Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/jOvM-KkjMcocARVIZsXXSmhqwTk.roa
File: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (raw, json)
Hash identifier: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=
Subject key identifier: 8C:EB:CC:F8:A9:23:31:CA:1C:01:15:48:66:C5:D7:4A:68:6A:C1:39
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 019A31B5B42D7D4D7798C36F19460ACBE6D1
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/jOvM-KkjMcocARVIZsXXSmhqwTk.roa
Signing time: Wed 29 Oct 2025 20:43:03 +0000
ROA not before: Wed 29 Oct 2025 20:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206996
IP address blocks: 87.237.52.0/24 maxlen: 24
87.237.53.0/24 maxlen: 24
87.237.54.0/24 maxlen: 24
87.237.55.0/24 maxlen: 24
195.62.33.0/24 maxlen: 24
195.62.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:31:b5:b4:2d:7d:4d:77:98:c3:6f:19:46:0a:cb:e6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Oct 29 20:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cebccf8a92331ca1c01154866c5d74a686ac139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:84:fa:31:98:6b:7c:73:9a:58:e5:66:b8:d1:
1d:7d:1f:1c:a5:ed:eb:99:05:54:08:1e:ae:25:bb:
83:4e:7b:94:17:61:0f:7d:ea:3f:dd:a4:2e:fc:0f:
a0:32:5b:67:e8:21:71:ee:48:30:0e:5e:3c:14:02:
b8:72:ac:9f:d0:41:93:8b:48:7f:b9:f9:c2:65:79:
b5:a4:15:33:12:6a:79:1d:0a:14:d3:a6:2d:8a:b0:
09:f7:55:cc:34:85:31:49:f8:5d:e6:2a:80:af:62:
c5:27:36:13:60:98:fc:9c:7a:a4:61:e6:e0:3d:c0:
5a:a3:0c:20:4a:aa:fa:5b:3a:78:b0:ca:ff:9a:b5:
c2:3a:52:79:a9:e7:1b:a4:e1:58:13:89:cb:c9:0b:
47:88:a9:b6:b4:3c:dc:f6:f0:22:2b:2d:11:a5:8e:
c3:98:eb:b1:e3:b7:a7:60:9f:27:75:34:0a:3a:63:
b9:1e:8d:cf:66:03:f8:ef:ce:52:55:bd:1b:22:f4:
eb:c3:a5:98:bd:b4:75:27:2d:b5:16:53:d5:a3:83:
53:ca:4b:25:51:6d:40:7c:60:8e:50:2d:b5:5c:09:
16:eb:08:50:d8:e1:81:55:5d:4f:6a:fd:64:7b:c4:
b0:92:bb:68:d0:93:8b:d6:77:89:c7:2d:fd:8c:e7:
04:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EB:CC:F8:A9:23:31:CA:1C:01:15:48:66:C5:D7:4A:68:6A:C1:39
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/jOvM-KkjMcocARVIZsXXSmhqwTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.52.0/22
195.62.33.0/24
195.62.47.0/24
Signature Algorithm: sha256WithRSAEncryption
00:40:f2:72:51:39:89:71:ba:0e:f3:34:de:0c:c9:f6:62:70:
f7:0d:09:3f:fb:f6:7a:40:fc:1a:9a:9d:b0:86:c2:68:2a:18:
83:fe:39:b0:a9:2c:1f:48:83:a1:17:95:d7:93:f1:89:db:a9:
70:a3:00:86:f3:ca:3b:40:2a:c6:ee:8d:3c:56:56:0d:b7:3c:
d1:c0:ab:d3:51:13:3e:e2:2d:48:63:ed:04:55:08:40:51:b9:
5d:db:a2:90:70:66:83:9b:9a:55:b2:49:c0:bc:ed:62:08:b6:
00:cc:34:f8:2d:01:48:21:26:ff:a3:44:c7:e0:19:31:8a:9b:
09:23:ad:f3:98:88:21:63:8e:8d:06:11:18:9b:33:ec:d2:70:
4e:c9:42:be:cd:91:1c:4c:a9:a8:95:cb:f6:89:90:31:85:58:
ab:a4:ea:53:a5:e9:f1:43:1e:1f:fb:99:dd:1f:22:ae:9f:0d:
ad:11:69:4e:68:77:64:15:e8:d0:5b:5c:5b:19:e4:39:0d:92:
6a:bc:96:39:ce:dd:3d:c1:ca:4f:e0:48:cc:30:dd:4f:06:51:
47:fe:6f:8d:b7:5f:78:0c:66:89:e6:18:19:71:a9:c1:b5:10:
0c:55:3b:84:0a:31:b2:8f:f3:93:1e:76:01:43:1b:00:ae:8a:
1d:60:54:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoxtbQtfU13mMNvGUYKy+bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjUxMDI5MjA0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ViY2NmOGE5MjMzMWNhMWMwMTE1NDg2NmM1ZDc0YTY4NmFjMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4T6MZhrfHOaWOVmuNEdfR8cpe3r
mQVUCB6uJbuDTnuUF2EPfeo/3aQu/A+gMltn6CFx7kgwDl48FAK4cqyf0EGTi0h/
ufnCZXm1pBUzEmp5HQoU06YtirAJ91XMNIUxSfhd5iqAr2LFJzYTYJj8nHqkYebg
PcBaowwgSqr6Wzp4sMr/mrXCOlJ5qecbpOFYE4nLyQtHiKm2tDzc9vAiKy0RpY7D
mOux47enYJ8ndTQKOmO5Ho3PZgP4785SVb0bIvTrw6WYvbR1Jy21FlPVo4NTyksl
UW1AfGCOUC21XAkW6whQ2OGBVV1Pav1ke8Swkrto0JOL1neJxy39jOcEvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIzrzPipIzHKHAEVSGbF10poasE5MB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvak92TS1La2pNY29jQVJWSVpzWFhTbWhxd1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCV+00AwQA
wz4hAwQAwz4vMA0GCSqGSIb3DQEBCwUAA4IBAQAAQPJyUTmJcboO8zTeDMn2YnD3
DQk/+/Z6QPwamp2whsJoKhiD/jmwqSwfSIOhF5XXk/GJ26lwowCG88o7QCrG7o08
VlYNtzzRwKvTURM+4i1IY+0EVQhAUbld26KQcGaDm5pVsknAvO1iCLYAzDT4LQFI
ISb/o0TH4BkxipsJI63zmIghY46NBhEYmzPs0nBOyUK+zZEcTKmolcv2iZAxhVir
pOpTpenxQx4f+5ndHyKunw2tEWlOaHdkFejQW1xbGeQ5DZJqvJY5zt09wcpP4EjM
MN1PBlFH/m+Nt194DGaJ5hgZcanBtRAMVTuECjGyj/OTHnYBQxsAroodYFQM
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:06:48 2025 by rpki-client