Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/JRmU3PiZjl4xAoYPwkJb5noBCag.roa
File: JRmU3PiZjl4xAoYPwkJb5noBCag.roa (raw, json)
Hash identifier: Tw3oCfi2dlv54OcvvpTN/uwHZHshvPjQOz5AooIbmhg=
Subject key identifier: 25:19:94:DC:F8:99:8E:5E:31:02:86:0F:C2:42:5B:E6:7A:01:09:A8
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019911A18D06380609AEFC2044D901BF8F76
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/JRmU3PiZjl4xAoYPwkJb5noBCag.roa
Signing time: Wed 03 Sep 2025 22:10:24 +0000
ROA not before: Wed 03 Sep 2025 22:10:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:11:a1:8d:06:38:06:09:ae:fc:20:44:d9:01:bf:8f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Sep 3 22:10:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=251994dcf8998e5e3102860fc2425be67a0109a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:d6:3c:44:42:c3:51:08:92:01:53:e4:f3:
ef:c3:1b:9d:64:31:19:eb:55:6d:72:5d:b6:11:3b:
f7:04:f6:eb:71:90:b2:3d:70:83:b3:12:a5:ed:01:
a5:3b:f4:ab:8e:1f:ac:1c:f1:c6:b9:d7:03:93:de:
ca:2c:82:d7:cf:bf:e9:63:56:44:f6:22:bf:f2:f0:
30:55:b0:54:a3:88:0a:30:d1:1c:57:84:17:a7:d3:
d1:80:f4:7d:55:3a:4d:84:bb:52:eb:ba:c7:55:2f:
83:a1:58:78:78:d5:e1:f2:56:80:f3:fb:eb:fb:0c:
bb:a6:e0:47:46:9e:ef:ee:60:30:fc:90:31:45:1d:
da:53:eb:f0:d8:1b:b2:37:48:7d:74:a6:e7:79:fe:
3b:c1:35:3d:a5:04:4c:dc:e2:8e:12:4a:19:ff:0f:
c7:c8:c4:d2:57:3d:43:8e:ac:bb:40:1f:9e:ec:5f:
86:ab:fb:75:7b:8b:51:14:4c:da:b3:4b:44:89:4d:
c2:d2:8c:5e:60:36:8f:61:d1:55:42:54:8f:76:02:
02:88:f0:78:e7:d1:3a:d6:7e:3c:90:d8:4a:ee:20:
d2:39:69:29:99:26:52:57:4c:a1:11:84:06:1c:ec:
83:f1:e2:a3:8d:fd:2a:e1:9d:3f:fa:14:4b:2e:47:
0a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:19:94:DC:F8:99:8E:5E:31:02:86:0F:C2:42:5B:E6:7A:01:09:A8
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/JRmU3PiZjl4xAoYPwkJb5noBCag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
94.26.110.0/23
94.101.103.0/24
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
80:62:ad:6a:0f:02:6a:05:e7:cb:bc:f2:4d:56:4d:56:6e:0a:
32:66:93:82:8b:ee:db:15:d1:2b:86:6c:2f:ce:52:cb:67:fd:
62:34:03:d1:ed:32:9d:f6:4b:e8:1f:eb:12:e5:fb:b2:b6:20:
e7:b4:29:54:33:2a:1c:d7:3a:2b:ee:f9:79:79:22:32:e9:d8:
06:9f:b8:55:75:97:f5:9b:1a:fd:4a:36:d4:ca:ef:2c:c3:cb:
3f:9a:15:2f:da:22:c8:e5:ec:19:d2:42:b9:5f:9b:c1:87:fe:
67:f8:ce:90:c0:d8:7e:be:0b:93:92:7f:17:00:0d:3e:1b:30:
ac:b2:6b:1d:f0:23:e5:6e:92:d1:b1:b3:01:6a:ba:4b:48:fe:
11:0e:b0:36:9b:31:1b:bb:a6:2e:6e:cd:24:aa:7d:4d:aa:ab:
54:aa:e5:d5:e9:66:86:0b:9a:78:3b:2e:59:70:35:9e:68:3f:
ab:fe:d9:12:63:ea:75:fe:54:25:67:b2:0e:25:45:e3:6f:59:
03:02:0b:30:5c:49:0d:b7:92:40:93:95:dd:14:eb:e2:72:ea:
d8:11:86:21:51:74:e3:9c:22:8d:c3:91:b4:95:c1:2c:d2:51:
9a:a6:36:ea:d5:62:02:60:b3:9d:7b:0a:4a:99:01:3c:1d:47:
4f:3a:c4:88
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZkRoY0GOAYJrvwgRNkBv492MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwOTAzMjIxMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE5OTRkY2Y4OTk4ZTVlMzEwMjg2MGZjMjQyNWJlNjdhMDEwOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3HWPERCw1EIkgFT5PPvwxudZDEZ
61Vtcl22ETv3BPbrcZCyPXCDsxKl7QGlO/Srjh+sHPHGudcDk97KLILXz7/pY1ZE
9iK/8vAwVbBUo4gKMNEcV4QXp9PRgPR9VTpNhLtS67rHVS+DoVh4eNXh8laA8/vr
+wy7puBHRp7v7mAw/JAxRR3aU+vw2BuyN0h9dKbnef47wTU9pQRM3OKOEkoZ/w/H
yMTSVz1Djqy7QB+e7F+Gq/t1e4tRFEzas0tEiU3C0oxeYDaPYdFVQlSPdgICiPB4
59E61n48kNhK7iDSOWkpmSZSV0yhEYQGHOyD8eKjjf0q4Z0/+hRLLkcKSwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCUZlNz4mY5eMQKGD8JCW+Z6AQmoMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvSlJtVTNQaVpqbDR4QW9ZUHdrSmI1bm9CQ2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAZN38AD
BAFN38gDBAFPi0ADBANTjsgDBAFeGm4DBABeZWcDBAKw3jADBAOy2LgDBATGDhAD
BALGkXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBAIBirWoPAmoF58u88k1WTVZu
CjJmk4KL7tsV0SuGbC/OUstn/WI0A9HtMp32S+gf6xLl+7K2IOe0KVQzKhzXOivu
+Xl5IjLp2AafuFV1l/WbGv1KNtTK7yzDyz+aFS/aIsjl7BnSQrlfm8GH/mf4zpDA
2H6+C5OSfxcADT4bMKyyax3wI+VuktGxswFquktI/hEOsDabMRu7pi5uzSSqfU2q
q1Sq5dXpZoYLmng7LllwNZ5oP6v+2RJj6nX+VCVnsg4lReNvWQMCCzBcSQ23kkCT
ld0U6+Jy6tgRhiFRdOOcIo3DkbSVwSzSUZqmNurVYgJgs517CkqZATwdR086xIg=
-----END CERTIFICATE-----
Generated at Sat Sep 6 11:59:12 2025 by rpki-client