Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/DZyhv4UYtYvTfPYlPoAjBnE9aVw.roa
File: DZyhv4UYtYvTfPYlPoAjBnE9aVw.roa (raw, json)
Hash identifier: jy6kbh6prGxhGFzaKnByCAPnjYIf8B6UCrmQZYycLPg=
Subject key identifier: 0D:9C:A1:BF:85:18:B5:8B:D3:7C:F6:25:3E:80:23:06:71:3D:69:5C
Certificate issuer: /CN=25a89539520004270d34253bdc16d87784156e1a
Certificate serial: 0198EC0CE7A5D656F6C7FE7E42AB329647C2
Authority key identifier: 25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/DZyhv4UYtYvTfPYlPoAjBnE9aVw.roa
Signing time: Wed 27 Aug 2025 15:02:05 +0000
ROA not before: Wed 27 Aug 2025 15:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208058
IP address blocks: 212.53.139.0/24 maxlen: 24
212.53.141.0/24 maxlen: 24
212.53.143.0/24 maxlen: 24
212.53.146.0/24 maxlen: 24
212.53.152.0/24 maxlen: 24
212.53.154.0/24 maxlen: 24
212.53.161.0/24 maxlen: 24
212.53.164.0/24 maxlen: 24
212.53.172.0/24 maxlen: 24
212.53.174.0/24 maxlen: 24
212.53.194.0/24 maxlen: 24
212.53.196.0/24 maxlen: 24
212.53.204.0/24 maxlen: 24
2a00:1f78:f001::/48 maxlen: 48
2a00:1f78:fffd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:0c:e7:a5:d6:56:f6:c7:fe:7e:42:ab:32:96:47:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a89539520004270d34253bdc16d87784156e1a
Validity
Not Before: Aug 27 15:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d9ca1bf8518b58bd37cf6253e802306713d695c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:cf:a3:ea:bb:d1:d4:12:83:2c:f4:3e:f7:
da:b5:d9:f8:a7:50:1f:1d:6d:f1:be:ff:0d:ed:19:
4e:7c:20:3e:61:55:67:ef:84:76:e3:43:7c:ac:5f:
73:5a:a5:46:6c:4e:79:e4:f7:61:18:38:ba:07:78:
b2:8b:18:6b:09:14:f0:95:7f:2a:c8:36:95:34:23:
89:75:cc:0b:74:95:e2:97:c5:5f:df:3b:bd:99:91:
58:21:09:9a:b3:f1:1f:26:b1:ba:ce:31:43:d7:1b:
7a:7f:f1:59:b1:09:56:d4:d0:91:b6:3a:b2:c3:ec:
2d:57:cf:17:78:f1:8a:d8:56:53:63:23:fd:7e:36:
15:60:c8:45:54:e6:f7:ac:99:14:73:74:03:c1:3e:
9f:75:6e:9d:60:8a:90:23:14:b3:b8:cf:14:03:f7:
98:7b:e6:72:b2:cb:7d:09:28:0c:7f:74:d7:62:91:
d7:eb:04:68:f7:a4:29:ad:2d:2f:05:4a:97:c8:da:
41:10:ba:92:da:8c:94:d2:d1:54:2a:7a:70:9a:18:
0b:ef:5a:b2:2b:ad:99:5d:2d:97:ce:99:62:63:bd:
2b:c1:e3:71:82:d2:e4:ef:06:d9:c5:1f:19:03:f1:
84:20:c3:1c:ff:be:44:c3:06:53:60:27:39:53:c7:
d7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9C:A1:BF:85:18:B5:8B:D3:7C:F6:25:3E:80:23:06:71:3D:69:5C
X509v3 Authority Key Identifier:
keyid:25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/DZyhv4UYtYvTfPYlPoAjBnE9aVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.53.139.0/24
212.53.141.0/24
212.53.143.0/24
212.53.146.0/24
212.53.152.0/24
212.53.154.0/24
212.53.161.0/24
212.53.164.0/24
212.53.172.0/24
212.53.174.0/24
212.53.194.0/24
212.53.196.0/24
212.53.204.0/24
IPv6:
2a00:1f78:f001::/48
2a00:1f78:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
11:32:c0:4a:d2:42:a5:77:20:c2:6a:65:d1:a7:10:c6:c1:59:
76:e7:17:de:98:ed:f7:14:a1:c5:52:08:08:77:da:1d:61:7d:
1d:0e:c3:57:05:f8:aa:a6:20:81:78:2a:db:a4:0c:48:b4:6a:
65:60:3c:53:d3:d3:d4:a1:58:e9:a6:23:44:e6:f1:b8:8e:a2:
c7:03:60:f1:85:7a:7f:78:75:59:2b:61:33:de:31:91:52:55:
65:21:c9:15:b1:db:1f:6d:12:24:a8:7d:81:8c:1e:84:4f:41:
72:2b:de:fe:4e:d9:d5:da:fe:20:21:7d:04:06:28:7b:08:98:
3b:7a:58:dd:10:74:8e:52:64:d5:72:e0:b1:8f:81:16:48:6e:
8f:68:b6:18:fc:b0:d0:32:8d:d1:dd:d6:93:1d:7b:cc:0b:d7:
fe:c6:fc:8b:9a:ec:f8:b9:13:d5:62:10:50:1b:15:69:f6:98:
a6:a0:3b:82:c0:2f:c0:21:78:73:06:ea:a9:da:54:d4:11:f3:
f2:bb:b8:34:87:4e:88:2e:a3:86:4e:0d:9d:3f:4d:63:fc:34:
ef:c0:a0:8b:2c:dd:65:97:c3:40:6e:3a:1f:8f:fe:01:98:e1:
6d:a8:eb:2d:ae:90:e3:d6:eb:f4:7b:f1:92:23:bf:24:d8:d5:
24:1e:3f:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZjsDOel1lb2x/5+QqsylkfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTg5NTM5NTIwMDA0MjcwZDM0MjUzYmRjMTZkODc3ODQx
NTZlMWEwHhcNMjUwODI3MTUwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDljYTFiZjg1MThiNThiZDM3Y2Y2MjUzZTgwMjMwNjcxM2Q2OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm3Po+q70dQSgyz0Pvfatdn4p1Af
HW3xvv8N7RlOfCA+YVVn74R240N8rF9zWqVGbE555PdhGDi6B3iyixhrCRTwlX8q
yDaVNCOJdcwLdJXil8Vf3zu9mZFYIQmas/EfJrG6zjFD1xt6f/FZsQlW1NCRtjqy
w+wtV88XePGK2FZTYyP9fjYVYMhFVOb3rJkUc3QDwT6fdW6dYIqQIxSzuM8UA/eY
e+Zysst9CSgMf3TXYpHX6wRo96QprS0vBUqXyNpBELqS2oyU0tFUKnpwmhgL71qy
K62ZXS2XzpliY70rweNxgtLk7wbZxR8ZA/GEIMMc/75EwwZTYCc5U8fXTQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFA2cob+FGLWL03z2JT6AIwZxPWlcMB8GA1UdIwQY
MBaAFCWolTlSAAQnDTQlO9wW2HeEFW4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgt
ZDAwNTI2YjkxNjA1LzEvRFp5aHY0VVl0WXZUZlBZbFBvQWpCbkU5YVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgtZDAwNTI2YjkxNjA1
LzEvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVAQCAAEwTgMEANQ1iwME
ANQ1jQMEANQ1jwMEANQ1kgMEANQ1mAMEANQ1mgMEANQ1oQMEANQ1pAMEANQ1rAME
ANQ1rgMEANQ1wgMEANQ1xAMEANQ1zDAYBAIAAjASAwcAKgAfePABAwcAKgAfeP/9
MA0GCSqGSIb3DQEBCwUAA4IBAQARMsBK0kKldyDCamXRpxDGwVl25xfemO33FKHF
UggId9odYX0dDsNXBfiqpiCBeCrbpAxItGplYDxT09PUoVjppiNE5vG4jqLHA2Dx
hXp/eHVZK2Ez3jGRUlVlIckVsdsfbRIkqH2BjB6ET0FyK97+TtnV2v4gIX0EBih7
CJg7eljdEHSOUmTVcuCxj4EWSG6PaLYY/LDQMo3R3daTHXvMC9f+xvyLmuz4uRPV
YhBQGxVp9pimoDuCwC/AIXhzBuqp2lTUEfPyu7g0h06ILqOGTg2dP01j/DTvwKCL
LN1ll8NAbjofj/4BmOFtqOstrpDj1uv0e/GSI78k2NUkHj/Q
-----END CERTIFICATE-----
Generated at Wed Sep 10 15:03:02 2025 by rpki-client