Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/K_JZgBsGAVe42CM82ldUkYg0iAQ.roa
File: K_JZgBsGAVe42CM82ldUkYg0iAQ.roa (raw, json)
Hash identifier: bwVI85s3fTqLxVepdOjVCwyC9itDatE9AOSLnrN/zKU=
Subject key identifier: 2B:F2:59:80:1B:06:01:57:B8:D8:23:3C:DA:57:54:91:88:34:88:04
Certificate issuer: /CN=e39557250543e4476af88c4612d4a89531313b57
Certificate serial: 019A0CD2F49BF2D504A6160DDCC7B8E5BE38
Authority key identifier: E3:95:57:25:05:43:E4:47:6A:F8:8C:46:12:D4:A8:95:31:31:3B:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/45VXJQVD5Edq-IxGEtSolTExO1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/K_JZgBsGAVe42CM82ldUkYg0iAQ.roa
Signing time: Wed 22 Oct 2025 16:49:03 +0000
ROA not before: Wed 22 Oct 2025 16:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51815
IP address blocks: 91.226.180.0/24 maxlen: 24
194.48.213.0/24 maxlen: 24
2001:67c:5f4::/48 maxlen: 48
2a0a:b780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/45VXJQVD5Edq-IxGEtSolTExO1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/45VXJQVD5Edq-IxGEtSolTExO1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/45VXJQVD5Edq-IxGEtSolTExO1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 13:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:d2:f4:9b:f2:d5:04:a6:16:0d:dc:c7:b8:e5:be:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39557250543e4476af88c4612d4a89531313b57
Validity
Not Before: Oct 22 16:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bf259801b060157b8d8233cda57549188348804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:2d:97:6c:45:f4:90:61:e1:f4:06:cf:c2:
12:38:b7:46:fb:7a:23:6c:eb:10:e9:28:b8:c3:f2:
9f:57:bb:e0:65:d0:06:a8:0e:ab:2f:0a:89:4d:59:
fd:8c:d3:60:4c:c8:69:e3:43:e8:eb:42:5b:58:59:
f9:50:d9:60:9f:f4:0b:b7:cc:d3:d3:b7:55:1d:28:
ce:9f:7f:31:0d:15:f9:c3:b8:1c:51:ef:e7:99:2d:
64:c9:94:cd:ad:0c:6e:7f:a5:90:54:f7:c9:28:f1:
04:b6:47:c4:47:23:ed:b0:c3:c8:12:7a:2d:24:05:
b3:b8:90:ac:fc:19:d6:03:2f:b0:ed:b4:90:ce:a0:
f4:60:54:a1:94:7f:5a:ef:52:ed:72:37:b6:53:f4:
06:15:24:e2:bb:48:ed:d5:0e:65:af:ad:f3:93:f6:
28:15:7b:ee:16:c5:a5:40:44:80:9d:8b:5f:15:ee:
58:77:d2:aa:ce:53:97:15:b3:f9:56:79:a8:81:2e:
20:1a:b0:88:e3:00:25:b8:1e:6e:9c:e1:8a:94:5e:
8b:31:1f:e0:de:b0:7f:04:56:96:b9:e1:e6:c5:47:
74:fd:6b:ad:86:98:63:fa:cc:86:e1:35:40:5c:30:
98:15:06:cf:2d:7c:f5:b2:9c:27:ba:2e:d4:47:eb:
17:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F2:59:80:1B:06:01:57:B8:D8:23:3C:DA:57:54:91:88:34:88:04
X509v3 Authority Key Identifier:
keyid:E3:95:57:25:05:43:E4:47:6A:F8:8C:46:12:D4:A8:95:31:31:3B:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/45VXJQVD5Edq-IxGEtSolTExO1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/K_JZgBsGAVe42CM82ldUkYg0iAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/29d264-b941-47a4-9ec5-20695193ac07/1/45VXJQVD5Edq-IxGEtSolTExO1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.180.0/24
194.48.213.0/24
IPv6:
2001:67c:5f4::/48
2a0a:b780::/29
Signature Algorithm: sha256WithRSAEncryption
cb:fa:70:3f:c5:22:9b:1b:27:48:17:c0:ad:5d:69:63:d5:51:
f4:13:aa:a3:a6:0c:2d:ab:24:87:9f:c2:d5:71:4c:d3:16:8f:
e4:a1:b9:11:c8:21:f4:7f:ed:48:ba:7e:3d:45:27:e3:53:aa:
22:97:f4:0e:12:8f:d8:87:94:e5:5d:f5:aa:d6:fe:0d:3d:aa:
dd:9c:e6:99:16:6b:e8:48:80:0c:cb:15:18:f5:2f:53:bc:42:
5b:04:52:2d:40:f1:cd:c8:3c:99:48:22:17:e2:38:07:18:4e:
20:c8:d8:0d:01:e1:c9:b0:eb:b6:7a:b2:f9:8b:6b:2c:a4:f9:
27:87:ef:65:fb:fb:55:c2:e4:3b:e2:e9:c9:f0:3f:e8:af:34:
9c:88:a8:26:2c:1e:20:3c:25:e0:c8:af:3e:36:ad:58:47:2a:
31:6a:c5:bf:a4:69:b0:a3:8c:99:24:48:88:24:f6:48:40:81:
a0:fa:4b:c3:be:49:26:35:72:3b:a7:e2:d8:4a:f1:86:e6:80:
5e:21:b7:8c:3c:a2:d0:4b:b9:bd:e9:48:6b:e2:7e:72:03:c3:
66:26:96:4c:f8:b9:76:10:00:b1:8b:ad:c6:13:fb:84:f6:57:
cf:0c:5f:ab:42:51:51:59:35:b7:ac:e4:69:d6:56:7e:bc:06:
f0:53:0f:50
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZoM0vSb8tUEphYN3Me45b44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOTU1NzI1MDU0M2U0NDc2YWY4OGM0NjEyZDRhODk1MzEz
MTNiNTcwHhcNMjUxMDIyMTY0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmYyNTk4MDFiMDYwMTU3YjhkODIzM2NkYTU3NTQ5MTg4MzQ4ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7Mtl2xF9JBh4fQGz8ISOLdG+3oj
bOsQ6Si4w/KfV7vgZdAGqA6rLwqJTVn9jNNgTMhp40Po60JbWFn5UNlgn/QLt8zT
07dVHSjOn38xDRX5w7gcUe/nmS1kyZTNrQxuf6WQVPfJKPEEtkfERyPtsMPIEnot
JAWzuJCs/BnWAy+w7bSQzqD0YFShlH9a71Ltcje2U/QGFSTiu0jt1Q5lr63zk/Yo
FXvuFsWlQESAnYtfFe5Yd9KqzlOXFbP5VnmogS4gGrCI4wAluB5unOGKlF6LMR/g
3rB/BFaWueHmxUd0/Wuthphj+syG4TVAXDCYFQbPLXz1spwnui7UR+sX5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCvyWYAbBgFXuNgjPNpXVJGINIgEMB8GA1UdIwQY
MBaAFOOVVyUFQ+RHaviMRhLUqJUxMTtXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDVWWEpRVkQ1RWRxLUl4R0V0U29sVEV4TzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yOWQyNjQtYjk0MS00N2E0LTllYzUt
MjA2OTUxOTNhYzA3LzEvS19KWmdCc0dBVmU0MkNNODJsZFVrWWcwaUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yOWQyNjQtYjk0MS00N2E0LTllYzUtMjA2OTUxOTNhYzA3
LzEvNDVWWEpRVkQ1RWRxLUl4R0V0U29sVEV4TzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW+K0AwQA
wjDVMBYEAgACMBADBwAgAQZ8BfQDBQMqCreAMA0GCSqGSIb3DQEBCwUAA4IBAQDL
+nA/xSKbGydIF8CtXWlj1VH0E6qjpgwtqySHn8LVcUzTFo/kobkRyCH0f+1Iun49
RSfjU6oil/QOEo/Yh5TlXfWq1v4NPardnOaZFmvoSIAMyxUY9S9TvEJbBFItQPHN
yDyZSCIX4jgHGE4gyNgNAeHJsOu2erL5i2sspPknh+9l+/tVwuQ74unJ8D/orzSc
iKgmLB4gPCXgyK8+Nq1YRyoxasW/pGmwo4yZJEiIJPZIQIGg+kvDvkkmNXI7p+LY
SvGG5oBeIbeMPKLQS7m96Uhr4n5yA8NmJpZM+Ll2EACxi63GE/uE9lfPDF+rQlFR
WTW3rORp1lZ+vAbwUw9Q
-----END CERTIFICATE-----
Generated at Mon Oct 27 20:24:52 2025 by rpki-client