Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/jpALgIEFPnjeiiFW4ySQMUfXTX0.roa
File: jpALgIEFPnjeiiFW4ySQMUfXTX0.roa (raw, json)
Hash identifier: rD/k2wW2+CQT2x2BcYEEoeLlAgB9t08idfGX3CSZeyY=
Subject key identifier: 8E:90:0B:80:81:05:3E:78:DE:8A:21:56:E3:24:90:31:47:D7:4D:7D
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0198C172361A5FB8517C1D30CBD3E0916F93
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/jpALgIEFPnjeiiFW4ySQMUfXTX0.roa
Signing time: Tue 19 Aug 2025 08:29:04 +0000
ROA not before: Tue 19 Aug 2025 08:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
45.147.196.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
81.91.176.0/24 maxlen: 24
81.91.179.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
91.211.250.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
95.215.204.0/24 maxlen: 24
95.215.206.0/24 maxlen: 24
95.215.207.0/24 maxlen: 24
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
185.203.240.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
185.231.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 20:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:72:36:1a:5f:b8:51:7c:1d:30:cb:d3:e0:91:6f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Aug 19 08:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e900b8081053e78de8a2156e324903147d74d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:82:04:40:57:d1:a3:05:ca:36:12:d9:38:
f3:f5:2d:f4:0b:33:84:a7:90:3a:11:35:39:3c:f1:
00:78:c1:1e:b2:93:32:13:81:d0:81:49:60:23:f2:
2a:da:4e:eb:3e:50:b8:15:ab:8f:46:3b:3d:13:0e:
3c:e2:f9:59:cb:99:16:4c:5c:d4:ea:55:48:35:65:
1e:e1:37:3a:ad:42:d2:7f:29:1a:24:d0:ec:b2:52:
16:06:35:85:bc:23:74:c5:f1:8b:5d:c9:97:04:a6:
c5:46:44:df:e1:b4:c8:b4:4e:5a:7c:ca:79:90:31:
6c:85:90:f3:f4:08:89:9d:56:c2:34:29:24:92:36:
f5:b5:5a:10:64:1c:8b:bf:10:28:51:66:da:27:70:
29:0a:43:17:05:71:7b:4a:45:02:a7:b8:59:b2:d9:
e8:91:4c:6f:ec:a5:a2:4e:5a:51:72:8e:46:fd:e1:
c5:61:fa:2e:7b:91:e8:34:92:25:dd:db:cc:02:69:
99:d0:52:41:fa:41:bd:20:66:4c:f2:62:2d:64:47:
50:ab:ee:17:5c:85:cd:a9:c1:54:6b:b9:09:7d:42:
b0:da:8c:55:ac:bd:e8:1d:cb:8b:3a:60:02:1e:dd:
0a:d6:76:53:a5:c2:67:b1:8a:c1:8d:0b:a3:c0:d7:
00:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:90:0B:80:81:05:3E:78:DE:8A:21:56:E3:24:90:31:47:D7:4D:7D
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/jpALgIEFPnjeiiFW4ySQMUfXTX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.91.200.0-45.91.202.255
45.132.107.0/24
45.147.196.0/24
77.83.175.0/24
81.91.176.0/24
81.91.179.0/24
91.211.248.0-91.211.250.255
92.119.114.0/24
95.215.204.0/24
95.215.206.0/23
103.246.144.0/22
185.203.240.0/23
185.209.20.0/23
185.219.81.0/24
185.219.83.0/24
185.231.69.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:45:bc:ad:f2:6c:78:21:03:c7:6a:7d:e4:24:c6:54:90:8d:
dd:cf:1a:cf:02:19:ba:2a:78:c9:f4:8d:53:83:f9:f4:3d:c5:
7e:5c:19:a1:67:df:f7:51:81:c7:f3:78:60:9f:e0:13:87:b8:
00:71:9b:b8:a6:3f:b2:c0:b9:0a:7a:aa:13:11:78:3e:ea:f4:
51:22:d5:b9:ab:cb:c2:67:2d:5e:f6:70:f5:89:bf:80:f8:0e:
d3:c2:52:25:bc:b5:51:1b:73:8e:78:ae:e5:eb:71:a8:d6:ac:
c6:1a:78:47:80:12:25:c9:96:cc:46:9b:99:0e:f8:ec:cc:b0:
11:7b:c9:69:12:ed:a1:58:43:8c:60:53:3a:ca:a0:28:a5:90:
4b:cd:77:8d:48:55:14:60:9e:62:cd:df:05:52:34:de:2b:d3:
96:c7:40:9d:78:92:46:eb:3c:df:c7:a6:32:e8:6a:e6:ea:6a:
97:cb:e1:4d:cc:f2:c6:15:9a:20:cc:cb:53:c0:f7:dd:5d:71:
45:c9:14:30:b8:65:c3:71:4d:50:09:d5:67:23:7d:af:af:ab:
fb:6e:8c:a5:77:90:bd:42:2e:dc:09:ff:56:5a:3a:0d:85:07:
87:ed:a1:da:a7:44:f9:4f:8b:13:54:d3:74:ca:f3:ec:b9:de:
e8:03:1a:93
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZjBcjYaX7hRfB0wy9PgkW+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwODE5MDgyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTkwMGI4MDgxMDUzZTc4ZGU4YTIxNTZlMzI0OTAzMTQ3ZDc0ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhOCBEBX0aMFyjYS2Tjz9S30CzOE
p5A6ETU5PPEAeMEespMyE4HQgUlgI/Iq2k7rPlC4FauPRjs9Ew484vlZy5kWTFzU
6lVINWUe4Tc6rULSfykaJNDsslIWBjWFvCN0xfGLXcmXBKbFRkTf4bTItE5afMp5
kDFshZDz9AiJnVbCNCkkkjb1tVoQZByLvxAoUWbaJ3ApCkMXBXF7SkUCp7hZstno
kUxv7KWiTlpRco5G/eHFYfoue5HoNJIl3dvMAmmZ0FJB+kG9IGZM8mItZEdQq+4X
XIXNqcFUa7kJfUKw2oxVrL3oHcuLOmACHt0K1nZTpcJnsYrBjQujwNcA3QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFI6QC4CBBT543oohVuMkkDFH1019MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvanBBTGdJRUZQbmplaWlGVzR5U1FNVWZYVFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAC1Y
TAMEAC1YaTAMAwQDLVvIAwQALVvKAwQALYRrAwQALZPEAwQATVOvAwQAUVuwAwQA
UVuzMAwDBANb0/gDBABb0/oDBABcd3IDBABf18wDBAFf184DBAJn9pADBAG5y/AD
BAG50RQDBAC521EDBAC521MDBAC550UwDQYJKoZIhvcNAQELBQADggEBAGtFvK3y
bHghA8dqfeQkxlSQjd3PGs8CGboqeMn0jVOD+fQ9xX5cGaFn3/dRgcfzeGCf4BOH
uABxm7imP7LAuQp6qhMReD7q9FEi1bmry8JnLV72cPWJv4D4DtPCUiW8tVEbc454
ruXrcajWrMYaeEeAEiXJlsxGm5kO+OzMsBF7yWkS7aFYQ4xgUzrKoCilkEvNd41I
VRRgnmLN3wVSNN4r05bHQJ14kkbrPN/HpjLoaubqapfL4U3M8sYVmiDMy1PA991d
cUXJFDC4ZcNxTVAJ1Wcjfa+vq/tujKV3kL1CLtwJ/1ZaOg2FB4ftodqnRPlPixNU
03TK8+y53ugDGpM=
-----END CERTIFICATE-----
Generated at Sun Aug 24 05:02:18 2025 by rpki-client