Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/jayiXLa-DaCZpHlot-idHVHLJyA.roa
File: jayiXLa-DaCZpHlot-idHVHLJyA.roa (raw, json)
Hash identifier: jo6g1mCIBaDKWxl2NtqHQbh3jgZ64Bb6orX/coHjYCw=
Subject key identifier: 8D:AC:A2:5C:B6:BE:0D:A0:99:A4:79:68:B7:E8:9D:1D:51:CB:27:20
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 0198861DECBAE1261EE241727CE1A44F5B42
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/jayiXLa-DaCZpHlot-idHVHLJyA.roa
Signing time: Thu 07 Aug 2025 19:59:24 +0000
ROA not before: Thu 07 Aug 2025 19:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
76.164.202.0/24 maxlen: 24
76.164.203.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
205.237.109.0/24 maxlen: 24
205.237.110.0/24 maxlen: 24
205.237.111.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
2a12:3200:8000::/36 maxlen: 36
2a12:3200:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:86:1d:ec:ba:e1:26:1e:e2:41:72:7c:e1:a4:4f:5b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Aug 7 19:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8daca25cb6be0da099a47968b7e89d1d51cb2720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3b:bd:be:2d:83:f7:17:e7:94:39:1c:73:51:
37:14:2a:d0:2c:3a:33:46:f3:f9:0b:d1:38:97:99:
8b:b6:f6:cc:4f:f1:b8:1c:7f:a5:39:b0:2d:56:07:
34:88:5f:a1:bd:57:ba:50:38:32:af:c0:0b:a5:5c:
f5:b6:75:85:55:a1:16:86:bb:96:77:2b:57:b1:8d:
c1:e8:dd:96:f3:f1:66:51:a0:1d:04:cc:2f:b5:23:
d1:ff:2c:d5:08:66:e2:1b:4a:99:ca:16:d2:7c:7e:
62:e7:68:07:33:96:93:f6:f2:ab:eb:c6:db:50:08:
54:50:ad:59:c4:41:1b:8a:fe:c8:29:0e:85:63:62:
fc:50:df:b2:c3:f2:f2:ef:f9:7e:ee:93:fe:4f:3f:
fe:84:2b:30:9d:af:d3:ca:e2:21:5f:13:94:1f:57:
39:3a:a5:5d:6d:ce:6f:ac:28:cf:32:95:42:f7:87:
66:34:8d:ac:1a:a5:a5:86:cb:2d:78:93:a6:39:ff:
05:64:94:38:51:97:b0:b7:ee:fc:71:65:d9:1b:57:
f2:94:97:b9:de:f4:2f:41:45:43:f7:aa:15:5c:a4:
2d:99:2c:10:01:3e:68:4a:58:9c:c7:e3:49:09:21:
dc:ff:75:a7:5f:13:98:93:27:d3:68:05:26:c5:a4:
e3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AC:A2:5C:B6:BE:0D:A0:99:A4:79:68:B7:E8:9D:1D:51:CB:27:20
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/jayiXLa-DaCZpHlot-idHVHLJyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/22
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
205.237.109.0-205.237.111.255
IPv6:
2a12:3200::-2a12:3200:9000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:9f:b4:50:49:00:72:61:a2:f6:a6:e6:ff:75:32:58:41:c1:
fd:f2:96:75:b8:e2:e8:1e:b4:2e:35:19:f8:be:c1:f6:d1:2f:
2b:3f:ed:fd:56:e3:72:f3:eb:38:eb:21:9b:4d:3d:f2:d0:3b:
8c:af:4c:4b:71:6c:4e:63:5c:50:33:39:3e:fe:97:b1:39:38:
2f:c5:ed:71:0b:ab:70:8d:4e:ff:4b:3a:75:bc:6e:dc:fa:72:
b3:01:56:75:94:84:01:6a:2c:94:ed:a1:77:ca:ba:e9:7d:88:
a5:a3:eb:15:61:86:aa:2d:8b:c7:83:d0:52:66:a4:28:fe:5a:
e5:82:e9:af:bb:9e:03:9b:1d:0c:2c:7c:94:bd:5b:65:0c:c7:
1d:67:11:3a:44:54:64:4c:38:6c:66:27:ab:0a:b3:12:e1:94:
c1:4f:5d:4e:38:6a:d0:aa:cd:49:70:58:cc:46:6a:16:cf:e9:
43:8f:ca:d9:13:f2:88:0a:6c:2f:c9:7f:27:22:f8:a8:e3:66:
46:fc:c2:23:61:bb:27:b4:d2:2a:bb:88:42:6e:fb:2e:71:9b:
30:82:18:8a:ca:c6:3a:e4:36:a7:4d:da:68:11:1e:3c:c9:f3:
5b:2b:b2:94:fc:89:75:61:fe:f4:a8:b9:c3:0a:56:24:95:17:
6d:6a:f8:cb
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZiGHey64SYe4kFyfOGkT1tCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjUwODA3MTk1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGFjYTI1Y2I2YmUwZGEwOTlhNDc5NjhiN2U4OWQxZDUxY2IyNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzu9vi2D9xfnlDkcc1E3FCrQLDoz
RvP5C9E4l5mLtvbMT/G4HH+lObAtVgc0iF+hvVe6UDgyr8ALpVz1tnWFVaEWhruW
dytXsY3B6N2W8/FmUaAdBMwvtSPR/yzVCGbiG0qZyhbSfH5i52gHM5aT9vKr68bb
UAhUUK1ZxEEbiv7IKQ6FY2L8UN+yw/Ly7/l+7pP+Tz/+hCswna/TyuIhXxOUH1c5
OqVdbc5vrCjPMpVC94dmNI2sGqWlhssteJOmOf8FZJQ4UZewt+78cWXZG1fylJe5
3vQvQUVD96oVXKQtmSwQAT5oSlicx+NJCSHc/3WnXxOYkyfTaAUmxaTjgQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFI2soly2vg2gmaR5aLfonR1RyycgMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvamF5aVhMYS1EYUNacEhsb3QtaWRIVkhMSnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB6BAIAATB0AwQALuXz
AwQALuX7AwQALuX9AwQCTKTIAwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3Cr
AwQBZ3kwAwQBZ34yAwQBZ/SQAwQAZ/b4AwQAuWg/AwQAw0pdAwQAyw4gAwQAyxls
MAwDBADN7W0DBATN7WAwFwQCAAIwETAPAwQBKhIyAwcAKhIyAJAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCRn7RQSQByYaL2pub/dTJYQcH98pZ1uOLoHrQuNRn4vsH20S8r
P+39VuNy8+s46yGbTT3y0DuMr0xLcWxOY1xQMzk+/pexOTgvxe1xC6twjU7/Szp1
vG7c+nKzAVZ1lIQBaiyU7aF3yrrpfYilo+sVYYaqLYvHg9BSZqQo/lrlgumvu54D
mx0MLHyUvVtlDMcdZxE6RFRkTDhsZierCrMS4ZTBT11OOGrQqs1JcFjMRmoWz+lD
j8rZE/KICmwvyX8nIvio42ZG/MIjYbsntNIqu4hCbvsucZswghiKysY65DanTdpo
ER48yfNbK7KU/Il1Yf70qLnDClYklRdtavjL
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:02:44 2025 by rpki-client