Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rJVC54KMnjCB_OVNXkR7wbY_pqY.roa
File: rJVC54KMnjCB_OVNXkR7wbY_pqY.roa (raw, json)
Hash identifier: XBqW9LJVjSv4j8aKjrCl3Ou7nqLb3Clpr0sfUy3Uq/g=
Subject key identifier: AC:95:42:E7:82:8C:9E:30:81:FC:E5:4D:5E:44:7B:C1:B6:3F:A6:A6
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 01976AE84B94649E47E0533DA35741513762
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rJVC54KMnjCB_OVNXkR7wbY_pqY.roa
Signing time: Fri 13 Jun 2025 20:08:18 +0000
ROA not before: Fri 13 Jun 2025 20:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15626
IP address blocks: 5.34.182.0/23 maxlen: 23
5.34.182.0/24 maxlen: 24
5.34.183.0/24 maxlen: 24
82.118.17.0/24 maxlen: 24
82.118.18.0/24 maxlen: 24
193.238.152.0/23 maxlen: 23
193.238.153.0/24 maxlen: 24
217.12.192.0/21 maxlen: 21
217.12.199.0/24 maxlen: 24
217.12.205.0/24 maxlen: 24
217.12.210.0/23 maxlen: 23
217.12.210.0/24 maxlen: 24
217.12.212.0/22 maxlen: 22
217.12.215.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.220.0/22 maxlen: 22
217.12.221.0/24 maxlen: 24
217.12.222.0/24 maxlen: 24
217.12.223.0/24 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:feed::/48 maxlen: 48
2a02:27ad::/32 maxlen: 32
2a05:9407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:e8:4b:94:64:9e:47:e0:53:3d:a3:57:41:51:37:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jun 13 20:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac9542e7828c9e3081fce54d5e447bc1b63fa6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ba:ae:8b:ba:fb:f6:a3:fb:29:02:c4:bb:80:
09:08:23:3c:fe:d0:70:cd:22:5a:58:d7:d0:c2:07:
15:86:99:fa:7f:8b:b2:e6:9a:39:03:bf:62:84:27:
01:ca:65:92:66:3c:f0:3f:85:7c:cc:3e:98:71:34:
60:10:78:32:21:18:eb:16:5a:74:2f:63:53:00:0c:
ae:fa:d6:1f:85:83:76:3a:98:ec:1d:fa:39:ee:49:
41:6c:ab:6c:e5:ae:47:33:53:f4:e1:35:d4:a3:8a:
f0:f6:7f:c5:c1:43:53:a4:d6:80:8d:69:16:13:9c:
3e:a2:a8:74:33:99:59:eb:b7:12:07:7a:cf:ca:4f:
db:5f:45:90:70:f5:98:92:1a:4f:ff:86:ca:c2:49:
41:2c:36:3f:25:5a:11:1f:ae:09:b8:0b:d8:1b:f0:
63:12:eb:50:07:13:33:a0:72:c4:20:95:61:25:cd:
58:5a:61:96:19:8c:bd:6f:e2:2b:ce:b8:93:75:22:
ee:c8:94:2f:4e:77:55:d9:71:26:47:5d:e5:4e:63:
2a:3f:6e:c7:db:4e:86:d9:3f:68:32:c2:5f:0f:22:
1a:ab:19:fa:92:5f:79:16:be:c1:fc:09:a0:89:fe:
be:dc:bb:4b:93:dd:fd:c7:1e:ef:56:5b:c4:fe:1f:
63:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:95:42:E7:82:8C:9E:30:81:FC:E5:4D:5E:44:7B:C1:B6:3F:A6:A6
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rJVC54KMnjCB_OVNXkR7wbY_pqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
82.118.17.0-82.118.18.255
193.238.152.0/23
217.12.192.0/21
217.12.205.0/24
217.12.210.0-217.12.217.255
217.12.220.0/22
IPv6:
2a02:27a8::/32
2a02:27ad::/32
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
1f:7a:19:99:80:80:b3:a6:c9:22:f0:f3:84:32:01:57:db:5e:
40:89:b1:60:01:e4:db:81:e6:69:92:83:0e:67:a7:2b:4d:10:
b3:c8:bd:65:d2:22:92:42:19:7c:4b:c4:40:f3:53:0a:93:6d:
65:a3:f8:7a:43:e3:c3:d4:cc:c8:18:a6:e7:6b:80:fc:d7:ce:
d5:c0:77:8a:f2:eb:2f:3e:a7:8d:5a:df:5c:ac:42:a2:ad:1a:
1c:68:c6:d3:0e:bd:1f:e8:a8:27:66:96:5d:88:cf:e6:ae:0b:
c5:25:70:96:6b:2a:d8:5f:6f:36:c3:e8:1f:c6:1e:8f:4d:df:
e5:92:9a:1f:ef:88:97:5a:68:e5:11:15:66:71:25:b1:c2:27:
fb:b6:30:1b:35:7e:be:49:1f:6f:0d:3d:f3:80:5e:1a:3c:fe:
83:97:bd:ce:73:fd:76:0b:c1:11:a9:a5:5a:e2:5a:45:1f:2b:
e0:a8:db:2d:86:d3:70:d6:25:f3:7b:c6:1e:8b:d4:0c:d6:16:
76:c1:be:35:a3:12:f8:dc:ec:73:53:b6:5e:2d:0f:92:72:d3:
92:1c:dd:48:a0:79:0e:73:24:0c:d2:90:e4:2f:e2:55:23:0e:
7b:32:1d:67:4d:dc:78:a0:d0:a5:c2:1b:3b:c6:68:57:02:f1:
fd:39:95:3c
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZdq6EuUZJ5H4FM9o1dBUTdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwNjEzMjAwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk1NDJlNzgyOGM5ZTMwODFmY2U1NGQ1ZTQ0N2JjMWI2M2ZhNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbqui7r79qP7KQLEu4AJCCM8/tBw
zSJaWNfQwgcVhpn6f4uy5po5A79ihCcBymWSZjzwP4V8zD6YcTRgEHgyIRjrFlp0
L2NTAAyu+tYfhYN2OpjsHfo57klBbKts5a5HM1P04TXUo4rw9n/FwUNTpNaAjWkW
E5w+oqh0M5lZ67cSB3rPyk/bX0WQcPWYkhpP/4bKwklBLDY/JVoRH64JuAvYG/Bj
EutQBxMzoHLEIJVhJc1YWmGWGYy9b+IrzriTdSLuyJQvTndV2XEmR13lTmMqP27H
206G2T9oMsJfDyIaqxn6kl95Fr7B/Amgif6+3LtLk939xx7vVlvE/h9j0wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFKyVQueCjJ4wgfzlTV5Ee8G2P6amMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvckpWQzU0S01uakNCX09WTlhrUjd3YllfcHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBABAIAATA6AwQBBSK2MAwD
BABSdhEDBABSdhIDBAHB7pgDBAPZDMADBADZDM0wDAMEAdkM0gMEAdkM2AMEAtkM
3DAbBAIAAjAVAwUAKgInqAMFACoCJ60DBQAqBZQHMA0GCSqGSIb3DQEBCwUAA4IB
AQAfehmZgICzpski8POEMgFX215AibFgAeTbgeZpkoMOZ6crTRCzyL1l0iKSQhl8
S8RA81MKk21lo/h6Q+PD1MzIGKbna4D8187VwHeK8usvPqeNWt9crEKirRocaMbT
Dr0f6KgnZpZdiM/mrgvFJXCWayrYX282w+gfxh6PTd/lkpof74iXWmjlERVmcSWx
wif7tjAbNX6+SR9vDT3zgF4aPP6Dl73Oc/12C8ERqaVa4lpFHyvgqNsthtNw1iXz
e8Yei9QM1hZ2wb41oxL43OxzU7ZeLQ+SctOSHN1IoHkOcyQM0pDkL+JVIw57Mh1n
Tdx4oNClwhs7xmhXAvH9OZU8
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:34:19 2025 by rpki-client