Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/JcHfeJjlV--266gVunBono2FBL8.roa
File: JcHfeJjlV--266gVunBono2FBL8.roa (raw, json)
Hash identifier: 2aTzeGR10hHIdC8F6ToLHNpA36FVSTfHDmf74LWIj/E=
Subject key identifier: 25:C1:DF:78:98:E5:57:EF:B6:EB:A8:15:BA:70:68:9E:8D:85:04:BF
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 0198EFDCD6CD4DE580416019577B88B3CB95
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/JcHfeJjlV--266gVunBono2FBL8.roa
Signing time: Thu 28 Aug 2025 08:48:04 +0000
ROA not before: Thu 28 Aug 2025 08:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12684
IP address blocks: 95.170.40.0/21 maxlen: 21
95.170.48.0/21 maxlen: 21
95.170.56.0/21 maxlen: 21
109.106.64.0/21 maxlen: 21
109.106.72.0/21 maxlen: 21
109.106.80.0/21 maxlen: 21
109.106.88.0/21 maxlen: 21
178.73.128.0/21 maxlen: 21
178.73.136.0/21 maxlen: 21
178.73.144.0/21 maxlen: 21
178.73.152.0/21 maxlen: 21
178.73.160.0/21 maxlen: 21
213.138.0.0/20 maxlen: 20
213.138.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ef:dc:d6:cd:4d:e5:80:41:60:19:57:7b:88:b3:cb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Aug 28 08:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25c1df7898e557efb6eba815ba70689e8d8504bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:61:d9:f2:c7:d8:dd:93:d3:38:15:1f:9f:
39:21:20:f6:8a:19:9b:1b:64:24:4a:f8:88:19:c2:
e9:5f:1b:01:2b:f2:e3:8e:ea:d8:16:a1:0d:b7:53:
60:25:fc:11:c5:a5:84:83:32:64:e6:2e:ca:4e:75:
3a:88:6f:37:ba:c3:b5:5a:99:b7:6f:0f:18:d3:4e:
cf:3b:6a:34:21:bc:b7:11:8e:08:9e:2d:01:33:73:
b8:f6:b4:01:05:b2:87:97:09:02:ff:9d:c8:c3:04:
af:90:6b:b1:7b:9f:4c:dd:87:0f:ac:d4:c5:26:b3:
52:1c:4b:cc:a6:13:36:5e:20:64:1b:b4:b7:03:b6:
dc:7a:e6:8b:02:53:d6:7b:83:29:7a:93:06:61:16:
86:56:e1:df:24:49:66:4d:08:c6:4a:c3:a5:35:cd:
a7:f3:5c:4e:e9:61:d7:3b:2c:bb:26:21:b2:dd:ad:
3f:b3:65:2c:fa:46:5e:7e:10:2d:ce:f3:af:0f:8f:
aa:bd:52:ec:a0:81:35:58:c7:9c:cf:7e:ce:dc:d7:
cb:86:85:d3:1b:55:c7:95:66:cf:41:51:29:15:16:
4e:5d:4c:14:70:62:ec:32:7a:a3:75:4f:fd:9d:51:
8f:54:0f:40:87:4a:5f:d6:78:bb:a2:ba:9c:57:24:
9e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C1:DF:78:98:E5:57:EF:B6:EB:A8:15:BA:70:68:9E:8D:85:04:BF
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/JcHfeJjlV--266gVunBono2FBL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.40.0-95.170.63.255
109.106.64.0/19
178.73.128.0-178.73.167.255
213.138.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:6e:80:86:da:e9:f4:51:05:44:0b:c5:3c:ec:a5:d8:fb:06:
f8:50:a5:ec:01:13:04:1f:ae:a8:8c:ff:b3:0e:2a:44:ba:d4:
27:c5:3a:8d:a9:b1:fc:8d:b3:4f:9e:4f:f0:7c:a3:71:99:9f:
a2:da:f6:63:c0:d9:0b:86:50:b4:cb:55:75:90:4d:c8:6e:05:
40:4e:e3:82:1a:fb:be:8c:2a:41:ff:a0:26:2e:f6:e6:06:57:
fa:68:bd:9c:1b:8b:9a:02:63:35:b7:55:ca:89:aa:1a:e5:d1:
a3:62:5e:08:d0:88:f3:7a:99:2a:b9:e2:d0:02:52:46:c7:d8:
67:35:c8:99:b2:fa:77:11:ed:d5:bd:7f:98:61:ef:52:b8:04:
ff:64:66:0e:95:6c:5b:22:c4:9d:3e:4b:9a:0a:74:87:e2:98:
90:56:93:3c:03:88:53:02:ef:89:cc:f3:42:c9:cb:e4:03:02:
6f:45:1f:44:50:f7:0d:dc:fb:54:c8:c7:0e:a3:57:74:fa:3e:
07:dd:0c:de:38:f2:f5:7a:5d:5c:fd:49:fe:c7:bf:19:f2:4e:
a5:5b:e9:d5:67:21:a6:f7:a1:7d:6b:fe:1c:f2:c5:bd:19:5c:
13:21:6d:97:51:de:a2:1f:14:52:53:84:79:e4:24:8a:84:ca:
ca:7f:5c:b2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZjv3NbNTeWAQWAZV3uIs8uVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjUwODI4MDg0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMxZGY3ODk4ZTU1N2VmYjZlYmE4MTViYTcwNjg5ZThkODUwNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuRh2fLH2N2T0zgVH585ISD2ihmb
G2QkSviIGcLpXxsBK/LjjurYFqENt1NgJfwRxaWEgzJk5i7KTnU6iG83usO1Wpm3
bw8Y007PO2o0Iby3EY4Ini0BM3O49rQBBbKHlwkC/53IwwSvkGuxe59M3YcPrNTF
JrNSHEvMphM2XiBkG7S3A7bceuaLAlPWe4MpepMGYRaGVuHfJElmTQjGSsOlNc2n
81xO6WHXOyy7JiGy3a0/s2Us+kZefhAtzvOvD4+qvVLsoIE1WMecz37O3NfLhoXT
G1XHlWbPQVEpFRZOXUwUcGLsMnqjdU/9nVGPVA9Ah0pf1ni7orqcVySebwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCXB33iY5VfvtuuoFbpwaJ6NhQS/MB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvSmNIZmVKamxWLS0yNjZnVnVuQm9ubzJGQkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBANfqigD
BAZfqgADBAVtakAwDAMEB7JJgAMEA7JJoAMEBdWKADANBgkqhkiG9w0BAQsFAAOC
AQEAo26Ahtrp9FEFRAvFPOyl2PsG+FCl7AETBB+uqIz/sw4qRLrUJ8U6jamx/I2z
T55P8HyjcZmfotr2Y8DZC4ZQtMtVdZBNyG4FQE7jghr7vowqQf+gJi725gZX+mi9
nBuLmgJjNbdVyomqGuXRo2JeCNCI83qZKrni0AJSRsfYZzXImbL6dxHt1b1/mGHv
UrgE/2RmDpVsWyLEnT5Lmgp0h+KYkFaTPAOIUwLviczzQsnL5AMCb0UfRFD3Ddz7
VMjHDqNXdPo+B90M3jjy9XpdXP1J/se/GfJOpVvp1WchpvehfWv+HPLFvRlcEyFt
l1Heoh8UUlOEeeQkioTKyn9csg==
-----END CERTIFICATE-----
Generated at Wed Sep 10 02:55:44 2025 by rpki-client