Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/J5z2WFOd06DC-0tiHn1r6QxVRBA.roa
File: J5z2WFOd06DC-0tiHn1r6QxVRBA.roa (raw, json)
Hash identifier: EqTbIqrKwiVhFMIsQAOTk3OrKOAdfbxDpjoUaly9WQY=
Subject key identifier: 27:9C:F6:58:53:9D:D3:A0:C2:FB:4B:62:1E:7D:6B:E9:0C:55:44:10
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01985CB08615AD3ABD81C1366BE94D81B316
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/J5z2WFOd06DC-0tiHn1r6QxVRBA.roa
Signing time: Wed 30 Jul 2025 18:55:29 +0000
ROA not before: Wed 30 Jul 2025 18:55:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 85.209.8.0/24 maxlen: 24
92.246.76.0/24 maxlen: 24
185.68.22.0/24 maxlen: 24
213.226.124.0/24 maxlen: 24
213.226.125.0/24 maxlen: 24
213.226.126.0/24 maxlen: 24
213.226.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5c:b0:86:15:ad:3a:bd:81:c1:36:6b:e9:4d:81:b3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jul 30 18:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=279cf658539dd3a0c2fb4b621e7d6be90c554410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ee:b9:7a:71:4c:5c:ef:a0:33:4c:34:b6:6d:
14:c5:68:6f:11:d4:62:31:c8:9f:60:65:49:72:ad:
86:c4:2b:ed:4d:85:03:1e:d9:d2:4d:0f:d7:76:61:
4f:63:0e:01:b7:9c:4b:24:4f:83:3a:38:c6:ee:e1:
21:53:9a:68:ad:2f:5a:8d:72:e2:84:8c:1d:65:ff:
42:1e:64:3b:30:e4:05:76:6b:1f:6b:18:76:24:f2:
73:de:89:9b:19:52:b4:71:bf:68:aa:02:4b:18:78:
38:cf:db:36:ef:d9:53:d2:81:0a:0d:4b:19:f9:50:
b1:60:33:89:ef:a8:5b:55:1a:21:e8:c6:7e:58:fd:
66:55:f8:c0:01:96:c3:95:96:e1:10:85:25:9a:dc:
b7:81:69:2b:8e:dd:05:43:82:32:62:5e:47:2e:2f:
6e:02:d1:6c:8a:7e:08:a3:8e:71:b9:c2:9f:b7:c5:
01:4f:fe:73:c1:f0:14:3f:4d:1d:cb:66:63:b5:7a:
bf:84:56:a1:47:ac:dd:8c:05:0c:cf:1b:d8:f5:cb:
0a:b2:66:4b:d9:44:57:72:45:d5:7a:70:55:92:ea:
ee:62:95:03:83:fb:fb:c4:22:39:82:13:71:e0:f5:
7f:89:b9:d1:b0:c4:90:dc:d5:af:bb:be:aa:b7:55:
64:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:9C:F6:58:53:9D:D3:A0:C2:FB:4B:62:1E:7D:6B:E9:0C:55:44:10
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/J5z2WFOd06DC-0tiHn1r6QxVRBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.8.0/24
92.246.76.0/24
185.68.22.0/24
213.226.124.0/22
Signature Algorithm: sha256WithRSAEncryption
17:8e:31:22:ee:b9:97:d1:d9:27:47:78:d7:f2:78:d5:3e:25:
82:dd:d5:cb:ac:13:ba:e9:b7:57:4c:6c:36:83:a1:87:2b:e8:
e0:66:81:85:93:92:d0:51:43:62:a8:19:79:0c:75:6c:1c:48:
c3:07:c5:40:7c:36:2b:23:d0:80:ce:34:4f:e1:f2:d5:16:28:
a7:97:fe:56:49:93:8a:3c:b2:a6:40:7c:ee:ea:9a:07:44:2c:
55:38:e6:22:74:21:57:79:7a:2c:db:d2:90:da:06:b2:69:7d:
44:f7:ad:2f:a3:7d:0b:b0:ba:9d:44:aa:3a:68:1a:46:a2:0e:
00:3b:20:39:70:7c:18:ba:cd:82:ec:93:b2:59:64:8e:c4:12:
bd:d6:d8:33:ee:21:47:a1:bb:e4:db:d6:30:ad:05:d7:f5:c3:
b1:40:f3:69:7d:ea:f0:30:1a:11:70:00:3c:37:0a:d6:25:6a:
f4:ba:55:3c:95:8c:22:d3:54:a6:3e:1a:a4:7f:21:2c:be:51:
c5:ed:e3:df:a4:ad:73:09:68:16:61:98:87:b6:54:66:e6:a6:
ee:f0:dc:6e:e2:b3:b3:6b:55:26:87:7b:69:07:aa:0d:31:0c:
1b:61:97:20:c6:ad:44:12:d7:eb:9f:0c:5e:14:36:4e:e4:dd:
95:28:d3:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhcsIYVrTq9gcE2a+lNgbMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwNzMwMTg1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzljZjY1ODUzOWRkM2EwYzJmYjRiNjIxZTdkNmJlOTBjNTU0NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO65enFMXO+gM0w0tm0UxWhvEdRi
McifYGVJcq2GxCvtTYUDHtnSTQ/XdmFPYw4Bt5xLJE+DOjjG7uEhU5porS9ajXLi
hIwdZf9CHmQ7MOQFdmsfaxh2JPJz3ombGVK0cb9oqgJLGHg4z9s279lT0oEKDUsZ
+VCxYDOJ76hbVRoh6MZ+WP1mVfjAAZbDlZbhEIUlmty3gWkrjt0FQ4IyYl5HLi9u
AtFsin4Io45xucKft8UBT/5zwfAUP00dy2ZjtXq/hFahR6zdjAUMzxvY9csKsmZL
2URXckXVenBVkuruYpUDg/v7xCI5ghNx4PV/ibnRsMSQ3NWvu76qt1VkWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCec9lhTndOgwvtLYh59a+kMVUQQMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSjV6MldGT2QwNkRDLTB0aUhuMXI2UXhWUkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdEIAwQA
XPZMAwQAuUQWAwQC1eJ8MA0GCSqGSIb3DQEBCwUAA4IBAQAXjjEi7rmX0dknR3jX
8njVPiWC3dXLrBO66bdXTGw2g6GHK+jgZoGFk5LQUUNiqBl5DHVsHEjDB8VAfDYr
I9CAzjRP4fLVFiinl/5WSZOKPLKmQHzu6poHRCxVOOYidCFXeXos29KQ2gayaX1E
960vo30LsLqdRKo6aBpGog4AOyA5cHwYus2C7JOyWWSOxBK91tgz7iFHobvk29Yw
rQXX9cOxQPNpferwMBoRcAA8NwrWJWr0ulU8lYwi01SmPhqkfyEsvlHF7ePfpK1z
CWgWYZiHtlRm5qbu8Nxu4rOza1Umh3tpB6oNMQwbYZcgxq1EEtfrnwxeFDZO5N2V
KNPp
-----END CERTIFICATE-----
Generated at Fri Aug 8 21:02:47 2025 by rpki-client