Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/jGjgrrZS99S21p-SWUxh4Mu200g.roa
File: jGjgrrZS99S21p-SWUxh4Mu200g.roa (raw, json)
Hash identifier: AGfkxFmhS8iSd0fKfrph2Uoa9TOCn+77u+u6jCmaLVM=
Subject key identifier: 8C:68:E0:AE:B6:52:F7:D4:B6:D6:9F:92:59:4C:61:E0:CB:B6:D3:48
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0198769406705E3E33A7A171F0F6A0875E6B
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/jGjgrrZS99S21p-SWUxh4Mu200g.roa
Signing time: Mon 04 Aug 2025 19:34:29 +0000
ROA not before: Mon 04 Aug 2025 19:34:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.109.44.0/24 maxlen: 24
91.109.45.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:76:94:06:70:5e:3e:33:a7:a1:71:f0:f6:a0:87:5e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Aug 4 19:34:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c68e0aeb652f7d4b6d69f92594c61e0cbb6d348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:a5:b9:88:99:63:08:23:06:e0:eb:6c:d6:
2f:1c:56:6e:35:91:50:9f:98:71:80:31:12:32:80:
d4:eb:5c:d9:85:8b:da:51:bb:51:50:68:87:9e:85:
ca:60:b3:83:ae:35:bb:47:09:ef:75:18:cc:19:3a:
0b:4c:d8:1d:50:c5:84:93:4f:38:56:c3:3b:e5:ec:
0d:6a:b6:ff:26:e3:cf:56:4a:2e:34:50:7a:12:0f:
b8:6d:9c:8a:9f:74:07:42:ef:91:c0:c9:53:16:4f:
71:eb:55:6e:3e:89:27:05:fd:04:9d:1b:18:4d:1c:
92:2b:56:02:b2:9d:09:57:2a:c6:64:b8:d9:0c:76:
1d:cf:a8:c2:f7:a8:64:e2:79:d8:46:d3:bd:ac:23:
45:0d:a2:91:cf:e0:ba:40:01:96:56:72:7f:8d:25:
64:4c:56:82:73:7f:12:24:f8:c1:dd:5a:b7:8c:48:
4c:7f:a3:0f:33:4c:dc:97:b2:d2:64:4e:e2:48:f2:
4a:da:58:84:cc:29:92:2e:12:95:5b:c1:65:1a:9e:
0f:e1:31:9f:ba:bc:0d:df:1b:fc:b9:68:28:6f:60:
de:fa:9d:db:2d:e6:0b:e7:6e:21:30:b8:39:68:12:
4a:06:b2:6f:f8:82:49:dc:fa:cb:a0:87:cc:5b:0a:
41:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:68:E0:AE:B6:52:F7:D4:B6:D6:9F:92:59:4C:61:E0:CB:B6:D3:48
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/jGjgrrZS99S21p-SWUxh4Mu200g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.44.0/23
207.244.209.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ad:b5:8d:68:73:a8:00:d2:f5:e0:7d:df:1c:f6:64:7a:a8:
2f:2f:08:7b:ac:39:53:d7:42:0f:0e:48:f1:f3:c3:bf:c1:4e:
a4:be:db:6d:ae:34:9e:ca:65:83:96:2a:b7:d3:11:5a:fc:7c:
b5:fe:d9:ea:a5:be:27:18:6c:a6:87:70:d6:3a:f5:ca:39:7c:
6d:8c:69:0a:b2:fe:95:20:4b:40:2c:e1:b5:c4:eb:a4:ae:32:
77:5f:10:51:bd:a0:8f:f8:a3:41:78:7e:5a:bd:71:ce:5d:5c:
b4:fc:7f:32:b3:8a:36:5d:3f:d7:48:2c:0d:bd:0d:b2:3d:59:
b0:71:68:9f:90:f9:45:c6:c6:e8:1a:a9:47:f6:1a:7a:04:9b:
84:38:2e:5a:f0:8f:9c:e9:84:a2:a3:41:6f:42:1b:8a:95:cb:
5e:e3:59:20:50:78:90:b1:63:42:e0:56:35:2e:2c:94:45:29:
59:a9:cb:4c:98:97:3d:2b:0a:44:7e:f6:c9:24:f1:ed:72:70:
ee:15:b1:9b:2b:85:57:e2:88:2c:63:8c:bb:69:a5:f8:74:85:
8e:79:50:e2:b7:46:d1:7c:0a:4c:13:65:5b:aa:30:45:f5:59:
f8:0d:26:8f:d3:b8:d3:4d:3c:f0:ec:4a:28:d7:b1:a7:27:a1:
ea:dd:6b:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZh2lAZwXj4zp6Fx8Pagh15rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwODA0MTkzNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY4ZTBhZWI2NTJmN2Q0YjZkNjlmOTI1OTRjNjFlMGNiYjZkMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRuluYiZYwgjBuDrbNYvHFZuNZFQ
n5hxgDESMoDU61zZhYvaUbtRUGiHnoXKYLODrjW7RwnvdRjMGToLTNgdUMWEk084
VsM75ewNarb/JuPPVkouNFB6Eg+4bZyKn3QHQu+RwMlTFk9x61VuPoknBf0EnRsY
TRySK1YCsp0JVyrGZLjZDHYdz6jC96hk4nnYRtO9rCNFDaKRz+C6QAGWVnJ/jSVk
TFaCc38SJPjB3Vq3jEhMf6MPM0zcl7LSZE7iSPJK2liEzCmSLhKVW8FlGp4P4TGf
urwN3xv8uWgob2De+p3bLeYL524hMLg5aBJKBrJv+IJJ3PrLoIfMWwpB7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIxo4K62UvfUttafkllMYeDLttNIMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvakdqZ3JyWlM5OVMyMXAtU1dVeGg0TXUyMDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW20sAwQA
z/TRMA0GCSqGSIb3DQEBCwUAA4IBAQBVrbWNaHOoANL14H3fHPZkeqgvLwh7rDlT
10IPDkjx88O/wU6kvtttrjSeymWDliq30xFa/Hy1/tnqpb4nGGymh3DWOvXKOXxt
jGkKsv6VIEtALOG1xOukrjJ3XxBRvaCP+KNBeH5avXHOXVy0/H8ys4o2XT/XSCwN
vQ2yPVmwcWifkPlFxsboGqlH9hp6BJuEOC5a8I+c6YSio0FvQhuKlcte41kgUHiQ
sWNC4FY1LiyURSlZqctMmJc9KwpEfvbJJPHtcnDuFbGbK4VX4ogsY4y7aaX4dIWO
eVDit0bRfApME2VbqjBF9Vn4DSaP07jTTTzw7Eoo17GnJ6Hq3Ws6
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:35:46 2025 by rpki-client