Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/j5qbmBs0_BfbwDwd52YtHtTdhQg.roa
File: j5qbmBs0_BfbwDwd52YtHtTdhQg.roa (raw, json)
Hash identifier: LA1lDjQr1OL9kDtbpIDDn8ilyEOxmrMJjPxRdvdaCKQ=
Subject key identifier: 8F:9A:9B:98:1B:34:FC:17:DB:C0:3C:1D:E7:66:2D:1E:D4:DD:85:08
Certificate issuer: /CN=7c8ee4af2fc1c4ec1b1767e3d3f260732edf9169
Certificate serial: 01973ECC2DE9273C81498F07B67DCE5CB602
Authority key identifier: 7C:8E:E4:AF:2F:C1:C4:EC:1B:17:67:E3:D3:F2:60:73:2E:DF:91:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fI7kry_BxOwbF2fj0_Jgcy7fkWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/j5qbmBs0_BfbwDwd52YtHtTdhQg.roa
Signing time: Thu 05 Jun 2025 06:34:17 +0000
ROA not before: Thu 05 Jun 2025 06:34:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44949
IP address blocks: 83.142.128.0/23 maxlen: 23
83.142.128.0/24 maxlen: 24
83.142.129.0/24 maxlen: 24
195.160.202.0/24 maxlen: 24
195.160.203.0/24 maxlen: 24
2a07:ec80:210::/48 maxlen: 48
2a07:ec80:211::/48 maxlen: 48
2a07:ec80:221::/48 maxlen: 48
2a07:ec80:230::/48 maxlen: 48
2a07:ec80:231::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/fI7kry_BxOwbF2fj0_Jgcy7fkWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/fI7kry_BxOwbF2fj0_Jgcy7fkWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fI7kry_BxOwbF2fj0_Jgcy7fkWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:cc:2d:e9:27:3c:81:49:8f:07:b6:7d:ce:5c:b6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8ee4af2fc1c4ec1b1767e3d3f260732edf9169
Validity
Not Before: Jun 5 06:34:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f9a9b981b34fc17dbc03c1de7662d1ed4dd8508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:47:43:7c:17:87:ca:b3:7a:20:36:de:23:
b1:e8:f6:e7:1a:1a:83:3c:6f:94:7e:54:90:6e:69:
22:cf:e2:a8:91:b3:61:9e:8b:e6:9f:5b:53:c4:6b:
b2:44:83:01:2c:3b:de:ab:af:f3:50:d2:db:e8:d2:
ec:1b:cd:96:8b:36:f9:eb:93:a6:56:50:00:64:c5:
dc:a4:fc:43:f3:da:32:55:6f:a2:39:91:5e:a7:2d:
a7:85:64:db:7b:02:a9:60:6d:11:22:fa:ef:97:e2:
60:8d:4d:21:2d:a4:8e:ea:47:61:07:84:99:5d:97:
2f:05:11:01:e4:08:d2:91:7e:51:91:6d:c9:40:a7:
59:fe:48:ab:ee:85:09:e9:e0:f9:5a:1f:ad:b3:1c:
52:95:fa:91:92:fc:07:f1:cb:83:3f:17:04:94:94:
2f:32:f3:66:ab:6f:61:3e:06:75:d8:eb:3a:51:ee:
03:c0:26:3b:e5:ec:22:76:df:e7:e0:8c:fb:97:19:
48:31:ba:7e:4f:94:3d:01:a0:29:5a:fe:27:4b:b1:
74:de:24:57:d5:cd:6b:71:59:12:d5:b1:63:b7:d7:
e7:a6:80:77:3c:05:96:a7:76:5d:b7:bc:f3:54:fa:
90:8f:45:3d:bb:78:3c:3c:a6:2d:b7:27:9c:0e:88:
41:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9A:9B:98:1B:34:FC:17:DB:C0:3C:1D:E7:66:2D:1E:D4:DD:85:08
X509v3 Authority Key Identifier:
keyid:7C:8E:E4:AF:2F:C1:C4:EC:1B:17:67:E3:D3:F2:60:73:2E:DF:91:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fI7kry_BxOwbF2fj0_Jgcy7fkWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/j5qbmBs0_BfbwDwd52YtHtTdhQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a9e0bd-ac85-4e2e-8f22-83c2157bdac0/1/fI7kry_BxOwbF2fj0_Jgcy7fkWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.128.0/23
195.160.202.0/23
IPv6:
2a07:ec80:210::/47
2a07:ec80:221::/48
2a07:ec80:230::/47
Signature Algorithm: sha256WithRSAEncryption
1d:34:46:cd:dd:23:7c:a4:c7:4b:3f:c1:dc:1f:16:32:5c:67:
97:91:f4:95:ca:10:58:1d:00:0e:29:31:94:1b:f1:c2:b9:fe:
db:c8:ad:17:3a:36:fa:e5:df:17:1e:18:cc:a4:b5:7e:49:1f:
3f:a7:38:ad:12:e7:51:da:cd:51:5f:68:7c:c1:84:e2:3e:55:
b0:c4:8e:5f:3d:aa:ac:b3:8b:10:de:a6:c5:ad:3d:48:eb:9f:
29:52:f9:c2:d2:a1:a8:cc:f5:a2:53:57:77:ee:07:5d:1b:ac:
24:75:43:71:ec:6f:0c:da:f1:a6:cc:5c:ad:25:d9:cc:cc:a6:
8d:50:98:a1:68:3e:31:f0:90:07:8f:83:97:ac:b4:63:a3:68:
1e:11:7a:d0:38:53:39:8d:bc:ce:e8:10:1e:e6:9c:77:a9:e1:
02:da:14:78:0f:77:18:fb:0a:3b:76:30:d6:ea:2f:bb:23:8a:
09:32:51:46:26:0a:80:f0:c0:ee:8b:49:b2:7a:9a:b4:6a:49:
c5:df:d2:e2:a0:4d:0e:d4:74:64:c9:89:e0:6f:8a:3e:26:6b:
ea:c3:c9:f6:80:19:bf:f2:66:5e:c6:45:56:e9:c1:e2:a4:fe:
d3:6d:be:0f:72:a9:78:f8:15:80:a1:b4:3b:43:4c:27:a5:bd:
ea:01:72:1b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZc+zC3pJzyBSY8Htn3OXLYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGVlNGFmMmZjMWM0ZWMxYjE3NjdlM2QzZjI2MDczMmVk
ZjkxNjkwHhcNMjUwNjA1MDYzNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjlhOWI5ODFiMzRmYzE3ZGJjMDNjMWRlNzY2MmQxZWQ0ZGQ4NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDFHQ3wXh8qzeiA23iOx6PbnGhqD
PG+UflSQbmkiz+KokbNhnovmn1tTxGuyRIMBLDveq6/zUNLb6NLsG82Wizb565Om
VlAAZMXcpPxD89oyVW+iOZFepy2nhWTbewKpYG0RIvrvl+JgjU0hLaSO6kdhB4SZ
XZcvBREB5AjSkX5RkW3JQKdZ/kir7oUJ6eD5Wh+tsxxSlfqRkvwH8cuDPxcElJQv
MvNmq29hPgZ12Os6Ue4DwCY75ewidt/n4Iz7lxlIMbp+T5Q9AaApWv4nS7F03iRX
1c1rcVkS1bFjt9fnpoB3PAWWp3Zdt7zzVPqQj0U9u3g8PKYttyecDohBtwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFI+am5gbNPwX28A8HedmLR7U3YUIMB8GA1UdIwQY
MBaAFHyO5K8vwcTsGxdn49PyYHMu35FpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkk3a3J5X0J4T3diRjJmajBfSmdjeTdma1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hOWUwYmQtYWM4NS00ZTJlLThmMjIt
ODNjMjE1N2JkYWMwLzEvajVxYm1CczBfQmZid0R3ZDUyWXRIdFRkaFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hOWUwYmQtYWM4NS00ZTJlLThmMjItODNjMjE1N2JkYWMw
LzEvZkk3a3J5X0J4T3diRjJmajBfSmdjeTdma1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQBU46AAwQB
w6DKMCEEAgACMBsDBwEqB+yAAhADBwAqB+yAAiEDBwEqB+yAAjAwDQYJKoZIhvcN
AQELBQADggEBAB00Rs3dI3ykx0s/wdwfFjJcZ5eR9JXKEFgdAA4pMZQb8cK5/tvI
rRc6Nvrl3xceGMyktX5JHz+nOK0S51HazVFfaHzBhOI+VbDEjl89qqyzixDepsWt
PUjrnylS+cLSoajM9aJTV3fuB10brCR1Q3Hsbwza8abMXK0l2czMpo1QmKFoPjHw
kAePg5estGOjaB4RetA4UzmNvM7oEB7mnHep4QLaFHgPdxj7Cjt2MNbqL7sjigky
UUYmCoDwwO6LSbJ6mrRqScXf0uKgTQ7UdGTJieBvij4ma+rDyfaAGb/yZl7GRVbp
weKk/tNtvg9yqXj4FYChtDtDTCelveoBchs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:54:44 2025 by rpki-client