Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/32tWRXd7sO9k5rDBN5-KceN_jmg.roa
File: 32tWRXd7sO9k5rDBN5-KceN_jmg.roa (raw, json)
Hash identifier: yWKy4xisA4DT9Zfa2KiXtKt3hApiSXHoCFqZyGn6vOg=
Subject key identifier: DF:6B:56:45:77:7B:B0:EF:64:E6:B0:C1:37:9F:8A:71:E3:7F:8E:68
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 019874909466E4BFF077072278F0528A8198
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/32tWRXd7sO9k5rDBN5-KceN_jmg.roa
Signing time: Mon 04 Aug 2025 10:11:28 +0000
ROA not before: Mon 04 Aug 2025 10:11:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8758
IP address blocks: 31.24.8.0/21 maxlen: 24
37.46.144.0/22 maxlen: 24
77.74.96.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
84.254.80.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
91.84.64.0/19 maxlen: 24
95.143.48.0/20 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.115.0/24 maxlen: 24
109.70.116.0/22 maxlen: 24
125.3.64.0/19 maxlen: 24
145.40.192.0/19 maxlen: 24
155.2.224.0/19 maxlen: 24
157.143.0.0/17 maxlen: 24
178.22.104.0/21 maxlen: 24
178.250.130.0/23 maxlen: 24
185.109.164.0/22 maxlen: 24
185.160.244.0/22 maxlen: 24
185.203.132.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
194.246.118.0/23 maxlen: 24
212.25.0.0/19 maxlen: 24
217.22.128.0/20 maxlen: 24
217.71.240.0/20 maxlen: 24
217.150.224.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a00:10c0::/32 maxlen: 32
2a01:bd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:90:94:66:e4:bf:f0:77:07:22:78:f0:52:8a:81:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Aug 4 10:11:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df6b5645777bb0ef64e6b0c1379f8a71e37f8e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:e0:77:e2:79:7e:5b:56:cd:25:88:ee:04:
a5:4d:fb:d3:fc:5b:8a:e3:5d:27:21:83:61:41:e0:
56:d8:ba:ce:e7:7a:49:a5:eb:a8:e8:18:e2:52:6a:
f4:d8:8d:82:17:8b:25:20:87:72:f2:85:8e:e5:a4:
4c:b2:b7:45:4f:cd:68:d4:18:33:9e:78:e4:d4:ae:
91:d3:4e:23:5b:c1:ec:2d:1c:89:f4:15:bc:f2:c2:
da:65:41:4c:30:b7:b4:40:0a:46:9d:38:f3:86:b8:
d5:c7:f3:26:01:b7:e1:65:f8:67:32:a3:da:38:a5:
7a:d7:ae:46:3e:b6:2a:e7:fc:cf:cb:10:8f:24:2b:
ca:b0:f2:40:a2:65:d9:6d:dd:d7:12:20:8e:ad:6f:
15:79:a4:97:6a:1d:ad:5e:75:9d:25:09:29:cd:ab:
56:c4:ba:ba:4c:0c:5c:aa:0f:5d:59:18:41:f6:96:
16:11:d9:11:d2:c4:67:d1:9b:9c:99:db:d7:f4:7a:
d2:b6:a0:79:e6:1e:1b:8f:34:0a:da:c3:22:09:0a:
7f:5d:10:8c:83:46:c4:45:2a:44:8e:00:f9:9d:11:
7a:44:7d:2b:d1:6b:43:17:e1:a0:32:5b:ab:d1:7e:
10:8f:48:79:fe:09:30:bd:e3:7e:6d:15:0e:e1:7f:
de:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6B:56:45:77:7B:B0:EF:64:E6:B0:C1:37:9F:8A:71:E3:7F:8E:68
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/32tWRXd7sO9k5rDBN5-KceN_jmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
125.3.64.0/19
145.40.192.0/19
155.2.224.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.109.164.0/22
185.160.244.0/22
185.203.132.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
49:8d:96:9e:09:42:4a:bf:32:c6:b8:2b:e7:37:69:d6:c6:b1:
1e:07:fa:e3:11:e0:5b:88:3a:8f:0d:3d:2a:b8:b9:e4:03:62:
88:b3:d7:18:09:8f:be:7e:45:7d:94:e3:2e:ce:e4:f8:95:ee:
9b:d4:b3:3e:e8:35:a3:98:42:f9:5e:3c:9f:b9:77:7e:a8:46:
8c:e1:22:7f:0b:1d:0d:f4:25:32:bc:1b:d2:e6:73:d0:2d:3a:
79:bb:58:04:fc:c7:f2:a6:c9:f2:07:04:7d:18:f5:29:4d:76:
78:4c:c4:ba:1e:d5:f4:12:80:0c:c8:99:53:6b:4c:6a:b9:06:
49:1e:61:70:d8:e1:8b:66:37:53:75:27:cf:3e:8d:6a:e4:fe:
8d:a8:9d:cc:a5:93:64:ad:e0:75:db:82:69:a9:b8:54:b9:4b:
87:29:73:84:b6:ec:08:1b:4b:fc:0b:df:2e:e6:1e:90:c7:cb:
98:2e:4c:f9:29:82:de:39:48:23:70:29:cb:57:24:68:69:a0:
45:09:7b:6a:24:bc:6a:0e:84:de:e1:3a:6f:29:54:cd:07:20:
ba:0a:57:35:51:06:6a:b1:c3:bb:01:11:82:34:e2:2b:a3:43:
29:a9:2a:1c:7e:65:80:8b:9e:1a:82:52:4e:10:69:13:20:b8:
59:ae:a0:11
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZh0kJRm5L/wdwciePBSioGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjUwODA0MTAxMTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZiNTY0NTc3N2JiMGVmNjRlNmIwYzEzNzlmOGE3MWUzN2Y4ZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/zgd+J5fltWzSWI7gSlTfvT/FuK
410nIYNhQeBW2LrO53pJpeuo6BjiUmr02I2CF4slIIdy8oWO5aRMsrdFT81o1Bgz
nnjk1K6R004jW8HsLRyJ9BW88sLaZUFMMLe0QApGnTjzhrjVx/MmAbfhZfhnMqPa
OKV6165GPrYq5/zPyxCPJCvKsPJAomXZbd3XEiCOrW8VeaSXah2tXnWdJQkpzatW
xLq6TAxcqg9dWRhB9pYWEdkR0sRn0ZucmdvX9HrStqB55h4bjzQK2sMiCQp/XRCM
g0bERSpEjgD5nRF6RH0r0WtDF+GgMlur0X4Qj0h5/gkwveN+bRUO4X/e2QIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFN9rVkV3e7DvZOawwTefinHjf45oMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEvMzJ0V1JYZDdzTzlrNXJEQk41LUtjZU5fam1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBVtUQAMEBF+PMAMEA21GcAMEBX0DQAMEBZEowAMEBZsC4AMEB52PAAME
A7IWaAMEAbL6ggMEArltpAMEArmg9AMEArnLhAMEAcIfgAMEAcL2dgMEBdQZAAME
BNkWgAMEBNlH8AMEBNmW4DAbBAIAAjAVAwUDIAEI4AMFACoAEMADBQAqAb0AMA0G
CSqGSIb3DQEBCwUAA4IBAQBJjZaeCUJKvzLGuCvnN2nWxrEeB/rjEeBbiDqPDT0q
uLnkA2KIs9cYCY++fkV9lOMuzuT4le6b1LM+6DWjmEL5XjyfuXd+qEaM4SJ/Cx0N
9CUyvBvS5nPQLTp5u1gE/MfypsnyBwR9GPUpTXZ4TMS6HtX0EoAMyJlTa0xquQZJ
HmFw2OGLZjdTdSfPPo1q5P6NqJ3MpZNkreB124JpqbhUuUuHKXOEtuwIG0v8C98u
5h6Qx8uYLkz5KYLeOUgjcCnLVyRoaaBFCXtqJLxqDoTe4TpvKVTNByC6Clc1UQZq
scO7ARGCNOIro0MpqSocfmWAi54aglJOEGkTILhZrqAR
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:20:41 2025 by rpki-client