Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/eJSI85DZViXonf3-MCJo6Ojcq34.roa
File: eJSI85DZViXonf3-MCJo6Ojcq34.roa (raw, json)
Hash identifier: OnbHcBTMzJmbk7LCrnGr0kTpDi+PIFsqGqkYdHOPR8k=
Subject key identifier: 78:94:88:F3:90:D9:56:25:E8:9D:FD:FE:30:22:68:E8:E8:DC:AB:7E
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 019913E2562B157DD3C975C73BD5067B7B24
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/eJSI85DZViXonf3-MCJo6Ojcq34.roa
Signing time: Thu 04 Sep 2025 08:40:24 +0000
ROA not before: Thu 04 Sep 2025 08:40:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47262
IP address blocks: 46.245.0.0/18 maxlen: 20
46.245.9.0/24 maxlen: 24
212.120.192.0/19 maxlen: 19
212.120.196.0/23 maxlen: 23
2a00:d20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:13:e2:56:2b:15:7d:d3:c9:75:c7:3b:d5:06:7b:7b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Sep 4 08:40:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=789488f390d95625e89dfdfe302268e8e8dcab7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6c:0e:05:90:cb:c7:7d:f4:da:d9:36:0b:ae:
31:3e:b9:03:10:2c:ab:7e:08:ab:22:ca:31:2f:de:
ec:da:77:49:97:5a:12:17:f2:08:c3:7d:71:51:3c:
c4:97:cd:df:4f:74:d8:42:04:03:79:2d:b9:f0:bd:
47:79:20:59:5f:ad:cd:4d:7c:7c:80:70:e4:7d:0d:
5f:1d:34:6a:48:3b:46:54:65:9e:e8:a4:a2:61:a0:
39:37:ab:aa:54:61:12:95:ad:a3:ab:42:29:10:f8:
c3:88:fa:25:46:e1:60:6e:8f:f1:5f:2e:e5:9d:31:
69:b3:36:a1:8f:05:82:d3:08:92:6b:fc:af:ae:8a:
ff:e2:8a:1b:69:c4:ba:99:51:66:8f:83:ee:c0:c6:
64:ad:37:b0:60:44:f8:95:18:f0:cc:59:72:86:d8:
81:d9:6d:32:b8:78:f2:fe:64:40:2b:66:7a:93:3b:
bd:4f:d0:a3:dd:9c:62:53:d1:27:ce:86:33:58:1a:
97:44:e4:21:c5:c6:f0:52:6f:15:46:4e:65:94:30:
5d:c7:c3:fc:11:bf:9e:1a:fe:cc:89:b7:74:8f:7c:
68:22:d7:a9:c1:6d:cf:b1:34:dd:4a:b6:b3:08:d6:
20:8c:86:a1:d9:ae:c9:60:59:b6:d9:ec:fc:45:5d:
6e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:94:88:F3:90:D9:56:25:E8:9D:FD:FE:30:22:68:E8:E8:DC:AB:7E
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/eJSI85DZViXonf3-MCJo6Ojcq34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.0.0/18
212.120.192.0/19
IPv6:
2a00:d20::/32
Signature Algorithm: sha256WithRSAEncryption
94:6e:e8:ee:10:f3:d9:ce:7f:f6:1d:af:94:90:bc:b2:d3:de:
69:38:82:14:9c:60:15:b9:30:a8:9c:85:10:af:4d:35:87:8f:
01:1e:df:ec:bf:4d:76:b1:12:e8:95:2d:e1:4e:56:b8:da:43:
13:2a:40:5f:53:74:d2:b1:0b:6a:44:4a:6e:93:9d:5e:27:1f:
3d:a4:bd:7f:a7:2f:81:f0:13:2e:27:51:74:b2:9f:ac:cf:e6:
a2:d3:c3:a6:39:1c:9f:b4:c9:bc:a3:8c:65:18:b7:bb:5f:04:
36:7a:70:9c:f9:42:f3:7d:16:29:1f:4d:6a:e5:11:1a:c8:12:
f1:05:48:c4:6f:f8:09:a1:e7:ca:64:80:ce:4e:d3:60:73:b6:
ca:11:f5:c7:44:36:c7:50:84:81:92:a7:c6:ea:44:f5:d8:08:
4b:86:fb:24:93:cf:60:ea:ce:9a:15:66:d5:d1:2d:ed:73:3a:
10:84:b2:a8:f8:33:39:cc:e5:68:1b:55:3b:07:ae:ed:5d:65:
1b:bb:15:ae:9f:d2:24:eb:c6:81:d0:f6:4e:00:d9:4a:0c:a6:
a5:7a:2c:69:ac:e6:23:14:39:33:fe:d1:91:b2:6c:eb:1b:6c:
2e:cc:cf:6f:f2:09:b3:15:4f:f9:9e:66:a9:1a:40:37:67:74:
9e:fe:32:db
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZkT4lYrFX3TyXXHO9UGe3skMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjUwOTA0MDg0MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk0ODhmMzkwZDk1NjI1ZTg5ZGZkZmUzMDIyNjhlOGU4ZGNhYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mwOBZDLx3302tk2C64xPrkDECyr
fgirIsoxL97s2ndJl1oSF/IIw31xUTzEl83fT3TYQgQDeS258L1HeSBZX63NTXx8
gHDkfQ1fHTRqSDtGVGWe6KSiYaA5N6uqVGESla2jq0IpEPjDiPolRuFgbo/xXy7l
nTFpszahjwWC0wiSa/yvror/4oobacS6mVFmj4PuwMZkrTewYET4lRjwzFlyhtiB
2W0yuHjy/mRAK2Z6kzu9T9Cj3ZxiU9EnzoYzWBqXROQhxcbwUm8VRk5llDBdx8P8
Eb+eGv7Mibd0j3xoItepwW3PsTTdSrazCNYgjIah2a7JYFm22ez8RV1uqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHiUiPOQ2VYl6J39/jAiaOjo3Kt+MB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvZUpTSTg1RFpWaVhvbmYzLU1DSm82T2pjcTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGLvUAAwQF
1HjAMA0EAgACMAcDBQAqAA0gMA0GCSqGSIb3DQEBCwUAA4IBAQCUbujuEPPZzn/2
Ha+UkLyy095pOIIUnGAVuTConIUQr001h48BHt/sv012sRLolS3hTla42kMTKkBf
U3TSsQtqREpuk51eJx89pL1/py+B8BMuJ1F0sp+sz+ai08OmORyftMm8o4xlGLe7
XwQ2enCc+ULzfRYpH01q5REayBLxBUjEb/gJoefKZIDOTtNgc7bKEfXHRDbHUISB
kqfG6kT12AhLhvskk89g6s6aFWbV0S3tczoQhLKo+DM5zOVoG1U7B67tXWUbuxWu
n9Ik68aB0PZOANlKDKaleixprOYjFDkz/tGRsmzrG2wuzM9v8gmzFU/5nmapGkA3
Z3Se/jLb
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:01 2025 by rpki-client