Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/jj1_6ec2f2AWeD40St3we1tbDXE.roa
File: jj1_6ec2f2AWeD40St3we1tbDXE.roa (raw, json)
Hash identifier: dC+bz8YnKwWKOYnAkcDkCn/jxU0wAcfSc4U4fn0FwDs=
Subject key identifier: 8E:3D:7F:E9:E7:36:7F:60:16:78:3E:34:4A:DD:F0:7B:5B:5B:0D:71
Certificate issuer: /CN=93a3fa4b78e50f4af97be285e2e910a5d1edc639
Certificate serial: 0199E86E7C3F791000DD6BA9F94B8486613A
Authority key identifier: 93:A3:FA:4B:78:E5:0F:4A:F9:7B:E2:85:E2:E9:10:A5:D1:ED:C6:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6P6S3jlD0r5e-KF4ukQpdHtxjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/jj1_6ec2f2AWeD40St3we1tbDXE.roa
Signing time: Wed 15 Oct 2025 15:12:58 +0000
ROA not before: Wed 15 Oct 2025 15:12:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38932
IP address blocks: 213.231.128.0/19 maxlen: 19
213.231.128.0/22 maxlen: 22
213.231.132.0/22 maxlen: 22
213.231.136.0/22 maxlen: 22
213.231.140.0/22 maxlen: 22
213.231.144.0/22 maxlen: 22
213.231.148.0/22 maxlen: 22
213.231.152.0/22 maxlen: 22
213.231.156.0/22 maxlen: 22
213.231.160.0/19 maxlen: 19
213.231.160.0/22 maxlen: 22
213.231.164.0/22 maxlen: 22
213.231.168.0/22 maxlen: 22
213.231.172.0/22 maxlen: 22
213.231.176.0/22 maxlen: 22
213.231.180.0/22 maxlen: 22
213.231.184.0/22 maxlen: 22
213.231.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/k6P6S3jlD0r5e-KF4ukQpdHtxjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/k6P6S3jlD0r5e-KF4ukQpdHtxjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/k6P6S3jlD0r5e-KF4ukQpdHtxjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:6e:7c:3f:79:10:00:dd:6b:a9:f9:4b:84:86:61:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a3fa4b78e50f4af97be285e2e910a5d1edc639
Validity
Not Before: Oct 15 15:12:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e3d7fe9e7367f6016783e344addf07b5b5b0d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fe:00:fd:53:54:94:17:95:3f:a5:55:5a:d8:
d3:b7:5f:8b:8b:00:d1:27:ca:0d:83:79:e2:31:0a:
d1:34:6a:be:d7:7f:99:66:4f:56:67:0a:39:e7:6a:
99:f1:be:9b:73:8f:48:4c:c4:ed:e6:11:e8:b8:92:
81:88:59:07:6d:37:d8:91:7b:39:41:5e:55:43:db:
8f:4f:3a:c7:84:1b:7e:30:d5:e8:61:66:88:7a:73:
5d:e4:06:8e:a8:cd:3f:d1:e0:f4:5f:00:9f:80:a2:
2e:4a:ee:06:55:62:f6:dd:0c:29:09:b7:5a:00:31:
9a:0c:c4:c0:cd:e6:d7:36:74:90:b2:5a:69:27:a8:
32:de:58:eb:b2:79:8d:4c:f5:42:11:be:0d:1f:04:
af:07:62:e7:ec:03:d5:4b:ac:71:d1:69:2b:cd:63:
04:a7:b7:5e:4c:d0:6e:89:b6:e9:22:48:88:9b:9e:
e1:3e:0c:cf:3f:76:b7:1a:40:7c:2d:d1:04:85:c4:
d8:06:9e:aa:fd:00:e7:c9:89:00:e8:7a:46:c3:90:
24:b2:e5:6d:35:fd:f7:a8:d8:92:96:8c:43:37:1d:
81:86:a6:ae:76:1e:3d:42:c8:a8:8e:6c:05:96:4a:
12:a4:24:39:ea:03:23:97:9e:4f:19:a5:0d:86:dd:
12:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3D:7F:E9:E7:36:7F:60:16:78:3E:34:4A:DD:F0:7B:5B:5B:0D:71
X509v3 Authority Key Identifier:
keyid:93:A3:FA:4B:78:E5:0F:4A:F9:7B:E2:85:E2:E9:10:A5:D1:ED:C6:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6P6S3jlD0r5e-KF4ukQpdHtxjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/jj1_6ec2f2AWeD40St3we1tbDXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b52ae1-09a6-4458-9d06-0b6908737d7f/1/k6P6S3jlD0r5e-KF4ukQpdHtxjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.231.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a9:de:cf:3c:a5:55:d0:ec:93:f0:8d:9e:2e:a1:ac:57:b9:a4:
2a:b6:61:d0:27:03:86:46:93:27:f0:a8:3b:5d:e6:95:91:9f:
20:c1:ed:c7:fe:1b:19:a7:a0:25:15:27:fe:8a:83:f5:aa:a1:
eb:20:9d:db:65:c8:28:ac:ae:32:10:76:bb:41:53:e6:af:61:
4e:8f:e3:f2:8d:45:c6:98:57:b2:74:c1:b0:23:04:cf:c4:1a:
c0:8b:41:d3:90:42:67:89:66:1a:b7:83:24:3f:10:e8:aa:a8:
b1:e4:bd:82:cd:f8:93:ff:fd:c5:26:62:76:09:df:f7:ed:4a:
3b:bc:b2:8c:8e:01:4e:20:fa:a8:aa:22:ec:58:d7:d3:87:76:
7e:92:1a:24:a8:9f:c9:9c:26:d8:4b:b5:d1:a7:c0:32:ca:5a:
cf:3f:0c:07:bb:79:9a:32:16:af:91:9c:68:fd:68:52:eb:75:
78:24:81:9a:05:4c:22:d5:e4:da:28:69:47:fa:db:af:88:b7:
ee:5e:c7:c7:d7:dc:33:da:04:76:35:2b:5d:87:31:4c:10:59:
94:59:57:84:e5:3b:87:47:43:1a:fb:92:ed:c8:71:ce:1d:34:
ce:00:1d:d0:4d:8d:d4:aa:2d:2c:fc:27:58:dc:b4:83:36:d5:
bc:de:a1:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnobnw/eRAA3Wup+UuEhmE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTNmYTRiNzhlNTBmNGFmOTdiZTI4NWUyZTkxMGE1ZDFl
ZGM2MzkwHhcNMjUxMDE1MTUxMjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNkN2ZlOWU3MzY3ZjYwMTY3ODNlMzQ0YWRkZjA3YjViNWIwZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf4A/VNUlBeVP6VVWtjTt1+LiwDR
J8oNg3niMQrRNGq+13+ZZk9WZwo552qZ8b6bc49ITMTt5hHouJKBiFkHbTfYkXs5
QV5VQ9uPTzrHhBt+MNXoYWaIenNd5AaOqM0/0eD0XwCfgKIuSu4GVWL23QwpCbda
ADGaDMTAzebXNnSQslppJ6gy3ljrsnmNTPVCEb4NHwSvB2Ln7APVS6xx0WkrzWME
p7deTNBuibbpIkiIm57hPgzPP3a3GkB8LdEEhcTYBp6q/QDnyYkA6HpGw5AksuVt
Nf33qNiSloxDNx2Bhqaudh49QsiojmwFlkoSpCQ56gMjl55PGaUNht0SiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI49f+nnNn9gFng+NErd8HtbWw1xMB8GA1UdIwQY
MBaAFJOj+kt45Q9K+XviheLpEKXR7cY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZQNlMzamxEMHI1ZS1LRjR1a1FwZEh0eGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNTJhZTEtMDlhNi00NDU4LTlkMDYt
MGI2OTA4NzM3ZDdmLzEvamoxXzZlYzJmMkFXZUQ0MFN0M3dlMXRiRFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNTJhZTEtMDlhNi00NDU4LTlkMDYtMGI2OTA4NzM3ZDdm
LzEvazZQNlMzamxEMHI1ZS1LRjR1a1FwZEh0eGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG1eeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCp3s88pVXQ7JPwjZ4uoaxXuaQqtmHQJwOGRpMn8Kg7
XeaVkZ8gwe3H/hsZp6AlFSf+ioP1qqHrIJ3bZcgorK4yEHa7QVPmr2FOj+PyjUXG
mFeydMGwIwTPxBrAi0HTkEJniWYat4MkPxDoqqix5L2CzfiT//3FJmJ2Cd/37Uo7
vLKMjgFOIPqoqiLsWNfTh3Z+khokqJ/JnCbYS7XRp8AyylrPPwwHu3maMhavkZxo
/WhS63V4JIGaBUwi1eTaKGlH+tuviLfuXsfH19wz2gR2NStdhzFMEFmUWVeE5TuH
R0Ma+5LtyHHOHTTOAB3QTY3Uqi0s/CdY3LSDNtW83qHB
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:44 2025 by rpki-client