Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/djjJEwSaIQf9rj9IFEF8bQF9Iy8.roa
File: djjJEwSaIQf9rj9IFEF8bQF9Iy8.roa (raw, json)
Hash identifier: h+aBwx2dPNS5WCu/btXV8X6mRzUXSE9KioahlGmpFA0=
Subject key identifier: 76:38:C9:13:04:9A:21:07:FD:AE:3F:48:14:41:7C:6D:01:7D:23:2F
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0198B7CEDDB631E2240CCA0815E3C77D8603
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/djjJEwSaIQf9rj9IFEF8bQF9Iy8.roa
Signing time: Sun 17 Aug 2025 11:34:04 +0000
ROA not before: Sun 17 Aug 2025 11:34:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
89.36.32.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
212.232.19.0/24 maxlen: 24
2a0c:2500::/29 maxlen: 48
2a0c:2501::/32 maxlen: 48
2a0c:2502::/32 maxlen: 48
2a0c:2503::/32 maxlen: 48
2a14:6781::/32 maxlen: 48
2a14:6781:305::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:ce:dd:b6:31:e2:24:0c:ca:08:15:e3:c7:7d:86:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Aug 17 11:34:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7638c913049a2107fdae3f4814417c6d017d232f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:e1:02:bd:8f:02:84:9d:f9:67:e7:6d:8c:
dd:45:6e:dd:9d:0c:62:76:1b:10:2f:c4:c9:74:7d:
2c:d4:c7:0b:0e:3a:89:8c:2c:dd:ad:1c:9d:16:ca:
9a:f2:6f:ea:fb:5b:bf:08:fc:88:75:78:6b:47:d0:
31:77:02:0a:4c:83:a4:64:6c:9f:61:a9:cd:b1:4a:
7a:c3:11:3a:1a:12:a0:3d:7b:30:5e:4a:14:84:c7:
ab:ca:43:af:97:8a:e3:f2:55:45:07:92:01:9c:e6:
b7:76:01:b4:c0:96:9f:30:48:2f:18:f0:5a:51:5d:
b1:99:eb:85:9d:96:f0:e1:6e:d4:d3:b7:da:3d:59:
72:49:57:44:5e:22:7f:46:57:9f:1f:8f:71:a7:04:
72:f0:41:54:f8:d9:96:6d:76:0d:71:d9:e3:86:ff:
bd:c6:f8:24:4b:85:61:8f:d9:11:1f:c7:af:06:db:
ae:6f:0a:f2:e0:92:df:5e:64:cf:c3:38:05:30:f0:
47:c2:33:c1:43:ba:22:8a:d2:f3:95:e8:3a:40:60:
f5:30:3c:51:53:9b:cb:1c:24:9b:41:05:c4:59:97:
86:5c:2f:6e:80:42:a8:73:0d:84:c2:6e:21:11:ad:
ea:1a:41:c6:73:48:2a:d2:58:8c:cb:04:1d:b3:56:
6e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:38:C9:13:04:9A:21:07:FD:AE:3F:48:14:41:7C:6D:01:7D:23:2F
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/djjJEwSaIQf9rj9IFEF8bQF9Iy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
62.169.152.0/24
89.36.32.0/24
89.36.35.0/24
185.121.133.0/24
185.121.135.0/24
185.144.70.0/23
212.232.18.0/23
IPv6:
2a0c:2500::/29
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
94:4a:37:60:1f:0a:90:da:4b:fa:0f:d5:18:bf:c4:fc:64:4c:
65:c9:4b:99:87:2a:f9:29:0b:c4:76:c5:88:07:47:dc:ed:4f:
be:cd:13:59:7b:4d:94:98:c4:b7:cd:bf:c2:79:98:89:57:22:
c3:47:d3:c7:6b:72:2c:db:b4:37:a4:d1:39:c4:3f:54:9a:57:
83:b7:33:b9:30:fb:ab:7f:5e:d5:98:76:d1:a0:1b:06:13:48:
d4:38:22:93:10:7d:04:57:c1:c4:0d:bd:7b:bc:3b:ae:09:70:
4a:a3:3d:5e:44:ea:c2:33:a7:0f:26:af:73:e3:12:9c:0c:e8:
6c:a5:0c:2a:27:a1:ff:78:0b:51:cd:21:28:a7:fa:ee:70:d4:
9a:cc:6a:42:d3:47:6b:59:b6:79:7c:cf:f8:68:94:22:d0:4c:
f6:a9:03:5f:e9:1d:f6:ee:51:92:77:ef:7a:d0:f2:7a:d6:3a:
38:ed:ff:de:33:23:32:0d:30:11:02:0d:b3:6d:a7:00:31:ee:
f3:00:15:d0:07:4f:23:b3:95:ae:21:37:a5:f1:9a:7d:e2:fc:
79:e4:3e:76:d5:bc:33:69:5c:11:b2:00:ef:b1:90:29:2b:9d:
18:ac:da:6a:b3:7b:79:01:29:6f:e4:03:da:44:64:7c:b0:2f:
0b:65:f7:ba
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZi3zt22MeIkDMoIFePHfYYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwODE3MTEzNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM4YzkxMzA0OWEyMTA3ZmRhZTNmNDgxNDQxN2M2ZDAxN2QyMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1bhAr2PAoSd+WfnbYzdRW7dnQxi
dhsQL8TJdH0s1McLDjqJjCzdrRydFsqa8m/q+1u/CPyIdXhrR9AxdwIKTIOkZGyf
YanNsUp6wxE6GhKgPXswXkoUhMerykOvl4rj8lVFB5IBnOa3dgG0wJafMEgvGPBa
UV2xmeuFnZbw4W7U07faPVlySVdEXiJ/RlefH49xpwRy8EFU+NmWbXYNcdnjhv+9
xvgkS4Vhj9kRH8evBtuubwry4JLfXmTPwzgFMPBHwjPBQ7oiitLzleg6QGD1MDxR
U5vLHCSbQQXEWZeGXC9ugEKocw2Ewm4hEa3qGkHGc0gq0liMywQds1Zu9wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHY4yRMEmiEH/a4/SBRBfG0BfSMvMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvZGpqSkV3U2FJUWY5cmo5SUZFRjhiUUY5SXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAHxkLAwQA
PqmYAwQAWSQgAwQAWSQjAwQAuXmFAwQAuXmHAwQBuZBGAwQB1OgSMBQEAgACMA4D
BQMqDCUAAwUAKhRngTANBgkqhkiG9w0BAQsFAAOCAQEAlEo3YB8KkNpL+g/VGL/E
/GRMZclLmYcq+SkLxHbFiAdH3O1Pvs0TWXtNlJjEt82/wnmYiVciw0fTx2tyLNu0
N6TROcQ/VJpXg7czuTD7q39e1Zh20aAbBhNI1DgikxB9BFfBxA29e7w7rglwSqM9
XkTqwjOnDyavc+MSnAzobKUMKieh/3gLUc0hKKf67nDUmsxqQtNHa1m2eXzP+GiU
ItBM9qkDX+kd9u5RknfvetDyetY6OO3/3jMjMg0wEQINs22nADHu8wAV0AdPI7OV
riE3pfGafeL8eeQ+dtW8M2lcEbIA77GQKSudGKzaarN7eQEpb+QD2kRkfLAvC2X3
ug==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:35:35 2025 by rpki-client