Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/2Jpt_1ySpLb9WRqOyyiYnu_PAIA.roa
File: 2Jpt_1ySpLb9WRqOyyiYnu_PAIA.roa (raw, json)
Hash identifier: MdM/wC7dTry3YHnV8Zu6hFD2x4pd0q3/gDiM/ZzZGdU=
Subject key identifier: D8:9A:6D:FF:5C:92:A4:B6:FD:59:1A:8E:CB:28:98:9E:EF:CF:00:80
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 0199A6D5F11B0DCADBEDC9C2AE01BAF861D7
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/2Jpt_1ySpLb9WRqOyyiYnu_PAIA.roa
Signing time: Thu 02 Oct 2025 21:31:02 +0000
ROA not before: Thu 02 Oct 2025 21:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139659
IP address blocks: 45.136.12.0/22 maxlen: 24
45.144.136.0/24 maxlen: 24
45.144.137.0/24 maxlen: 24
45.144.138.0/24 maxlen: 24
45.145.228.0/24 maxlen: 24
45.145.229.0/24 maxlen: 24
45.152.64.0/24 maxlen: 24
45.152.65.0/24 maxlen: 24
45.152.66.0/24 maxlen: 24
45.152.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a6:d5:f1:1b:0d:ca:db:ed:c9:c2:ae:01:ba:f8:61:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Oct 2 21:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d89a6dff5c92a4b6fd591a8ecb28989eefcf0080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:05:b6:2d:d9:cc:4e:9b:2f:12:03:04:b0:5b:
07:9e:57:5b:b3:0b:03:db:7a:39:55:38:ea:5c:0d:
5b:d3:41:d0:36:fb:2a:8c:96:cd:10:36:73:f2:18:
70:7f:6c:78:b7:ca:44:59:7f:81:e9:eb:a9:37:e5:
50:cf:62:6c:fc:e2:60:69:56:0b:f2:7e:a7:bb:43:
7e:ea:37:03:dd:81:f2:fb:04:8d:e8:3c:f2:ea:de:
73:59:59:4d:78:08:01:43:09:15:77:20:d7:a2:63:
b8:80:1d:78:ed:63:b2:1e:7c:4c:ce:ba:eb:1f:c9:
b5:77:3a:e1:bc:f6:d8:2b:15:e5:43:bd:a2:75:fd:
46:98:fc:a4:4e:17:d0:29:a2:57:d2:8e:a5:48:3a:
33:e8:3d:1d:71:3e:c1:ca:40:1f:19:3b:d9:a3:c6:
b2:f9:f6:e2:38:11:b8:55:0e:b0:f4:18:f9:48:e7:
0b:c0:67:fa:fc:90:cc:e0:3c:ae:ef:5a:33:d0:7d:
28:25:75:18:7b:1c:06:17:4d:f0:44:db:ac:0c:67:
42:fe:d4:8e:42:de:d7:9f:f9:68:9c:5c:b7:ae:f2:
72:cd:ec:c2:19:72:1f:6a:c0:f5:28:d9:13:ae:59:
91:fe:68:6e:3f:e6:21:e7:c1:7e:0e:e6:91:26:06:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:9A:6D:FF:5C:92:A4:B6:FD:59:1A:8E:CB:28:98:9E:EF:CF:00:80
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/2Jpt_1ySpLb9WRqOyyiYnu_PAIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/22
45.144.136.0-45.144.138.255
45.145.228.0/23
45.152.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:dd:ec:af:34:0d:05:e2:ac:40:a4:5f:d7:57:9a:d5:ce:67:
43:60:74:1f:8e:ab:40:8e:98:4a:58:d3:10:e1:8b:41:46:ee:
31:db:7b:e0:75:09:cb:cf:6b:b7:af:52:6d:38:32:d5:03:09:
60:f0:5b:16:11:59:fe:19:6e:c0:6f:23:ba:02:70:97:ae:44:
9f:ad:00:3d:dd:4d:34:5f:af:72:40:3c:ec:5d:79:08:d4:cb:
07:da:a9:d0:c2:e8:76:5e:aa:90:01:e9:4d:64:2c:12:e2:98:
12:d0:e3:14:90:c2:1e:40:bf:12:d7:a0:1f:67:f4:e5:c7:a2:
9d:b9:d8:c0:43:ab:e8:b6:f4:eb:4a:ae:b2:2a:59:39:e8:f3:
3b:a5:c4:d5:f3:50:3b:53:c5:d4:b2:2c:7a:01:58:1b:4c:f1:
ad:10:cc:e2:98:a6:59:56:27:62:57:36:3c:da:c3:64:e1:6c:
12:63:1e:e0:80:e6:7f:f9:ba:67:20:e2:4b:88:ad:64:c6:2c:
ed:76:ff:f1:e4:3b:a2:aa:b9:34:c4:2a:44:d4:d8:6a:d9:79:
9f:e8:bd:8b:15:52:92:14:fe:29:16:0d:2b:4e:61:ea:a6:0d:
37:df:62:2a:97:ca:85:13:a5:d4:a1:83:cf:96:6d:d6:a2:58:
37:b6:ec:1d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZmm1fEbDcrb7cnCrgG6+GHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUxMDAyMjEzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODlhNmRmZjVjOTJhNGI2ZmQ1OTFhOGVjYjI4OTg5ZWVmY2YwMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAW2LdnMTpsvEgMEsFsHnldbswsD
23o5VTjqXA1b00HQNvsqjJbNEDZz8hhwf2x4t8pEWX+B6eupN+VQz2Js/OJgaVYL
8n6nu0N+6jcD3YHy+wSN6Dzy6t5zWVlNeAgBQwkVdyDXomO4gB147WOyHnxMzrrr
H8m1dzrhvPbYKxXlQ72idf1GmPykThfQKaJX0o6lSDoz6D0dcT7BykAfGTvZo8ay
+fbiOBG4VQ6w9Bj5SOcLwGf6/JDM4Dyu71oz0H0oJXUYexwGF03wRNusDGdC/tSO
Qt7Xn/lonFy3rvJyzezCGXIfasD1KNkTrlmR/mhuP+Yh58F+DuaRJgZQxwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNiabf9ckqS2/VkajssomJ7vzwCAMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvMkpwdF8xeVNwTGI5V1JxT3l5aVludV9QQUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLYgMMAwD
BAMtkIgDBAAtkIoDBAEtkeQDBAItmEAwDQYJKoZIhvcNAQELBQADggEBAKXd7K80
DQXirECkX9dXmtXOZ0NgdB+Oq0COmEpY0xDhi0FG7jHbe+B1CcvPa7evUm04MtUD
CWDwWxYRWf4ZbsBvI7oCcJeuRJ+tAD3dTTRfr3JAPOxdeQjUywfaqdDC6HZeqpAB
6U1kLBLimBLQ4xSQwh5AvxLXoB9n9OXHop252MBDq+i29OtKrrIqWTno8zulxNXz
UDtTxdSyLHoBWBtM8a0QzOKYpllWJ2JXNjzaw2ThbBJjHuCA5n/5umcg4kuIrWTG
LO12//HkO6KquTTEKkTU2GrZeZ/ovYsVUpIU/ikWDStOYeqmDTffYiqXyoUTpdSh
g8+WbdaiWDe27B0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:51 2025 by rpki-client