Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JbxTavVyN4VB-2-yHRUzE-olFBw.roa
File: JbxTavVyN4VB-2-yHRUzE-olFBw.roa (raw, json)
Hash identifier: ndHF6saCPra8ZdBchJ0UYhQb/9HrjIUbhfZeotuNPiU=
Subject key identifier: 25:BC:53:6A:F5:72:37:85:41:FB:6F:B2:1D:15:33:13:EA:25:14:1C
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 01986F97A64C03224C26979D8AB82901CD30
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JbxTavVyN4VB-2-yHRUzE-olFBw.roa
Signing time: Sun 03 Aug 2025 11:01:06 +0000
ROA not before: Sun 03 Aug 2025 11:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 86.109.0.0/24 maxlen: 24
86.109.2.0/23 maxlen: 23
86.109.7.0/24 maxlen: 24
86.109.8.0/24 maxlen: 24
86.109.9.0/24 maxlen: 24
86.109.12.0/24 maxlen: 24
93.187.216.0/23 maxlen: 23
93.187.218.0/23 maxlen: 23
136.144.50.0/23 maxlen: 23
136.144.56.0/23 maxlen: 23
136.144.58.0/23 maxlen: 23
136.144.60.0/23 maxlen: 23
136.144.62.0/23 maxlen: 23
139.178.64.0/22 maxlen: 22
139.178.76.0/23 maxlen: 23
139.178.80.0/21 maxlen: 21
145.40.64.0/23 maxlen: 23
145.40.69.0/24 maxlen: 24
145.40.74.0/23 maxlen: 23
145.40.76.0/23 maxlen: 23
145.40.78.0/24 maxlen: 24
145.40.79.0/24 maxlen: 24
145.40.80.0/23 maxlen: 23
145.40.88.0/24 maxlen: 24
145.40.89.0/24 maxlen: 24
145.40.98.0/23 maxlen: 23
145.40.100.0/24 maxlen: 24
145.40.101.0/24 maxlen: 24
145.40.102.0/23 maxlen: 23
145.40.104.0/22 maxlen: 22
145.40.108.0/22 maxlen: 22
145.40.120.0/22 maxlen: 22
147.28.128.0/23 maxlen: 23
147.28.131.0/24 maxlen: 24
147.28.136.0/23 maxlen: 23
147.28.138.0/23 maxlen: 23
147.28.140.0/22 maxlen: 22
147.28.141.0/24 maxlen: 24
147.28.142.0/23 maxlen: 23
147.28.144.0/23 maxlen: 23
147.28.146.0/23 maxlen: 23
147.28.148.0/23 maxlen: 23
147.28.150.0/23 maxlen: 23
147.28.152.0/24 maxlen: 24
147.28.154.0/23 maxlen: 23
147.28.158.0/23 maxlen: 23
147.28.160.0/23 maxlen: 23
147.28.162.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.166.0/23 maxlen: 23
147.28.170.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.28.182.0/23 maxlen: 23
147.28.186.0/23 maxlen: 23
147.28.188.0/24 maxlen: 24
147.28.189.0/24 maxlen: 24
147.28.192.0/24 maxlen: 24
147.28.193.0/24 maxlen: 24
147.28.194.0/24 maxlen: 24
147.28.196.0/23 maxlen: 23
147.28.200.0/24 maxlen: 24
147.28.201.0/24 maxlen: 24
147.28.202.0/24 maxlen: 24
147.28.204.0/23 maxlen: 23
147.28.210.0/23 maxlen: 23
147.28.212.0/24 maxlen: 24
147.28.214.0/23 maxlen: 23
147.28.216.0/23 maxlen: 23
147.28.219.0/24 maxlen: 24
147.28.220.0/23 maxlen: 23
147.28.222.0/23 maxlen: 23
147.28.228.0/24 maxlen: 24
147.28.229.0/24 maxlen: 24
147.28.232.0/24 maxlen: 24
147.28.233.0/24 maxlen: 24
147.28.234.0/24 maxlen: 24
147.28.235.0/24 maxlen: 24
147.28.241.0/24 maxlen: 24
147.28.242.0/24 maxlen: 24
147.75.35.0/24 maxlen: 24
147.75.36.0/22 maxlen: 22
147.75.38.0/23 maxlen: 23
147.75.40.0/23 maxlen: 23
147.75.44.0/24 maxlen: 24
147.75.45.0/24 maxlen: 24
147.75.47.0/24 maxlen: 24
147.75.48.0/24 maxlen: 24
147.75.50.0/23 maxlen: 23
147.75.52.0/24 maxlen: 24
147.75.53.0/24 maxlen: 24
147.75.54.0/23 maxlen: 23
147.75.54.0/24 maxlen: 24
147.75.55.0/24 maxlen: 24
147.75.56.0/23 maxlen: 23
147.75.56.0/24 maxlen: 24
147.75.59.0/24 maxlen: 24
147.75.61.0/24 maxlen: 24
147.75.62.0/23 maxlen: 23
147.75.62.0/24 maxlen: 24
147.75.63.0/24 maxlen: 24
147.75.64.0/22 maxlen: 22
147.75.72.0/21 maxlen: 21
147.75.96.0/22 maxlen: 22
147.75.96.0/23 maxlen: 23
147.75.99.0/24 maxlen: 24
147.75.104.0/22 maxlen: 22
147.75.192.0/21 maxlen: 21
147.75.193.0/24 maxlen: 24
147.75.194.0/23 maxlen: 23
147.75.196.0/22 maxlen: 22
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6f:97:a6:4c:03:22:4c:26:97:9d:8a:b8:29:01:cd:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: Aug 3 11:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25bc536af572378541fb6fb21d153313ea25141c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4f:0d:fe:a5:35:a8:42:3f:eb:97:ff:b0:7f:
3f:f8:85:7f:59:2c:14:d1:c9:b5:b2:a6:20:36:e4:
8d:b2:7f:4c:42:53:88:48:38:d6:4d:6f:82:4c:a8:
d7:05:d8:a9:bf:a3:a0:ae:16:f4:c4:05:ba:fb:4e:
40:79:bd:69:a9:68:e1:f6:85:66:4a:16:39:33:fa:
63:1d:ff:dc:32:e8:e2:7a:16:d6:45:84:70:31:d3:
62:12:80:8a:eb:3a:0a:23:3c:35:7e:9d:2f:f1:30:
90:8b:16:9a:6c:eb:bc:e6:fd:44:09:cf:d0:e6:04:
ad:bc:ee:55:d3:0d:31:0e:87:b1:eb:1a:16:e4:c8:
2e:ec:f0:b5:95:a6:d9:5b:72:c4:67:77:e5:8f:a4:
2d:2c:65:4c:ff:9e:7b:ed:56:86:b3:8c:79:2f:32:
30:22:e4:b4:be:cb:84:8d:a9:3a:cf:8f:2b:b6:5c:
6c:78:06:59:1e:d9:1d:18:a5:9f:56:1d:4a:12:9b:
0c:1b:0a:d1:6b:c5:db:b6:bc:80:93:96:83:5d:74:
d7:27:62:11:f9:03:b0:ad:4a:ac:7a:49:c9:d7:fc:
01:ec:f5:74:86:22:52:80:22:58:11:e6:60:78:36:
ce:a3:2f:cc:8d:e4:60:04:7d:b4:fc:56:7a:21:ad:
b8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BC:53:6A:F5:72:37:85:41:FB:6F:B2:1D:15:33:13:EA:25:14:1C
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JbxTavVyN4VB-2-yHRUzE-olFBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.0.0/24
86.109.2.0/23
86.109.7.0-86.109.9.255
86.109.12.0/24
93.187.216.0/22
136.144.50.0/23
136.144.56.0/21
139.178.64.0/22
139.178.76.0/23
139.178.80.0/21
145.40.64.0/23
145.40.69.0/24
145.40.74.0-145.40.81.255
145.40.88.0/23
145.40.98.0-145.40.111.255
145.40.120.0/22
147.28.128.0/23
147.28.131.0/24
147.28.136.0-147.28.152.255
147.28.154.0/23
147.28.158.0-147.28.167.255
147.28.170.0/23
147.28.176.0/23
147.28.182.0/23
147.28.186.0-147.28.189.255
147.28.192.0-147.28.194.255
147.28.196.0/23
147.28.200.0-147.28.202.255
147.28.204.0/23
147.28.210.0-147.28.212.255
147.28.214.0-147.28.217.255
147.28.219.0-147.28.223.255
147.28.228.0/23
147.28.232.0/22
147.28.241.0-147.28.242.255
147.75.35.0-147.75.41.255
147.75.44.0/23
147.75.47.0-147.75.48.255
147.75.50.0-147.75.57.255
147.75.59.0/24
147.75.61.0-147.75.67.255
147.75.72.0/21
147.75.96.0/22
147.75.104.0/22
147.75.192.0/21
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:c8:79:62:83:e7:40:47:90:b8:f5:66:c0:15:69:12:ae:47:
8f:ab:d9:85:73:c9:4c:e1:2a:6c:5b:33:64:63:f4:89:0d:25:
10:0e:07:09:c3:a9:de:8a:3c:66:44:c5:64:31:0a:e9:e0:c6:
de:d8:7e:db:6c:a1:5a:ff:93:56:5e:27:23:e3:73:94:85:88:
14:4a:25:07:ba:66:87:d7:00:d1:49:c7:aa:3a:0b:99:21:7e:
1f:28:58:c1:0d:56:13:7f:ee:03:8b:b2:ea:8b:83:57:92:80:
b4:4d:2b:58:4a:73:ef:8e:d8:15:b1:78:13:4a:07:dd:ec:fb:
73:c1:89:ba:bf:be:c9:91:90:85:54:cb:6f:ea:08:e0:df:e4:
1d:b0:22:c3:6b:57:a0:e5:0a:b1:c0:6e:ea:95:a6:1c:22:8c:
16:65:93:cc:e3:5c:e8:4b:b9:c5:9b:c8:d1:af:6e:09:3e:0b:
4d:41:fd:d8:9d:39:76:78:d0:3b:9e:aa:4e:e0:56:b6:76:76:
22:c1:f8:33:11:34:c0:4c:9d:9a:b5:5b:5d:ad:59:d6:4d:e0:
f8:33:aa:57:cc:23:2d:7f:ed:e6:a6:5a:d2:79:1a:73:1e:dc:
85:78:35:07:59:fb:63:d8:f8:78:7c:84:cd:8b:e4:ec:7f:71:
23:f8:31:df
-----BEGIN CERTIFICATE-----
MIIGlTCCBX2gAwIBAgISAZhvl6ZMAyJMJpedirgpAc0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwODAzMTEwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJjNTM2YWY1NzIzNzg1NDFmYjZmYjIxZDE1MzMxM2VhMjUxNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8U8N/qU1qEI/65f/sH8/+IV/WSwU
0cm1sqYgNuSNsn9MQlOISDjWTW+CTKjXBdipv6Ogrhb0xAW6+05Aeb1pqWjh9oVm
ShY5M/pjHf/cMujiehbWRYRwMdNiEoCK6zoKIzw1fp0v8TCQixaabOu85v1ECc/Q
5gStvO5V0w0xDoex6xoW5Mgu7PC1labZW3LEZ3flj6QtLGVM/5577VaGs4x5LzIw
IuS0vsuEjak6z48rtlxseAZZHtkdGKWfVh1KEpsMGwrRa8XbtryAk5aDXXTXJ2IR
+QOwrUqseknJ1/wB7PV0hiJSgCJYEeZgeDbOoy/MjeRgBH20/FZ6Ia24EwIDAQAB
o4IDoTCCA50wHQYDVR0OBBYEFCW8U2r1cjeFQftvsh0VMxPqJRQcMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvSmJ4VGF2VnlONFZCLTIteUhSVXpFLW9sRkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtQYIKwYBBQUHAQcBAf8EggGkMIIBoDCCAZwEAgABMIIB
lAMEAFZtAAMEAVZtAjAMAwQAVm0HAwQBVm0IAwQAVm0MAwQCXbvYAwQBiJAyAwQD
iJA4AwQCi7JAAwQBi7JMAwQDi7JQAwQBkShAAwQAkShFMAwDBAGRKEoDBAGRKFAD
BAGRKFgwDAMEAZEoYgMEBJEoYAMEApEoeAMEAZMcgAMEAJMcgzAMAwQDkxyIAwQA
kxyYAwQBkxyaMAwDBAGTHJ4DBAOTHKADBAGTHKoDBAGTHLADBAGTHLYwDAMEAZMc
ugMEAZMcvDAMAwQGkxzAAwQAkxzCAwQBkxzEMAwDBAOTHMgDBACTHMoDBAGTHMww
DAMEAZMc0gMEAJMc1DAMAwQBkxzWAwQBkxzYMAwDBACTHNsDBAWTHMADBAGTHOQD
BAKTHOgwDAMEAJMc8QMEAJMc8jAMAwQAk0sjAwQBk0soAwQBk0ssMAwDBACTSy8D
BACTSzAwDAMEAZNLMgMEAZNLOAMEAJNLOzAMAwQAk0s9AwQCk0tAAwQDk0tIAwQC
k0tgAwQCk0toAwQDk0vAAwQBk0vOMA0GCSqGSIb3DQEBCwUAA4IBAQCLyHlig+dA
R5C49WbAFWkSrkePq9mFc8lM4SpsWzNkY/SJDSUQDgcJw6neijxmRMVkMQrp4Mbe
2H7bbKFa/5NWXicj43OUhYgUSiUHumaH1wDRSceqOguZIX4fKFjBDVYTf+4Di7Lq
i4NXkoC0TStYSnPvjtgVsXgTSgfd7PtzwYm6v77JkZCFVMtv6gjg3+QdsCLDa1eg
5QqxwG7qlaYcIowWZZPM41zoS7nFm8jRr24JPgtNQf3YnTl2eNA7nqpO4Fa2dnYi
wfgzETTATJ2atVtdrVnWTeD4M6pXzCMtf+3mplrSeRpzHtyFeDUHWftj2Ph4fITN
i+Tsf3Ej+DHf
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:20:12 2025 by rpki-client