Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JoMUzTaT5XYHkS28vcOe6FGb89w.roa
File: JoMUzTaT5XYHkS28vcOe6FGb89w.roa (raw, json)
Hash identifier: BINde3RX5ZEn6vg6RKqSnpJKcTGa5BkEydpgPkS5GLc=
Subject key identifier: 26:83:14:CD:36:93:E5:76:07:91:2D:BC:BD:C3:9E:E8:51:9B:F3:DC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01976A11277E7476C91C33A1B5C375BD06B1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JoMUzTaT5XYHkS28vcOe6FGb89w.roa
Signing time: Fri 13 Jun 2025 16:13:18 +0000
ROA not before: Fri 13 Jun 2025 16:13:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:11:27:7e:74:76:c9:1c:33:a1:b5:c3:75:bd:06:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 13 16:13:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=268314cd3693e57607912dbcbdc39ee8519bf3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:23:93:36:68:00:58:b6:d7:0f:ab:85:4f:4d:
d0:63:89:09:4a:06:b0:0e:14:b2:bf:f5:28:1a:48:
60:90:12:80:ae:0f:ad:98:09:07:7c:cf:55:4c:a0:
c7:53:be:3a:32:8d:f8:b1:7b:32:9b:77:59:f3:47:
27:04:2c:d9:88:8d:60:83:ca:51:c5:49:57:59:a4:
e2:ba:b9:f4:6d:5b:99:41:7f:09:c1:7b:3c:61:a6:
95:86:b5:ec:ae:e4:73:0d:7b:10:b1:0f:a3:3b:b1:
98:b3:f6:ef:a2:6b:0e:8c:5a:0c:0f:6c:8b:b4:5b:
9c:70:ac:7f:d2:67:46:ee:d7:bc:af:a6:d1:7c:59:
12:c1:2b:b5:d3:2a:81:9c:0d:04:b1:a5:16:5d:d4:
65:e5:be:f7:8e:ab:33:99:10:ea:02:45:31:7e:0c:
87:ea:9d:f8:48:27:b0:14:fb:33:84:e2:d4:ee:e6:
57:c1:d3:41:45:a0:c8:11:c4:7d:b6:d3:ce:2a:9e:
9b:fe:a3:51:80:d4:7b:9a:4a:ba:1e:94:ed:18:e7:
f8:9b:71:51:4a:c0:60:3a:34:35:b7:a0:d7:97:30:
02:65:57:80:ba:b6:b4:52:06:0c:db:db:f7:f8:01:
4b:e9:c0:18:f4:79:90:6f:41:67:38:d3:20:f8:a9:
dd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:83:14:CD:36:93:E5:76:07:91:2D:BC:BD:C3:9E:E8:51:9B:F3:DC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JoMUzTaT5XYHkS28vcOe6FGb89w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.127.0/24
89.213.129.0/24
89.213.167.0/24
89.213.212.0/24
89.213.224.0/24
213.210.11.0/24
213.218.215.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f3:8c:c3:42:7d:02:4d:46:8e:af:c7:77:ec:8b:3d:4a:1c:
01:9f:27:93:cf:25:3c:2f:5b:1d:b2:70:dc:48:00:77:87:dc:
84:b5:d2:43:7c:fc:22:da:7d:38:b3:17:43:76:c3:51:1b:de:
d3:9d:23:18:70:cc:e8:4e:84:15:e4:85:6e:de:cf:d2:db:21:
44:04:5a:a0:7f:62:2f:e9:6d:31:52:67:b7:6b:1e:d1:24:ae:
7e:e9:b9:4e:97:20:44:73:a1:b4:00:42:a7:1b:50:6a:03:dd:
e1:f8:c4:c6:aa:93:02:7c:a8:3b:1f:c5:56:f7:40:f5:3c:45:
90:dd:fd:59:d1:dd:4e:2c:dc:41:56:70:e8:a9:b0:af:77:4b:
db:3c:3a:eb:92:34:dd:46:9e:3f:ec:fa:9e:5b:95:88:88:52:
ef:14:a0:75:29:50:8b:3a:93:8d:69:46:c3:b4:49:0b:3b:b0:
d3:46:4d:20:15:fe:46:67:46:a0:6d:20:0e:0e:c2:65:5d:bb:
9a:d1:cd:b2:34:c3:b5:ed:0a:12:07:48:e5:9d:ba:35:b2:b3:
e1:b8:0b:14:ec:16:97:a1:2c:07:4c:53:24:dc:dc:da:31:ef:
29:1e:8a:dd:fc:34:4f:94:a1:e2:db:b3:ea:fa:49:70:2d:3f:
b8:0a:f4:33
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdqESd+dHbJHDOhtcN1vQaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjEzMTYxMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgzMTRjZDM2OTNlNTc2MDc5MTJkYmNiZGMzOWVlODUxOWJmM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSOTNmgAWLbXD6uFT03QY4kJSgaw
DhSyv/UoGkhgkBKArg+tmAkHfM9VTKDHU746Mo34sXsym3dZ80cnBCzZiI1gg8pR
xUlXWaTiurn0bVuZQX8JwXs8YaaVhrXsruRzDXsQsQ+jO7GYs/bvomsOjFoMD2yL
tFuccKx/0mdG7te8r6bRfFkSwSu10yqBnA0EsaUWXdRl5b73jqszmRDqAkUxfgyH
6p34SCewFPszhOLU7uZXwdNBRaDIEcR9ttPOKp6b/qNRgNR7mkq6HpTtGOf4m3FR
SsBgOjQ1t6DXlzACZVeAura0UgYM29v3+AFL6cAY9HmQb0FnONMg+KndHwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCaDFM02k+V2B5EtvL3DnuhRm/PcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSm9NVXpUYVQ1WFlIa1MyOHZjT2U2RkdiODl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWdV/AwQA
WdWBAwQAWdWnAwQAWdXUAwQAWdXgAwQA1dILAwQA1drXMA0GCSqGSIb3DQEBCwUA
A4IBAQBD84zDQn0CTUaOr8d37Is9ShwBnyeTzyU8L1sdsnDcSAB3h9yEtdJDfPwi
2n04sxdDdsNRG97TnSMYcMzoToQV5IVu3s/S2yFEBFqgf2Iv6W0xUme3ax7RJK5+
6blOlyBEc6G0AEKnG1BqA93h+MTGqpMCfKg7H8VW90D1PEWQ3f1Z0d1OLNxBVnDo
qbCvd0vbPDrrkjTdRp4/7PqeW5WIiFLvFKB1KVCLOpONaUbDtEkLO7DTRk0gFf5G
Z0agbSAODsJlXbua0c2yNMO17QoSB0jlnbo1srPhuAsU7BaXoSwHTFMk3NzaMe8p
Hord/DRPlKHi27Pq+klwLT+4CvQz
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:10:59 2025 by rpki-client