Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/JS4HdBrbtnwjf3ioeu2kVfrsKWk.roa
File: JS4HdBrbtnwjf3ioeu2kVfrsKWk.roa (raw, json)
Hash identifier: af+hY4hrX5r9rr7bdbLVSaWMR8FkV862x0g+pEnOaKA=
Subject key identifier: 25:2E:07:74:1A:DB:B6:7C:23:7F:78:A8:7A:ED:A4:55:FA:EC:29:69
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0199EF1D9C4A3BE2DAAC9E705186C94607F9
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/JS4HdBrbtnwjf3ioeu2kVfrsKWk.roa
Signing time: Thu 16 Oct 2025 22:21:59 +0000
ROA not before: Thu 16 Oct 2025 22:21:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 86.110.36.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.46.0/24 maxlen: 24
86.110.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ef:1d:9c:4a:3b:e2:da:ac:9e:70:51:86:c9:46:07:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Oct 16 22:21:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=252e07741adbb67c237f78a87aeda455faec2969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:03:39:3b:8c:08:6c:9b:75:87:1d:50:69:
95:f9:57:cb:8c:cf:d3:9f:78:10:24:f6:26:28:15:
4b:dc:e3:f0:fb:67:94:23:9a:09:e1:b5:f7:31:97:
e6:f0:cd:58:fc:ad:2f:9d:92:39:3f:92:c1:be:7e:
3b:92:8b:39:04:94:93:7b:b7:ed:09:89:9f:20:dc:
bf:49:32:33:fd:5b:a2:8b:41:20:43:04:97:3d:fb:
53:3c:63:d7:b8:fe:8e:34:04:62:cb:6a:86:d0:f7:
89:d7:a1:15:3f:be:a5:74:70:53:04:3f:b4:5e:d5:
68:45:12:fc:de:08:41:37:05:3e:9a:25:c7:cc:b1:
86:91:b8:ec:b3:79:22:3b:45:bd:b4:f7:4b:83:7c:
43:a2:e1:e9:f0:0b:cb:6f:5f:bb:8c:b9:c0:c3:94:
54:82:ed:ba:9f:b7:7a:b3:3d:19:a4:60:d0:27:3c:
ed:b8:57:b2:7e:c0:a4:0c:c5:3a:dc:c1:2d:14:a0:
dc:a4:e5:e3:02:2a:ac:cb:5c:86:e4:b3:15:fd:50:
91:fc:35:f5:9e:d5:96:b0:1f:b5:b2:92:90:70:3f:
66:a2:5e:c8:04:94:db:c6:bd:76:df:5a:73:db:6b:
49:17:96:11:91:fd:64:0e:d2:20:c9:c1:a6:6c:82:
8e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2E:07:74:1A:DB:B6:7C:23:7F:78:A8:7A:ED:A4:55:FA:EC:29:69
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/JS4HdBrbtnwjf3ioeu2kVfrsKWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.36.0/24
86.110.44.0/24
86.110.46.0/24
86.110.56.0/24
Signature Algorithm: sha256WithRSAEncryption
99:88:eb:75:47:a6:c0:8d:ac:ce:99:b4:2b:dc:4e:7c:8b:1e:
ec:e2:11:63:8c:7d:a9:d5:69:3b:13:4c:46:b6:45:d9:45:41:
9a:ac:7d:0a:d8:85:6f:c5:e2:03:80:16:dd:97:9e:a2:54:61:
dc:a2:86:92:95:0f:65:ae:e4:fa:26:92:13:15:eb:8a:a5:9d:
5b:c2:a3:e2:96:3a:ca:76:0b:0a:3e:f8:38:ff:e2:ea:f4:51:
1a:fa:2c:05:69:7e:6e:30:07:32:3c:93:5b:31:a3:60:c8:54:
53:4b:9d:fe:60:95:29:4e:c3:c4:c2:ba:3f:20:55:9e:22:00:
39:d7:dc:be:12:69:e4:e8:93:fc:80:b0:da:8d:c1:cd:04:a0:
e6:86:3b:67:11:25:8e:bc:b4:e1:41:0a:da:b7:d8:40:ca:17:
07:12:4e:68:60:5f:82:0e:94:5e:92:2e:e0:32:bc:08:48:9a:
e7:22:fa:55:0d:5f:44:37:91:09:7e:74:b2:1b:2b:16:b8:74:
43:a9:2b:3b:bc:4f:e2:e7:cb:06:80:72:7f:e9:c5:da:59:55:
82:26:3c:bd:5a:d0:da:e5:d8:81:ca:c4:0c:f2:0c:a0:99:f1:
34:eb:18:bb:24:5e:a0:e1:f3:8f:ef:f0:36:e2:09:9f:bc:a6:
3e:c5:63:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnvHZxKO+LarJ5wUYbJRgf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUxMDE2MjIyMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJlMDc3NDFhZGJiNjdjMjM3Zjc4YTg3YWVkYTQ1NWZhZWMyOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiUDOTuMCGybdYcdUGmV+VfLjM/T
n3gQJPYmKBVL3OPw+2eUI5oJ4bX3MZfm8M1Y/K0vnZI5P5LBvn47kos5BJSTe7ft
CYmfINy/STIz/Vuii0EgQwSXPftTPGPXuP6ONARiy2qG0PeJ16EVP76ldHBTBD+0
XtVoRRL83ghBNwU+miXHzLGGkbjss3kiO0W9tPdLg3xDouHp8AvLb1+7jLnAw5RU
gu26n7d6sz0ZpGDQJzztuFeyfsCkDMU63MEtFKDcpOXjAiqsy1yG5LMV/VCR/DX1
ntWWsB+1spKQcD9mol7IBJTbxr1231pz22tJF5YRkf1kDtIgycGmbIKO/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUuB3Qa27Z8I394qHrtpFX67ClpMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvSlM0SGRCcmJ0bndqZjNpb2V1MmtWZnJzS1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVm4kAwQA
Vm4sAwQAVm4uAwQAVm44MA0GCSqGSIb3DQEBCwUAA4IBAQCZiOt1R6bAjazOmbQr
3E58ix7s4hFjjH2p1Wk7E0xGtkXZRUGarH0K2IVvxeIDgBbdl56iVGHcooaSlQ9l
ruT6JpITFeuKpZ1bwqPiljrKdgsKPvg4/+Lq9FEa+iwFaX5uMAcyPJNbMaNgyFRT
S53+YJUpTsPEwro/IFWeIgA519y+Emnk6JP8gLDajcHNBKDmhjtnESWOvLThQQra
t9hAyhcHEk5oYF+CDpReki7gMrwISJrnIvpVDV9EN5EJfnSyGysWuHRDqSs7vE/i
58sGgHJ/6cXaWVWCJjy9WtDa5diBysQM8gygmfE06xi7JF6g4fOP7/A24gmfvKY+
xWMp
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:19:50 2025 by rpki-client