Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/JKGv7JswQLjbC19dE9o5h0g8JIk.roa
File: JKGv7JswQLjbC19dE9o5h0g8JIk.roa (raw, json)
Hash identifier: lD7tHzbRlXXakgNULkZ7gsS4NThjWVn11kLT8eGgblU=
Subject key identifier: 24:A1:AF:EC:9B:30:40:B8:DB:0B:5F:5D:13:DA:39:87:48:3C:24:89
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 019804D29F8B6199CD21BEB6B3E5278D0035
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/JKGv7JswQLjbC19dE9o5h0g8JIk.roa
Signing time: Sun 13 Jul 2025 17:26:08 +0000
ROA not before: Sun 13 Jul 2025 17:26:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49287
IP address blocks: 5.188.174.0/24 maxlen: 24
5.188.175.0/24 maxlen: 24
91.192.82.0/24 maxlen: 24
93.189.59.0/24 maxlen: 24
109.122.206.0/24 maxlen: 24
185.224.251.0/24 maxlen: 24
213.111.134.0/24 maxlen: 24
213.111.135.0/24 maxlen: 24
213.111.140.0/24 maxlen: 24
213.111.141.0/24 maxlen: 24
213.183.34.0/24 maxlen: 24
213.183.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:04:d2:9f:8b:61:99:cd:21:be:b6:b3:e5:27:8d:00:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jul 13 17:26:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24a1afec9b3040b8db0b5f5d13da3987483c2489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:db:c0:2d:f6:d4:54:88:35:37:9b:3b:99:57:
ec:3e:56:a3:f0:22:52:75:1f:6e:18:cf:c1:e5:5b:
69:c4:e9:30:af:c6:2e:3b:40:9a:70:41:ce:2c:3e:
78:ac:02:8c:22:e0:f5:3a:09:38:7c:56:ef:6e:eb:
3b:97:3d:e7:db:c6:2d:08:1f:51:0a:1c:25:91:a3:
82:7b:d7:52:eb:15:f2:18:f7:74:b1:33:bd:c8:21:
17:5d:3a:b3:58:eb:8d:12:c1:ba:fd:75:59:f5:e7:
11:cd:2d:85:41:89:c9:e2:e2:75:02:f5:7e:82:8c:
c4:31:f5:e7:9b:be:c7:70:3c:3d:ea:e0:27:41:22:
64:9d:46:19:52:13:88:f5:a9:b6:7e:f6:d3:f6:1a:
1f:14:ff:78:e5:9f:a4:a7:b2:ef:59:8c:4b:95:49:
22:07:50:2d:d5:cf:ea:8d:e2:74:7e:80:43:44:50:
35:85:ac:de:4a:5f:a0:e1:8e:66:cf:4a:57:c9:1d:
62:ef:62:4c:ec:de:b9:a5:4a:f0:64:97:90:5e:6c:
16:77:d8:18:34:66:66:b1:e6:cd:aa:09:3f:8f:cd:
19:1c:d5:27:67:53:b0:f1:21:30:f6:a7:38:02:17:
17:dc:e6:1c:3f:90:c8:9b:35:8c:f7:37:e9:99:6c:
2a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A1:AF:EC:9B:30:40:B8:DB:0B:5F:5D:13:DA:39:87:48:3C:24:89
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/JKGv7JswQLjbC19dE9o5h0g8JIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.174.0/23
91.192.82.0/24
93.189.59.0/24
109.122.206.0/24
185.224.251.0/24
213.111.134.0/23
213.111.140.0/23
213.183.34.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:29:89:a4:8b:d8:76:60:32:ca:eb:d2:e3:54:f1:af:e2:0c:
68:a7:1b:58:d8:d7:51:d9:be:95:c4:c6:3c:32:dd:4d:6a:c4:
c4:49:5a:b0:e3:67:4e:33:16:1c:4a:22:ab:10:3c:c1:d9:38:
26:eb:f0:12:18:ff:d7:a0:0a:22:43:ed:62:56:24:f2:df:eb:
bb:1d:e0:18:c7:d0:c1:45:2f:38:18:40:bb:8f:d6:9b:38:68:
3d:cb:06:2b:32:3d:69:c2:45:99:72:21:65:5a:0b:ce:c2:6c:
2d:3b:64:46:c2:ea:46:40:f4:f7:65:83:8b:ba:6f:e6:06:73:
d6:b9:4d:45:c0:2a:09:d5:f7:6a:67:9e:19:2b:f0:43:26:ab:
f4:32:9e:c0:f9:ad:d7:b0:80:51:40:22:30:0a:9f:81:81:0b:
54:5f:e3:5f:9b:e6:fd:cc:0b:a2:62:72:81:fc:da:01:ea:94:
4e:9a:41:88:82:78:7c:ff:b7:e4:e1:ed:21:1c:c7:7b:76:18:
cd:89:82:65:2d:9b:5b:43:ce:81:04:47:27:91:c1:1f:19:63:
f3:a4:e9:d7:14:a6:f1:b5:d2:5f:0b:45:32:78:cb:7a:1a:f3:
4e:49:ee:cd:b8:48:68:07:f1:73:78:78:39:93:78:6e:44:f8:
fb:eb:74:6e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgE0p+LYZnNIb62s+UnjQA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwNzEzMTcyNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGExYWZlYzliMzA0MGI4ZGIwYjVmNWQxM2RhMzk4NzQ4M2MyNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9vALfbUVIg1N5s7mVfsPlaj8CJS
dR9uGM/B5VtpxOkwr8YuO0CacEHOLD54rAKMIuD1Ogk4fFbvbus7lz3n28YtCB9R
ChwlkaOCe9dS6xXyGPd0sTO9yCEXXTqzWOuNEsG6/XVZ9ecRzS2FQYnJ4uJ1AvV+
gozEMfXnm77HcDw96uAnQSJknUYZUhOI9am2fvbT9hofFP945Z+kp7LvWYxLlUki
B1At1c/qjeJ0foBDRFA1hazeSl+g4Y5mz0pXyR1i72JM7N65pUrwZJeQXmwWd9gY
NGZmsebNqgk/j80ZHNUnZ1Ow8SEw9qc4AhcX3OYcP5DImzWM9zfpmWwqYQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCShr+ybMEC42wtfXRPaOYdIPCSJMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvSktHdjdKc3dRTGpiQzE5ZEU5bzVoMGc4SklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBbyuAwQA
W8BSAwQAXb07AwQAbXrOAwQAueD7AwQB1W+GAwQB1W+MAwQB1bciMA0GCSqGSIb3
DQEBCwUAA4IBAQCMKYmki9h2YDLK69LjVPGv4gxopxtY2NdR2b6VxMY8Mt1NasTE
SVqw42dOMxYcSiKrEDzB2Tgm6/ASGP/XoAoiQ+1iViTy3+u7HeAYx9DBRS84GEC7
j9abOGg9ywYrMj1pwkWZciFlWgvOwmwtO2RGwupGQPT3ZYOLum/mBnPWuU1FwCoJ
1fdqZ54ZK/BDJqv0Mp7A+a3XsIBRQCIwCp+BgQtUX+Nfm+b9zAuiYnKB/NoB6pRO
mkGIgnh8/7fk4e0hHMd7dhjNiYJlLZtbQ86BBEcnkcEfGWPzpOnXFKbxtdJfC0Uy
eMt6GvNOSe7NuEhoB/FzeHg5k3huRPj763Ru
-----END CERTIFICATE-----
Generated at Thu Jul 17 11:14:29 2025 by rpki-client