Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/rpjetk_9g8Cajq47M1TtU-V8mAI.roa
File: rpjetk_9g8Cajq47M1TtU-V8mAI.roa (raw, json)
Hash identifier: XNGViz5g4jjEVcTyrQCWY5LMRILB8EuyV5tfHGoyT64=
Subject key identifier: AE:98:DE:B6:4F:FD:83:C0:9A:8E:AE:3B:33:54:ED:53:E5:7C:98:02
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0198F171152EAD64F1197A23AF59C3CB3395
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/rpjetk_9g8Cajq47M1TtU-V8mAI.roa
Signing time: Thu 28 Aug 2025 16:09:36 +0000
ROA not before: Thu 28 Aug 2025 16:09:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:f04::/32 maxlen: 32
2a0e:f07::/32 maxlen: 32
2a11:1342::/32 maxlen: 32
2a11:15c1::/32 maxlen: 32
2a11:3180::/32 maxlen: 32
2a11:4345::/32 maxlen: 32
2a11:4a04::/32 maxlen: 32
2a11:4a07::/32 maxlen: 32
2a11:7883::/32 maxlen: 32
2a11:8500::/32 maxlen: 32
2a11:8507::/32 maxlen: 32
2a12:4144::/32 maxlen: 32
2a12:4147::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f1:71:15:2e:ad:64:f1:19:7a:23:af:59:c3:cb:33:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Aug 28 16:09:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae98deb64ffd83c09a8eae3b3354ed53e57c9802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:90:a4:a9:8b:3e:7e:c0:97:ed:64:cd:54:
00:5d:78:c9:30:c6:fb:c2:43:45:ea:78:6d:07:05:
c9:02:b2:65:80:e4:fb:3c:5f:0f:07:20:e9:d8:e5:
bc:68:f5:09:2f:57:d0:c8:f7:96:12:2d:4f:51:62:
1d:87:53:69:25:54:99:b1:88:fa:da:fa:2f:3c:25:
8d:fa:00:34:bb:99:54:35:fc:3c:bc:44:4c:66:2c:
01:05:a3:c7:ec:cd:0d:bd:e7:89:55:bb:7a:0f:f9:
36:e1:0e:05:41:e3:45:46:e1:16:cd:34:e3:c7:b2:
c6:bb:97:60:21:d4:53:80:f3:f4:65:c2:9f:cc:8a:
a9:3d:a9:2e:59:d7:65:2a:78:36:09:51:e7:cb:14:
d7:34:48:13:22:67:ab:e1:1a:fb:32:b9:64:c5:8e:
f0:b8:cd:7b:d7:0f:d0:24:7e:47:6f:76:12:22:b1:
9d:d8:2e:fc:dc:06:a1:fd:e2:d1:fd:0e:e7:49:8b:
ca:da:ca:f0:23:2d:7c:b5:74:66:21:9e:d1:a1:f7:
c7:81:59:ef:15:b4:c0:d9:32:7c:a6:5b:26:1f:40:
27:3e:2c:cc:b9:ba:8a:84:8c:2e:37:fa:d5:8e:4b:
80:78:97:f4:44:2c:9a:ab:1e:57:98:20:0b:f1:91:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:98:DE:B6:4F:FD:83:C0:9A:8E:AE:3B:33:54:ED:53:E5:7C:98:02
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/rpjetk_9g8Cajq47M1TtU-V8mAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f04::/32
2a0e:f07::/32
2a11:1342::/32
2a11:15c1::/32
2a11:3180::/32
2a11:4345::/32
2a11:4a04::/32
2a11:4a07::/32
2a11:7883::/32
2a11:8500::/32
2a11:8507::/32
2a12:4144::/32
2a12:4147::/32
Signature Algorithm: sha256WithRSAEncryption
04:09:b5:9e:34:a6:e5:9a:1c:50:33:61:b4:ea:86:87:44:96:
1f:9e:69:8e:d6:9b:58:4c:7f:79:d3:c2:4e:b3:33:4a:7c:ed:
2a:46:24:5f:0e:3f:54:20:7f:8c:dd:ba:e9:ac:5c:f1:12:5c:
c2:9b:ea:40:d3:9d:54:5c:81:62:50:4f:d7:c1:b1:8e:42:01:
df:73:7c:79:89:de:74:07:80:d7:a1:51:00:93:59:1d:4e:b6:
51:de:0d:3a:71:4e:97:6b:80:ca:8b:13:31:78:c9:64:ab:d1:
c6:aa:46:15:79:66:39:a9:d5:af:53:08:d3:2a:c4:85:94:6b:
ff:bf:ca:95:69:12:ac:16:97:67:c9:f2:a4:f6:e6:5b:96:81:
8a:6a:b5:66:1d:c5:02:49:e4:a0:7a:fb:4b:d4:e5:4e:b3:28:
f2:5d:b8:a1:fc:ea:28:18:56:ae:59:1e:64:f3:a9:58:e2:47:
46:77:45:11:87:fb:d5:4e:01:37:c1:6c:3d:d4:3b:bf:02:d1:
07:ec:cf:e9:f5:56:a6:5f:e8:1f:20:dd:b9:94:18:ec:f2:f3:
4b:a9:36:1d:04:6b:7f:4b:73:62:c1:93:1d:ab:4a:3f:ed:42:
16:cb:d6:f8:d4:b9:af:2a:4b:11:bc:33:33:9e:a2:96:29:b8:
c9:53:46:27
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZjxcRUurWTxGXojr1nDyzOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwODI4MTYwOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk4ZGViNjRmZmQ4M2MwOWE4ZWFlM2IzMzU0ZWQ1M2U1N2M5ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbKQpKmLPn7Al+1kzVQAXXjJMMb7
wkNF6nhtBwXJArJlgOT7PF8PByDp2OW8aPUJL1fQyPeWEi1PUWIdh1NpJVSZsYj6
2vovPCWN+gA0u5lUNfw8vERMZiwBBaPH7M0NveeJVbt6D/k24Q4FQeNFRuEWzTTj
x7LGu5dgIdRTgPP0ZcKfzIqpPakuWddlKng2CVHnyxTXNEgTImer4Rr7MrlkxY7w
uM171w/QJH5Hb3YSIrGd2C783Aah/eLR/Q7nSYvK2srwIy18tXRmIZ7RoffHgVnv
FbTA2TJ8plsmH0AnPizMubqKhIwuN/rVjkuAeJf0RCyaqx5XmCAL8ZErTwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFK6Y3rZP/YPAmo6uOzNU7VPlfJgCMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvcnBqZXRrXzlnOENhanE0N00xVHRVLVY4bUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUAKg4PBAMF
ACoODwcDBQAqERNCAwUAKhEVwQMFACoRMYADBQAqEUNFAwUAKhFKBAMFACoRSgcD
BQAqEXiDAwUAKhGFAAMFACoRhQcDBQAqEkFEAwUAKhJBRzANBgkqhkiG9w0BAQsF
AAOCAQEABAm1njSm5ZocUDNhtOqGh0SWH55pjtabWEx/edPCTrMzSnztKkYkXw4/
VCB/jN266axc8RJcwpvqQNOdVFyBYlBP18GxjkIB33N8eYnedAeA16FRAJNZHU62
Ud4NOnFOl2uAyosTMXjJZKvRxqpGFXlmOanVr1MI0yrEhZRr/7/KlWkSrBaXZ8ny
pPbmW5aBimq1Zh3FAknkoHr7S9TlTrMo8l24ofzqKBhWrlkeZPOpWOJHRndFEYf7
1U4BN8FsPdQ7vwLRB+zP6fVWpl/oHyDduZQY7PLzS6k2HQRrf0tzYsGTHatKP+1C
FsvW+NS5rypLEbwzM56ilim4yVNGJw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 09:58:27 2025 by rpki-client