Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/J3_YLrgVTtHhaIXMn-n8MERklDk.roa
File: J3_YLrgVTtHhaIXMn-n8MERklDk.roa (raw, json)
Hash identifier: a/80gAPIMgHXsY9Cw4xHsmJ3FXrDPwo71ePNixo6CIQ=
Subject key identifier: 27:7F:D8:2E:B8:15:4E:D1:E1:68:85:CC:9F:E9:FC:30:44:64:94:39
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019769AA9ADF3AAB5D189F220CB5E27E7D76
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/J3_YLrgVTtHhaIXMn-n8MERklDk.roa
Signing time: Fri 13 Jun 2025 14:21:17 +0000
ROA not before: Fri 13 Jun 2025 14:21:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 193.135.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:aa:9a:df:3a:ab:5d:18:9f:22:0c:b5:e2:7e:7d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jun 13 14:21:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=277fd82eb8154ed1e16885cc9fe9fc3044649439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:25:91:72:df:ad:2f:2d:3e:8a:14:56:f8:
64:b6:20:75:31:69:49:e7:b3:28:55:92:f3:74:b7:
b6:c0:04:b7:61:06:fa:0f:1d:45:06:be:0d:2a:e4:
79:76:a2:89:9d:f7:aa:75:2b:0b:c1:5e:bd:bb:ff:
e2:eb:d1:05:69:ea:64:b7:12:f6:5d:8f:fc:54:ab:
fb:36:b5:fd:10:72:05:c3:57:c6:4d:be:5e:49:1c:
23:48:da:fb:94:df:ca:85:44:3c:11:3a:9d:67:e3:
3d:72:3c:f2:5d:c8:0b:7e:12:f9:93:07:48:f1:4c:
81:b6:8a:4d:f5:2b:6c:61:a6:ec:3a:43:24:f2:d2:
0a:d6:61:c8:f1:8b:53:17:3b:76:bc:8c:0f:37:67:
0a:5c:cc:f7:d0:9c:51:f8:f3:97:ef:d6:65:7f:f7:
a7:01:7d:3b:ca:7a:08:af:2e:a3:b1:33:11:3c:8a:
47:12:cd:a1:c3:1b:65:bc:69:8c:f4:00:55:0f:32:
cc:d6:f9:bd:ea:eb:01:3a:e6:bd:b6:c5:5d:f3:3f:
82:09:00:a4:d0:c0:34:bf:26:27:bb:16:06:21:55:
f6:7a:96:94:09:38:74:0f:e4:e0:b6:21:5b:c2:49:
2f:6d:8a:03:16:42:8e:88:38:ac:03:2d:61:f8:f8:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:7F:D8:2E:B8:15:4E:D1:E1:68:85:CC:9F:E9:FC:30:44:64:94:39
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/J3_YLrgVTtHhaIXMn-n8MERklDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.151.0/24
Signature Algorithm: sha256WithRSAEncryption
79:89:8e:13:d8:91:42:80:50:6b:0d:29:8e:6b:ad:d5:c8:92:
4e:37:8d:a6:ff:c3:f7:d7:52:cb:1f:e6:4d:0b:72:3d:9d:21:
d3:1d:72:6c:9d:6e:bb:20:55:14:cd:0a:a1:8e:f2:6e:59:97:
f1:d4:f8:1f:91:46:d6:44:86:2f:cc:e8:75:9b:3c:47:82:69:
6e:d4:5e:65:b0:2d:91:19:04:44:20:a3:b4:65:54:9a:f7:e9:
54:d7:ee:ba:90:26:bf:b9:83:7e:6c:48:7a:5b:7a:ea:e5:36:
e8:da:27:cc:2c:7f:45:e9:eb:32:e3:36:a4:e5:90:db:89:b2:
b0:d6:6e:dc:fc:a3:f5:7e:d7:36:75:48:95:ec:e6:30:2c:4c:
f0:ef:4c:79:99:90:a3:4d:c9:4a:fd:e1:b4:b6:d5:92:94:4a:
58:0b:b7:34:c5:f1:86:7a:14:46:17:a0:3c:00:55:87:3d:04:
4f:a7:4e:d3:cb:6f:c6:10:32:c1:f7:f2:67:3b:a7:17:03:17:
4b:21:6f:0f:94:00:9a:25:bf:f3:d4:5c:f2:ed:a4:7c:d1:17:
9b:15:bd:64:66:6f:b3:9c:eb:0e:23:94:0e:13:6d:9b:84:bb:
68:a8:3b:ec:c9:de:46:4a:7f:b5:7a:c1:aa:80:54:d9:07:f0:
7f:12:52:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdpqprfOqtdGJ8iDLXifn12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNjEzMTQyMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdmZDgyZWI4MTU0ZWQxZTE2ODg1Y2M5ZmU5ZmMzMDQ0NjQ5NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnglkXLfrS8tPooUVvhktiB1MWlJ
57MoVZLzdLe2wAS3YQb6Dx1FBr4NKuR5dqKJnfeqdSsLwV69u//i69EFaepktxL2
XY/8VKv7NrX9EHIFw1fGTb5eSRwjSNr7lN/KhUQ8ETqdZ+M9cjzyXcgLfhL5kwdI
8UyBtopN9StsYabsOkMk8tIK1mHI8YtTFzt2vIwPN2cKXMz30JxR+POX79Zlf/en
AX07ynoIry6jsTMRPIpHEs2hwxtlvGmM9ABVDzLM1vm96usBOua9tsVd8z+CCQCk
0MA0vyYnuxYGIVX2epaUCTh0D+TgtiFbwkkvbYoDFkKOiDisAy1h+PhQrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCd/2C64FU7R4WiFzJ/p/DBEZJQ5MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvSjNfWUxyZ1ZUdEhoYUlYTW4tbjhNRVJrbERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYeXMA0G
CSqGSIb3DQEBCwUAA4IBAQB5iY4T2JFCgFBrDSmOa63VyJJON42m/8P311LLH+ZN
C3I9nSHTHXJsnW67IFUUzQqhjvJuWZfx1PgfkUbWRIYvzOh1mzxHgmlu1F5lsC2R
GQREIKO0ZVSa9+lU1+66kCa/uYN+bEh6W3rq5Tbo2ifMLH9F6esy4zak5ZDbibKw
1m7c/KP1ftc2dUiV7OYwLEzw70x5mZCjTclK/eG0ttWSlEpYC7c0xfGGehRGF6A8
AFWHPQRPp07Ty2/GEDLB9/JnO6cXAxdLIW8PlACaJb/z1Fzy7aR80RebFb1kZm+z
nOsOI5QOE22bhLtoqDvsyd5GSn+1esGqgFTZB/B/ElL+
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:56:41 2025 by rpki-client