Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JJUxbgHMv-0yifQ0vzK3Bzv3J3I.roa
File: JJUxbgHMv-0yifQ0vzK3Bzv3J3I.roa (raw, json)
Hash identifier: wgxoooyUYka6wBwAnzmOiM4hWYGMvH3bmsmWj5Esfj8=
Subject key identifier: 24:95:31:6E:01:CC:BF:ED:32:89:F4:34:BF:32:B7:07:3B:F7:27:72
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 0198AAF0CDB5A9350B1DD4629FBEF37B9AC2
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JJUxbgHMv-0yifQ0vzK3Bzv3J3I.roa
Signing time: Thu 14 Aug 2025 23:36:04 +0000
ROA not before: Thu 14 Aug 2025 23:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
159.254.0.0/24 maxlen: 24
159.254.1.0/24 maxlen: 24
159.254.2.0/24 maxlen: 24
159.254.3.0/24 maxlen: 24
159.254.4.0/24 maxlen: 24
159.254.5.0/24 maxlen: 24
159.254.6.0/24 maxlen: 24
159.254.7.0/24 maxlen: 24
159.254.8.0/24 maxlen: 24
159.254.9.0/24 maxlen: 24
159.254.10.0/24 maxlen: 24
159.254.11.0/24 maxlen: 24
159.254.12.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
2a03:eec0:3601::/48 maxlen: 48
2a03:eec0:3602::/48 maxlen: 48
2a03:eec0:3603::/48 maxlen: 48
2a03:eec0:3604::/48 maxlen: 48
2a03:eec0:3605::/48 maxlen: 48
2a03:eec0:3606::/48 maxlen: 48
2a03:eec0:3607::/48 maxlen: 48
2a03:eec0:3608::/48 maxlen: 48
2a03:eec0:3609::/48 maxlen: 48
2a03:eec0:360a::/48 maxlen: 48
2a03:eec0:360b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 05:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:aa:f0:cd:b5:a9:35:0b:1d:d4:62:9f:be:f3:7b:9a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Aug 14 23:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2495316e01ccbfed3289f434bf32b7073bf72772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b0:93:0a:2d:10:11:25:12:26:2f:92:c3:c2:
12:29:01:f3:a8:d5:9e:5e:a1:96:22:8f:5f:da:ed:
fb:b5:5e:7b:cd:4c:70:46:c7:be:40:d1:0e:1b:65:
6b:8f:d7:45:35:01:f6:89:df:93:8a:52:9f:96:e0:
ec:4d:4d:75:28:fb:32:5c:49:ab:1b:d0:c6:89:bc:
25:6e:db:48:99:4f:e8:10:3a:73:b5:36:48:24:01:
b6:41:7a:b0:da:30:28:7e:d3:ee:79:92:0c:98:e5:
49:62:9a:f4:df:39:12:af:d8:d2:ed:25:3f:34:7c:
2f:14:34:03:d8:f6:92:99:8d:31:1b:41:1e:b8:cb:
81:53:b2:6b:57:2e:54:f9:c1:eb:ae:5b:ca:1c:44:
10:51:b0:7e:13:9a:25:d2:50:9f:85:ad:39:d6:fa:
4c:8e:29:13:ca:19:9c:7c:85:23:0d:19:d8:e6:65:
fd:e7:89:33:f1:bd:d7:bb:8b:47:35:21:0c:a6:ed:
5c:d4:bb:9e:02:86:c6:da:ca:82:ad:ec:a0:d9:27:
ec:2e:40:aa:ea:d0:d6:40:59:da:9a:b0:bd:47:f4:
c1:ec:b0:9c:b9:01:8b:db:a1:83:6d:0a:75:26:93:
ba:02:f5:52:0e:8d:f4:d1:70:2b:3e:63:ce:40:81:
bb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:95:31:6E:01:CC:BF:ED:32:89:F4:34:BF:32:B7:07:3B:F7:27:72
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JJUxbgHMv-0yifQ0vzK3Bzv3J3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
159.254.0.0-159.254.12.255
194.9.116.0/24
IPv6:
2a03:eec0:3601::-2a03:eec0:360b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:f1:41:5c:6a:de:21:0d:1f:de:cd:54:59:1b:92:a7:ea:11:
f1:11:1f:ec:73:bb:3e:d4:73:58:70:a8:b2:de:3a:26:6a:3d:
fe:44:28:66:2b:f6:61:fe:e1:48:ef:48:c4:71:a4:d0:1f:8c:
67:3e:5c:8c:27:72:71:2a:ae:1a:bb:8f:28:7b:dd:da:8b:86:
51:bd:13:77:60:86:a2:77:45:ef:0f:19:d2:7e:2d:d0:48:0d:
1d:2c:67:4b:4d:36:8d:25:69:14:6b:da:c5:01:c5:d9:06:63:
e8:b2:17:bd:41:42:c0:b4:e2:39:bd:c2:4a:80:9a:b6:fe:4a:
9d:7e:67:9b:27:85:44:19:49:a6:26:e9:ac:9b:4c:61:9d:fd:
10:09:6e:01:df:81:1d:a3:6e:b8:0f:3a:e9:a1:20:3b:6f:bc:
a2:3e:20:0d:e9:9e:52:93:03:45:a3:f7:be:75:fa:19:d8:99:
11:93:97:7f:2e:9d:1c:dc:0c:64:39:5a:12:b1:8a:13:7c:41:
63:b0:9f:98:aa:df:8c:34:ee:1c:71:f7:69:bb:ec:ca:87:25:
88:b9:5d:b1:af:42:7c:08:df:15:b9:b8:a6:23:31:53:07:27:
83:15:a6:1b:0d:1c:e8:7b:f2:da:17:30:32:ce:ed:89:00:91:
bb:0d:74:ec
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZiq8M21qTULHdRin77ze5rCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwODE0MjMzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk1MzE2ZTAxY2NiZmVkMzI4OWY0MzRiZjMyYjcwNzNiZjcyNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLCTCi0QESUSJi+Sw8ISKQHzqNWe
XqGWIo9f2u37tV57zUxwRse+QNEOG2Vrj9dFNQH2id+TilKfluDsTU11KPsyXEmr
G9DGibwlbttImU/oEDpztTZIJAG2QXqw2jAoftPueZIMmOVJYpr03zkSr9jS7SU/
NHwvFDQD2PaSmY0xG0EeuMuBU7JrVy5U+cHrrlvKHEQQUbB+E5ol0lCfha051vpM
jikTyhmcfIUjDRnY5mX954kz8b3Xu4tHNSEMpu1c1LueAobG2sqCreyg2SfsLkCq
6tDWQFnamrC9R/TB7LCcuQGL26GDbQp1JpO6AvVSDo300XArPmPOQIG7IQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCSVMW4BzL/tMon0NL8ytwc79ydyMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvSkpVeGJnSE12LTB5aWZRMHZ6SzNCenYzSjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAfBAIAATAZAwQBVzpAMAsD
AwGf/gMEAJ/+DAMEAMIJdDAaBAIAAjAUMBIDBwAqA+7ANgEDBwIqA+7ANggwDQYJ
KoZIhvcNAQELBQADggEBAJPxQVxq3iENH97NVFkbkqfqEfERH+xzuz7Uc1hwqLLe
OiZqPf5EKGYr9mH+4UjvSMRxpNAfjGc+XIwncnEqrhq7jyh73dqLhlG9E3dghqJ3
Re8PGdJ+LdBIDR0sZ0tNNo0laRRr2sUBxdkGY+iyF71BQsC04jm9wkqAmrb+Sp1+
Z5snhUQZSaYm6aybTGGd/RAJbgHfgR2jbrgPOumhIDtvvKI+IA3pnlKTA0Wj9751
+hnYmRGTl38unRzcDGQ5WhKxihN8QWOwn5iq34w07hxx92m77MqHJYi5XbGvQnwI
3xW5uKYjMVMHJ4MVphsNHOh78toXMDLO7YkAkbsNdOw=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:45:32 2025 by rpki-client