Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jkzqXvI-VY8pWNEnbot7giwx9X4.roa
File: jkzqXvI-VY8pWNEnbot7giwx9X4.roa (raw, json)
Hash identifier: cy7OJl0g38SmwYS1egtjsVgcbn72CmYaU3+S33IIaeA=
Subject key identifier: 8E:4C:EA:5E:F2:3E:55:8F:29:58:D1:27:6E:8B:7B:82:2C:31:F5:7E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019807B0E12F129716E0A9BC7B720F64534F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jkzqXvI-VY8pWNEnbot7giwx9X4.roa
Signing time: Mon 14 Jul 2025 06:48:09 +0000
ROA not before: Mon 14 Jul 2025 06:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 82.152.129.0/24 maxlen: 24
82.153.155.0/24 maxlen: 24
89.213.208.0/24 maxlen: 24
194.105.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:b0:e1:2f:12:97:16:e0:a9:bc:7b:72:0f:64:53:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 14 06:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e4cea5ef23e558f2958d1276e8b7b822c31f57e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9d:6a:67:08:65:f8:d2:3a:9f:36:17:69:a7:
b2:73:8b:5a:f1:07:81:d9:dd:ba:f9:3e:55:fc:5e:
16:44:fb:b3:90:5c:63:39:c4:20:5a:84:1c:22:ab:
8b:80:50:2c:22:68:c5:61:0e:c1:4c:75:c6:41:e8:
2f:14:6c:94:ac:b4:42:35:79:99:96:d7:f7:ef:3e:
10:a2:5d:5e:9f:12:a0:91:39:e2:2b:dc:dc:c9:1c:
c6:4a:09:bb:ea:f3:97:62:37:cf:33:34:18:dd:44:
ee:94:c1:38:37:81:cf:27:e3:07:b1:4f:ee:40:ac:
d9:6a:f3:eb:45:7a:b9:64:38:3d:9d:51:bc:12:f8:
bb:b8:e9:3c:79:99:24:fe:bb:f7:2b:e5:7f:81:bc:
b3:a4:32:8d:78:9d:af:d3:e2:1f:88:93:df:e8:d6:
19:1e:97:e6:58:a0:f2:9b:ec:47:8b:c7:3f:48:eb:
ec:52:63:57:10:88:f8:ef:54:91:19:b8:94:58:33:
60:db:00:3b:86:ff:fa:e2:d8:b1:75:1b:2d:20:4c:
3e:46:e6:21:57:2f:e8:ae:39:2c:ae:23:90:cd:5d:
a0:ef:d5:b9:34:32:dc:3d:5e:40:a6:a8:9a:c1:f0:
93:72:eb:aa:47:61:d3:46:ea:48:af:3c:74:78:f8:
3d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4C:EA:5E:F2:3E:55:8F:29:58:D1:27:6E:8B:7B:82:2C:31:F5:7E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jkzqXvI-VY8pWNEnbot7giwx9X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.129.0/24
82.153.155.0/24
89.213.208.0/24
194.105.74.0/24
Signature Algorithm: sha256WithRSAEncryption
23:5c:ca:b6:af:b0:99:fb:0d:ad:6b:21:b7:3f:b4:fe:5b:6a:
73:a5:28:be:be:97:90:61:a9:79:15:5a:14:cb:2c:7f:24:03:
49:2e:dd:5e:af:a1:e7:43:6c:8c:5e:ce:ca:71:63:04:24:f2:
34:28:67:a6:b1:7d:b3:15:51:04:fc:c5:2c:41:13:39:58:53:
4f:29:48:67:8d:08:73:42:6b:88:7a:24:35:f5:7c:e2:7b:4e:
a6:0a:3e:63:17:70:e7:95:6b:16:3b:d0:f9:e6:4b:7c:8c:dc:
5d:4d:c1:6a:c6:4c:d6:b7:c1:de:0d:7d:0e:08:de:93:3d:e7:
71:65:e3:89:96:20:ed:c9:0c:24:91:77:ed:27:7e:89:47:18:
1f:46:fd:d4:a3:bd:35:a2:46:7e:51:d1:9c:79:61:d0:ca:5f:
b1:8d:d9:1d:52:70:2f:ce:19:58:cd:5b:62:59:90:ad:cf:ab:
90:28:7b:13:13:b5:07:5f:e0:e2:21:86:59:ae:bd:1c:14:a4:
73:2c:af:3f:8a:e0:87:5d:77:f8:c0:15:f1:94:ac:ae:7b:f9:
9d:a3:d3:d8:ab:e8:40:0d:09:49:03:60:dd:e9:b2:a8:b3:b0:
a9:c5:1b:15:b0:24:e1:3f:95:d7:8a:68:90:8e:46:37:c9:a0:
15:ae:d3:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgHsOEvEpcW4Km8e3IPZFNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzE0MDY0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRjZWE1ZWYyM2U1NThmMjk1OGQxMjc2ZThiN2I4MjJjMzFmNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ1qZwhl+NI6nzYXaaeyc4ta8QeB
2d26+T5V/F4WRPuzkFxjOcQgWoQcIquLgFAsImjFYQ7BTHXGQegvFGyUrLRCNXmZ
ltf37z4Qol1enxKgkTniK9zcyRzGSgm76vOXYjfPMzQY3UTulME4N4HPJ+MHsU/u
QKzZavPrRXq5ZDg9nVG8Evi7uOk8eZkk/rv3K+V/gbyzpDKNeJ2v0+IfiJPf6NYZ
HpfmWKDym+xHi8c/SOvsUmNXEIj471SRGbiUWDNg2wA7hv/64tixdRstIEw+RuYh
Vy/orjksriOQzV2g79W5NDLcPV5ApqiawfCTcuuqR2HTRupIrzx0ePg9jQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI5M6l7yPlWPKVjRJ26Le4IsMfV+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvamt6cVh2SS1WWThwV05FbmJvdDdnaXd4OVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpiBAwQA
UpmbAwQAWdXQAwQAwmlKMA0GCSqGSIb3DQEBCwUAA4IBAQAjXMq2r7CZ+w2tayG3
P7T+W2pzpSi+vpeQYal5FVoUyyx/JANJLt1er6HnQ2yMXs7KcWMEJPI0KGemsX2z
FVEE/MUsQRM5WFNPKUhnjQhzQmuIeiQ19Xzie06mCj5jF3DnlWsWO9D55kt8jNxd
TcFqxkzWt8HeDX0OCN6TPedxZeOJliDtyQwkkXftJ36JRxgfRv3Uo701okZ+UdGc
eWHQyl+xjdkdUnAvzhlYzVtiWZCtz6uQKHsTE7UHX+DiIYZZrr0cFKRzLK8/iuCH
XXf4wBXxlKyue/mdo9PYq+hADQlJA2Dd6bKos7CpxRsVsCThP5XXimiQjkY3yaAV
rtPQ
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:57:01 2025 by rpki-client