Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/JcpkDEw0JBmGAZTOYP-EZkG7h4Q.roa
File: JcpkDEw0JBmGAZTOYP-EZkG7h4Q.roa (raw, json)
Hash identifier: jiM13rTCKDGbOFYZdyZ0lzDL0Z/zn/1jyUcNFr7C9ic=
Subject key identifier: 25:CA:64:0C:4C:34:24:19:86:01:94:CE:60:FF:84:66:41:BB:87:84
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 01988FD827CD9A8CF584B4491A38B1569A16
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/JcpkDEw0JBmGAZTOYP-EZkG7h4Q.roa
Signing time: Sat 09 Aug 2025 17:19:24 +0000
ROA not before: Sat 09 Aug 2025 17:19:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 5.34.180.0/23 maxlen: 23
46.28.68.0/24 maxlen: 24
46.28.69.0/24 maxlen: 24
82.118.16.0/24 maxlen: 24
82.118.19.0/24 maxlen: 24
185.14.28.0/22 maxlen: 22
195.123.216.0/21 maxlen: 21
217.12.200.0/23 maxlen: 23
217.12.208.0/23 maxlen: 23
217.12.218.0/24 maxlen: 24
217.12.219.0/24 maxlen: 24
217.12.220.0/24 maxlen: 24
2a02:27a9::/32 maxlen: 32
2a02:27ab::/32 maxlen: 32
2a02:27ae::/32 maxlen: 32
2a02:27af::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:d8:27:cd:9a:8c:f5:84:b4:49:1a:38:b1:56:9a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Aug 9 17:19:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25ca640c4c342419860194ce60ff846641bb8784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:b6:19:45:17:4f:89:2b:70:b5:ee:1f:eb:
72:d7:34:34:21:46:25:05:21:c2:df:70:27:dd:6a:
2b:9e:b2:22:86:23:87:3a:0d:66:bf:36:f7:71:7a:
25:5b:93:a5:59:91:a3:17:fa:ab:1e:02:bc:47:82:
ad:1d:6e:68:ca:b2:ca:d8:a6:a0:21:82:a8:9c:c5:
65:c0:99:c9:16:1e:3d:ff:cc:d8:7a:a0:5e:15:c7:
74:12:2b:87:ea:57:45:5f:cb:2e:23:f3:80:95:b0:
7a:50:80:e9:79:7a:3a:6b:2e:d5:73:6a:00:47:c0:
a3:4e:68:ca:46:da:d1:56:f3:72:ca:ee:55:6d:78:
90:26:09:65:23:e9:d6:03:cf:09:a0:e8:09:f6:27:
bf:89:72:cd:44:56:77:af:b8:d4:74:25:1b:a7:2e:
ec:78:7c:af:9a:ad:36:63:40:8e:98:a0:1c:14:c6:
e4:37:2e:6a:cc:a1:83:1a:34:bf:25:f1:ae:86:1c:
5e:58:11:2e:3e:b6:94:56:f5:83:d9:44:6a:a6:bf:
3c:52:93:32:21:14:45:eb:34:9f:bd:da:7d:22:7b:
be:4e:b6:a0:cc:53:02:9a:8e:6c:a8:b4:59:00:d9:
45:25:ef:af:67:83:a2:47:a4:7a:a0:23:f5:b8:af:
34:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CA:64:0C:4C:34:24:19:86:01:94:CE:60:FF:84:66:41:BB:87:84
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/JcpkDEw0JBmGAZTOYP-EZkG7h4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.180.0/23
46.28.68.0/23
82.118.16.0/24
82.118.19.0/24
185.14.28.0/22
195.123.216.0/21
217.12.200.0/23
217.12.208.0/23
217.12.218.0-217.12.220.255
IPv6:
2a02:27a9::/32
2a02:27ab::/32
2a02:27ae::/31
Signature Algorithm: sha256WithRSAEncryption
5a:6e:27:95:7e:35:30:5a:0f:87:31:0e:b7:4f:ca:82:32:a3:
12:15:9e:fd:88:9c:f8:cf:96:21:d5:36:df:89:a2:9c:9e:ad:
b5:31:8e:be:a1:8c:e1:99:ed:92:86:42:95:8b:df:0e:b8:3c:
4f:f0:e8:81:4c:c2:7d:6d:73:42:a2:40:52:4a:d3:67:02:ec:
ef:46:fb:1a:d7:20:3b:7e:3a:b0:d5:34:30:bc:d2:f7:97:d5:
11:1d:e0:9b:d2:dc:da:32:91:c5:b0:eb:a3:c0:0b:4a:95:48:
c9:20:65:31:04:b2:a9:ca:2b:8e:49:14:6c:ab:20:f1:cb:84:
b4:d5:3b:3d:37:ce:ae:9e:d0:fb:f1:20:02:91:0e:0b:54:ee:
c4:49:ed:7e:57:c0:1d:27:ed:55:69:dd:b7:00:da:e6:de:52:
55:68:71:8e:10:35:b4:55:b2:cf:5c:19:28:e4:a1:74:b3:82:
64:e9:77:80:fc:e9:22:ea:18:0b:67:05:26:e3:91:d9:49:71:
19:d5:56:ac:d8:55:b9:72:22:ac:51:e1:28:06:7f:75:ad:50:
d5:c9:b6:a9:1a:c9:e7:e4:bc:50:57:52:70:b6:57:39:50:70:
47:2d:77:42:2d:23:90:b6:d4:93:da:16:f4:8b:e3:0c:b8:b1:
3d:48:2f:e3
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZiP2CfNmoz1hLRJGjixVpoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwODA5MTcxOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNhNjQwYzRjMzQyNDE5ODYwMTk0Y2U2MGZmODQ2NjQxYmI4Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf62GUUXT4krcLXuH+ty1zQ0IUYl
BSHC33An3WornrIihiOHOg1mvzb3cXolW5OlWZGjF/qrHgK8R4KtHW5oyrLK2Kag
IYKonMVlwJnJFh49/8zYeqBeFcd0EiuH6ldFX8suI/OAlbB6UIDpeXo6ay7Vc2oA
R8CjTmjKRtrRVvNyyu5VbXiQJgllI+nWA88JoOgJ9ie/iXLNRFZ3r7jUdCUbpy7s
eHyvmq02Y0COmKAcFMbkNy5qzKGDGjS/JfGuhhxeWBEuPraUVvWD2URqpr88UpMy
IRRF6zSfvdp9Inu+TragzFMCmo5sqLRZANlFJe+vZ4OiR6R6oCP1uK801QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFCXKZAxMNCQZhgGUzmD/hGZBu4eEMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvSmNwa0RFdzBKQm1HQVpUT1lQLUVaa0c3aDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBEBAIAATA+AwQBBSK0AwQB
LhxEAwQAUnYQAwQAUnYTAwQCuQ4cAwQDw3vYAwQB2QzIAwQB2QzQMAwDBAHZDNoD
BADZDNwwGwQCAAIwFQMFACoCJ6kDBQAqAierAwUBKgInrjANBgkqhkiG9w0BAQsF
AAOCAQEAWm4nlX41MFoPhzEOt0/KgjKjEhWe/Yic+M+WIdU234minJ6ttTGOvqGM
4ZntkoZClYvfDrg8T/DogUzCfW1zQqJAUkrTZwLs70b7GtcgO346sNU0MLzS95fV
ER3gm9Lc2jKRxbDro8ALSpVIySBlMQSyqcorjkkUbKsg8cuEtNU7PTfOrp7Q+/Eg
ApEOC1TuxEntflfAHSftVWndtwDa5t5SVWhxjhA1tFWyz1wZKOShdLOCZOl3gPzp
IuoYC2cFJuOR2UlxGdVWrNhVuXIirFHhKAZ/da1Q1cm2qRrJ5+S8UFdScLZXOVBw
Ry13Qi0jkLbUk9oW9IvjDLixPUgv4w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:16:08 2025 by rpki-client