Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/JIncZ105bR4xmbX5IEShxrccnL0.roa
File: JIncZ105bR4xmbX5IEShxrccnL0.roa (raw, json)
Hash identifier: mk56yikGya1I8GT9kjt9k+9Y8bzO4cVGwR/WK46/ctY=
Subject key identifier: 24:89:DC:67:5D:39:6D:1E:31:99:B5:F9:20:44:A1:C6:B7:1C:9C:BD
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 0199D70820750E2C40047F5FCD4306AE427B
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/JIncZ105bR4xmbX5IEShxrccnL0.roa
Signing time: Sun 12 Oct 2025 06:07:38 +0000
ROA not before: Sun 12 Oct 2025 06:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 46.151.176.0/24 maxlen: 24
46.151.177.0/24 maxlen: 24
46.151.178.0/24 maxlen: 24
46.151.179.0/24 maxlen: 24
46.151.180.0/24 maxlen: 24
83.142.208.0/24 maxlen: 24
83.142.210.0/24 maxlen: 24
83.142.211.0/24 maxlen: 24
83.142.212.0/24 maxlen: 24
83.142.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d7:08:20:75:0e:2c:40:04:7f:5f:cd:43:06:ae:42:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Oct 12 06:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2489dc675d396d1e3199b5f92044a1c6b71c9cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:f2:f8:63:34:ce:89:6e:d0:5f:3e:a9:23:
d7:4c:27:84:74:91:c6:a3:43:25:96:6c:f4:fc:11:
bf:9c:63:75:d6:ec:47:76:f2:51:29:95:be:42:32:
72:fb:9d:4e:51:c8:17:a1:97:dc:01:ee:84:51:8e:
40:96:e5:ce:b7:ba:75:78:09:bc:1d:25:31:2d:42:
c4:05:b1:b9:b6:f6:dd:41:60:76:8a:35:ba:90:2e:
28:1e:1b:c7:b5:57:55:fa:3f:00:30:46:5f:86:b8:
ce:fb:af:98:9b:9f:e6:25:81:de:3a:00:47:5e:00:
e3:90:05:cd:b7:5c:7b:62:cc:c6:3b:e6:7e:46:31:
bf:df:a8:6c:8b:d4:dd:b1:83:73:54:43:02:83:2e:
39:bd:2e:8b:2b:69:c5:55:df:2d:51:5f:ad:15:20:
5e:9b:48:0f:90:12:f6:8b:8f:32:89:a5:35:4e:b3:
44:0d:62:e5:0f:ee:7c:75:07:55:7d:ec:30:35:13:
ab:d9:73:22:47:38:88:13:d0:15:8f:42:87:a3:8e:
18:63:ba:6f:ef:61:b9:65:91:66:44:74:e6:da:d0:
9f:bb:54:f6:15:d9:cd:d3:d5:30:8e:90:17:ec:fb:
49:eb:c7:a8:a7:29:e2:c6:5d:b7:4d:25:d3:98:c1:
6e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:DC:67:5D:39:6D:1E:31:99:B5:F9:20:44:A1:C6:B7:1C:9C:BD
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/JIncZ105bR4xmbX5IEShxrccnL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.176.0-46.151.180.255
83.142.208.0/24
83.142.210.0-83.142.212.255
83.142.215.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:23:9c:1c:f3:04:e6:54:0f:dc:48:2e:e2:d9:02:de:3f:e8:
76:a7:0c:be:f3:0f:88:7f:26:d7:e0:43:26:1c:a9:af:2d:5b:
d0:a0:cf:70:1a:c7:51:e3:e2:2e:a2:eb:bc:9d:5a:81:01:36:
a2:c0:3d:09:57:c5:8c:80:49:43:81:48:8b:9b:07:ab:9f:ba:
53:fb:6d:c5:09:36:ad:0a:a9:99:24:0e:19:70:6b:b8:95:22:
a5:52:2e:ad:c0:39:6a:d5:0c:75:8b:e2:3d:5c:e4:50:44:c1:
ae:a5:69:73:5c:89:0f:4c:32:92:9d:36:57:31:99:cd:be:f3:
e9:d4:7e:b9:ea:c9:8c:0b:41:29:fd:4e:44:c8:d4:50:71:5c:
95:32:82:80:97:75:fa:a5:11:fb:42:40:07:19:a5:ba:04:db:
1e:92:9c:aa:84:db:0a:aa:69:0f:cd:d4:2a:a8:7a:83:2b:1d:
7f:40:34:d6:0b:5b:04:4a:14:48:d1:c6:d2:32:da:30:e8:41:
b6:1c:aa:2d:59:f3:f4:fb:df:04:9f:de:8f:34:5f:33:50:f9:
5a:9b:03:a6:c4:7d:62:b8:8a:9b:8b:94:43:c0:a9:3a:bc:0e:
07:f1:e3:2f:90:a0:45:aa:79:c0:a2:a8:01:ca:54:4c:ea:a6:
b8:aa:b0:46
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZnXCCB1DixABH9fzUMGrkJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjUxMDEyMDYwNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg5ZGM2NzVkMzk2ZDFlMzE5OWI1ZjkyMDQ0YTFjNmI3MWM5Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviny+GM0zolu0F8+qSPXTCeEdJHG
o0Mllmz0/BG/nGN11uxHdvJRKZW+QjJy+51OUcgXoZfcAe6EUY5AluXOt7p1eAm8
HSUxLULEBbG5tvbdQWB2ijW6kC4oHhvHtVdV+j8AMEZfhrjO+6+Ym5/mJYHeOgBH
XgDjkAXNt1x7YszGO+Z+RjG/36hsi9TdsYNzVEMCgy45vS6LK2nFVd8tUV+tFSBe
m0gPkBL2i48yiaU1TrNEDWLlD+58dQdVfewwNROr2XMiRziIE9AVj0KHo44YY7pv
72G5ZZFmRHTm2tCfu1T2FdnN09UwjpAX7PtJ68eopynixl23TSXTmMFufwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCSJ3GddOW0eMZm1+SBEoca3HJy9MB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvSkluY1oxMDViUjR4bWJYNUlFU2h4cmNjbkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAQul7AD
BAAul7QDBABTjtAwDAMEAVOO0gMEAFOO1AMEAFOO1zANBgkqhkiG9w0BAQsFAAOC
AQEATiOcHPME5lQP3Egu4tkC3j/odqcMvvMPiH8m1+BDJhypry1b0KDPcBrHUePi
LqLrvJ1agQE2osA9CVfFjIBJQ4FIi5sHq5+6U/ttxQk2rQqpmSQOGXBruJUipVIu
rcA5atUMdYviPVzkUETBrqVpc1yJD0wykp02VzGZzb7z6dR+uerJjAtBKf1ORMjU
UHFclTKCgJd1+qUR+0JABxmlugTbHpKcqoTbCqppD83UKqh6gysdf0A01gtbBEoU
SNHG0jLaMOhBthyqLVnz9PvfBJ/ejzRfM1D5WpsDpsR9YriKm4uUQ8CpOrwOB/Hj
L5CgRap5wKKoAcpUTOqmuKqwRg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:44 2025 by rpki-client