Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JImkzg7QEr3V0RFKkPBeXG7srAY.roa
File: JImkzg7QEr3V0RFKkPBeXG7srAY.roa (raw, json)
Hash identifier: JqZ4eX3WpuyU/w1WRGLBQGzXK1MgCL2NTyHyGZcX2Uw=
Subject key identifier: 24:89:A4:CE:0E:D0:12:BD:D5:D1:11:4A:90:F0:5E:5C:6E:EC:AC:06
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0197DA419CDCB2183B740CBACD503969FAA3
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JImkzg7QEr3V0RFKkPBeXG7srAY.roa
Signing time: Sat 05 Jul 2025 11:03:42 +0000
ROA not before: Sat 05 Jul 2025 11:03:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.23.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.97.0/24 maxlen: 24
87.229.108.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:da:41:9c:dc:b2:18:3b:74:0c:ba:cd:50:39:69:fa:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 5 11:03:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2489a4ce0ed012bdd5d1114a90f05e5c6eecac06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:bc:71:ae:d9:40:fe:68:04:fa:02:79:77:
cb:50:58:da:9c:8a:ea:6e:66:8f:c4:d9:6b:6f:df:
2e:e5:33:ad:5f:84:e3:e6:86:e8:9b:25:ed:48:68:
f1:65:77:cf:f7:c8:e6:29:33:cf:d9:7a:18:82:46:
7a:30:39:49:c6:57:f5:5b:b6:b1:47:4c:c1:02:a3:
3b:0d:ec:05:41:c2:fa:6f:bd:d7:5d:b1:70:16:45:
a0:64:ce:bb:1d:5a:60:58:1f:03:48:95:0e:91:0f:
bc:b9:5a:dd:2c:51:18:22:19:81:d7:f1:2b:11:35:
98:2d:19:c5:fa:fe:f3:3c:0e:a1:a5:ff:2a:87:12:
e1:6f:80:89:5f:93:e9:0b:86:b8:b9:69:1c:74:a5:
89:54:7f:f0:99:75:b3:38:39:e3:f0:fc:19:26:bd:
86:51:80:84:f1:f7:28:16:17:6e:2e:db:51:fa:90:
6f:cb:4c:2c:cf:bf:9e:9a:6c:7f:3f:17:07:22:d5:
c1:73:f5:33:25:39:ee:e6:ff:d4:d4:30:98:db:d8:
97:0d:57:52:41:27:f2:30:0c:f6:d0:ed:c3:49:66:
81:a8:89:cf:54:1d:9a:d5:21:70:55:30:24:46:8f:
00:b3:5e:bf:14:cd:4b:50:c1:ca:09:5c:1f:ef:7b:
d4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:A4:CE:0E:D0:12:BD:D5:D1:11:4A:90:F0:5E:5C:6E:EC:AC:06
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JImkzg7QEr3V0RFKkPBeXG7srAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.23.0/24
87.229.37.0/24
87.229.97.0/24
87.229.108.0/24
87.229.112.0/24
Signature Algorithm: sha256WithRSAEncryption
53:59:ed:e7:d0:5b:80:ca:e0:c2:45:06:cf:c6:65:f7:e9:bf:
9a:00:eb:eb:c4:43:39:ba:f5:82:cf:aa:5b:e2:43:b6:9c:63:
47:83:a5:ce:24:73:14:30:a0:7e:1d:48:1d:56:bb:2a:9d:cb:
cd:28:56:71:59:44:1e:7e:05:c9:ad:c8:4c:88:a8:b5:aa:22:
27:98:ba:c8:89:94:b9:07:86:bd:4a:6a:27:4f:86:4e:6f:f0:
ba:6d:bf:36:24:45:0d:09:7e:6e:1e:47:4b:9b:3b:79:19:fe:
8b:b7:4e:7e:86:95:61:d5:a5:74:bc:9f:55:ac:c7:76:cc:3e:
64:0e:f9:7b:b7:92:a8:b4:b9:45:fe:b1:eb:0e:5f:d7:3c:e0:
54:15:a4:71:9c:69:e7:ee:85:0c:89:05:d8:63:09:2b:ee:ec:
3c:35:c5:6e:96:1a:54:a7:6e:4f:1a:df:2d:0e:e9:d6:7c:8f:
01:fb:49:0a:b8:3d:42:f3:77:ea:72:e3:a1:f6:b7:3a:fe:cc:
a0:51:9e:08:c0:39:86:44:d9:cc:7b:22:51:97:d7:92:bf:7b:
02:f8:4b:f6:e7:0d:7b:20:fe:97:65:6b:68:bc:8a:ec:23:0d:
e0:aa:c5:5a:35:15:14:08:ee:7d:98:16:84:3d:34:28:82:dd:
ac:57:3e:a9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZfaQZzcshg7dAy6zVA5afqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNzA1MTEwMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg5YTRjZTBlZDAxMmJkZDVkMTExNGE5MGYwNWU1YzZlZWNhYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6G8ca7ZQP5oBPoCeXfLUFjanIrq
bmaPxNlrb98u5TOtX4Tj5obomyXtSGjxZXfP98jmKTPP2XoYgkZ6MDlJxlf1W7ax
R0zBAqM7DewFQcL6b73XXbFwFkWgZM67HVpgWB8DSJUOkQ+8uVrdLFEYIhmB1/Er
ETWYLRnF+v7zPA6hpf8qhxLhb4CJX5PpC4a4uWkcdKWJVH/wmXWzODnj8PwZJr2G
UYCE8fcoFhduLttR+pBvy0wsz7+emmx/PxcHItXBc/UzJTnu5v/U1DCY29iXDVdS
QSfyMAz20O3DSWaBqInPVB2a1SFwVTAkRo8As16/FM1LUMHKCVwf73vUrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCSJpM4O0BK91dERSpDwXlxu7KwGMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvSklta3pnN1FFcjNWMFJGS2tQQmVYRzdzckFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCV+UIAwQA
V+UXAwQAV+UlAwQAV+VhAwQAV+VsAwQAV+VwMA0GCSqGSIb3DQEBCwUAA4IBAQBT
We3n0FuAyuDCRQbPxmX36b+aAOvrxEM5uvWCz6pb4kO2nGNHg6XOJHMUMKB+HUgd
VrsqncvNKFZxWUQefgXJrchMiKi1qiInmLrIiZS5B4a9SmonT4ZOb/C6bb82JEUN
CX5uHkdLmzt5Gf6Lt05+hpVh1aV0vJ9VrMd2zD5kDvl7t5KotLlF/rHrDl/XPOBU
FaRxnGnn7oUMiQXYYwkr7uw8NcVulhpUp25PGt8tDunWfI8B+0kKuD1C83fqcuOh
9rc6/sygUZ4IwDmGRNnMeyJRl9eSv3sC+Ev25w17IP6XZWtovIrsIw3gqsVaNRUU
CO59mBaEPTQogt2sVz6p
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:51:25 2025 by rpki-client