Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/jNjUfwqgx7FxjC22ZM2tNJxUovE.roa
File: jNjUfwqgx7FxjC22ZM2tNJxUovE.roa (raw, json)
Hash identifier: CYjABvddLBiX5OMQlguXfrahjaGdNxRrjgGTFThsYz4=
Subject key identifier: 8C:D8:D4:7F:0A:A0:C7:B1:71:8C:2D:B6:64:CD:AD:34:9C:54:A2:F1
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 019662DB221C50537B3494E674ED7421FFB8
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/jNjUfwqgx7FxjC22ZM2tNJxUovE.roa
Signing time: Wed 23 Apr 2025 13:34:10 +0000
ROA not before: Wed 23 Apr 2025 13:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29177
IP address blocks: 31.216.240.0/20 maxlen: 20
31.216.240.0/22 maxlen: 22
31.216.244.0/22 maxlen: 22
31.216.248.0/22 maxlen: 22
31.216.250.0/24 maxlen: 24
31.216.252.0/22 maxlen: 22
80.86.144.0/20 maxlen: 20
80.86.144.0/22 maxlen: 22
80.86.148.0/22 maxlen: 22
80.86.152.0/22 maxlen: 22
80.86.156.0/22 maxlen: 22
185.182.196.0/22 maxlen: 22
185.182.199.0/24 maxlen: 24
188.125.96.0/19 maxlen: 19
188.125.96.0/22 maxlen: 22
188.125.100.0/22 maxlen: 22
188.125.104.0/22 maxlen: 22
188.125.108.0/22 maxlen: 22
188.125.112.0/22 maxlen: 22
188.125.116.0/22 maxlen: 22
188.125.120.0/22 maxlen: 22
188.125.122.0/24 maxlen: 24
188.125.124.0/22 maxlen: 22
2a03:5c00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:db:22:1c:50:53:7b:34:94:e6:74:ed:74:21:ff:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Apr 23 13:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cd8d47f0aa0c7b1718c2db664cdad349c54a2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:ad:64:42:43:16:2a:0e:84:06:05:4d:3d:
85:6d:a7:d2:ab:80:77:18:da:33:7a:51:84:85:a1:
2a:c7:19:6f:4f:bf:30:42:9f:4f:17:05:41:5c:d1:
b4:18:4f:91:cc:c8:19:02:90:59:a8:47:36:6e:1c:
e8:29:bb:f6:99:2d:b6:c8:f1:ec:e8:78:e3:0a:00:
0c:51:2c:4b:d5:4a:85:0b:7d:86:ec:11:36:cc:a2:
6b:71:86:70:72:0b:12:e4:9a:bc:da:f3:27:11:d6:
e8:75:65:f2:ff:7c:6b:49:a7:db:6e:fb:3d:e9:fd:
7b:a9:fe:52:b5:dd:f1:f6:0f:da:e1:89:6d:4a:f0:
49:17:ce:cd:b2:f6:9c:05:e7:a9:87:d5:46:14:0b:
23:0a:82:14:47:1e:bb:54:b9:d9:a8:0e:3a:25:3e:
b4:d0:38:ff:24:05:49:3a:76:17:fb:21:3f:8a:28:
0b:ed:bc:30:01:eb:f2:19:02:cd:d9:5f:ab:8b:3c:
82:58:06:b2:86:36:d2:f6:70:70:9c:8d:d8:84:d4:
0d:26:04:9a:ce:d3:99:13:0f:b1:be:4f:a4:84:ea:
ea:f0:b5:15:4e:71:d1:aa:bf:9f:f5:38:90:3c:88:
83:4f:90:66:f3:36:c6:48:d0:2e:92:63:f7:3d:fd:
f9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D8:D4:7F:0A:A0:C7:B1:71:8C:2D:B6:64:CD:AD:34:9C:54:A2:F1
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/jNjUfwqgx7FxjC22ZM2tNJxUovE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.240.0/20
80.86.144.0/20
185.182.196.0/22
188.125.96.0/19
IPv6:
2a03:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
cc:c3:e1:db:59:c3:da:12:79:b0:0f:46:28:5a:f6:b8:39:af:
13:c6:aa:3c:5e:d3:c8:18:a1:7b:1e:ea:4c:e9:bf:d7:61:c3:
4e:40:91:2d:7e:b9:1f:00:cf:7a:54:23:30:fe:60:21:44:fe:
06:2b:d8:f5:60:6e:55:e4:26:d3:a8:84:8a:3e:ec:fb:0f:70:
2f:b6:a7:75:32:4c:c0:fd:1c:8b:8c:bb:6a:da:62:ce:99:ca:
80:de:29:4c:34:e9:d8:24:d9:6b:aa:3d:8f:b8:a4:b2:dd:bd:
19:99:1b:23:72:0b:72:c8:59:ca:6b:66:1d:bf:99:fb:30:1a:
3f:55:d8:c3:1f:ac:08:0a:51:51:94:1e:84:d3:9e:7a:35:6a:
1c:3b:4b:21:4d:e1:e6:7a:af:d8:e4:33:7f:7c:7b:02:40:d6:
3e:12:24:65:dd:c2:f1:8e:be:28:ff:66:26:3d:b1:fb:ad:00:
2e:5d:6c:dc:d1:0e:19:21:b8:1b:51:8d:6b:37:c7:72:11:5f:
0b:e4:81:6b:49:24:a5:cf:be:8f:f5:8a:ae:1e:d1:e0:52:4b:
28:f9:2b:45:38:3b:bc:06:79:6e:f1:0f:cb:2a:65:b0:ac:ee:
87:83:b6:8d:26:45:10:9c:00:1d:20:39:91:54:5e:3d:eb:52:
e0:b7:0f:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZZi2yIcUFN7NJTmdO10If+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjUwNDIzMTMzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Q4ZDQ3ZjBhYTBjN2IxNzE4YzJkYjY2NGNkYWQzNDljNTRhMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxmtZEJDFioOhAYFTT2FbafSq4B3
GNozelGEhaEqxxlvT78wQp9PFwVBXNG0GE+RzMgZApBZqEc2bhzoKbv2mS22yPHs
6HjjCgAMUSxL1UqFC32G7BE2zKJrcYZwcgsS5Jq82vMnEdbodWXy/3xrSafbbvs9
6f17qf5Std3x9g/a4YltSvBJF87NsvacBeeph9VGFAsjCoIURx67VLnZqA46JT60
0Dj/JAVJOnYX+yE/iigL7bwwAevyGQLN2V+rizyCWAayhjbS9nBwnI3YhNQNJgSa
ztOZEw+xvk+khOrq8LUVTnHRqr+f9TiQPIiDT5Bm8zbGSNAukmP3Pf35RwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIzY1H8KoMexcYwttmTNrTScVKLxMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvak5qVWZ3cWd4N0Z4akMyMlpNMnROSnhVb3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEH9jwAwQE
UFaQAwQCubbEAwQFvH1gMA0EAgACMAcDBQAqA1wAMA0GCSqGSIb3DQEBCwUAA4IB
AQDMw+HbWcPaEnmwD0YoWva4Oa8Txqo8XtPIGKF7HupM6b/XYcNOQJEtfrkfAM96
VCMw/mAhRP4GK9j1YG5V5CbTqISKPuz7D3Avtqd1MkzA/RyLjLtq2mLOmcqA3ilM
NOnYJNlrqj2PuKSy3b0ZmRsjcgtyyFnKa2Ydv5n7MBo/VdjDH6wIClFRlB6E0556
NWocO0shTeHmeq/Y5DN/fHsCQNY+EiRl3cLxjr4o/2YmPbH7rQAuXWzc0Q4ZIbgb
UY1rN8dyEV8L5IFrSSSlz76P9YquHtHgUkso+StFODu8Bnlu8Q/LKmWwrO6Hg7aN
JkUQnAAdIDmRVF4961Lgtw89
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:42:39 2025 by rpki-client