Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/jBF_bICGrh-Zpj_nQEtwtQSNli4.roa
File: jBF_bICGrh-Zpj_nQEtwtQSNli4.roa (raw, json)
Hash identifier: 3ywaKzQHi1q5WLkv8swf6jE1ccWvKG90P1Gsm1c6Kpw=
Subject key identifier: 8C:11:7F:6C:80:86:AE:1F:99:A6:3F:E7:40:4B:70:B5:04:8D:96:2E
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 0198D75D7B057707D593A65EA992EF0952D0
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/jBF_bICGrh-Zpj_nQEtwtQSNli4.roa
Signing time: Sat 23 Aug 2025 14:38:04 +0000
ROA not before: Sat 23 Aug 2025 14:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207471
IP address blocks: 150.40.100.0/24 maxlen: 24
150.40.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Aug 2025 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:5d:7b:05:77:07:d5:93:a6:5e:a9:92:ef:09:52:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: Aug 23 14:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c117f6c8086ae1f99a63fe7404b70b5048d962e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:26:0e:21:56:52:8c:fa:cc:77:a7:12:8a:60:
c4:80:e3:7c:6c:b4:7a:8e:53:20:b5:01:16:34:ea:
40:ba:cd:5a:4e:df:01:ce:b4:12:8d:3b:c9:32:09:
3b:e5:78:4e:ee:c5:fc:1d:43:c2:78:83:66:29:09:
2b:e6:e3:d4:28:af:ea:42:97:cc:ec:2b:32:da:ea:
0c:23:db:e8:9c:6a:e5:84:ac:cd:70:a3:aa:18:74:
55:f0:cd:6e:2d:da:40:4c:5f:8d:b2:2a:08:de:7c:
31:33:dd:76:69:dc:f2:8b:dd:d7:84:e0:12:94:87:
40:03:8c:84:31:7f:d4:43:f6:f5:5c:c1:ea:d3:97:
8a:98:46:2b:07:3a:3f:43:d5:44:d9:e6:19:ca:d4:
fe:67:6c:cb:36:16:f0:e9:d2:86:aa:10:ff:a5:39:
8e:61:3a:00:6e:4f:98:71:6c:a3:29:bf:a7:0d:c9:
e1:ca:ac:0e:6d:7d:f2:ae:8f:90:df:a3:73:82:73:
a8:a7:30:b5:80:cf:ae:50:ef:31:42:9e:82:76:8e:
ac:42:6d:80:87:1e:3f:67:32:8b:b3:e4:8b:e2:de:
11:78:dd:97:42:10:8d:b1:03:f4:2c:eb:c1:35:c4:
7b:8b:91:47:e1:6c:74:1a:b3:fd:a2:b6:48:7f:60:
3e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:11:7F:6C:80:86:AE:1F:99:A6:3F:E7:40:4B:70:B5:04:8D:96:2E
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/jBF_bICGrh-Zpj_nQEtwtQSNli4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.40.100.0/24
150.40.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:1e:07:cb:27:29:85:92:ff:24:7d:18:21:92:39:9d:35:47:
66:5c:14:84:eb:6a:2e:a4:15:75:67:12:8e:c9:a0:05:46:5e:
74:ce:30:c1:1a:2a:a4:29:0e:ad:71:41:d1:0e:c6:b5:69:c4:
c6:4a:b8:c6:50:71:e9:c8:2d:a7:f2:3b:6b:fc:8d:24:7f:82:
eb:05:47:ad:29:a4:6c:80:12:0e:08:da:e5:a5:3c:8e:ae:c4:
46:70:8f:cb:7e:e0:fc:72:96:0c:26:92:df:4a:8e:37:87:52:
c2:5a:2a:ab:6e:96:62:6a:fc:18:bb:0d:dd:ed:83:21:9b:51:
05:40:c9:09:9c:e0:a0:77:10:b6:7f:e7:ca:1f:38:b8:1d:8b:
2f:db:18:73:13:b0:f5:1d:bb:25:4d:ab:64:e0:15:ab:1e:4b:
5c:6d:23:45:94:52:d9:89:35:95:76:47:f1:6d:e3:7e:4e:0f:
c3:7c:e1:34:4e:42:8d:95:45:33:f0:7f:39:e0:ad:9d:16:f0:
80:63:f6:5c:be:54:17:ca:39:19:fb:69:2a:77:24:99:52:ac:
61:26:51:15:d1:bb:41:40:d5:bc:92:c5:8b:b6:f6:5b:5d:f2:
0b:d8:a3:ba:f4:0b:61:40:6b:de:13:58:3c:1d:65:da:56:88:
0d:00:07:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjXXXsFdwfVk6ZeqZLvCVLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjUwODIzMTQzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzExN2Y2YzgwODZhZTFmOTlhNjNmZTc0MDRiNzBiNTA0OGQ5NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSYOIVZSjPrMd6cSimDEgON8bLR6
jlMgtQEWNOpAus1aTt8BzrQSjTvJMgk75XhO7sX8HUPCeINmKQkr5uPUKK/qQpfM
7Csy2uoMI9vonGrlhKzNcKOqGHRV8M1uLdpATF+NsioI3nwxM912adzyi93XhOAS
lIdAA4yEMX/UQ/b1XMHq05eKmEYrBzo/Q9VE2eYZytT+Z2zLNhbw6dKGqhD/pTmO
YToAbk+YcWyjKb+nDcnhyqwObX3yro+Q36NzgnOopzC1gM+uUO8xQp6Cdo6sQm2A
hx4/ZzKLs+SL4t4ReN2XQhCNsQP0LOvBNcR7i5FH4Wx0GrP9orZIf2A+QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwRf2yAhq4fmaY/50BLcLUEjZYuMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvakJGX2JJQ0dyaC1acGpfblFFdHd0UVNObGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlihkAwQA
lih6MA0GCSqGSIb3DQEBCwUAA4IBAQA/HgfLJymFkv8kfRghkjmdNUdmXBSE62ou
pBV1ZxKOyaAFRl50zjDBGiqkKQ6tcUHRDsa1acTGSrjGUHHpyC2n8jtr/I0kf4Lr
BUetKaRsgBIOCNrlpTyOrsRGcI/LfuD8cpYMJpLfSo43h1LCWiqrbpZiavwYuw3d
7YMhm1EFQMkJnOCgdxC2f+fKHzi4HYsv2xhzE7D1HbslTatk4BWrHktcbSNFlFLZ
iTWVdkfxbeN+Tg/DfOE0TkKNlUUz8H854K2dFvCAY/ZcvlQXyjkZ+2kqdySZUqxh
JlEV0btBQNW8ksWLtvZbXfIL2KO69AthQGveE1g8HWXaVogNAAd5
-----END CERTIFICATE-----
Generated at Sun Aug 24 10:31:14 2025 by rpki-client