Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/JeJQO9s80gfCiYe1r0cc8EhoCxk.roa
File: JeJQO9s80gfCiYe1r0cc8EhoCxk.roa (raw, json)
Hash identifier: fgQotiiZ/kaXHnFm2dA5yCVTFpxgcGtAQyQ5Cm5SG64=
Subject key identifier: 25:E2:50:3B:DB:3C:D2:07:C2:89:87:B5:AF:47:1C:F0:48:68:0B:19
Certificate issuer: /CN=1970a2632079e18b9ef6728192a3936aabe2b224
Certificate serial: 01997FBA0E058E3F48565CEB1E04F7EE0373
Authority key identifier: 19:70:A2:63:20:79:E1:8B:9E:F6:72:81:92:A3:93:6A:AB:E2:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/JeJQO9s80gfCiYe1r0cc8EhoCxk.roa
Signing time: Thu 25 Sep 2025 07:15:23 +0000
ROA not before: Thu 25 Sep 2025 07:15:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8302
IP address blocks: 91.123.96.0/20 maxlen: 20
91.123.97.0/24 maxlen: 24
91.123.99.0/24 maxlen: 24
91.123.100.0/24 maxlen: 24
91.123.103.0/24 maxlen: 24
91.123.106.0/24 maxlen: 24
91.123.107.0/24 maxlen: 24
2a06:1b00::/32 maxlen: 32
2a06:1b00:97::/48 maxlen: 48
2a06:1b00:99::/48 maxlen: 48
2a06:1b00:100::/48 maxlen: 48
2a06:1b00:103::/48 maxlen: 48
2a06:1b00:106::/48 maxlen: 48
2a06:1b00:107::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:ba:0e:05:8e:3f:48:56:5c:eb:1e:04:f7:ee:03:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1970a2632079e18b9ef6728192a3936aabe2b224
Validity
Not Before: Sep 25 07:15:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25e2503bdb3cd207c28987b5af471cf048680b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ae:bd:1d:d9:c3:17:1b:ab:ca:8b:ac:15:d9:
5d:69:d8:1b:1e:36:3e:22:89:5e:46:4d:24:e3:cd:
fa:6a:76:2c:ba:ea:66:83:9a:e3:b3:c4:b9:ba:77:
0a:f9:84:a6:5a:72:de:ab:03:46:18:ec:70:17:da:
11:63:e3:8e:0b:83:83:f4:e4:d0:f4:0c:a7:ac:be:
b1:21:04:dd:e9:08:67:3b:72:ab:62:da:a5:04:e6:
ff:ff:fb:0e:21:e6:bd:7e:18:c0:f6:b4:c4:5e:0e:
d1:78:10:64:23:29:87:4c:fe:8e:72:4a:8d:05:0d:
6f:c9:ec:0a:70:9c:22:76:74:5f:47:4b:32:25:76:
73:07:7e:4f:f9:31:07:06:04:44:5a:82:60:48:a1:
45:b3:6c:e0:d3:1e:10:27:5d:ff:b9:5c:51:17:73:
55:22:d8:30:f3:da:a3:a5:5e:5c:9b:3e:05:c8:dc:
b1:c4:34:6c:30:f3:e3:b5:f3:8c:38:e1:9c:be:96:
f1:ad:5c:8f:af:b8:3b:51:15:44:ae:6d:78:c9:17:
a7:43:b7:0e:aa:16:fc:82:d1:89:94:6f:e4:a6:ac:
01:02:33:5d:08:dd:fd:9a:da:bd:43:9a:20:16:d5:
c9:40:86:75:39:0c:fe:69:c9:1e:d6:2d:f7:c1:33:
7d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E2:50:3B:DB:3C:D2:07:C2:89:87:B5:AF:47:1C:F0:48:68:0B:19
X509v3 Authority Key Identifier:
keyid:19:70:A2:63:20:79:E1:8B:9E:F6:72:81:92:A3:93:6A:AB:E2:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/JeJQO9s80gfCiYe1r0cc8EhoCxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.96.0/20
IPv6:
2a06:1b00::/32
Signature Algorithm: sha256WithRSAEncryption
bf:45:86:8c:e0:be:75:5e:9c:e5:da:e4:c8:04:39:38:da:c6:
07:f4:05:81:47:b9:0d:31:49:be:c1:db:d2:18:8e:bc:c9:93:
3b:fd:4a:eb:61:b9:b2:18:5a:5b:54:20:fc:e9:29:97:17:01:
ce:be:46:55:64:24:ef:d3:8c:25:08:f2:f3:1c:e8:a3:bf:60:
66:f2:61:85:62:49:1a:fc:0e:b5:3a:6f:c5:db:e3:c5:ac:8e:
07:51:2d:d0:dc:34:68:08:ef:3b:9b:9d:2d:9c:27:e0:5d:ba:
3b:3f:8e:e6:e0:83:98:79:cd:89:f6:1e:6c:91:ed:5a:a0:1b:
84:ec:c1:fc:20:a4:ba:4e:fb:e2:15:c5:02:40:9a:78:25:f8:
3f:6c:72:ed:d2:9f:26:9a:c4:2d:cd:a2:78:b1:dd:c2:7a:59:
4e:c0:fe:10:6e:a3:50:e4:74:2a:28:ec:17:f5:ca:54:e1:02:
a4:58:2d:ea:37:45:b5:78:5a:f6:1e:ef:c7:53:63:4b:4e:a8:
ff:7e:ab:3b:78:f5:7c:25:76:0c:6d:d1:8c:5e:06:cd:26:cf:
7a:ec:62:06:aa:04:a8:8f:0f:1a:3c:a9:b2:fd:09:00:48:82:
23:4f:6e:f4:c4:59:cb:d9:29:a6:ac:9c:c4:0d:27:42:21:c1:
b8:e9:6c:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZl/ug4Fjj9IVlzrHgT37gNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NzBhMjYzMjA3OWUxOGI5ZWY2NzI4MTkyYTM5MzZhYWJl
MmIyMjQwHhcNMjUwOTI1MDcxNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUyNTAzYmRiM2NkMjA3YzI4OTg3YjVhZjQ3MWNmMDQ4NjgwYjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK69HdnDFxuryousFdldadgbHjY+
IoleRk0k4836anYsuupmg5rjs8S5uncK+YSmWnLeqwNGGOxwF9oRY+OOC4OD9OTQ
9AynrL6xIQTd6QhnO3KrYtqlBOb///sOIea9fhjA9rTEXg7ReBBkIymHTP6OckqN
BQ1vyewKcJwidnRfR0syJXZzB35P+TEHBgREWoJgSKFFs2zg0x4QJ13/uVxRF3NV
Itgw89qjpV5cmz4FyNyxxDRsMPPjtfOMOOGcvpbxrVyPr7g7URVErm14yRenQ7cO
qhb8gtGJlG/kpqwBAjNdCN39mtq9Q5ogFtXJQIZ1OQz+acke1i33wTN9hQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCXiUDvbPNIHwomHta9HHPBIaAsZMB8GA1UdIwQY
MBaAFBlwomMgeeGLnvZygZKjk2qr4rIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1hDaVl5QjU0WXVlOW5LQmtxT1RhcXZpc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNmM4MmYtOWQyMi00MWNiLWJiYjYt
ZTc4ZWFmMTU4NGJmLzEvSmVKUU85czgwZ2ZDaVllMXIwY2M4RWhvQ3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNmM4MmYtOWQyMi00MWNiLWJiYjYtZTc4ZWFmMTU4NGJm
LzEvR1hDaVl5QjU0WXVlOW5LQmtxT1RhcXZpc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEW3tgMA0E
AgACMAcDBQAqBhsAMA0GCSqGSIb3DQEBCwUAA4IBAQC/RYaM4L51Xpzl2uTIBDk4
2sYH9AWBR7kNMUm+wdvSGI68yZM7/UrrYbmyGFpbVCD86SmXFwHOvkZVZCTv04wl
CPLzHOijv2Bm8mGFYkka/A61Om/F2+PFrI4HUS3Q3DRoCO87m50tnCfgXbo7P47m
4IOYec2J9h5ske1aoBuE7MH8IKS6TvviFcUCQJp4Jfg/bHLt0p8mmsQtzaJ4sd3C
ellOwP4QbqNQ5HQqKOwX9cpU4QKkWC3qN0W1eFr2Hu/HU2NLTqj/fqs7ePV8JXYM
bdGMXgbNJs967GIGqgSojw8aPKmy/QkASIIjT270xFnL2SmmrJzEDSdCIcG46Wzx
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:35:58 2025 by rpki-client