Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Jzzc2rVe7n7k7UenmJP3B40-gHo.roa
File: Jzzc2rVe7n7k7UenmJP3B40-gHo.roa (raw, json)
Hash identifier: rHHO8m5j+H3zW0m6BG4j4iFlySU4Zimjc60gG275XU0=
Subject key identifier: 27:3C:DC:DA:B5:5E:EE:7E:E4:ED:47:A7:98:93:F7:07:8D:3E:80:7A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01975AC1C5BF17C07F13F5C7AFB6C706F4A9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Jzzc2rVe7n7k7UenmJP3B40-gHo.roa
Signing time: Tue 10 Jun 2025 16:52:17 +0000
ROA not before: Tue 10 Jun 2025 16:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
91.242.73.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:c1:c5:bf:17:c0:7f:13:f5:c7:af:b6:c7:06:f4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 10 16:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=273cdcdab55eee7ee4ed47a79893f7078d3e807a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b8:43:2a:61:b5:3c:f9:c5:cd:7d:7e:fd:27:
96:11:6c:d7:dc:54:62:05:59:5d:3c:40:5b:5f:0f:
08:44:2f:97:55:20:b7:7d:89:cb:76:a5:45:fb:d8:
6e:76:62:7a:65:b8:f3:31:34:cd:75:a9:d9:99:57:
51:2e:4c:a8:85:23:f9:bd:36:47:a1:87:57:5f:57:
97:0d:6e:8e:69:05:26:38:30:2f:a5:95:a6:d1:dd:
1d:fc:db:b8:31:78:d5:cf:dc:c5:86:f4:ea:71:fb:
40:34:4d:96:54:63:4d:4d:10:38:7e:a7:8a:88:e9:
fc:78:8d:63:27:76:48:34:5b:9e:f2:0d:44:e8:b8:
7d:cb:f6:5c:74:4b:65:c6:3e:fe:69:c7:d1:17:a7:
42:0b:02:be:f5:e1:7d:b9:ac:fc:82:df:64:d6:98:
db:10:58:61:a1:e4:3f:47:8b:50:1b:c1:7c:64:be:
c4:c8:b2:12:57:48:e6:47:be:a8:d9:c1:68:7d:cc:
bc:16:5f:51:33:77:f3:19:8d:da:4a:84:d7:73:d8:
26:c8:76:3f:f5:dc:8e:94:b1:92:75:ea:46:b8:ee:
51:d9:5a:99:93:27:3e:2d:2d:bf:32:af:8f:8d:d9:
04:05:72:8d:42:ea:47:17:eb:27:fb:46:c9:65:84:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:3C:DC:DA:B5:5E:EE:7E:E4:ED:47:A7:98:93:F7:07:8D:3E:80:7A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Jzzc2rVe7n7k7UenmJP3B40-gHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
91.242.73.0-91.242.74.255
176.126.223.0/24
185.180.145.0/24
195.138.103.0/24
195.138.120.0/24
Signature Algorithm: sha256WithRSAEncryption
91:62:43:c0:17:23:2b:b8:0b:6e:fe:1c:48:80:16:73:08:66:
26:9e:10:ac:19:76:e9:14:f3:46:24:e9:e1:f1:b2:97:85:6c:
ab:e3:b9:a8:ff:fb:44:51:e9:c4:d5:8e:cc:07:f0:96:30:3a:
63:cb:f4:8c:48:0f:3f:29:3f:f4:a3:d5:57:6f:55:56:8a:e7:
0e:b1:c4:f2:38:e5:84:64:18:d5:aa:bd:2f:7a:d9:7f:0a:ef:
00:99:7d:a5:77:e4:2a:02:eb:ca:a4:b5:39:6d:75:99:54:b0:
a4:97:78:0c:9e:6d:9a:bf:6c:3d:c7:cf:8b:a8:d5:1e:b9:cc:
7c:92:02:a0:5d:d1:11:85:72:6c:97:80:90:97:72:64:e5:a3:
50:79:6c:c6:1d:fe:ce:92:f1:d5:e0:ab:7c:e5:d5:f4:74:75:
5c:24:46:65:b9:2b:1d:fc:b9:c3:6e:fd:5c:45:4f:c6:b1:cd:
bd:98:c4:c6:3f:8c:1a:d3:62:83:a1:8b:f0:a9:ff:00:67:0d:
69:c0:0a:0a:da:c1:3f:99:31:5a:a9:7c:74:ec:dc:01:49:23:
15:4b:48:54:de:1c:1f:1b:cc:bb:cc:90:62:60:65:12:a4:97:
96:95:16:e1:cd:46:a8:44:76:3b:e1:16:04:2f:1a:c6:97:ee:
df:19:26:85
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZdawcW/F8B/E/XHr7bHBvSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNjEwMTY1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzNjZGNkYWI1NWVlZTdlZTRlZDQ3YTc5ODkzZjcwNzhkM2U4MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbhDKmG1PPnFzX1+/SeWEWzX3FRi
BVldPEBbXw8IRC+XVSC3fYnLdqVF+9hudmJ6ZbjzMTTNdanZmVdRLkyohSP5vTZH
oYdXX1eXDW6OaQUmODAvpZWm0d0d/Nu4MXjVz9zFhvTqcftANE2WVGNNTRA4fqeK
iOn8eI1jJ3ZINFue8g1E6Lh9y/ZcdEtlxj7+acfRF6dCCwK+9eF9uaz8gt9k1pjb
EFhhoeQ/R4tQG8F8ZL7EyLISV0jmR76o2cFofcy8Fl9RM3fzGY3aSoTXc9gmyHY/
9dyOlLGSdepGuO5R2VqZkyc+LS2/Mq+PjdkEBXKNQupHF+sn+0bJZYS1CwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCc83Nq1Xu5+5O1Hp5iT9weNPoB6MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSnp6YzJyVmU3bjdrN1Vlbm1KUDNCNDAtZ0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBbYcMAwD
BABb8kkDBABb8koDBACwft8DBAC5tJEDBADDimcDBADDingwDQYJKoZIhvcNAQEL
BQADggEBAJFiQ8AXIyu4C27+HEiAFnMIZiaeEKwZdukU80Yk6eHxspeFbKvjuaj/
+0RR6cTVjswH8JYwOmPL9IxIDz8pP/Sj1VdvVVaK5w6xxPI45YRkGNWqvS962X8K
7wCZfaV35CoC68qktTltdZlUsKSXeAyebZq/bD3Hz4uo1R65zHySAqBd0RGFcmyX
gJCXcmTlo1B5bMYd/s6S8dXgq3zl1fR0dVwkRmW5Kx38ucNu/VxFT8axzb2YxMY/
jBrTYoOhi/Cp/wBnDWnACgrawT+ZMVqpfHTs3AFJIxVLSFTeHB8bzLvMkGJgZRKk
l5aVFuHNRqhEdjvhFgQvGsaX7t8ZJoU=
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:15:38 2025 by rpki-client