Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/JjY_rmjM0m285v9bnJnGMH-MzW4.roa
File: JjY_rmjM0m285v9bnJnGMH-MzW4.roa (raw, json)
Hash identifier: Wfm9h1Fvy7QUJSpQZVDtJ3sdWPEGrotdzPy8ZnW4oPI=
Subject key identifier: 26:36:3F:AE:68:CC:D2:6D:BC:E6:FF:5B:9C:99:C6:30:7F:8C:CD:6E
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01991B0878E38B86B69147E9074CB087C91C
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/JjY_rmjM0m285v9bnJnGMH-MzW4.roa
Signing time: Fri 05 Sep 2025 17:59:23 +0000
ROA not before: Fri 05 Sep 2025 17:59:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 89.104.206.0/24 maxlen: 24
185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
2a01:77c0:7135::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1b:08:78:e3:8b:86:b6:91:47:e9:07:4c:b0:87:c9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Sep 5 17:59:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26363fae68ccd26dbce6ff5b9c99c6307f8ccd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:ff:79:96:d6:dc:40:72:30:8c:a4:43:46:
c9:28:e5:8c:77:16:2a:f9:c2:26:b6:79:82:d2:ea:
bf:3c:33:0b:72:68:0d:8b:d7:3e:78:67:20:45:17:
0e:2c:5d:9a:8a:3f:76:f7:ef:7a:90:f4:ee:0d:97:
3c:6e:20:8a:b4:99:68:3e:7c:b8:77:22:eb:8c:80:
63:2d:20:f5:ba:12:a0:e7:3a:6d:7a:41:43:f5:be:
51:2d:22:49:5e:7f:25:38:46:05:d0:ac:f0:d3:40:
d8:cf:8a:87:cc:53:39:e2:d0:af:0c:40:f3:d7:e2:
ed:ce:76:63:45:8c:f7:08:10:d5:74:75:aa:9e:a9:
f3:07:32:aa:19:6c:b7:3e:b0:4a:e5:96:b2:da:0b:
a0:b6:58:67:4b:78:60:d6:3c:1d:eb:de:c4:69:d4:
f7:ef:c5:14:11:9a:c6:84:63:f6:1c:75:da:22:85:
ba:00:bd:57:dd:99:37:8b:a5:0d:51:d3:01:80:ff:
28:ab:50:e3:2d:23:d2:66:8a:ec:4f:46:07:e5:9c:
82:c0:79:c0:5a:87:96:54:cc:05:6e:e6:2c:c0:0c:
50:50:5b:a9:0d:b7:de:07:1a:2b:3b:9b:61:09:de:
97:59:7f:42:47:57:a5:b0:5e:d8:13:a4:72:f8:54:
0d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:36:3F:AE:68:CC:D2:6D:BC:E6:FF:5B:9C:99:C6:30:7F:8C:CD:6E
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/JjY_rmjM0m285v9bnJnGMH-MzW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.206.0/24
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
2a01:77c0:7135::/48
Signature Algorithm: sha256WithRSAEncryption
0a:b8:2e:ef:e6:9f:da:49:da:2c:9f:47:c8:7b:1c:17:57:da:
9a:5b:ec:ba:98:39:29:f7:92:fd:65:0d:d5:ac:5a:b4:c1:39:
15:28:03:fb:bd:c8:a3:c0:6b:84:83:28:b0:75:d5:cf:fe:19:
bd:e7:93:1e:11:cb:c7:25:73:cd:56:a3:f1:66:d4:24:75:49:
2c:73:4b:d5:a6:af:c5:73:a8:a3:4e:60:a8:14:74:d8:21:26:
5f:16:16:f7:a1:1b:a8:b8:82:c3:37:b5:26:1c:98:a7:76:ac:
74:ba:5f:56:39:f2:3c:01:b3:9b:e0:db:0b:71:5e:03:af:46:
f8:77:cc:50:b0:98:a9:b5:27:ee:0c:9b:bc:e8:96:01:c2:7d:
87:db:b5:e0:f6:4a:42:e1:55:b4:6d:f9:63:0b:9e:aa:ff:87:
a9:30:92:d4:8c:5a:0f:16:23:59:4c:c8:46:f4:9c:53:00:6e:
e0:76:0d:3e:99:ed:7c:54:49:61:d3:0b:88:e4:d2:c0:10:ab:
a1:8b:a3:cb:29:b3:57:bb:1e:bd:b7:a5:d8:ce:5e:e4:ef:fd:
a9:31:d7:ce:6e:3d:8b:5f:f5:65:d3:18:00:04:83:6b:4f:3a:
99:c7:ad:c5:de:93:e3:eb:46:10:41:84:10:82:10:e3:7d:55:
3a:f2:09:cc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZkbCHjji4a2kUfpB0ywh8kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwOTA1MTc1OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM2M2ZhZTY4Y2NkMjZkYmNlNmZmNWI5Yzk5YzYzMDdmOGNjZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylL/eZbW3EByMIykQ0bJKOWMdxYq
+cImtnmC0uq/PDMLcmgNi9c+eGcgRRcOLF2aij929+96kPTuDZc8biCKtJloPny4
dyLrjIBjLSD1uhKg5zptekFD9b5RLSJJXn8lOEYF0Kzw00DYz4qHzFM54tCvDEDz
1+LtznZjRYz3CBDVdHWqnqnzBzKqGWy3PrBK5Zay2gugtlhnS3hg1jwd697EadT3
78UUEZrGhGP2HHXaIoW6AL1X3Zk3i6UNUdMBgP8oq1DjLSPSZorsT0YH5ZyCwHnA
WoeWVMwFbuYswAxQUFupDbfeBxorO5thCd6XWX9CR1elsF7YE6Ry+FQNCwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCY2P65ozNJtvOb/W5yZxjB/jM1uMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvSmpZX3Jtak0wbTI4NXY5Ym5KbkdNSC1Nelc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAWWjOAwQC
ucMAMBgEAgACMBIDBwAqAXfAFhkDBwAqAXfAcTUwDQYJKoZIhvcNAQELBQADggEB
AAq4Lu/mn9pJ2iyfR8h7HBdX2ppb7LqYOSn3kv1lDdWsWrTBORUoA/u9yKPAa4SD
KLB11c/+Gb3nkx4Ry8clc81Wo/Fm1CR1SSxzS9Wmr8VzqKNOYKgUdNghJl8WFveh
G6i4gsM3tSYcmKd2rHS6X1Y58jwBs5vg2wtxXgOvRvh3zFCwmKm1J+4Mm7zolgHC
fYfbteD2SkLhVbRt+WMLnqr/h6kwktSMWg8WI1lMyEb0nFMAbuB2DT6Z7XxUSWHT
C4jk0sAQq6GLo8sps1e7Hr23pdjOXuTv/akx185uPYtf9WXTGAAEg2tPOpnHrcXe
k+PrRhBBhBCCEON9VTryCcw=
-----END CERTIFICATE-----
Generated at Wed Sep 10 20:25:08 2025 by rpki-client