6kGnX7Da9AlcuBcBL
rxhyFz6gTiO4ewfT7hhoZ/qA2JjvQBB94OZyvuBOhDBVZEwMlLU8bNbL/4SzEtOA
x4pk43wgrL/OMHi218cxEw6XoqUzvZL0Z1x/+6+6aEPgD51I69J18rVVWhnhVnwY
p3qq+cAMr0nw/NCikgPh5pBfsCujjAWjf/OpJdocZh1o1wXRssbSvwY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:56:08 2025 by rpki-client