Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/jpcOzJlD5DNOBR0PvFka9EhBs6c.roa
File: jpcOzJlD5DNOBR0PvFka9EhBs6c.roa (raw, json)
Hash identifier: BgC9FPq25CFFYRb5W+esR5XkAJuLVqKyZBOpB4qwDEM=
Subject key identifier: 8E:97:0E:CC:99:43:E4:33:4E:05:1D:0F:BC:59:1A:F4:48:41:B3:A7
Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Certificate serial: 0198C7A2FC4947525BEC9DA7584CA0E93DC9
Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/jpcOzJlD5DNOBR0PvFka9EhBs6c.roa
Signing time: Wed 20 Aug 2025 13:20:04 +0000
ROA not before: Wed 20 Aug 2025 13:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214785
IP address blocks: 195.190.130.0/24 maxlen: 24
195.190.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:a2:fc:49:47:52:5b:ec:9d:a7:58:4c:a0:e9:3d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Validity
Not Before: Aug 20 13:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e970ecc9943e4334e051d0fbc591af44841b3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a5:71:a2:f1:c2:f9:b5:c9:32:b5:09:e8:1a:
a6:c0:85:df:69:9a:c2:13:4f:91:14:db:d3:7e:49:
65:79:49:3d:ba:16:16:89:07:3d:e4:cb:30:0b:99:
0f:ed:65:d5:c1:58:78:21:44:2f:6d:aa:a7:6b:6e:
26:62:ef:0f:af:96:5f:59:1f:e8:61:72:65:f6:6b:
99:5c:ba:c9:d1:07:e9:5a:4f:36:c7:5e:1a:1d:1e:
68:f6:1a:b6:a5:f9:d2:3f:9f:2a:ed:89:11:a0:a0:
c7:d8:18:b9:ec:e9:8a:e7:2a:79:5b:f1:3e:00:41:
c4:6d:b8:bb:93:08:d7:2f:be:54:a1:82:f0:c9:b4:
d9:13:09:16:c2:54:39:ee:a7:ad:0f:ff:65:88:b7:
41:c3:d1:9f:cb:a6:a0:f4:42:fc:36:e1:26:6b:c1:
e0:0d:34:d5:79:5e:4d:16:7d:0a:ee:61:12:d6:98:
32:1b:8c:c9:96:f7:b2:2c:7c:3f:40:4d:53:12:d3:
95:ab:ca:6b:e2:44:21:e1:2f:6b:4f:2c:7d:aa:40:
6d:23:5e:48:3e:86:25:c1:6c:49:a7:ac:00:2c:8a:
94:97:4d:0a:13:4b:98:f0:70:df:74:ea:14:60:9c:
a4:cc:2b:23:eb:64:f1:c0:a1:32:fb:5b:5f:f9:7a:
c8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:97:0E:CC:99:43:E4:33:4E:05:1D:0F:BC:59:1A:F4:48:41:B3:A7
X509v3 Authority Key Identifier:
keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/jpcOzJlD5DNOBR0PvFka9EhBs6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.130.0/24
195.190.139.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4c:66:25:77:98:ca:7d:ae:44:46:3d:26:ad:e6:08:0b:63:
ff:b1:5d:01:07:f0:d5:bb:1f:44:6c:c3:77:4f:e1:24:9a:1c:
99:55:53:7d:81:01:3f:2b:a7:cc:59:54:9a:50:32:5f:f6:17:
11:8e:93:6f:fc:7a:18:ca:5c:29:dd:9d:26:ca:a6:3b:fb:5b:
eb:44:e6:bc:ff:52:3f:37:54:80:4a:d4:70:ec:fe:57:08:1a:
0f:cd:95:69:8d:97:e7:7f:06:ea:d8:b9:ba:ac:12:5a:a9:95:
57:d4:ec:87:21:c4:8c:f2:df:57:a4:59:6a:f0:77:90:21:e9:
77:d3:7a:68:44:3c:22:74:20:6c:7e:da:49:45:3f:46:e0:02:
eb:a3:50:40:08:c3:9b:b5:3d:77:15:1d:1a:8f:b4:64:dd:bd:
61:71:3c:68:e9:c5:f7:d4:84:1f:a4:e6:a2:7b:fc:c2:02:66:
f9:53:8c:bb:b0:d1:8b:e1:47:49:37:6f:10:9c:3a:ed:9e:23:
5a:67:07:ca:ae:9e:fd:f5:b2:52:db:17:f3:d6:ee:71:6b:d3:
1c:1d:ab:f2:52:bf:da:91:5f:81:d8:1f:f7:39:3d:39:25:bf:
d0:d6:c3:c9:01:cc:0b:1b:17:00:cd:e5:97:30:0f:9a:55:ce:
bc:5f:65:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjHovxJR1Jb7J2nWEyg6T3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh
Y2VmZjkwHhcNMjUwODIwMTMyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTk3MGVjYzk5NDNlNDMzNGUwNTFkMGZiYzU5MWFmNDQ4NDFiM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6VxovHC+bXJMrUJ6BqmwIXfaZrC
E0+RFNvTfklleUk9uhYWiQc95MswC5kP7WXVwVh4IUQvbaqna24mYu8Pr5ZfWR/o
YXJl9muZXLrJ0QfpWk82x14aHR5o9hq2pfnSP58q7YkRoKDH2Bi57OmK5yp5W/E+
AEHEbbi7kwjXL75UoYLwybTZEwkWwlQ57qetD/9liLdBw9Gfy6ag9EL8NuEma8Hg
DTTVeV5NFn0K7mES1pgyG4zJlveyLHw/QE1TEtOVq8pr4kQh4S9rTyx9qkBtI15I
PoYlwWxJp6wALIqUl00KE0uY8HDfdOoUYJykzCsj62TxwKEy+1tf+XrIZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI6XDsyZQ+QzTgUdD7xZGvRIQbOnMB8GA1UdIwQY
MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt
Zjk1ZjY2ZDYwNTVjLzEvanBjT3pKbEQ1RE5PQlIwUHZGa2E5RWhCczZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj
LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw76CAwQA
w76LMA0GCSqGSIb3DQEBCwUAA4IBAQBmTGYld5jKfa5ERj0mreYIC2P/sV0BB/DV
ux9EbMN3T+EkmhyZVVN9gQE/K6fMWVSaUDJf9hcRjpNv/HoYylwp3Z0myqY7+1vr
ROa8/1I/N1SAStRw7P5XCBoPzZVpjZfnfwbq2Lm6rBJaqZVX1OyHIcSM8t9XpFlq
8HeQIel303poRDwidCBsftpJRT9G4ALro1BACMObtT13FR0aj7Rk3b1hcTxo6cX3
1IQfpOaie/zCAmb5U4y7sNGL4UdJN28QnDrtniNaZwfKrp799bJS2xfz1u5xa9Mc
HavyUr/akV+B2B/3OT05Jb/Q1sPJAcwLGxcAzeWXMA+aVc68X2WU
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:33:42 2025 by rpki-client