Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/sgjR_TQoyxizIzgpiP-8OxPCBvo.roa
File: sgjR_TQoyxizIzgpiP-8OxPCBvo.roa (raw, json)
Hash identifier: iPQU3YE5gJm0+Jc6VvldyH+AsK4ZTxvbcSdICCWexFM=
Subject key identifier: B2:08:D1:FD:34:28:CB:18:B3:23:38:29:88:FF:BC:3B:13:C2:06:FA
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0198A858201C16C7A45D23904922239C6323
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/sgjR_TQoyxizIzgpiP-8OxPCBvo.roa
Signing time: Thu 14 Aug 2025 11:30:04 +0000
ROA not before: Thu 14 Aug 2025 11:30:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42846
IP address blocks: 31.192.212.0/24 maxlen: 24
31.192.214.0/24 maxlen: 24
89.252.134.0/24 maxlen: 24
89.252.137.0/24 maxlen: 24
89.252.138.0/24 maxlen: 24
89.252.151.0/24 maxlen: 24
89.252.159.0/24 maxlen: 24
159.253.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:58:20:1c:16:c7:a4:5d:23:90:49:22:23:9c:63:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Aug 14 11:30:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b208d1fd3428cb18b323382988ffbc3b13c206fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:f3:1c:88:50:68:a0:b2:a5:ed:04:a8:e7:
c6:9a:39:93:92:78:74:38:a5:b7:7c:8a:d2:99:f3:
a3:81:db:84:b6:4e:91:6f:24:1c:7f:03:08:5f:4e:
d7:db:56:f2:13:85:3d:60:12:b6:34:56:ea:17:b8:
b3:3d:a5:ea:ab:93:46:7d:64:14:28:b3:ed:3f:f3:
82:7a:2c:a4:8c:96:49:17:b3:50:ef:18:1a:f3:58:
da:b5:2e:7b:61:23:6a:d4:fe:35:c3:0e:92:e1:a7:
80:41:17:34:01:fd:0a:33:1b:8d:9c:4d:d9:06:1f:
c8:dd:f4:ca:e6:44:8e:0a:03:e1:05:fc:d9:de:21:
40:d7:40:31:28:68:c6:b7:46:ff:74:db:21:21:58:
6c:29:10:28:fc:d1:01:28:ce:05:a1:1a:b2:37:ae:
58:1b:fc:f0:c0:97:64:6a:0c:da:97:73:db:94:0d:
b7:7b:b2:c4:5b:a2:1c:1a:8e:04:d9:a3:5f:7f:66:
47:00:1a:59:0d:2f:22:d0:03:e1:46:b9:9b:05:7e:
1c:c4:f6:af:fe:fa:a3:da:d2:2d:58:2a:10:a9:f4:
af:8b:08:02:31:8d:59:65:f5:48:50:64:9f:68:04:
ab:5a:10:9b:0b:c2:65:3e:63:13:f8:79:78:60:1c:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:08:D1:FD:34:28:CB:18:B3:23:38:29:88:FF:BC:3B:13:C2:06:FA
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/sgjR_TQoyxizIzgpiP-8OxPCBvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.212.0/24
31.192.214.0/24
89.252.134.0/24
89.252.137.0-89.252.138.255
89.252.151.0/24
89.252.159.0/24
159.253.37.0/24
Signature Algorithm: sha256WithRSAEncryption
66:73:27:4f:31:32:c3:7f:f6:3a:ff:b3:de:fd:a2:cc:a8:f5:
3d:d3:01:09:5d:90:56:33:69:a5:b2:34:89:c8:15:27:f9:98:
ce:20:69:06:09:c4:ff:7f:10:dd:43:a7:bd:93:d5:e8:95:0d:
19:7a:e5:1d:e3:84:23:70:10:35:21:d9:83:14:2e:96:04:85:
c3:23:a9:0b:45:6e:d0:7e:b5:3f:b3:72:f6:58:e9:30:d9:29:
05:7d:97:73:c4:0e:79:96:5a:1c:a7:0e:3e:42:c0:21:19:a8:
4b:eb:f2:ad:9a:f8:46:a7:10:2c:7d:f0:fc:6f:bb:1a:a3:e5:
26:ea:d4:8b:9e:47:36:0d:9c:02:e9:b1:f5:ed:b7:04:47:9b:
cb:6a:82:b1:64:30:c6:c1:be:15:44:93:ee:a9:bc:d9:84:27:
a0:53:03:cb:85:30:e0:47:70:0a:5b:36:8e:89:a7:71:34:86:
b0:8e:a8:36:9d:b5:dc:6c:86:27:78:e0:6a:fe:28:bd:53:47:
c7:f2:cf:97:93:92:95:b2:c6:d8:9e:c8:c0:ae:c7:73:89:80:
d3:20:8e:72:a5:68:89:e3:00:5d:13:b1:1a:b6:d9:80:50:8b:
67:f3:fe:b1:ef:56:dd:bd:99:f9:84:42:1d:82:c3:af:7f:07:
b7:15:55:42
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZioWCAcFsekXSOQSSIjnGMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwODE0MTEzMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA4ZDFmZDM0MjhjYjE4YjMyMzM4Mjk4OGZmYmMzYjEzYzIwNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmbzHIhQaKCype0EqOfGmjmTknh0
OKW3fIrSmfOjgduEtk6RbyQcfwMIX07X21byE4U9YBK2NFbqF7izPaXqq5NGfWQU
KLPtP/OCeiykjJZJF7NQ7xga81jatS57YSNq1P41ww6S4aeAQRc0Af0KMxuNnE3Z
Bh/I3fTK5kSOCgPhBfzZ3iFA10AxKGjGt0b/dNshIVhsKRAo/NEBKM4FoRqyN65Y
G/zwwJdkagzal3PblA23e7LEW6IcGo4E2aNff2ZHABpZDS8i0APhRrmbBX4cxPav
/vqj2tItWCoQqfSviwgCMY1ZZfVIUGSfaASrWhCbC8JlPmMT+Hl4YByARwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLII0f00KMsYsyM4KYj/vDsTwgb6MB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvc2dqUl9UUW95eGl6SXpncGlQLThPeFBDQnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAH8DUAwQA
H8DWAwQAWfyGMAwDBABZ/IkDBABZ/IoDBABZ/JcDBABZ/J8DBACf/SUwDQYJKoZI
hvcNAQELBQADggEBAGZzJ08xMsN/9jr/s979osyo9T3TAQldkFYzaaWyNInIFSf5
mM4gaQYJxP9/EN1Dp72T1eiVDRl65R3jhCNwEDUh2YMULpYEhcMjqQtFbtB+tT+z
cvZY6TDZKQV9l3PEDnmWWhynDj5CwCEZqEvr8q2a+EanECx98Pxvuxqj5Sbq1Iue
RzYNnALpsfXttwRHm8tqgrFkMMbBvhVEk+6pvNmEJ6BTA8uFMOBHcApbNo6Jp3E0
hrCOqDadtdxshid44Gr+KL1TR8fyz5eTkpWyxtieyMCux3OJgNMgjnKlaInjAF0T
sRq22YBQi2fz/rHvVt29mfmEQh2Cw69/B7cVVUI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:39:58 2025 by rpki-client