Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JJ_K_NeLKiytQwP2y3xHjmsSWLk.roa
File: JJ_K_NeLKiytQwP2y3xHjmsSWLk.roa (raw, json)
Hash identifier: wLRyOwmfNBnmSCoFWLXOeNGBnpfwPNwXZ3AXDAasMd4=
Subject key identifier: 24:9F:CA:FC:D7:8B:2A:2C:AD:43:03:F6:CB:7C:47:8E:6B:12:58:B9
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0199A4E126CA39B4BB8B73CF339C9D3499AC
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JJ_K_NeLKiytQwP2y3xHjmsSWLk.roa
Signing time: Thu 02 Oct 2025 12:24:02 +0000
ROA not before: Thu 02 Oct 2025 12:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 2a12:bec4:1b50::/44 maxlen: 44
2a12:bec4:1bb0::/44 maxlen: 44
2a12:bec4:1d60::/44 maxlen: 44
2a12:bec4:1d70::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:e1:26:ca:39:b4:bb:8b:73:cf:33:9c:9d:34:99:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Oct 2 12:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=249fcafcd78b2a2cad4303f6cb7c478e6b1258b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:e9:a8:ea:79:7c:bb:af:50:c5:95:72:c2:
f6:f5:09:5e:95:e3:82:22:90:2c:f1:31:2b:04:fc:
71:ca:d8:4d:a6:bb:99:1f:94:72:7e:12:7a:c2:90:
93:79:75:e8:63:53:a6:7b:fa:51:5e:35:81:fd:78:
9b:c2:e8:59:36:37:6b:3d:9e:c7:9f:14:d0:7e:81:
ce:e7:de:fa:b9:04:8b:d8:19:6a:57:99:f6:10:00:
81:6d:8b:90:69:17:e5:90:eb:b2:8c:ae:73:70:1d:
dd:a5:e2:de:bd:b7:74:13:d4:41:f6:62:76:5c:f3:
10:64:d2:cb:ae:6b:0d:c9:32:aa:64:e2:a3:70:42:
c5:40:ed:c0:61:a1:9d:19:ba:12:dd:87:7a:68:9a:
e1:bd:bd:83:71:84:91:ed:2c:3e:9d:97:ef:86:50:
0b:1a:07:37:e0:71:a2:f4:80:5b:a0:bd:05:f8:43:
28:fd:d6:ca:19:17:5d:4e:b7:a0:d2:c6:47:b6:a6:
b3:ce:25:84:6d:58:6b:a6:55:6b:61:a1:ce:48:00:
95:c1:0d:0a:2e:89:11:82:e4:82:0f:0c:6b:1e:a8:
6c:67:dd:9b:bf:80:0c:4a:14:44:18:e6:a7:c3:99:
31:fc:cc:1b:7c:5f:4f:e3:4e:f8:82:e9:d8:f9:5d:
9d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9F:CA:FC:D7:8B:2A:2C:AD:43:03:F6:CB:7C:47:8E:6B:12:58:B9
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/JJ_K_NeLKiytQwP2y3xHjmsSWLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1b50::/44
2a12:bec4:1bb0::/44
2a12:bec4:1d60::/43
Signature Algorithm: sha256WithRSAEncryption
27:62:dc:b8:f2:8d:3c:73:f4:3c:c5:c2:66:a3:f7:8d:b4:be:
d9:e9:d7:d6:9d:9e:40:f8:4c:94:80:a1:94:ec:d1:60:c1:8f:
2f:fc:9a:60:d8:e5:d4:03:9f:07:9d:84:94:31:1e:b2:0b:bf:
52:ba:13:a9:09:f4:85:24:46:5c:7b:d5:50:a4:3d:42:36:d6:
54:64:6d:49:51:41:b3:c9:92:ea:19:c2:c5:d9:a2:ed:be:0d:
7a:1e:84:42:b0:33:a9:fc:6f:f8:dc:01:d2:60:46:86:43:b9:
8b:15:b6:b1:ca:5e:bc:84:0b:11:b1:c8:5b:28:9c:1d:bd:93:
5d:9e:05:ee:7b:6b:ae:2f:a2:54:fe:c3:cf:d9:e1:0b:1f:9e:
c7:d5:92:23:27:cb:3b:9c:0e:2b:32:67:31:95:95:cc:c6:eb:
aa:c9:f2:ae:ba:10:a3:07:9a:ec:69:3a:ad:8e:b6:f4:45:6e:
80:f1:a5:9a:fb:5e:71:8d:9a:7c:0c:71:a8:54:a5:72:3a:86:
bf:ef:a6:4f:37:3b:a5:70:73:48:1c:39:22:e9:ac:6a:f1:97:
8c:f1:4a:15:58:3d:e7:b0:27:a6:8d:b1:20:35:3d:cd:52:79:
0c:73:e3:dc:6a:66:c4:18:1e:06:28:1e:75:74:a4:7f:93:35:
03:2f:91:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZmk4SbKObS7i3PPM5ydNJmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUxMDAyMTIyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDlmY2FmY2Q3OGIyYTJjYWQ0MzAzZjZjYjdjNDc4ZTZiMTI1OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtXpqOp5fLuvUMWVcsL29QleleOC
IpAs8TErBPxxythNpruZH5RyfhJ6wpCTeXXoY1Ome/pRXjWB/XibwuhZNjdrPZ7H
nxTQfoHO5976uQSL2BlqV5n2EACBbYuQaRflkOuyjK5zcB3dpeLevbd0E9RB9mJ2
XPMQZNLLrmsNyTKqZOKjcELFQO3AYaGdGboS3Yd6aJrhvb2DcYSR7Sw+nZfvhlAL
Ggc34HGi9IBboL0F+EMo/dbKGRddTreg0sZHtqazziWEbVhrplVrYaHOSACVwQ0K
LokRguSCDwxrHqhsZ92bv4AMShREGOanw5kx/MwbfF9P4074gunY+V2duwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCSfyvzXiyosrUMD9st8R45rEli5MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSkpfS19OZUxLaXl0UXdQMnkzeEhqbXNTV0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKhK+xBtQ
AwcEKhK+xBuwAwcFKhK+xB1gMA0GCSqGSIb3DQEBCwUAA4IBAQAnYty48o08c/Q8
xcJmo/eNtL7Z6dfWnZ5A+EyUgKGU7NFgwY8v/Jpg2OXUA58HnYSUMR6yC79SuhOp
CfSFJEZce9VQpD1CNtZUZG1JUUGzyZLqGcLF2aLtvg16HoRCsDOp/G/43AHSYEaG
Q7mLFbaxyl68hAsRschbKJwdvZNdngXue2uuL6JU/sPP2eELH57H1ZIjJ8s7nA4r
MmcxlZXMxuuqyfKuuhCjB5rsaTqtjrb0RW6A8aWa+15xjZp8DHGoVKVyOoa/76ZP
NzulcHNIHDki6axq8ZeM8UoVWD3nsCemjbEgNT3NUnkMc+PcambEGB4GKB51dKR/
kzUDL5FA
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:09 2025 by rpki-client