Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JN4CxrX31uIfsYcUPwEf_pvAMbc.roa
File: JN4CxrX31uIfsYcUPwEf_pvAMbc.roa (raw, json)
Hash identifier: x5dS8lVGit2bGfSoepOTf9D/8I0FybiZV67V7hkt09A=
Subject key identifier: 24:DE:02:C6:B5:F7:D6:E2:1F:B1:87:14:3F:01:1F:FE:9B:C0:31:B7
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0197BB8B119AB1196AE92935D1DC21FCACD7
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JN4CxrX31uIfsYcUPwEf_pvAMbc.roa
Signing time: Sun 29 Jun 2025 11:55:42 +0000
ROA not before: Sun 29 Jun 2025 11:55:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 45.141.233.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bb:8b:11:9a:b1:19:6a:e9:29:35:d1:dc:21:fc:ac:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 29 11:55:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24de02c6b5f7d6e21fb187143f011ffe9bc031b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5d:7c:03:a1:2d:fb:a8:3c:7e:65:0d:a7:05:
48:d8:21:7c:82:b6:97:e5:a6:8c:0d:0a:a7:34:83:
db:3c:65:00:ab:8b:8e:da:bf:64:51:a4:e9:f6:32:
c6:14:56:50:cd:70:55:ef:40:7b:77:19:3a:31:61:
3a:a1:42:7c:d6:8a:b6:55:66:4d:9c:f7:84:f7:5d:
10:ed:51:46:34:13:1e:c9:a1:22:67:0c:f0:01:d2:
bc:ba:0d:87:ae:6d:11:10:eb:c5:b7:fd:4f:77:ed:
06:73:a0:38:46:8b:ba:1a:3c:9c:9c:2c:f7:04:bf:
c4:e7:fd:97:36:0d:ac:34:3d:e3:9b:d7:e3:a4:9d:
f6:f7:3f:da:63:65:f5:6f:d0:2c:20:e6:bb:1a:d8:
27:68:8e:72:a5:01:7e:a2:65:7e:fd:c0:00:21:bb:
04:70:4c:33:ac:40:4d:91:c2:c7:cb:2e:3c:87:1f:
ab:c6:7e:e3:3c:06:75:dc:55:9b:58:aa:32:36:d8:
5c:93:eb:9d:be:1d:23:fe:85:cb:de:0d:bf:6d:2a:
1a:83:96:b2:2d:73:82:68:af:bb:b2:93:72:bc:b9:
5a:16:de:e6:af:7d:af:e9:37:3f:75:0f:91:0b:87:
e4:29:5f:36:2b:96:06:d1:2f:e1:84:f6:21:61:6e:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DE:02:C6:B5:F7:D6:E2:1F:B1:87:14:3F:01:1F:FE:9B:C0:31:B7
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JN4CxrX31uIfsYcUPwEf_pvAMbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0/24
78.159.156.0/24
94.26.90.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c9:7e:67:88:3b:f4:b6:29:9c:e8:46:01:65:79:18:9a:4f:
5f:f1:0e:ab:23:35:4e:27:28:c1:bf:d9:ba:63:aa:74:e3:4f:
18:73:28:a4:fd:82:b0:29:d9:22:75:04:3c:a7:1d:b4:15:e4:
99:9a:1a:e9:55:17:fe:6a:67:56:ae:51:2f:4c:f6:90:60:69:
bb:8f:56:17:22:88:9b:d9:12:4c:e8:2e:70:24:65:c7:6b:bd:
7e:40:16:43:d3:12:4c:6a:4a:be:7e:44:5c:59:19:22:0d:10:
79:23:6f:12:e7:ee:0c:32:b1:57:bc:c5:ec:1b:3b:b1:f1:c5:
49:5a:c6:4b:a7:b1:3b:a8:47:b1:a9:f5:f5:07:ca:45:67:70:
39:f1:32:9c:19:e7:52:02:0e:5a:f7:37:b3:22:b1:7a:e0:fc:
b8:89:bd:53:e9:68:6a:ff:56:71:67:ef:15:4f:39:05:fa:68:
8d:7b:ff:03:c2:6c:4d:48:94:06:cd:f6:02:34:fb:9d:25:44:
95:6a:a6:b7:38:e3:a5:3f:48:c3:28:d3:f9:6f:ed:00:91:13:
d9:90:30:b0:70:a7:ec:7c:c4:3e:5b:3b:76:52:1f:17:a5:74:
c0:67:95:1f:7d:af:72:d6:dc:4d:04:80:fb:e4:45:bf:4c:87:
63:e2:27:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZe7ixGasRlq6Sk10dwh/KzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNjI5MTE1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRlMDJjNmI1ZjdkNmUyMWZiMTg3MTQzZjAxMWZmZTliYzAzMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl18A6Et+6g8fmUNpwVI2CF8graX
5aaMDQqnNIPbPGUAq4uO2r9kUaTp9jLGFFZQzXBV70B7dxk6MWE6oUJ81oq2VWZN
nPeE910Q7VFGNBMeyaEiZwzwAdK8ug2Hrm0REOvFt/1Pd+0Gc6A4Rou6GjycnCz3
BL/E5/2XNg2sND3jm9fjpJ329z/aY2X1b9AsIOa7GtgnaI5ypQF+omV+/cAAIbsE
cEwzrEBNkcLHyy48hx+rxn7jPAZ13FWbWKoyNthck+udvh0j/oXL3g2/bSoag5ay
LXOCaK+7spNyvLlaFt7mr32v6Tc/dQ+RC4fkKV82K5YG0S/hhPYhYW60XwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCTeAsa199biH7GHFD8BH/6bwDG3MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvSk40Q3hyWDMxdUlmc1ljVVB3RWZfcHZBTWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY3pAwQA
Tp+cAwQAXhpaMA0GCSqGSIb3DQEBCwUAA4IBAQAJyX5niDv0timc6EYBZXkYmk9f
8Q6rIzVOJyjBv9m6Y6p0408Ycyik/YKwKdkidQQ8px20FeSZmhrpVRf+amdWrlEv
TPaQYGm7j1YXIoib2RJM6C5wJGXHa71+QBZD0xJMakq+fkRcWRkiDRB5I28S5+4M
MrFXvMXsGzux8cVJWsZLp7E7qEexqfX1B8pFZ3A58TKcGedSAg5a9zezIrF64Py4
ib1T6Whq/1ZxZ+8VTzkF+miNe/8DwmxNSJQGzfYCNPudJUSVaqa3OOOlP0jDKNP5
b+0AkRPZkDCwcKfsfMQ+Wzt2Uh8XpXTAZ5Uffa9y1txNBID75EW/TIdj4idx
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:01:19 2025 by rpki-client