Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/JJcvho9amj6kJ4WwqdFmuraq2f4.roa
File: JJcvho9amj6kJ4WwqdFmuraq2f4.roa (raw, json)
Hash identifier: AJDpI2WrSNmehodhuVudpGfCWLXu1yLqhSDZdHKFr+g=
Subject key identifier: 24:97:2F:86:8F:5A:9A:3E:A4:27:85:B0:A9:D1:66:BA:B6:AA:D9:FE
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 01987B8AC766BDFFD537CE0F42BB350D2993
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/JJcvho9amj6kJ4WwqdFmuraq2f4.roa
Signing time: Tue 05 Aug 2025 18:42:29 +0000
ROA not before: Tue 05 Aug 2025 18:42:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205866
IP address blocks: 2a05:1e41::/32 maxlen: 32
2a05:1e46::/32 maxlen: 32
2a06:4385::/32 maxlen: 32
2a09:a202::/32 maxlen: 32
2a09:a502::/32 maxlen: 32
2a09:cf01::/32 maxlen: 32
2a09:cf04::/32 maxlen: 32
2a09:e703::/32 maxlen: 32
2a0a:c0c7::/32 maxlen: 32
2a0c:9484::/32 maxlen: 32
2a0d:f843::/32 maxlen: 32
2a0d:fcc0::/32 maxlen: 32
2a12:2fc3::/32 maxlen: 32
2a12:2fc4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7b:8a:c7:66:bd:ff:d5:37:ce:0f:42:bb:35:0d:29:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 5 18:42:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24972f868f5a9a3ea42785b0a9d166bab6aad9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5c:e2:7d:fd:8b:fb:fa:15:d1:5e:10:80:04:
9f:d1:6b:2a:3e:bf:87:bc:27:66:a8:79:97:3e:db:
a5:ab:32:9b:21:4c:f1:32:94:25:0c:5c:f3:5a:fd:
d6:ff:62:d0:87:78:c7:ad:e3:84:11:e5:3e:c0:9a:
82:ea:dc:9c:fe:04:de:aa:c9:2d:ee:51:7f:9f:c2:
c3:f9:5d:75:ef:15:cb:f3:ad:68:ff:d2:90:bb:75:
f6:db:7d:4c:5b:f6:9c:00:64:dc:cc:a3:51:ca:39:
44:54:51:28:3b:2f:f5:73:7d:5b:66:15:88:5a:f2:
82:c8:85:b3:09:e7:fc:b7:73:ac:02:d8:63:41:02:
3a:2a:ab:a8:6c:6c:60:41:e9:f5:7a:98:4c:89:85:
1d:70:81:b1:63:c9:ba:48:33:d5:a9:bc:aa:3a:26:
2a:b6:70:6f:e3:50:bf:67:04:a5:c7:93:ad:00:0b:
1e:98:fe:79:fa:b8:b2:e4:ba:c3:bd:42:82:c1:f8:
87:15:a8:39:f0:e7:31:d4:04:60:4f:df:e0:68:90:
c9:ba:b0:39:97:8a:88:42:61:3a:f8:37:7d:59:81:
93:cb:f8:ec:3e:99:23:17:49:72:81:ca:61:82:27:
95:e0:c7:bf:b0:17:76:3d:9c:c3:90:1b:d3:c4:ec:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:97:2F:86:8F:5A:9A:3E:A4:27:85:B0:A9:D1:66:BA:B6:AA:D9:FE
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/JJcvho9amj6kJ4WwqdFmuraq2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1e41::/32
2a05:1e46::/32
2a06:4385::/32
2a09:a202::/32
2a09:a502::/32
2a09:cf01::/32
2a09:cf04::/32
2a09:e703::/32
2a0a:c0c7::/32
2a0c:9484::/32
2a0d:f843::/32
2a0d:fcc0::/32
2a12:2fc3::-2a12:2fc4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:97:b5:8f:74:b4:c2:04:44:ee:94:b7:67:c8:3d:db:45:09:
61:8c:40:93:78:bb:6f:6a:71:ce:04:7f:b9:13:f5:af:22:d5:
00:38:c8:b7:b4:6c:cf:9a:0e:fa:02:50:e2:3f:66:29:92:58:
04:12:70:ed:a8:04:f4:8a:90:f5:28:81:d2:14:76:20:7a:82:
9b:4c:18:04:5b:de:df:7e:67:04:ca:f3:97:63:a7:4d:e6:9e:
c6:4a:f7:65:0b:d3:08:68:a5:bb:b6:c4:9b:fa:7f:54:89:34:
97:d1:d2:c1:dd:d5:3e:35:04:5c:9c:6c:a9:3b:98:c4:7c:f9:
44:a1:91:7e:c4:0b:d4:b8:0d:bf:7f:7c:73:f1:e5:15:07:d3:
8a:e2:c7:b7:6f:9b:9c:a4:1b:8e:69:cb:47:31:a1:1d:b3:70:
c9:64:66:85:19:9d:76:19:4f:c6:3a:e8:48:ad:bb:8d:65:55:
6b:d4:57:c8:4c:fc:af:ca:10:a3:31:ae:47:4e:64:0d:06:92:
de:64:0f:eb:f4:7e:8c:15:09:99:20:bd:cc:f6:01:77:49:01:
ee:d8:10:6f:a3:e1:13:99:21:0d:f8:2e:63:be:fd:06:59:44:
d4:c8:01:c5:cf:ce:4f:a9:f9:17:83:2e:c0:8d:66:1c:80:28:
7f:c7:a8:c6
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZh7isdmvf/VN84PQrs1DSmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA1MTg0MjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk3MmY4NjhmNWE5YTNlYTQyNzg1YjBhOWQxNjZiYWI2YWFkOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklziff2L+/oV0V4QgASf0WsqPr+H
vCdmqHmXPtulqzKbIUzxMpQlDFzzWv3W/2LQh3jHreOEEeU+wJqC6tyc/gTeqskt
7lF/n8LD+V117xXL861o/9KQu3X2231MW/acAGTczKNRyjlEVFEoOy/1c31bZhWI
WvKCyIWzCef8t3OsAthjQQI6KquobGxgQen1ephMiYUdcIGxY8m6SDPVqbyqOiYq
tnBv41C/ZwSlx5OtAAsemP55+riy5LrDvUKCwfiHFag58Ocx1ARgT9/gaJDJurA5
l4qIQmE6+Dd9WYGTy/jsPpkjF0lygcphgieV4Me/sBd2PZzDkBvTxOwX2QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCSXL4aPWpo+pCeFsKnRZrq2qtn+MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvSkpjdmhvOWFtajZrSjRXd3FkRm11cmFxMmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAAjBkAwUAKgUeQQMF
ACoFHkYDBQAqBkOFAwUAKgmiAgMFACoJpQIDBQAqCc8BAwUAKgnPBAMFACoJ5wMD
BQAqCsDHAwUAKgyUhAMFACoN+EMDBQAqDfzAMA4DBQAqEi/DAwUAKhIvxDANBgkq
hkiG9w0BAQsFAAOCAQEAm5e1j3S0wgRE7pS3Z8g920UJYYxAk3i7b2pxzgR/uRP1
ryLVADjIt7Rsz5oO+gJQ4j9mKZJYBBJw7agE9IqQ9SiB0hR2IHqCm0wYBFve335n
BMrzl2OnTeaexkr3ZQvTCGilu7bEm/p/VIk0l9HSwd3VPjUEXJxsqTuYxHz5RKGR
fsQL1LgNv398c/HlFQfTiuLHt2+bnKQbjmnLRzGhHbNwyWRmhRmddhlPxjroSK27
jWVVa9RXyEz8r8oQozGuR05kDQaS3mQP6/R+jBUJmSC9zPYBd0kB7tgQb6PhE5kh
DfguY779BllE1MgBxc/OT6n5F4MuwI1mHIAof8eoxg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 15:16:18 2025 by rpki-client