Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/j7_hDGdLtkL478z9D-_ULzuPNQ0.roa
File: j7_hDGdLtkL478z9D-_ULzuPNQ0.roa (raw, json)
Hash identifier: cHtMiS6d0uLx+z24O2WShjptyU5EzGP59Cio4Yaow/c=
Subject key identifier: 8F:BF:E1:0C:67:4B:B6:42:F8:EF:CC:FD:0F:EF:D4:2F:3B:8F:35:0D
Certificate issuer: /CN=61374fc4eab00d41c1eee47fdfb001078c74fa85
Certificate serial: 019A073015FED4DA1ADCEDBE8DDA620AF995
Authority key identifier: 61:37:4F:C4:EA:B0:0D:41:C1:EE:E4:7F:DF:B0:01:07:8C:74:FA:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/j7_hDGdLtkL478z9D-_ULzuPNQ0.roa
Signing time: Tue 21 Oct 2025 14:33:03 +0000
ROA not before: Tue 21 Oct 2025 14:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 45.131.182.0/24 maxlen: 24
213.134.31.0/24 maxlen: 24
2a13:4ac0::/46 maxlen: 46
2a13:4ac0:4::/46 maxlen: 46
2a13:4ac0:10::/46 maxlen: 46
2a13:4ac0:14::/46 maxlen: 46
2a13:4ac0:18::/46 maxlen: 46
2a13:4ac0:1c::/46 maxlen: 46
2a13:4ac0:20::/46 maxlen: 46
2a13:4ac0:24::/46 maxlen: 46
2a13:4ac0:28::/46 maxlen: 46
2a13:4ac0:2c::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.mft
rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 05:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:30:15:fe:d4:da:1a:dc:ed:be:8d:da:62:0a:f9:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61374fc4eab00d41c1eee47fdfb001078c74fa85
Validity
Not Before: Oct 21 14:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fbfe10c674bb642f8efccfd0fefd42f3b8f350d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b0:28:9d:34:88:a0:6d:48:54:95:bc:97:3f:
d2:e3:c3:a0:77:13:17:92:dd:de:9b:65:ee:85:5b:
64:ed:a9:52:03:d7:6c:07:d0:1d:a8:33:85:72:c0:
d1:55:c9:ae:a6:96:b0:fe:d6:d3:78:b6:0e:79:83:
10:32:34:bb:04:64:c8:ad:48:4d:17:c6:05:0b:1f:
33:72:19:35:cb:b1:05:8b:ae:b4:43:23:c9:33:be:
84:db:29:e2:14:4a:96:4e:1a:91:0d:5f:67:5e:04:
b5:45:d4:bf:82:91:b1:48:72:7c:a1:7d:c6:f0:ec:
8f:3d:63:f4:29:51:f4:ab:54:9f:99:d1:ba:a2:29:
dd:0f:4f:d1:05:61:b8:32:6b:76:fa:b9:bd:e9:b0:
7b:86:61:db:7c:24:96:18:1a:c2:24:1d:e6:c6:bd:
11:21:ab:e8:0d:11:db:1e:ab:f1:09:23:b2:ac:a5:
fc:53:9b:3c:62:70:f7:e7:34:0b:5a:1e:83:5c:92:
1a:13:5a:16:3d:e1:b9:c6:6a:61:5a:a2:5e:03:40:
c5:f9:b0:05:ff:38:f2:b6:67:23:67:9b:e7:41:9e:
82:24:e5:9a:40:7c:1f:6e:55:ca:78:37:77:7d:ab:
f0:c8:3a:4e:2f:03:1b:a3:58:8c:ab:a5:4b:ba:1b:
03:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BF:E1:0C:67:4B:B6:42:F8:EF:CC:FD:0F:EF:D4:2F:3B:8F:35:0D
X509v3 Authority Key Identifier:
keyid:61:37:4F:C4:EA:B0:0D:41:C1:EE:E4:7F:DF:B0:01:07:8C:74:FA:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/j7_hDGdLtkL478z9D-_ULzuPNQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.182.0/24
213.134.31.0/24
IPv6:
2a13:4ac0::/45
2a13:4ac0:10::-2a13:4ac0:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:f7:d2:34:ce:6d:7b:e4:6d:4c:74:a8:c2:72:ce:18:b7:bf:
8c:d1:b5:60:87:c7:58:4e:6b:9b:7f:be:c3:7c:4e:e7:7d:6d:
0e:7a:9e:be:40:e3:90:23:d1:87:78:6e:66:d7:91:6e:d3:c1:
23:e6:f3:aa:af:0e:92:27:c8:e3:e3:cc:80:a3:19:03:3b:b4:
7d:5f:ad:2b:23:12:d7:fe:fd:83:19:f9:4e:b3:b1:5f:d4:ab:
b3:a6:b5:bf:80:61:0f:06:62:cd:d2:38:8c:fa:37:b7:98:5d:
81:9a:69:90:b7:80:11:63:49:b3:9f:25:cc:c1:55:ff:e7:9b:
6f:6e:5f:ac:54:41:94:8e:de:7e:35:93:11:e4:f4:c7:c1:9c:
22:be:d3:dd:21:45:9a:b1:d6:58:7a:81:e9:63:ed:49:4c:fc:
0a:38:63:05:81:1a:ba:32:af:a4:ba:bd:25:b2:e9:e0:75:4b:
27:32:9e:c9:51:94:68:43:35:bd:eb:8a:17:e6:71:7f:7a:98:
c0:28:d3:42:b0:73:58:c6:95:41:c9:14:95:b2:19:28:f0:87:
7e:97:10:d0:b7:c9:79:d4:ea:60:36:c7:f5:7f:88:2a:76:cf:
ab:cd:04:42:99:f9:8c:0c:81:0f:a8:31:4c:19:9b:66:f8:7f:
43:32:90:2a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZoHMBX+1Noa3O2+jdpiCvmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzc0ZmM0ZWFiMDBkNDFjMWVlZTQ3ZmRmYjAwMTA3OGM3
NGZhODUwHhcNMjUxMDIxMTQzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmJmZTEwYzY3NGJiNjQyZjhlZmNjZmQwZmVmZDQyZjNiOGYzNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLAonTSIoG1IVJW8lz/S48OgdxMX
kt3em2XuhVtk7alSA9dsB9AdqDOFcsDRVcmuppaw/tbTeLYOeYMQMjS7BGTIrUhN
F8YFCx8zchk1y7EFi660QyPJM76E2yniFEqWThqRDV9nXgS1RdS/gpGxSHJ8oX3G
8OyPPWP0KVH0q1SfmdG6oindD0/RBWG4Mmt2+rm96bB7hmHbfCSWGBrCJB3mxr0R
IavoDRHbHqvxCSOyrKX8U5s8YnD35zQLWh6DXJIaE1oWPeG5xmphWqJeA0DF+bAF
/zjytmcjZ5vnQZ6CJOWaQHwfblXKeDd3favwyDpOLwMbo1iMq6VLuhsDawIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFI+/4QxnS7ZC+O/M/Q/v1C87jzUNMB8GA1UdIwQY
MBaAFGE3T8TqsA1Bwe7kf9+wAQeMdPqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRkUHhPcXdEVUhCN3VSXzM3QUJCNHgwLW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hMTRkNDYtNDA4YS00NzBjLTkyOWQt
MWZjMjU5YmI3ZGUyLzEvajdfaERHZEx0a0w0Nzh6OUQtX1VMenVQTlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hMTRkNDYtNDA4YS00NzBjLTkyOWQtMWZjMjU5YmI3ZGUy
LzEvWVRkUHhPcXdEVUhCN3VSXzM3QUJCNHgwLW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQALYO2AwQA
1YYfMCMEAgACMB0DBwMqE0rAAAAwEgMHBCoTSsAAEAMHBCoTSsAAIDANBgkqhkiG
9w0BAQsFAAOCAQEAA/fSNM5te+RtTHSownLOGLe/jNG1YIfHWE5rm3++w3xO531t
DnqevkDjkCPRh3huZteRbtPBI+bzqq8OkifI4+PMgKMZAzu0fV+tKyMS1/79gxn5
TrOxX9Srs6a1v4BhDwZizdI4jPo3t5hdgZppkLeAEWNJs58lzMFV/+ebb25frFRB
lI7efjWTEeT0x8GcIr7T3SFFmrHWWHqB6WPtSUz8CjhjBYEaujKvpLq9JbLp4HVL
JzKeyVGUaEM1veuKF+Zxf3qYwCjTQrBzWMaVQckUlbIZKPCHfpcQ0LfJedTqYDbH
9X+IKnbPq80EQpn5jAyBD6gxTBmbZvh/QzKQKg==
-----END CERTIFICATE-----
Generated at Sun Oct 26 13:58:20 2025 by rpki-client