Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jbNPTi1OX4LV9fqRCNWiSK9CNY4.roa
File: jbNPTi1OX4LV9fqRCNWiSK9CNY4.roa (raw, json)
Hash identifier: q846BJefbYU23y2Errp//9L+MKuaAwbiYTIBl3sEPJY=
Subject key identifier: 8D:B3:4F:4E:2D:4E:5F:82:D5:F5:FA:91:08:D5:A2:48:AF:42:35:8E
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0198F302B2DD515FF12E5C9479A4445A3718
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jbNPTi1OX4LV9fqRCNWiSK9CNY4.roa
Signing time: Thu 28 Aug 2025 23:28:17 +0000
ROA not before: Thu 28 Aug 2025 23:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207001
IP address blocks: 2a01:e901:161::/48 maxlen: 48
2a01:e901:163::/48 maxlen: 48
2a01:e901:171::/48 maxlen: 48
2a01:e901:173::/48 maxlen: 48
2a01:e901:183::/48 maxlen: 48
2a01:e901:193::/48 maxlen: 48
2a01:e901:1a3::/48 maxlen: 48
2a01:e901:1b3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 04:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f3:02:b2:dd:51:5f:f1:2e:5c:94:79:a4:44:5a:37:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Aug 28 23:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8db34f4e2d4e5f82d5f5fa9108d5a248af42358e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:71:71:b8:e4:01:96:55:e1:ae:42:80:86:17:
90:04:6b:59:7f:19:e1:6d:72:00:cb:7a:98:a1:83:
47:cd:2f:8c:d3:bb:9b:69:c6:b0:96:1e:a8:79:10:
b5:8c:c6:e2:ae:95:e4:19:cc:c0:7f:51:65:b0:39:
0f:82:29:a1:bc:15:6a:3c:a1:f9:06:05:38:59:dc:
3c:89:f6:72:69:0d:19:20:0f:c5:4d:c3:0e:f2:20:
80:fd:74:f5:78:8f:2b:ae:ee:95:7f:46:3e:e9:4a:
ee:27:26:d3:6a:54:37:da:41:15:6c:90:5b:79:9c:
ac:a2:5e:9e:0c:c3:c1:0a:19:a2:3c:65:19:46:90:
ba:f0:7a:7a:3a:b8:fc:16:9c:a6:64:2c:c9:34:04:
a3:c8:c8:f7:c4:9f:3e:37:2a:fa:ea:17:4f:16:ee:
58:32:38:8c:22:ea:47:ed:7b:14:98:9d:f3:5d:27:
f7:c2:b2:ae:5d:4e:90:5c:30:cc:eb:b4:39:fa:33:
51:f4:72:b6:7e:22:fb:dd:47:c5:82:70:7e:78:b7:
14:96:8c:7f:c0:8f:74:cf:ad:90:4b:ab:2d:49:8e:
64:9d:69:7d:54:97:4a:22:3d:78:0f:c2:f6:92:b0:
36:f9:d5:b8:e9:6e:ec:20:1c:24:14:fc:22:87:b0:
d5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B3:4F:4E:2D:4E:5F:82:D5:F5:FA:91:08:D5:A2:48:AF:42:35:8E
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jbNPTi1OX4LV9fqRCNWiSK9CNY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:161::/48
2a01:e901:163::/48
2a01:e901:171::/48
2a01:e901:173::/48
2a01:e901:183::/48
2a01:e901:193::/48
2a01:e901:1a3::/48
2a01:e901:1b3::/48
Signature Algorithm: sha256WithRSAEncryption
90:ad:d0:99:0b:52:6e:1c:7b:f4:84:38:25:0f:9c:19:5e:33:
6b:81:82:b2:f9:07:ae:6d:f7:ee:94:34:21:fa:5f:0d:2a:dc:
e3:37:a0:9d:55:b2:6a:3a:12:cb:2d:40:21:02:d2:dd:48:ee:
fa:75:f9:fc:a2:fb:c0:b7:e6:3a:b8:97:09:f7:69:9a:5e:a8:
55:08:40:ba:3e:47:db:99:11:77:12:43:dd:8f:fb:5c:8e:61:
c9:52:c6:83:47:d4:f9:1f:d7:1b:0a:12:11:4b:20:d8:70:70:
1a:90:e0:d2:39:4c:2f:0f:c5:2b:3d:43:46:7c:fb:d7:d2:bb:
8f:f0:0a:09:43:1b:9e:be:2b:8e:62:3e:3c:e8:83:a5:f6:54:
7e:e7:5a:89:6d:e6:f3:4a:fb:3b:07:a2:21:11:e1:c6:81:38:
7e:b3:49:cf:d2:6f:b1:69:68:b5:da:01:1a:8b:2a:f3:a1:ed:
4b:c6:f0:57:a3:df:96:c8:e7:74:82:34:d6:46:15:f5:85:4a:
6a:fa:77:ad:01:20:29:95:91:0a:ab:38:ae:b7:3e:8a:35:ca:
2b:e1:90:99:da:d7:b8:07:7c:84:5a:b4:22:88:91:f1:f1:db:
0f:92:ab:f0:4b:86:50:d3:02:6c:91:43:41:5a:51:cc:04:d5:
cb:97:6f:0d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZjzArLdUV/xLlyUeaREWjcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwODI4MjMyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGIzNGY0ZTJkNGU1ZjgyZDVmNWZhOTEwOGQ1YTI0OGFmNDIzNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHFxuOQBllXhrkKAhheQBGtZfxnh
bXIAy3qYoYNHzS+M07ubacawlh6oeRC1jMbirpXkGczAf1FlsDkPgimhvBVqPKH5
BgU4Wdw8ifZyaQ0ZIA/FTcMO8iCA/XT1eI8rru6Vf0Y+6UruJybTalQ32kEVbJBb
eZysol6eDMPBChmiPGUZRpC68Hp6Orj8FpymZCzJNASjyMj3xJ8+Nyr66hdPFu5Y
MjiMIupH7XsUmJ3zXSf3wrKuXU6QXDDM67Q5+jNR9HK2fiL73UfFgnB+eLcUlox/
wI90z62QS6stSY5knWl9VJdKIj14D8L2krA2+dW46W7sIBwkFPwih7DVLwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFI2zT04tTl+C1fX6kQjVokivQjWOMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvamJOUFRpMU9YNExWOWZxUkNOV2lTSzlDTlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAKgHpAQFh
AwcAKgHpAQFjAwcAKgHpAQFxAwcAKgHpAQFzAwcAKgHpAQGDAwcAKgHpAQGTAwcA
KgHpAQGjAwcAKgHpAQGzMA0GCSqGSIb3DQEBCwUAA4IBAQCQrdCZC1JuHHv0hDgl
D5wZXjNrgYKy+QeubffulDQh+l8NKtzjN6CdVbJqOhLLLUAhAtLdSO76dfn8ovvA
t+Y6uJcJ92maXqhVCEC6PkfbmRF3EkPdj/tcjmHJUsaDR9T5H9cbChIRSyDYcHAa
kODSOUwvD8UrPUNGfPvX0ruP8AoJQxueviuOYj486IOl9lR+51qJbebzSvs7B6Ih
EeHGgTh+s0nP0m+xaWi12gEaiyrzoe1LxvBXo9+WyOd0gjTWRhX1hUpq+netASAp
lZEKqziutz6KNcor4ZCZ2te4B3yEWrQiiJHx8dsPkqvwS4ZQ0wJskUNBWlHMBNXL
l28N
-----END CERTIFICATE-----
Generated at Fri Sep 5 13:37:52 2025 by rpki-client