Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/JHPfdmZ9_Y7nWvY0D-d0lDb96Vg.roa
File: JHPfdmZ9_Y7nWvY0D-d0lDb96Vg.roa (raw, json)
Hash identifier: gf2XByKnGE8jJhVC4HR5cPA59ppt1RRzDD6FJs3YMQ0=
Subject key identifier: 24:73:DF:76:66:7D:FD:8E:E7:5A:F6:34:0F:E7:74:94:36:FD:E9:58
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 0198C2C98884EC763835268F6BDF1EDB9B2C
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/JHPfdmZ9_Y7nWvY0D-d0lDb96Vg.roa
Signing time: Tue 19 Aug 2025 14:44:04 +0000
ROA not before: Tue 19 Aug 2025 14:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202623
IP address blocks: 141.101.64.0/24 maxlen: 24
141.101.91.0/24 maxlen: 24
2a06:98c0:1400::/48 maxlen: 48
2a06:98c0:1401::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:360e::/48 maxlen: 48
2a06:98c0:3612::/48 maxlen: 48
2a06:98c0:3616::/48 maxlen: 48
2a06:98c0:3622::/48 maxlen: 48
2a06:98c0:3626::/48 maxlen: 48
2a06:98c0:3627::/48 maxlen: 48
2a06:98c0:362b::/48 maxlen: 48
2a06:98c0:362c::/48 maxlen: 48
2a06:98c0:362d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c2:c9:88:84:ec:76:38:35:26:8f:6b:df:1e:db:9b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Aug 19 14:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2473df76667dfd8ee75af6340fe7749436fde958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:65:84:28:a6:0b:fc:cb:47:9a:a6:61:50:
5b:ec:97:a2:2a:eb:c1:b0:ac:70:a2:16:43:3d:a5:
12:e3:6b:d3:9d:7d:e7:00:6e:1c:22:69:2d:b9:51:
35:e2:e3:65:da:05:4a:f9:19:90:ec:c4:15:db:17:
a9:d6:ae:54:88:02:f6:f9:1d:49:02:4a:bd:0e:2f:
e3:f5:38:8a:eb:a9:5a:df:14:05:af:62:f5:ff:6b:
f6:43:ba:60:ff:0e:22:49:fc:fa:95:a2:cf:38:ef:
61:c4:6f:9d:12:77:e6:9f:80:38:96:65:5d:74:7f:
19:a0:25:78:a2:c5:7f:fa:96:5a:71:fc:8e:51:e3:
fd:03:3d:09:7d:ce:45:85:3d:24:4b:8b:74:6b:87:
d1:f2:7e:9f:42:05:02:fa:1a:72:0a:f4:7b:4f:2b:
ff:54:f1:a9:a0:da:76:54:b7:55:c3:02:45:8a:b5:
35:6a:bd:05:e1:a3:99:b4:93:3d:56:f8:cb:c8:9e:
0a:cf:e9:b8:8d:35:ac:6d:5a:35:c5:00:62:d0:54:
9e:da:e5:17:99:7d:49:0d:8c:ca:6f:28:93:cb:34:
17:52:5e:f1:8a:3c:f5:8d:ca:58:2f:54:62:3b:c7:
37:6d:a6:ee:03:61:af:dc:1e:82:1c:d5:c5:81:ba:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:73:DF:76:66:7D:FD:8E:E7:5A:F6:34:0F:E7:74:94:36:FD:E9:58
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/JHPfdmZ9_Y7nWvY0D-d0lDb96Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.64.0/24
141.101.91.0/24
IPv6:
2a06:98c0:1400::/47
2a06:98c0:3602::-2a06:98c0:3607:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360e::/48
2a06:98c0:3612::/48
2a06:98c0:3616::/48
2a06:98c0:3622::/48
2a06:98c0:3626::/47
2a06:98c0:362b::-2a06:98c0:362d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:34:3f:95:f4:d4:eb:47:bc:69:ee:28:02:fd:c6:a4:05:b5:
13:b7:72:53:a5:58:8d:b9:2f:fd:b9:c0:62:da:c0:e2:7a:88:
f2:23:36:f2:fe:04:06:82:5f:76:51:6f:5e:2b:dd:46:d0:8e:
bd:4e:ff:df:e8:4e:1d:1a:c1:76:13:59:36:ea:eb:9a:59:65:
38:91:a3:c2:90:da:84:5c:11:36:75:47:29:45:57:47:3a:f8:
cc:23:7d:dc:06:a0:47:51:32:c2:d3:fc:d7:5c:70:fe:e4:08:
9d:ab:12:23:ea:bb:57:ce:b6:6b:91:7f:e5:08:82:58:b3:1a:
8d:65:32:ac:41:2c:0a:ad:83:c7:0f:f9:78:0e:d2:a0:63:5e:
7d:a2:20:25:f3:f5:39:2a:49:58:b1:44:d7:d5:29:ac:6a:fc:
42:a7:e3:82:28:7b:91:b8:1e:70:5e:05:ac:79:ce:00:38:df:
9e:6b:96:67:3f:23:72:2e:a2:e9:b4:15:e5:68:1f:ef:0d:b2:
ca:24:50:3b:4a:be:de:f9:c5:16:dc:aa:52:43:f3:07:f8:d7:
0b:e4:37:d2:ff:ee:0c:02:a5:db:9d:cc:c7:08:6d:c4:7a:49:
31:d5:b0:37:ed:7b:4e:78:46:ee:ea:e0:82:e9:4c:33:26:d4:
5c:ac:a1:30
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZjCyYiE7HY4NSaPa98e25ssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjUwODE5MTQ0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDczZGY3NjY2N2RmZDhlZTc1YWY2MzQwZmU3NzQ5NDM2ZmRlOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjdlhCimC/zLR5qmYVBb7JeiKuvB
sKxwohZDPaUS42vTnX3nAG4cImktuVE14uNl2gVK+RmQ7MQV2xep1q5UiAL2+R1J
Akq9Di/j9TiK66la3xQFr2L1/2v2Q7pg/w4iSfz6laLPOO9hxG+dEnfmn4A4lmVd
dH8ZoCV4osV/+pZacfyOUeP9Az0Jfc5FhT0kS4t0a4fR8n6fQgUC+hpyCvR7Tyv/
VPGpoNp2VLdVwwJFirU1ar0F4aOZtJM9VvjLyJ4Kz+m4jTWsbVo1xQBi0FSe2uUX
mX1JDYzKbyiTyzQXUl7xijz1jcpYL1RiO8c3babuA2Gv3B6CHNXFgbrPAQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFCRz33Zmff2O51r2NA/ndJQ2/elYMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvSkhQZmRtWjlfWTduV3ZZMEQtZDBsRGI5NlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowEgQCAAEwDAMEAI1lQAME
AI1lWzBkBAIAAjBeAwcBKgaYwBQAMBIDBwEqBpjANgIDBwMqBpjANgADBwAqBpjA
Ng4DBwAqBpjANhIDBwAqBpjANhYDBwAqBpjANiIDBwEqBpjANiYwEgMHACoGmMA2
KwMHASoGmMA2LDANBgkqhkiG9w0BAQsFAAOCAQEAazQ/lfTU60e8ae4oAv3GpAW1
E7dyU6VYjbkv/bnAYtrA4nqI8iM28v4EBoJfdlFvXivdRtCOvU7/3+hOHRrBdhNZ
NurrmlllOJGjwpDahFwRNnVHKUVXRzr4zCN93AagR1EywtP811xw/uQInasSI+q7
V862a5F/5QiCWLMajWUyrEEsCq2Dxw/5eA7SoGNefaIgJfP1OSpJWLFE19UprGr8
Qqfjgih7kbgecF4FrHnOADjfnmuWZz8jci6i6bQV5Wgf7w2yyiRQO0q+3vnFFtyq
UkPzB/jXC+Q30v/uDAKl253MxwhtxHpJMdWwN+17TnhG7urggulMMybUXKyhMA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:17:54 2025 by rpki-client