Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JDK2Xc9w7u2JMkUk9v17HwdidfA.roa
File: JDK2Xc9w7u2JMkUk9v17HwdidfA.roa (raw, json)
Hash identifier: htKOEwPRpWGLmjukAyajlXiDt3mzH4rIBGaGAVilqsA=
Subject key identifier: 24:32:B6:5D:CF:70:EE:ED:89:32:45:24:F6:FD:7B:1F:07:62:75:F0
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197977B34795F21A2AC0C169DCB997F7D5D
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JDK2Xc9w7u2JMkUk9v17HwdidfA.roa
Signing time: Sun 22 Jun 2025 11:52:03 +0000
ROA not before: Sun 22 Jun 2025 11:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 05:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:97:7b:34:79:5f:21:a2:ac:0c:16:9d:cb:99:7f:7d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 22 11:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2432b65dcf70eeed89324524f6fd7b1f076275f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:57:68:d1:2a:73:9d:e3:d9:bb:ce:29:bd:
c1:35:30:87:35:57:c3:e5:1c:0b:44:42:17:1c:a2:
0d:43:bb:2c:8f:3d:4b:64:f5:e5:7c:32:52:bc:a5:
dc:d8:29:1e:3d:97:c4:42:76:df:64:2b:69:79:d6:
a5:f1:3b:3e:1c:c6:8a:bb:a8:d5:49:c6:94:3f:b7:
d4:64:d9:92:30:7a:09:14:a8:b8:3a:7b:dd:0b:8a:
63:33:79:8b:1f:59:01:8c:cd:32:d6:9f:d3:ec:2f:
aa:76:92:b9:c9:63:75:8b:3f:b8:49:ac:3b:62:2e:
79:e7:98:4a:97:ef:20:98:2b:5a:23:db:00:9b:0b:
fc:a5:8a:43:e3:c7:5d:9c:a9:97:f6:13:63:31:a4:
40:af:f8:e2:64:1d:41:bb:f2:2d:4b:a3:30:f5:7f:
ed:c9:c3:5e:6a:14:c8:fe:58:16:15:0b:62:c5:8f:
b7:85:fc:03:06:10:f7:a2:f5:9a:e7:24:54:ab:22:
47:fd:e7:81:74:12:94:6e:3b:cb:f0:ff:4a:90:6e:
a3:9e:22:d4:02:ed:4e:95:04:37:05:5f:8b:02:65:
45:8b:99:01:e4:4a:2a:4b:39:26:62:b1:b2:8f:f9:
a8:1d:ea:0c:57:da:e2:c3:b4:e8:e7:97:72:82:10:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:32:B6:5D:CF:70:EE:ED:89:32:45:24:F6:FD:7B:1F:07:62:75:F0
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JDK2Xc9w7u2JMkUk9v17HwdidfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.139.0-46.38.140.255
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
4d:35:fa:97:a7:88:17:d3:02:fa:c5:a2:b2:4e:ca:b3:f2:7e:
de:e4:a9:73:0f:f7:0f:5f:c5:15:34:f7:9d:a4:6f:3e:20:4f:
e4:b5:05:29:3a:72:a0:b8:d9:46:57:c9:14:bc:03:f4:2a:18:
e6:67:70:a2:d8:cc:52:3c:46:17:55:2f:3d:64:e6:03:df:aa:
06:1b:6e:ad:ce:78:ec:60:8d:7e:26:43:18:9e:5e:0d:48:85:
bb:f1:5b:f1:3d:39:2d:d4:b5:4c:cd:e9:46:c2:19:d7:0a:64:
f2:e2:e5:cc:e8:74:a6:a0:19:6c:f5:d8:b5:f1:97:74:f5:61:
77:78:e5:7b:de:13:b3:2a:dd:d4:b3:80:96:10:d3:62:84:73:
c7:0c:a1:9d:f5:a5:4a:20:1e:ab:c3:99:3b:b8:75:57:73:3b:
b1:72:b6:61:45:df:37:48:23:de:99:6d:91:7c:5e:ec:ef:37:
3a:a8:db:7d:22:2e:12:75:36:04:d4:b0:1a:55:d7:7f:80:0f:
01:2b:c8:8c:12:83:40:8f:32:5a:9b:b3:93:0a:96:08:42:48:
dc:53:fa:bc:b7:bf:23:65:d2:02:4a:ba:fe:c1:13:83:c8:a3:
ca:0c:ad:41:5a:ca:91:79:a6:38:ff:db:80:f7:2c:04:e7:46:
9b:4c:1e:23
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZeXezR5XyGirAwWncuZf31dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNjIyMTE1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDMyYjY1ZGNmNzBlZWVkODkzMjQ1MjRmNmZkN2IxZjA3NjI3NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzdXaNEqc53j2bvOKb3BNTCHNVfD
5RwLREIXHKINQ7ssjz1LZPXlfDJSvKXc2CkePZfEQnbfZCtpedal8Ts+HMaKu6jV
ScaUP7fUZNmSMHoJFKi4OnvdC4pjM3mLH1kBjM0y1p/T7C+qdpK5yWN1iz+4Saw7
Yi5555hKl+8gmCtaI9sAmwv8pYpD48ddnKmX9hNjMaRAr/jiZB1Bu/ItS6Mw9X/t
ycNeahTI/lgWFQtixY+3hfwDBhD3ovWa5yRUqyJH/eeBdBKUbjvL8P9KkG6jniLU
Au1OlQQ3BV+LAmVFi5kB5EoqSzkmYrGyj/moHeoMV9riw7To55dyghCcVwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFCQytl3PcO7tiTJFJPb9ex8HYnXwMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSkRLMlhjOXc3dTJKTWtVazl2MTdId2RpZGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQALiaBAwQA
LiaDMAwDBAAuJosDBAAuJowDBAC5GJYDBAG5HdwDBAXUEEADBAXUUAAwDQQCAAIw
BwMFAyoAfYAwDQYJKoZIhvcNAQELBQADggEBAE01+peniBfTAvrForJOyrPyft7k
qXMP9w9fxRU0952kbz4gT+S1BSk6cqC42UZXyRS8A/QqGOZncKLYzFI8RhdVLz1k
5gPfqgYbbq3OeOxgjX4mQxieXg1IhbvxW/E9OS3UtUzN6UbCGdcKZPLi5czodKag
GWz12LXxl3T1YXd45XveE7Mq3dSzgJYQ02KEc8cMoZ31pUogHqvDmTu4dVdzO7Fy
tmFF3zdII96ZbZF8XuzvNzqo230iLhJ1NgTUsBpV13+ADwEryIwSg0CPMlqbs5MK
lghCSNxT+ry3vyNl0gJKuv7BE4PIo8oMrUFaypF5pjj/24D3LATnRptMHiM=
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:06:59 2025 by rpki-client