Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/jhxw0eIehEqS3OmVKSiDMo0Z8iQ.roa
File: jhxw0eIehEqS3OmVKSiDMo0Z8iQ.roa (raw, json)
Hash identifier: aqk1SkhMgiFY662QVaJHhd3ujhhP/khjc7OVDJ8gGoI=
Subject key identifier: 8E:1C:70:D1:E2:1E:84:4A:92:DC:E9:95:29:28:83:32:8D:19:F2:24
Certificate issuer: /CN=763e5f06a0dfb616220fb561ec014f14f96aa8da
Certificate serial: 0199C42BA2C5DD1B8CB8C15127BF7DBE1976
Authority key identifier: 76:3E:5F:06:A0:DF:B6:16:22:0F:B5:61:EC:01:4F:14:F9:6A:A8:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj5fBqDfthYiD7Vh7AFPFPlqqNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/jhxw0eIehEqS3OmVKSiDMo0Z8iQ.roa
Signing time: Wed 08 Oct 2025 14:13:38 +0000
ROA not before: Wed 08 Oct 2025 14:13:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201514
IP address blocks: 95.130.4.0/22 maxlen: 22
95.130.4.0/23 maxlen: 23
95.130.4.0/24 maxlen: 24
95.130.5.0/24 maxlen: 24
95.130.6.0/23 maxlen: 23
95.130.6.0/24 maxlen: 24
95.130.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/dj5fBqDfthYiD7Vh7AFPFPlqqNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/dj5fBqDfthYiD7Vh7AFPFPlqqNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dj5fBqDfthYiD7Vh7AFPFPlqqNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c4:2b:a2:c5:dd:1b:8c:b8:c1:51:27:bf:7d:be:19:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763e5f06a0dfb616220fb561ec014f14f96aa8da
Validity
Not Before: Oct 8 14:13:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e1c70d1e21e844a92dce995292883328d19f224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ee:e9:95:14:fd:40:5a:22:b2:68:2d:1c:ff:
03:83:a7:c4:83:26:c9:1b:b5:bb:07:ef:3e:5e:2c:
fe:44:40:aa:97:f2:52:ef:82:9b:66:f1:7f:05:e9:
7a:36:29:c4:82:d8:52:ec:62:6d:86:26:45:97:c8:
d7:e9:8a:e2:48:9c:b1:b5:1d:3f:d5:97:89:78:92:
e4:42:a1:bf:e2:ff:d0:78:75:bc:e0:cd:87:38:df:
e6:5c:aa:8b:b6:de:3d:9d:e1:f8:6a:ab:74:87:f1:
7b:b8:d9:d2:71:e4:e0:e0:0d:5e:c9:f3:6e:63:61:
a7:23:7c:00:06:aa:a6:80:ac:b3:0e:05:ca:38:46:
3a:af:d7:67:e6:f1:14:04:54:c6:29:ec:e5:2c:48:
46:75:43:fc:24:fb:37:7b:d2:0d:2f:9d:6e:71:8a:
d6:e5:3c:8f:c2:4f:73:dd:7a:65:89:e5:d8:ec:57:
56:88:a2:20:f7:dc:28:f5:b3:f6:18:2c:1c:00:72:
9e:ef:2d:e1:b6:41:e6:3c:10:21:ed:17:44:4e:76:
9c:96:77:7c:70:8f:01:84:99:06:c4:00:6e:f6:28:
0d:47:7c:c1:05:c2:67:d8:d5:2e:77:7b:cf:6a:a3:
8a:16:81:23:d0:7c:ac:f1:14:98:dc:bd:0c:e8:28:
77:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1C:70:D1:E2:1E:84:4A:92:DC:E9:95:29:28:83:32:8D:19:F2:24
X509v3 Authority Key Identifier:
keyid:76:3E:5F:06:A0:DF:B6:16:22:0F:B5:61:EC:01:4F:14:F9:6A:A8:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj5fBqDfthYiD7Vh7AFPFPlqqNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/jhxw0eIehEqS3OmVKSiDMo0Z8iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/5ca079-f535-4907-882c-1382c01acc48/1/dj5fBqDfthYiD7Vh7AFPFPlqqNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.4.0/22
Signature Algorithm: sha256WithRSAEncryption
03:f0:3c:ff:05:f9:a0:c7:63:f5:63:30:69:71:f7:8e:4b:0d:
73:5e:be:0c:5c:04:71:ee:82:47:fc:1a:fb:f8:40:59:38:2a:
63:f8:9e:8f:bc:6b:45:8c:d4:ab:ee:b8:92:4f:d0:0b:c7:96:
b4:50:54:41:20:66:ad:c3:ce:cf:41:af:5d:a2:d0:66:6f:60:
e9:9b:e0:57:bd:9f:7e:23:3e:8f:16:56:be:ed:8f:77:8a:92:
50:50:30:83:1b:e1:95:b7:43:e1:95:58:0d:dd:75:9f:24:a3:
33:11:33:b9:05:66:ed:17:d6:45:72:78:aa:ab:ea:3d:98:76:
68:d2:e9:cd:cd:f5:f3:b3:55:92:25:51:a4:32:d7:3e:2d:44:
03:ef:b6:5e:86:8f:e6:f2:7f:bf:04:5a:e8:15:bb:ae:00:c4:
ed:ac:df:e3:3f:e6:ad:a9:06:2d:8e:06:77:f3:97:25:3e:04:
7c:b9:35:46:1c:c2:64:5c:f9:de:62:8e:c7:0b:6d:da:3e:2a:
76:06:ac:14:a6:86:4b:1f:b4:d4:b7:76:ad:47:d7:ff:42:30:
01:44:09:08:95:51:92:9d:d5:f2:ef:da:71:dd:e6:91:04:23:
e7:1c:19:58:90:94:ca:64:bf:10:da:5f:0f:c7:1e:59:de:3c:
85:0b:ff:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnEK6LF3RuMuMFRJ799vhl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2U1ZjA2YTBkZmI2MTYyMjBmYjU2MWVjMDE0ZjE0Zjk2
YWE4ZGEwHhcNMjUxMDA4MTQxMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFjNzBkMWUyMWU4NDRhOTJkY2U5OTUyOTI4ODMzMjhkMTlmMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+7plRT9QFoismgtHP8Dg6fEgybJ
G7W7B+8+Xiz+RECql/JS74KbZvF/Bel6NinEgthS7GJthiZFl8jX6YriSJyxtR0/
1ZeJeJLkQqG/4v/QeHW84M2HON/mXKqLtt49neH4aqt0h/F7uNnSceTg4A1eyfNu
Y2GnI3wABqqmgKyzDgXKOEY6r9dn5vEUBFTGKezlLEhGdUP8JPs3e9INL51ucYrW
5TyPwk9z3XplieXY7FdWiKIg99wo9bP2GCwcAHKe7y3htkHmPBAh7RdETnaclnd8
cI8BhJkGxABu9igNR3zBBcJn2NUud3vPaqOKFoEj0Hys8RSY3L0M6Ch35QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4ccNHiHoRKktzplSkogzKNGfIkMB8GA1UdIwQY
MBaAFHY+Xwag37YWIg+1YewBTxT5aqjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGo1ZkJxRGZ0aFlpRDdWaDdBRlBGUGxxcU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC81Y2EwNzktZjUzNS00OTA3LTg4MmMt
MTM4MmMwMWFjYzQ4LzEvamh4dzBlSWVoRXFTM09tVktTaURNbzBaOGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC81Y2EwNzktZjUzNS00OTA3LTg4MmMtMTM4MmMwMWFjYzQ4
LzEvZGo1ZkJxRGZ0aFlpRDdWaDdBRlBGUGxxcU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX4IEMA0G
CSqGSIb3DQEBCwUAA4IBAQAD8Dz/Bfmgx2P1YzBpcfeOSw1zXr4MXARx7oJH/Br7
+EBZOCpj+J6PvGtFjNSr7riST9ALx5a0UFRBIGatw87PQa9dotBmb2Dpm+BXvZ9+
Iz6PFla+7Y93ipJQUDCDG+GVt0PhlVgN3XWfJKMzETO5BWbtF9ZFcniqq+o9mHZo
0unNzfXzs1WSJVGkMtc+LUQD77Zeho/m8n+/BFroFbuuAMTtrN/jP+atqQYtjgZ3
85clPgR8uTVGHMJkXPneYo7HC23aPip2BqwUpoZLH7TUt3atR9f/QjABRAkIlVGS
ndXy79px3eaRBCPnHBlYkJTKZL8Q2l8Pxx5Z3jyFC/+y
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:16 2025 by rpki-client