Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jQ0CKQnybkbWfxcX-b3jXwGqgDw.roa
File: jQ0CKQnybkbWfxcX-b3jXwGqgDw.roa (raw, json)
Hash identifier: NFsYpIl9GoaRpf5VVl2Q/mtvqIqN+EsXu243SgMs5aw=
Subject key identifier: 8D:0D:02:29:09:F2:6E:46:D6:7F:17:17:F9:BD:E3:5F:01:AA:80:3C
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019874466EA9655E6AB6CF5A7C29F16AE385
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jQ0CKQnybkbWfxcX-b3jXwGqgDw.roa
Signing time: Mon 04 Aug 2025 08:50:29 +0000
ROA not before: Mon 04 Aug 2025 08:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214447
IP address blocks: 212.68.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:46:6e:a9:65:5e:6a:b6:cf:5a:7c:29:f1:6a:e3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 4 08:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d0d022909f26e46d67f1717f9bde35f01aa803c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:62:8d:98:7d:9d:5d:76:a8:40:14:93:c3:20:
9a:48:da:ca:9d:21:38:bb:ed:c6:6d:4a:0c:02:33:
5c:bf:c8:9a:f6:8a:83:08:5f:3b:63:18:e7:a8:fd:
73:ea:8b:81:3a:f8:44:f0:58:ad:70:26:f4:a0:f1:
d6:a9:81:68:2f:f9:bf:17:f8:16:f6:7d:83:e5:90:
a0:f7:85:fd:44:42:b5:3f:8d:bb:ae:11:cd:e3:c8:
39:9d:0f:b8:9e:85:a5:94:b0:24:3e:6e:3a:3e:9f:
6f:c0:74:9e:17:cb:30:95:22:5b:cd:74:2a:e3:4c:
ff:fa:58:f3:77:e9:56:8c:75:0b:be:4c:d8:62:f0:
75:67:4b:f1:8f:d9:b6:27:c5:82:f6:85:7c:0f:b6:
56:83:aa:6c:33:cb:ca:50:94:d3:66:5d:ae:9a:36:
57:49:bc:a1:81:a5:5a:40:f3:13:76:a2:e7:b2:c7:
3a:26:f5:d9:8d:62:ae:d0:26:de:f2:be:66:9c:4e:
b4:98:05:58:b2:05:63:56:07:62:51:11:72:cb:0c:
e2:0a:88:96:21:58:28:13:68:c9:89:c5:d8:ae:75:
0a:cd:c2:97:85:93:ef:9b:7a:23:21:02:de:6c:5a:
85:ef:a7:52:07:8a:83:8e:2c:16:75:8e:b0:b1:dd:
af:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0D:02:29:09:F2:6E:46:D6:7F:17:17:F9:BD:E3:5F:01:AA:80:3C
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jQ0CKQnybkbWfxcX-b3jXwGqgDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f4:49:04:1e:68:b0:c2:72:d2:87:e5:03:66:cc:9e:2c:09:
64:05:8c:8c:b3:a3:91:36:84:56:47:c3:57:e3:14:bb:a1:93:
5f:67:4f:38:5f:10:ea:af:45:70:45:b7:58:a5:d9:7e:9d:a5:
be:ae:d0:d2:92:ea:25:dc:a5:90:68:45:c9:45:c4:d6:28:3e:
65:cc:e6:e3:36:5a:52:d4:b0:64:a3:e5:3e:9d:f4:bc:e3:27:
ab:48:0c:0b:6e:52:32:dc:27:d3:7c:56:b0:86:6a:ff:cf:a1:
7c:46:73:0d:a8:da:d8:b2:5d:1c:a9:eb:de:c6:fa:07:b0:21:
2c:20:8c:85:27:e4:96:e1:86:e7:0b:cf:70:b9:5e:3e:d4:7f:
4e:b3:04:c8:87:be:55:69:5a:4e:c5:0a:21:7f:0f:90:53:ba:
24:47:6d:26:d1:dc:45:b2:f6:f0:11:3a:33:c2:e7:03:a2:57:
3b:3a:6d:00:bd:bc:ff:1e:b7:5a:32:a0:ac:37:f1:b8:25:71:
c9:d6:5c:36:66:17:2e:57:57:f4:cc:c6:6c:44:20:7d:ee:37:
be:89:eb:4c:d5:45:a8:e8:a7:d8:e2:16:ca:38:a2:24:fa:79:
34:80:90:e4:29:e5:f3:8d:14:87:5e:26:d9:61:6e:d2:42:01:
8d:9b:9a:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZh0Rm6pZV5qts9afCnxauOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwODA0MDg1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBkMDIyOTA5ZjI2ZTQ2ZDY3ZjE3MTdmOWJkZTM1ZjAxYWE4MDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2KNmH2dXXaoQBSTwyCaSNrKnSE4
u+3GbUoMAjNcv8ia9oqDCF87YxjnqP1z6ouBOvhE8FitcCb0oPHWqYFoL/m/F/gW
9n2D5ZCg94X9REK1P427rhHN48g5nQ+4noWllLAkPm46Pp9vwHSeF8swlSJbzXQq
40z/+ljzd+lWjHULvkzYYvB1Z0vxj9m2J8WC9oV8D7ZWg6psM8vKUJTTZl2umjZX
SbyhgaVaQPMTdqLnssc6JvXZjWKu0Cbe8r5mnE60mAVYsgVjVgdiURFyywziCoiW
IVgoE2jJicXYrnUKzcKXhZPvm3ojIQLebFqF76dSB4qDjiwWdY6wsd2vdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0NAikJ8m5G1n8XF/m9418BqoA8MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvalEwQ0tRbnlia2JXZnhjWC1iM2pYd0dxZ0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EQjMA0G
CSqGSIb3DQEBCwUAA4IBAQAa9EkEHmiwwnLSh+UDZsyeLAlkBYyMs6ORNoRWR8NX
4xS7oZNfZ084XxDqr0VwRbdYpdl+naW+rtDSkuol3KWQaEXJRcTWKD5lzObjNlpS
1LBko+U+nfS84yerSAwLblIy3CfTfFawhmr/z6F8RnMNqNrYsl0cqevexvoHsCEs
IIyFJ+SW4YbnC89wuV4+1H9OswTIh75VaVpOxQohfw+QU7okR20m0dxFsvbwEToz
wucDolc7Om0Avbz/HrdaMqCsN/G4JXHJ1lw2ZhcuV1f0zMZsRCB97je+ietM1UWo
6KfY4hbKOKIk+nk0gJDkKeXzjRSHXibZYW7SQgGNm5q6
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:45:52 2025 by rpki-client