Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/JPM4YH3p4W-kOC7R4fma0DgmIZQ.roa
File: JPM4YH3p4W-kOC7R4fma0DgmIZQ.roa (raw, json)
Hash identifier: 1rs/yihW/LgAGtoac03H1xBXx8dUEUTLq50/L4CH5AA=
Subject key identifier: 24:F3:38:60:7D:E9:E1:6F:A4:38:2E:D1:E1:F9:9A:D0:38:26:21:94
Certificate issuer: /CN=f0a9005423147453909366c6b4d09c31958acc1c
Certificate serial: 01991513343512DC4314D264F61CD65D2858
Authority key identifier: F0:A9:00:54:23:14:74:53:90:93:66:C6:B4:D0:9C:31:95:8A:CC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/JPM4YH3p4W-kOC7R4fma0DgmIZQ.roa
Signing time: Thu 04 Sep 2025 14:13:24 +0000
ROA not before: Thu 04 Sep 2025 14:13:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 194.97.192.0/19 maxlen: 19
2001:748:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:13:34:35:12:dc:43:14:d2:64:f6:1c:d6:5d:28:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a9005423147453909366c6b4d09c31958acc1c
Validity
Not Before: Sep 4 14:13:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24f338607de9e16fa4382ed1e1f99ad038262194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:b9:69:44:53:e0:22:3e:6e:15:de:a5:83:
d2:1e:40:12:f1:e8:bd:4f:f2:74:61:4c:27:e3:f2:
17:21:82:f8:77:96:a5:9f:b5:58:b8:39:49:fc:ad:
26:73:ec:c1:82:82:96:7f:9e:77:97:14:9e:a7:62:
ef:63:73:2c:d3:18:d9:a7:f8:f4:db:48:41:48:54:
02:46:7c:69:a2:11:e2:7a:f5:98:8d:27:e0:5b:dd:
bd:08:6c:51:74:ac:ef:92:89:e7:7a:c5:3c:78:1a:
09:02:ee:f4:e9:d7:41:f4:00:f8:1d:cd:29:5b:94:
f2:80:3c:7b:ab:b6:08:e2:20:ea:2a:07:01:93:83:
9a:0b:7e:b4:d7:6e:f1:e4:4d:88:b7:1a:3c:89:78:
83:51:b9:e6:64:b4:86:c7:3f:85:31:73:a5:86:4d:
e2:80:9c:63:5a:a9:e3:41:24:70:57:13:ce:23:e7:
30:80:9c:8d:56:2f:79:fe:a3:5e:c3:98:29:fa:5e:
2b:be:bd:ec:94:62:25:de:9d:59:2e:a0:e4:bc:9b:
57:84:c8:23:0c:dc:23:2f:1c:f8:ff:6b:9c:47:19:
fa:64:e2:af:de:ab:14:bb:7d:73:d4:3c:92:5b:ed:
ca:9a:94:78:ee:21:e6:ef:1b:02:30:2f:a1:8f:cf:
46:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F3:38:60:7D:E9:E1:6F:A4:38:2E:D1:E1:F9:9A:D0:38:26:21:94
X509v3 Authority Key Identifier:
keyid:F0:A9:00:54:23:14:74:53:90:93:66:C6:B4:D0:9C:31:95:8A:CC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/JPM4YH3p4W-kOC7R4fma0DgmIZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.97.192.0/19
IPv6:
2001:748:400::/48
Signature Algorithm: sha256WithRSAEncryption
ba:40:65:30:59:37:1e:2e:12:08:ec:78:dc:f3:dc:b3:b7:19:
e0:b1:5c:6a:67:12:18:eb:15:cd:9a:b8:c3:58:4f:04:e0:01:
87:8d:7b:a1:58:c5:a4:59:72:fc:e9:eb:6d:c3:6a:9a:58:d6:
ea:c5:5e:a5:8e:fb:98:9b:f1:85:47:b8:87:fe:b1:3a:e7:a3:
fb:02:78:53:c1:2d:a6:d7:b2:6a:84:1d:b3:5d:8f:28:3d:fb:
c1:61:bc:75:b9:36:a7:e4:2e:92:e5:33:35:81:99:a8:b0:07:
78:32:9a:d4:8b:5d:6f:c4:38:d9:ce:c5:59:54:5e:a0:7e:19:
0e:bb:d7:4e:66:86:28:14:c3:db:5d:90:b6:ef:2d:e6:00:21:
35:5b:e8:d8:4c:4f:1c:78:83:57:52:4f:29:bd:e2:e0:ec:11:
48:52:ee:33:56:b7:15:9f:7b:ca:6a:2c:1b:f1:9a:f8:87:7a:
49:b7:c6:49:20:f2:44:0d:58:fb:03:11:07:f3:a9:d1:71:39:
e6:ab:7a:bc:cf:20:7b:eb:fb:ee:b2:47:ce:c4:29:71:bc:e3:
dc:5f:39:bb:32:ba:e5:7a:e2:6f:41:5b:a4:2e:b6:de:87:3c:
48:a8:d2:06:c0:13:2a:e3:ae:ca:3f:9f:c3:b5:6c:50:1e:30:
a4:0c:e9:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZkVEzQ1EtxDFNJk9hzWXShYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTkwMDU0MjMxNDc0NTM5MDkzNjZjNmI0ZDA5YzMxOTU4
YWNjMWMwHhcNMjUwOTA0MTQxMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGYzMzg2MDdkZTllMTZmYTQzODJlZDFlMWY5OWFkMDM4MjYyMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3u5aURT4CI+bhXepYPSHkAS8ei9
T/J0YUwn4/IXIYL4d5aln7VYuDlJ/K0mc+zBgoKWf553lxSep2LvY3Ms0xjZp/j0
20hBSFQCRnxpohHievWYjSfgW929CGxRdKzvkonnesU8eBoJAu706ddB9AD4Hc0p
W5TygDx7q7YI4iDqKgcBk4OaC360127x5E2Itxo8iXiDUbnmZLSGxz+FMXOlhk3i
gJxjWqnjQSRwVxPOI+cwgJyNVi95/qNew5gp+l4rvr3slGIl3p1ZLqDkvJtXhMgj
DNwjLxz4/2ucRxn6ZOKv3qsUu31z1DySW+3KmpR47iHm7xsCMC+hj89GRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCTzOGB96eFvpDgu0eH5mtA4JiGUMB8GA1UdIwQY
MBaAFPCpAFQjFHRTkJNmxrTQnDGViswcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtrQVZDTVVkRk9RazJiR3ROQ2NNWldLekJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xNTdhZjYtY2NlMi00ZTZkLWJjMjMt
MzBkNzlmOWFhODc3LzEvSlBNNFlIM3A0Vy1rT0M3UjRmbWEwRGdtSVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xNTdhZjYtY2NlMi00ZTZkLWJjMjMtMzBkNzlmOWFhODc3
LzEvOEtrQVZDTVVkRk9RazJiR3ROQ2NNWldLekJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFwmHAMA8E
AgACMAkDBwAgAQdIBAAwDQYJKoZIhvcNAQELBQADggEBALpAZTBZNx4uEgjseNzz
3LO3GeCxXGpnEhjrFc2auMNYTwTgAYeNe6FYxaRZcvzp623DappY1urFXqWO+5ib
8YVHuIf+sTrno/sCeFPBLabXsmqEHbNdjyg9+8FhvHW5NqfkLpLlMzWBmaiwB3gy
mtSLXW/EONnOxVlUXqB+GQ67105mhigUw9tdkLbvLeYAITVb6NhMTxx4g1dSTym9
4uDsEUhS7jNWtxWfe8pqLBvxmviHekm3xkkg8kQNWPsDEQfzqdFxOearerzPIHvr
++6yR87EKXG849xfObsyuuV64m9BW6Qutt6HPEio0gbAEyrjrso/n8O1bFAeMKQM
6RY=
-----END CERTIFICATE-----
Generated at Wed Sep 10 00:15:46 2025 by rpki-client