Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/jXBUCLrGPcb5J_lVILF4CB21e-I.roa
File: jXBUCLrGPcb5J_lVILF4CB21e-I.roa (raw, json)
Hash identifier: dGKplm/JNC81Y01bHZhHHlwu7oIXFhOtp/y83oreUvw=
Subject key identifier: 8D:70:54:08:BA:C6:3D:C6:F9:27:F9:55:20:B1:78:08:1D:B5:7B:E2
Certificate issuer: /CN=7d68de7c4702fe50932d7ecda2f278391f4b9ace
Certificate serial: 0199518E78F38003D84BB5D38EE183C36DF8
Authority key identifier: 7D:68:DE:7C:47:02:FE:50:93:2D:7E:CD:A2:F2:78:39:1F:4B:9A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/jXBUCLrGPcb5J_lVILF4CB21e-I.roa
Signing time: Tue 16 Sep 2025 08:05:15 +0000
ROA not before: Tue 16 Sep 2025 08:05:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59701
IP address blocks: 79.171.144.0/21 maxlen: 24
185.147.72.0/22 maxlen: 22
195.5.160.0/24 maxlen: 24
2a06:d480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 11:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:8e:78:f3:80:03:d8:4b:b5:d3:8e:e1:83:c3:6d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d68de7c4702fe50932d7ecda2f278391f4b9ace
Validity
Not Before: Sep 16 08:05:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d705408bac63dc6f927f95520b178081db57be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:19:80:ea:20:b1:ab:a4:20:43:05:55:13:4d:
3d:aa:de:d8:6d:fe:a9:6b:55:b7:db:f7:31:ef:53:
f8:a6:93:2c:20:ee:8a:b9:99:6f:d0:65:46:0d:f0:
fe:6f:c1:49:82:eb:18:32:3d:d3:8a:4c:b8:d0:85:
87:6d:3c:16:3e:d4:6b:09:d5:d5:70:4a:27:ff:fa:
7c:a6:88:1a:af:2c:92:15:dc:b0:27:ec:40:ad:9a:
b7:f8:ab:f1:5b:36:01:f1:b4:13:f0:45:ba:53:85:
3f:98:0e:e9:bd:c6:06:fc:de:81:95:88:cc:db:de:
2e:1d:c5:03:c2:a8:56:57:80:83:40:51:5d:6d:9d:
6d:70:b8:25:b0:06:b1:e1:3a:4a:31:0e:5d:72:39:
71:5a:21:48:c6:0f:8f:b1:52:3d:74:9a:42:1b:1c:
8f:1d:ac:34:4b:e5:0b:a2:d3:87:b0:46:ef:3d:c3:
38:c9:ef:15:76:2d:c6:9b:db:dc:3e:84:5a:ed:03:
76:66:4d:17:cb:9c:89:25:43:10:e3:6b:a8:8d:88:
90:9b:18:ac:68:de:18:43:13:19:ba:bc:7d:2f:69:
93:cf:9b:84:b4:2b:e4:82:15:bd:56:1c:38:20:cf:
39:c6:13:b7:49:e9:94:8b:02:4b:22:10:3a:2e:69:
06:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:70:54:08:BA:C6:3D:C6:F9:27:F9:55:20:B1:78:08:1D:B5:7B:E2
X509v3 Authority Key Identifier:
keyid:7D:68:DE:7C:47:02:FE:50:93:2D:7E:CD:A2:F2:78:39:1F:4B:9A:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/jXBUCLrGPcb5J_lVILF4CB21e-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.144.0/21
185.147.72.0/22
195.5.160.0/24
IPv6:
2a06:d480::/29
Signature Algorithm: sha256WithRSAEncryption
ac:72:cc:34:5f:db:24:e0:3e:5a:20:51:b6:fa:ea:a4:29:80:
e5:c2:b5:ba:88:6e:6a:b8:67:48:c0:57:e2:36:33:4a:77:78:
66:93:0d:a4:33:70:25:a3:91:45:32:7f:57:28:05:53:35:73:
cd:d4:ea:fa:24:78:a3:c8:08:db:d0:e4:19:1a:4d:e0:f6:43:
22:98:2c:20:93:a1:7a:32:1d:d8:8a:36:39:e4:de:93:0e:cc:
16:a3:4b:1a:08:3b:dc:ef:b4:9c:d0:6f:d8:c0:67:77:09:99:
ac:0c:26:9e:2f:6a:a0:8a:19:b6:36:00:b5:61:75:46:4a:e7:
cf:70:94:e5:d9:6d:fe:67:ed:30:af:6e:13:f1:a3:da:06:9e:
47:6d:e2:70:03:c2:d1:00:65:c9:eb:e0:4d:a8:15:0b:14:40:
07:89:de:2a:80:8f:19:a2:e2:b4:30:64:61:d2:1e:98:45:4f:
6e:5f:c2:79:b6:21:98:51:ce:d1:fd:4b:6b:c4:6b:3d:4c:70:
ec:a3:b2:7d:72:00:85:dc:87:eb:a0:c2:7a:85:f1:42:8b:b0:
01:ad:6c:3c:97:29:76:77:5a:c4:15:96:2d:69:38:b1:31:37:
2f:30:66:fc:c8:83:c9:6b:2f:d3:b4:ca:66:d5:b7:1e:c3:3b:
89:3e:f0:35
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZlRjnjzgAPYS7XTjuGDw234MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjhkZTdjNDcwMmZlNTA5MzJkN2VjZGEyZjI3ODM5MWY0
YjlhY2UwHhcNMjUwOTE2MDgwNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcwNTQwOGJhYzYzZGM2ZjkyN2Y5NTUyMGIxNzgwODFkYjU3YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBmA6iCxq6QgQwVVE009qt7Ybf6p
a1W32/cx71P4ppMsIO6KuZlv0GVGDfD+b8FJgusYMj3Tiky40IWHbTwWPtRrCdXV
cEon//p8pogaryySFdywJ+xArZq3+KvxWzYB8bQT8EW6U4U/mA7pvcYG/N6BlYjM
294uHcUDwqhWV4CDQFFdbZ1tcLglsAax4TpKMQ5dcjlxWiFIxg+PsVI9dJpCGxyP
Haw0S+ULotOHsEbvPcM4ye8Vdi3Gm9vcPoRa7QN2Zk0Xy5yJJUMQ42uojYiQmxis
aN4YQxMZurx9L2mTz5uEtCvkghW9Vhw4IM85xhO3SemUiwJLIhA6LmkGdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI1wVAi6xj3G+Sf5VSCxeAgdtXviMB8GA1UdIwQY
MBaAFH1o3nxHAv5Qky1+zaLyeDkfS5rOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldqZWZFY0NfbENUTFg3Tm92SjRPUjlMbXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmJlOTktNTE5NS00Nzc0LTgyNTQt
MGMwMjQ2YzZmNjIzLzEvalhCVUNMckdQY2I1Sl9sVklMRjRDQjIxZS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmJlOTktNTE5NS00Nzc0LTgyNTQtMGMwMjQ2YzZmNjIz
LzEvZldqZWZFY0NfbENUTFg3Tm92SjRPUjlMbXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT6uQAwQC
uZNIAwQAwwWgMA0EAgACMAcDBQMqBtSAMA0GCSqGSIb3DQEBCwUAA4IBAQCscsw0
X9sk4D5aIFG2+uqkKYDlwrW6iG5quGdIwFfiNjNKd3hmkw2kM3Alo5FFMn9XKAVT
NXPN1Or6JHijyAjb0OQZGk3g9kMimCwgk6F6Mh3YijY55N6TDswWo0saCDvc77Sc
0G/YwGd3CZmsDCaeL2qgihm2NgC1YXVGSufPcJTl2W3+Z+0wr24T8aPaBp5HbeJw
A8LRAGXJ6+BNqBULFEAHid4qgI8ZouK0MGRh0h6YRU9uX8J5tiGYUc7R/UtrxGs9
THDso7J9cgCF3IfroMJ6hfFCi7ABrWw8lyl2d1rEFZYtaTixMTcvMGb8yIPJay/T
tMpm1bcewzuJPvA1
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:17:58 2025 by rpki-client