Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jmBdl7NORljPP2qM4wsG59a_S6s.roa
File: jmBdl7NORljPP2qM4wsG59a_S6s.roa (raw, json)
Hash identifier: mhnxuzxm6H2QtBJ2SawgK1mvglvxVXoGApR+0mmvlZc=
Subject key identifier: 8E:60:5D:97:B3:4E:46:58:CF:3F:6A:8C:E3:0B:06:E7:D6:BF:4B:AB
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019970FEFFA4E40CDF2D04B465DB0A44EEF8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jmBdl7NORljPP2qM4wsG59a_S6s.roa
Signing time: Mon 22 Sep 2025 10:36:23 +0000
ROA not before: Mon 22 Sep 2025 10:36:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58087
IP address blocks: 5.253.247.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
45.11.229.0/24 maxlen: 24
45.13.225.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.90.98.0/23 maxlen: 23
45.131.64.0/24 maxlen: 24
45.133.74.0/24 maxlen: 24
92.118.206.0/24 maxlen: 24
109.71.252.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:fe:ff:a4:e4:0c:df:2d:04:b4:65:db:0a:44:ee:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 22 10:36:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e605d97b34e4658cf3f6a8ce30b06e7d6bf4bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:45:40:2f:8b:9d:a7:bf:89:d7:90:12:70:19:
da:2d:e3:da:9c:c4:93:2e:5a:ad:8e:1b:de:30:00:
38:e5:7d:6a:a2:73:69:84:b9:85:de:0b:27:49:72:
9d:cb:2f:e2:4b:27:20:75:0e:d2:38:54:f9:d3:ae:
b7:7d:5f:f4:70:53:0e:5a:86:c0:fc:9e:5b:0b:79:
6a:65:ed:71:28:b7:b0:1b:cc:a5:f2:7c:a7:38:77:
3d:fc:12:a9:3f:7f:9b:9f:ee:6a:25:59:46:b0:09:
3b:7e:2d:39:1b:e2:f7:08:a9:fd:5c:de:e5:44:bc:
fd:a7:50:ee:97:18:a3:9f:34:48:a6:ff:f6:df:0a:
da:5b:8b:d3:f7:be:51:02:25:d1:e2:20:ee:f8:04:
6a:70:1e:a1:0a:0a:90:60:c6:7c:9f:c8:51:ca:33:
73:10:39:6e:9e:ef:6a:09:47:1e:ca:2f:0c:4c:c7:
19:5b:12:44:f0:12:58:9e:e2:54:76:ad:91:6a:31:
e6:88:82:cc:ed:02:d7:96:f0:be:43:7b:11:58:ea:
20:8c:79:89:1a:1b:5e:cd:db:41:00:76:36:71:d6:
b8:56:13:f3:e3:46:71:de:52:bb:ca:d6:d9:f7:1f:
c6:b3:90:e6:93:9d:1e:d1:3e:4d:05:33:0e:9c:33:
b5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:60:5D:97:B3:4E:46:58:CF:3F:6A:8C:E3:0B:06:E7:D6:BF:4B:AB
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jmBdl7NORljPP2qM4wsG59a_S6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.247.0/24
37.221.93.0/24
45.11.229.0/24
45.13.225.0/24
45.86.155.0/24
45.90.98.0/23
45.131.64.0/24
45.133.74.0/24
92.118.206.0/24
109.71.252.0/24
194.15.36.0/24
Signature Algorithm: sha256WithRSAEncryption
09:75:a2:8b:0c:be:b1:85:ad:7c:e4:17:f1:69:92:91:0d:6b:
9a:11:86:7e:c3:5c:0f:4e:66:07:af:1a:e2:52:9d:85:97:0a:
0d:73:ad:39:91:7d:b6:93:b5:8a:4c:79:a9:8c:34:25:ce:a1:
3c:fb:9e:31:65:90:8f:36:f6:1f:05:05:13:3e:d2:1b:e0:d1:
ea:fd:6a:fc:1e:e5:ca:97:99:69:1d:58:14:60:39:f1:a1:dd:
2f:cd:a5:a9:64:21:a9:42:8a:65:21:55:20:a6:be:82:0e:84:
43:bf:96:6d:04:5b:70:d9:06:3d:4f:1b:b1:c4:4e:56:ad:dd:
0a:63:47:43:4e:08:12:54:80:08:7d:af:fe:d8:30:54:c8:3d:
42:30:50:02:b7:5e:7c:9c:46:29:04:f1:7c:1f:72:02:d7:89:
ab:57:be:04:5c:4a:33:2d:47:76:5d:70:b0:bf:11:ac:f7:3b:
25:b6:b6:06:ed:8b:08:bd:e5:fb:d8:5a:d6:8d:96:6b:2e:22:
8b:8f:b3:a5:21:43:7d:00:c2:a8:0f:b2:39:45:3e:80:d0:04:
54:c5:e0:22:c5:98:42:69:63:ce:d8:a4:f8:21:18:df:20:85:
fe:4b:b6:c0:af:e5:e8:74:e2:88:41:2c:42:ee:af:e2:2c:0f:
33:32:94:b9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZlw/v+k5AzfLQS0ZdsKRO74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwOTIyMTAzNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTYwNWQ5N2IzNGU0NjU4Y2YzZjZhOGNlMzBiMDZlN2Q2YmY0YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUVAL4udp7+J15AScBnaLePanMST
LlqtjhveMAA45X1qonNphLmF3gsnSXKdyy/iSycgdQ7SOFT50663fV/0cFMOWobA
/J5bC3lqZe1xKLewG8yl8nynOHc9/BKpP3+bn+5qJVlGsAk7fi05G+L3CKn9XN7l
RLz9p1DulxijnzRIpv/23wraW4vT975RAiXR4iDu+ARqcB6hCgqQYMZ8n8hRyjNz
EDlunu9qCUceyi8MTMcZWxJE8BJYnuJUdq2RajHmiILM7QLXlvC+Q3sRWOogjHmJ
GhtezdtBAHY2cda4VhPz40Zx3lK7ytbZ9x/Gs5Dmk50e0T5NBTMOnDO1pQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFI5gXZezTkZYzz9qjOMLBufWv0urMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvam1CZGw3Tk9SbGpQUDJxTTR3c0c1OWFfUzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABf33AwQA
Jd1dAwQALQvlAwQALQ3hAwQALVabAwQBLVpiAwQALYNAAwQALYVKAwQAXHbOAwQA
bUf8AwQAwg8kMA0GCSqGSIb3DQEBCwUAA4IBAQAJdaKLDL6xha185BfxaZKRDWua
EYZ+w1wPTmYHrxriUp2FlwoNc605kX22k7WKTHmpjDQlzqE8+54xZZCPNvYfBQUT
PtIb4NHq/Wr8HuXKl5lpHVgUYDnxod0vzaWpZCGpQoplIVUgpr6CDoRDv5ZtBFtw
2QY9TxuxxE5Wrd0KY0dDTggSVIAIfa/+2DBUyD1CMFACt158nEYpBPF8H3IC14mr
V74EXEozLUd2XXCwvxGs9zsltrYG7YsIveX72FrWjZZrLiKLj7OlIUN9AMKoD7I5
RT6A0ARUxeAixZhCaWPO2KT4IRjfIIX+S7bAr+XodOKIQSxC7q/iLA8zMpS5
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:00 2025 by rpki-client