
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jEy5a_BIF556lpeM7oDTeylWp1c.roa
File: jEy5a_BIF556lpeM7oDTeylWp1c.roa (raw, json)
Hash identifier: /c5djDZ0uYskWfq8DpA4Uh6iCwHWg+ybbWSbYEc0fC8=
Subject key identifier: 8C:4C:B9:6B:F0:48:17:9E:7A:96:97:8C:EE:80:D3:7B:29:56:A7:57
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199E4FD6EC105CF22AAD59C7F6D2B0313A6
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jEy5a_BIF556lpeM7oDTeylWp1c.roa
Signing time: Tue 14 Oct 2025 23:10:38 +0000
ROA not before: Tue 14 Oct 2025 23:10:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
82.115.9.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.231.172.0/24 maxlen: 24
188.209.156.0/22 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:fd:6e:c1:05:cf:22:aa:d5:9c:7f:6d:2b:03:13:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 14 23:10:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c4cb96bf048179e7a96978cee80d37b2956a757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:8b:bf:0b:da:8e:67:de:2c:41:c4:5a:93:
77:7e:17:d7:a1:b8:77:40:94:f6:db:b4:5c:78:93:
31:3d:87:b7:4d:3c:e7:17:93:79:86:7b:87:60:f3:
8b:4c:e8:f0:5d:0d:df:b1:dd:c2:8b:f4:4e:1e:bf:
c4:81:e3:a8:03:b0:e3:7c:d7:c9:f7:9d:d5:30:bb:
69:30:02:91:8f:56:11:94:64:82:00:21:8e:18:87:
6a:25:00:33:e2:03:89:64:96:40:cf:5c:1a:3c:7b:
1f:66:6c:43:ed:60:32:8f:fb:59:29:35:93:f8:e4:
6a:c2:25:a5:6f:77:b6:d0:60:c3:79:bd:34:3c:a9:
05:f6:97:19:ec:2a:12:d6:b6:da:db:aa:08:b8:b2:
b3:28:0a:d3:2e:43:14:67:dc:e0:d6:b8:d0:a9:bf:
2e:d7:34:b5:1c:93:e2:0b:c3:e4:18:e3:52:fc:b4:
58:3b:8e:5b:0c:61:d5:a6:d9:ea:a8:a7:09:b2:85:
bc:82:ff:c5:73:39:ab:57:9d:05:c8:43:e0:16:39:
6f:5e:7d:da:6b:5f:66:7d:ed:1a:1e:5d:7b:b6:2c:
9f:09:0c:c3:72:9d:9c:c6:22:b5:35:b7:80:cf:68:
9b:79:5a:11:87:f3:f6:55:f7:1c:e9:b7:4a:93:50:
10:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4C:B9:6B:F0:48:17:9E:7A:96:97:8C:EE:80:D3:7B:29:56:A7:57
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jEy5a_BIF556lpeM7oDTeylWp1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
82.115.9.0/24
159.255.32.0/21
185.231.172.0/24
188.209.156.0/22
202.133.90.0/23
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
52:9c:c6:bd:7b:47:cb:4e:b8:63:0a:01:9c:1d:a4:87:db:bc:
7f:64:a8:06:6f:88:d4:59:40:13:bb:12:d5:91:62:eb:df:c2:
1a:b6:37:d5:8a:bf:2e:a7:f3:06:cd:39:3f:9b:4b:8f:84:8d:
ed:dd:cc:70:7e:49:59:3d:28:71:19:3b:6c:a7:95:29:96:da:
ec:9f:17:0b:b3:8b:bd:e7:5a:ab:90:d0:48:73:ed:54:33:87:
e2:a9:6f:76:c7:9f:e7:45:fe:88:4a:8d:2c:f4:f9:40:9a:da:
83:2f:aa:7b:4f:12:ef:a3:09:79:36:74:e5:77:b3:1a:e4:21:
c5:57:e3:3b:f8:3f:43:63:8b:69:7e:d9:7c:a4:a6:81:4f:26:
d2:ac:68:6e:43:0f:b7:7e:67:54:76:83:ae:c4:25:82:5b:3b:
9b:0e:4d:1b:3e:23:fb:83:e5:6d:70:5e:6c:22:ea:57:3c:53:
c2:02:1d:ea:64:fe:5d:d5:ae:80:35:10:25:61:7f:70:d7:7d:
4d:d6:11:38:f4:3b:9b:61:1a:a6:46:d7:83:c2:b4:cc:5f:9e:
51:2a:f3:c1:4a:aa:b0:e8:9d:2a:cf:4c:89:9a:e2:27:7c:27:
ca:c4:5a:8c:95:f7:8e:f4:fe:1e:71:41:13:30:b4:f1:d3:52:
39:39:61:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnk/W7BBc8iqtWcf20rAxOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDE0MjMxMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzRjYjk2YmYwNDgxNzllN2E5Njk3OGNlZTgwZDM3YjI5NTZhNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvKLvwvajmfeLEHEWpN3fhfXobh3
QJT227RceJMxPYe3TTznF5N5hnuHYPOLTOjwXQ3fsd3Ci/ROHr/EgeOoA7DjfNfJ
953VMLtpMAKRj1YRlGSCACGOGIdqJQAz4gOJZJZAz1waPHsfZmxD7WAyj/tZKTWT
+ORqwiWlb3e20GDDeb00PKkF9pcZ7CoS1rba26oIuLKzKArTLkMUZ9zg1rjQqb8u
1zS1HJPiC8PkGONS/LRYO45bDGHVptnqqKcJsoW8gv/FczmrV50FyEPgFjlvXn3a
a19mfe0aHl17tiyfCQzDcp2cxiK1NbeAz2ibeVoRh/P2Vfcc6bdKk1AQKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIxMuWvwSBeeepaXjO6A03spVqdXMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvakV5NWFfQklGNTU2bHBlTTdvRFRleWxXcDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYsGAwQA
UnMJAwQDn/8gAwQAueesAwQCvNGcAwQByoVaAwQC1FpkMA0GCSqGSIb3DQEBCwUA
A4IBAQBSnMa9e0fLTrhjCgGcHaSH27x/ZKgGb4jUWUATuxLVkWLr38IatjfVir8u
p/MGzTk/m0uPhI3t3cxwfklZPShxGTtsp5UpltrsnxcLs4u951qrkNBIc+1UM4fi
qW92x5/nRf6ISo0s9PlAmtqDL6p7TxLvowl5NnTld7Ma5CHFV+M7+D9DY4tpftl8
pKaBTybSrGhuQw+3fmdUdoOuxCWCWzubDk0bPiP7g+VtcF5sIupXPFPCAh3qZP5d
1a6ANRAlYX9w131N1hE49DubYRqmRteDwrTMX55RKvPBSqqw6J0qz0yJmuInfCfK
xFqMlfeO9P4ecUETMLTx01I5OWHz
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:30 2025 by rpki-client