Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/JH04xJWe_z8SXKxh4G8BUvGkgyI.roa
File: JH04xJWe_z8SXKxh4G8BUvGkgyI.roa (raw, json)
Hash identifier: KcYkH5Y5+qxD1S4xEoLuy3XrGXKw19/czmMpLLQb7oM=
Subject key identifier: 24:7D:38:C4:95:9E:FF:3F:12:5C:AC:61:E0:6F:01:52:F1:A4:83:22
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 019A267AF423611C1FD5927060DEC51917E8
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/JH04xJWe_z8SXKxh4G8BUvGkgyI.roa
Signing time: Mon 27 Oct 2025 16:23:03 +0000
ROA not before: Mon 27 Oct 2025 16:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204544
IP address blocks: 45.129.36.0/22 maxlen: 22
45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
185.53.140.0/23 maxlen: 23
185.53.140.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:7a:f4:23:61:1c:1f:d5:92:70:60:de:c5:19:17:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Oct 27 16:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=247d38c4959eff3f125cac61e06f0152f1a48322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a8:ed:92:3c:e9:4c:e3:31:7d:88:76:c8:93:
7d:11:04:e1:f9:79:7b:61:76:6c:6f:57:9c:e8:a9:
f4:e7:b8:a3:be:7b:99:b3:4a:7b:17:f2:8d:04:1c:
e4:7b:64:0f:a7:db:8c:ac:bd:fb:94:2a:33:b1:bf:
24:fc:25:12:19:fb:e0:bb:38:33:25:93:96:82:59:
5d:95:33:6e:f3:ff:12:6c:62:a6:5c:6b:48:82:ff:
34:2d:ac:ad:80:ab:0d:5c:bd:61:25:71:7b:e2:12:
d6:76:64:09:09:d5:be:7a:d1:ca:c4:68:9f:67:1d:
be:3a:7b:29:f2:9f:22:fd:f6:81:83:3d:92:a6:a2:
7a:be:82:c0:c6:03:a6:4d:5c:a7:da:8a:33:81:66:
e6:53:33:ee:24:6c:b4:ea:0e:24:29:a4:92:80:55:
26:4a:3a:d6:59:fc:f8:a9:af:6a:8f:c9:39:71:3b:
5d:42:5f:6f:83:09:4a:86:a7:10:09:83:1a:a8:15:
f6:97:a5:3f:40:80:ea:a2:23:f6:29:c6:0d:e0:9f:
97:30:b6:63:8c:b1:09:33:74:6e:8f:0f:77:ba:ba:
db:17:95:57:d6:56:16:a4:e2:54:4f:16:14:bc:ef:
d4:fc:e5:26:bf:d3:b9:1b:94:d1:89:b5:b6:12:fe:
df:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7D:38:C4:95:9E:FF:3F:12:5C:AC:61:E0:6F:01:52:F1:A4:83:22
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/JH04xJWe_z8SXKxh4G8BUvGkgyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:60:11:8a:24:df:9f:43:d1:37:ba:b5:53:62:89:7f:37:e2:
0b:37:bc:41:0c:7b:10:ff:8b:dc:b7:ed:af:23:a6:fb:99:60:
71:cb:2b:c3:8e:a6:76:26:1c:8f:d0:4d:29:4d:c9:7d:fa:05:
03:7c:a8:ea:e3:92:2e:57:64:ad:1a:da:d6:80:a7:3c:25:db:
bb:3f:bb:fe:a7:c5:09:07:60:a0:18:bf:8e:f6:e0:25:19:59:
60:36:f3:55:21:da:9a:27:ff:11:6b:48:cd:2a:00:fe:5e:ff:
75:c1:2b:ac:00:57:ea:2e:6f:d7:db:46:e8:b4:a3:f6:b0:a1:
7d:56:f6:dc:19:06:50:59:d5:a8:e0:be:d6:64:05:76:1f:2c:
74:5b:94:fe:2e:d4:7b:4d:e8:2b:e9:1d:9f:a2:1e:89:ab:49:
ca:5c:0e:50:2f:13:13:89:67:0a:87:c3:52:10:b2:c8:49:f7:
ca:56:5e:d2:fa:b7:8b:32:de:22:4b:38:86:c8:44:f7:f6:f4:
09:fd:5f:ec:97:26:c6:91:c0:e0:d6:68:8c:6e:c2:cc:41:3a:
87:90:9f:ac:48:5e:8a:4c:84:b9:67:ae:31:ec:a3:56:9d:7d:
7e:c9:d8:e9:da:95:6f:f3:d3:5f:37:0c:17:9e:11:23:61:bc:
fe:de:fb:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZomevQjYRwf1ZJwYN7FGRfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjUxMDI3MTYyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDdkMzhjNDk1OWVmZjNmMTI1Y2FjNjFlMDZmMDE1MmYxYTQ4MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KjtkjzpTOMxfYh2yJN9EQTh+Xl7
YXZsb1ec6Kn057ijvnuZs0p7F/KNBBzke2QPp9uMrL37lCozsb8k/CUSGfvguzgz
JZOWglldlTNu8/8SbGKmXGtIgv80LaytgKsNXL1hJXF74hLWdmQJCdW+etHKxGif
Zx2+Onsp8p8i/faBgz2SpqJ6voLAxgOmTVyn2oozgWbmUzPuJGy06g4kKaSSgFUm
SjrWWfz4qa9qj8k5cTtdQl9vgwlKhqcQCYMaqBX2l6U/QIDqoiP2KcYN4J+XMLZj
jLEJM3Rujw93urrbF5VX1lYWpOJUTxYUvO/U/OUmv9O5G5TRibW2Ev7frwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCR9OMSVnv8/ElysYeBvAVLxpIMiMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvSkgwNHhKV2VfejhTWEt4aDRHOEJVdkdrZ3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYEkAwQC
uTWMMA0GCSqGSIb3DQEBCwUAA4IBAQC9YBGKJN+fQ9E3urVTYol/N+ILN7xBDHsQ
/4vct+2vI6b7mWBxyyvDjqZ2JhyP0E0pTcl9+gUDfKjq45IuV2StGtrWgKc8Jdu7
P7v+p8UJB2CgGL+O9uAlGVlgNvNVIdqaJ/8Ra0jNKgD+Xv91wSusAFfqLm/X20bo
tKP2sKF9VvbcGQZQWdWo4L7WZAV2Hyx0W5T+LtR7Tegr6R2foh6Jq0nKXA5QLxMT
iWcKh8NSELLISffKVl7S+reLMt4iSziGyET39vQJ/V/slybGkcDg1miMbsLMQTqH
kJ+sSF6KTIS5Z64x7KNWnX1+ydjp2pVv89NfNwwXnhEjYbz+3vtE
-----END CERTIFICATE-----
Generated at Tue Oct 28 21:39:57 2025 by rpki-client