Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/jf136iTXxi12Hjt-tW87j6RLunU.roa
File: jf136iTXxi12Hjt-tW87j6RLunU.roa (raw, json)
Hash identifier: Y2zqrXOARQyWLcKRC6gUKA6rctKZc3uE4RdzoYUkrrA=
Subject key identifier: 8D:FD:77:EA:24:D7:C6:2D:76:1E:3B:7E:B5:6F:3B:8F:A4:4B:BA:75
Certificate issuer: /CN=720c6323cf730930a03b0e44607f6fedf527a8c4
Certificate serial: 019A0232ED870F456F44D22B05B9508DB7C2
Authority key identifier: 72:0C:63:23:CF:73:09:30:A0:3B:0E:44:60:7F:6F:ED:F5:27:A8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgxjI89zCTCgOw5EYH9v7fUnqMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/jf136iTXxi12Hjt-tW87j6RLunU.roa
Signing time: Mon 20 Oct 2025 15:18:03 +0000
ROA not before: Mon 20 Oct 2025 15:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5413
IP address blocks: 91.220.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/cgxjI89zCTCgOw5EYH9v7fUnqMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/cgxjI89zCTCgOw5EYH9v7fUnqMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/cgxjI89zCTCgOw5EYH9v7fUnqMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 11:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:32:ed:87:0f:45:6f:44:d2:2b:05:b9:50:8d:b7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=720c6323cf730930a03b0e44607f6fedf527a8c4
Validity
Not Before: Oct 20 15:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dfd77ea24d7c62d761e3b7eb56f3b8fa44bba75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:62:39:cc:0e:31:6e:d2:84:1d:39:d2:13:f6:
00:87:9c:0c:16:68:53:b2:ad:96:36:1b:d0:9a:2e:
2b:2a:e0:fe:50:cf:6b:f7:0e:3d:e7:5d:f1:c5:4b:
b6:de:6a:2c:98:6e:75:ff:82:e7:24:16:94:31:ef:
47:7f:89:76:6c:ae:89:46:a6:51:dc:ea:78:a0:46:
88:84:0f:49:09:d1:90:27:e8:25:c1:18:e6:f9:28:
e6:38:8b:83:2b:d2:e6:e2:a6:a4:68:c9:3d:45:ce:
0c:21:88:e7:99:4e:ec:1c:d6:53:74:40:02:45:a7:
3b:28:a7:d6:79:ed:96:fb:91:32:fc:a8:01:f8:c1:
a6:b7:85:20:cb:6d:f9:81:ee:f0:fc:e8:b6:66:bb:
15:4a:72:ee:bc:bb:3e:c6:9b:d6:be:54:0c:bb:00:
30:d0:db:81:05:97:81:a3:93:02:81:32:1e:18:b0:
9a:74:43:89:6e:2a:62:5c:13:92:79:86:ef:8b:5f:
b5:71:da:df:50:eb:17:a4:d3:63:25:55:0c:a9:ec:
c1:0e:65:de:35:b0:d7:4c:fa:9e:2d:67:f6:2d:b2:
c0:8e:8d:8a:3d:cf:db:65:6c:fb:82:0d:87:cc:07:
c1:93:80:a7:9c:11:e4:f7:c6:31:a9:f4:c5:2e:ce:
fc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FD:77:EA:24:D7:C6:2D:76:1E:3B:7E:B5:6F:3B:8F:A4:4B:BA:75
X509v3 Authority Key Identifier:
keyid:72:0C:63:23:CF:73:09:30:A0:3B:0E:44:60:7F:6F:ED:F5:27:A8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgxjI89zCTCgOw5EYH9v7fUnqMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/jf136iTXxi12Hjt-tW87j6RLunU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a6dae8-d98e-4aa0-b4ad-4281e38a9bf2/1/cgxjI89zCTCgOw5EYH9v7fUnqMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.141.0/24
Signature Algorithm: sha256WithRSAEncryption
43:51:48:ce:fd:23:7f:e2:e6:2f:d4:90:da:02:c3:e0:86:a1:
b4:f1:ec:07:78:0e:83:fd:d6:77:a9:ca:e6:ee:70:11:e5:73:
c9:94:48:39:64:7b:f5:d1:14:1b:c4:52:44:9a:4a:39:3e:b6:
8b:5c:b6:6b:53:5f:50:d7:49:f5:75:77:82:2b:a1:83:0a:eb:
6a:42:14:3f:73:31:00:30:ba:23:ce:6a:c5:c4:1e:10:9d:a7:
ad:ba:e7:e7:ef:03:7e:a4:88:c5:23:99:31:41:dd:0c:2e:59:
55:98:10:11:46:47:04:91:c7:2c:88:77:19:94:00:10:6c:c8:
87:9c:9d:65:4e:a5:ed:50:29:38:aa:8b:b7:42:25:3f:78:0c:
1d:ff:df:bc:7b:6c:87:c3:52:e7:e6:47:54:31:13:61:1d:55:
ac:21:4e:d0:a8:36:ab:77:45:b1:9f:68:7a:87:38:74:db:0c:
8e:a9:37:96:d7:99:9e:d8:7e:af:e4:14:18:be:38:3d:c7:3b:
99:a9:7c:79:4c:17:02:14:59:c5:07:49:04:ec:d5:69:bd:e4:
61:47:34:5b:b1:f0:03:c6:80:aa:cc:c7:82:1c:ab:9c:38:e1:
1f:83:aa:36:7c:a1:27:24:ad:80:0c:b0:1f:3d:64:9f:bb:b1:
ca:8d:e9:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoCMu2HD0VvRNIrBblQjbfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMGM2MzIzY2Y3MzA5MzBhMDNiMGU0NDYwN2Y2ZmVkZjUy
N2E4YzQwHhcNMjUxMDIwMTUxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZkNzdlYTI0ZDdjNjJkNzYxZTNiN2ViNTZmM2I4ZmE0NGJiYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2I5zA4xbtKEHTnSE/YAh5wMFmhT
sq2WNhvQmi4rKuD+UM9r9w49513xxUu23mosmG51/4LnJBaUMe9Hf4l2bK6JRqZR
3Op4oEaIhA9JCdGQJ+glwRjm+SjmOIuDK9Lm4qakaMk9Rc4MIYjnmU7sHNZTdEAC
Rac7KKfWee2W+5Ey/KgB+MGmt4Ugy235ge7w/Oi2ZrsVSnLuvLs+xpvWvlQMuwAw
0NuBBZeBo5MCgTIeGLCadEOJbipiXBOSeYbvi1+1cdrfUOsXpNNjJVUMqezBDmXe
NbDXTPqeLWf2LbLAjo2KPc/bZWz7gg2HzAfBk4CnnBHk98YxqfTFLs78lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI39d+ok18Ytdh47frVvO4+kS7p1MB8GA1UdIwQY
MBaAFHIMYyPPcwkwoDsORGB/b+31J6jEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2d4akk4OXpDVENnT3c1RVlIOXY3ZlVucU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNmRhZTgtZDk4ZS00YWEwLWI0YWQt
NDI4MWUzOGE5YmYyLzEvamYxMzZpVFh4aTEySGp0LXRXODdqNlJMdW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNmRhZTgtZDk4ZS00YWEwLWI0YWQtNDI4MWUzOGE5YmYy
LzEvY2d4akk4OXpDVENnT3c1RVlIOXY3ZlVucU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yNMA0G
CSqGSIb3DQEBCwUAA4IBAQBDUUjO/SN/4uYv1JDaAsPghqG08ewHeA6D/dZ3qcrm
7nAR5XPJlEg5ZHv10RQbxFJEmko5PraLXLZrU19Q10n1dXeCK6GDCutqQhQ/czEA
MLojzmrFxB4Qnaetuufn7wN+pIjFI5kxQd0MLllVmBARRkcEkccsiHcZlAAQbMiH
nJ1lTqXtUCk4qou3QiU/eAwd/9+8e2yHw1Ln5kdUMRNhHVWsIU7QqDard0Wxn2h6
hzh02wyOqTeW15me2H6v5BQYvjg9xzuZqXx5TBcCFFnFB0kE7NVpveRhRzRbsfAD
xoCqzMeCHKucOOEfg6o2fKEnJK2ADLAfPWSfu7HKjelE
-----END CERTIFICATE-----
Generated at Sat Oct 25 17:21:57 2025 by rpki-client