Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/j5UDDhxpTv4ushx1mWgWUG65pLw.roa
File: j5UDDhxpTv4ushx1mWgWUG65pLw.roa (raw, json)
Hash identifier: /0/V6H+X8Ix/QnnafguyBKn8HfbnAIhcS2Wv2jx5XnY=
Subject key identifier: 8F:95:03:0E:1C:69:4E:FE:2E:B2:1C:75:99:68:16:50:6E:B9:A4:BC
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 0198318B8BEC2FE9464BD5C18DB24C6726DD
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/j5UDDhxpTv4ushx1mWgWUG65pLw.roa
Signing time: Tue 22 Jul 2025 09:51:25 +0000
ROA not before: Tue 22 Jul 2025 09:51:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34444
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.64.0/24 maxlen: 24
84.22.65.0/24 maxlen: 24
84.22.66.0/24 maxlen: 24
84.22.67.0/24 maxlen: 24
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.70.0/24 maxlen: 24
84.22.71.0/24 maxlen: 24
84.22.72.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.74.0/24 maxlen: 24
84.22.75.0/24 maxlen: 24
84.22.76.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.79.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.81.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
195.234.248.0/22 maxlen: 22
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.240.0/21 maxlen: 21
213.180.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:8b:8b:ec:2f:e9:46:4b:d5:c1:8d:b2:4c:67:26:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jul 22 09:51:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f95030e1c694efe2eb21c75996816506eb9a4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:d9:9d:a9:d3:cf:5e:06:33:f4:d4:51:35:
3f:bc:67:ae:01:f3:4c:8f:50:81:e6:19:b4:af:64:
49:b0:0c:54:cb:44:8b:f2:f1:d3:6d:22:cd:71:69:
37:af:51:68:89:7c:1a:45:bb:05:4b:02:f0:32:47:
e6:85:e9:57:1b:1b:bc:b4:02:78:9d:cf:8b:d1:78:
38:eb:51:3d:d8:bf:46:89:06:a2:58:ef:8b:68:40:
24:db:df:37:61:2b:48:20:ac:0b:e3:0b:79:2d:e2:
57:8f:cc:15:7a:42:42:48:3b:e7:0f:b9:60:cd:28:
20:6e:68:2c:7b:1f:75:cb:2a:95:3e:e6:10:ae:ee:
45:92:4e:f2:53:37:c8:06:3f:cb:a0:e9:83:51:8f:
aa:6f:02:cb:bc:a7:51:7a:9d:9a:21:ea:1d:58:81:
ff:f2:b0:1d:f9:77:37:f9:00:df:a3:01:30:20:25:
42:fc:3f:c6:24:89:9d:84:0e:48:e7:67:ef:49:28:
94:2e:f1:30:db:1a:38:56:eb:58:b3:ba:61:82:a8:
99:58:cf:9d:c8:70:30:87:ce:1e:6f:d0:7c:d1:29:
c8:fc:d7:d7:a2:15:fc:37:a5:a5:0f:54:7d:80:65:
96:78:ac:ac:a4:ac:70:40:20:11:6e:90:d9:46:ed:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:95:03:0E:1C:69:4E:FE:2E:B2:1C:75:99:68:16:50:6E:B9:A4:BC
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/j5UDDhxpTv4ushx1mWgWUG65pLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
195.234.248.0/22
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
60:9f:bb:99:95:d1:a3:30:89:f2:a9:43:ee:4d:19:71:74:04:
3f:83:d0:a4:5f:f3:cf:9c:d2:76:16:3d:cb:aa:67:34:a6:d5:
79:b6:40:25:f9:f0:a1:e9:3e:6d:71:a7:6a:93:02:8e:aa:b4:
1d:82:4e:76:c8:3b:3e:5c:b6:23:37:9d:f1:08:98:3d:68:32:
7a:93:59:ff:f8:29:94:41:90:7d:a5:2b:2a:8c:de:1e:3e:21:
05:a7:b3:a5:d3:fb:2a:eb:48:ae:24:ca:93:4c:ab:9f:58:a8:
06:bb:40:e5:d3:31:b8:82:b7:91:cd:2d:c6:1c:09:af:15:fc:
d5:7b:c0:cf:55:04:6a:5a:b3:1b:cd:89:ff:eb:59:74:08:77:
2f:6f:ec:18:2a:a8:40:a0:53:93:c2:ab:26:ed:a9:7e:a7:87:
fd:42:75:0b:f7:7d:4d:5b:97:b4:97:8e:37:11:23:a7:d2:4f:
7e:69:67:0f:d3:83:39:b3:16:0f:57:4f:7a:10:05:9c:7d:16:
7e:aa:af:1f:ff:6f:7f:2f:87:62:9c:46:5d:0f:8e:ff:8f:c7:
6a:61:7e:7d:99:45:e1:2c:b9:e5:7e:b3:da:63:c2:06:69:8a:
62:17:e4:2d:92:23:44:ad:e3:c5:00:d5:a3:e1:db:1d:54:0e:
05:a4:b1:61
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZgxi4vsL+lGS9XBjbJMZybdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNzIyMDk1MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk1MDMwZTFjNjk0ZWZlMmViMjFjNzU5OTY4MTY1MDZlYjlhNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuunZnanTz14GM/TUUTU/vGeuAfNM
j1CB5hm0r2RJsAxUy0SL8vHTbSLNcWk3r1FoiXwaRbsFSwLwMkfmhelXGxu8tAJ4
nc+L0Xg461E92L9GiQaiWO+LaEAk2983YStIIKwL4wt5LeJXj8wVekJCSDvnD7lg
zSggbmgsex91yyqVPuYQru5Fkk7yUzfIBj/LoOmDUY+qbwLLvKdRep2aIeodWIH/
8rAd+Xc3+QDfowEwICVC/D/GJImdhA5I52fvSSiULvEw2xo4VutYs7phgqiZWM+d
yHAwh84eb9B80SnI/NfXohX8N6WlD1R9gGWWeKyspKxwQCARbpDZRu0axwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFI+VAw4caU7+LrIcdZloFlBuuaS8MB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvajVVRERoeHBUdjR1c2h4MW1XZ1dVRzY1cEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQFVBZAAwQC
w+r4MAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW05gMEA9W08DANBgkqhkiG9w0B
AQsFAAOCAQEAYJ+7mZXRozCJ8qlD7k0ZcXQEP4PQpF/zz5zSdhY9y6pnNKbVebZA
Jfnwoek+bXGnapMCjqq0HYJOdsg7Ply2Ized8QiYPWgyepNZ//gplEGQfaUrKoze
Hj4hBaezpdP7KutIriTKk0yrn1ioBrtA5dMxuIK3kc0txhwJrxX81XvAz1UEalqz
G82J/+tZdAh3L2/sGCqoQKBTk8KrJu2pfqeH/UJ1C/d9TVuXtJeONxEjp9JPfmln
D9ODObMWD1dPehAFnH0WfqqvH/9vfy+HYpxGXQ+O/4/HamF+fZlF4Sy55X6z2mPC
BmmKYhfkLZIjRK3jxQDVo+HbHVQOBaSxYQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:12:44 2025 by rpki-client