Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j4qMrNazE4U-55TjMmv1LIDcc_A.roa
File: j4qMrNazE4U-55TjMmv1LIDcc_A.roa (raw, json)
Hash identifier: Gj4NvJCKAdxN+LOAFljaCnKHiV1lpQyFMbBfJ0I+GNM=
Subject key identifier: 8F:8A:8C:AC:D6:B3:13:85:3E:E7:94:E3:32:6B:F5:2C:80:DC:73:F0
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0198A3989D63B74949788772AE514353D080
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j4qMrNazE4U-55TjMmv1LIDcc_A.roa
Signing time: Wed 13 Aug 2025 13:22:24 +0000
ROA not before: Wed 13 Aug 2025 13:22:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60064
IP address blocks: 5.178.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:98:9d:63:b7:49:49:78:87:72:ae:51:43:53:d0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 13 13:22:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f8a8cacd6b313853ee794e3326bf52c80dc73f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:95:1c:aa:c0:71:7e:8d:e6:e8:c4:4d:0c:0d:
ed:b1:bf:47:13:03:8b:05:3c:77:79:9b:3b:39:35:
96:8a:12:7b:da:9c:31:c1:14:3c:e8:c7:36:47:16:
16:57:c4:a2:ab:6a:ea:d9:49:8b:25:e5:e3:7f:59:
50:23:f8:9a:1d:61:c5:e1:b7:63:bb:41:f6:2b:11:
94:54:da:a5:2a:d5:0d:46:22:e1:5e:fd:1b:11:78:
5b:9f:0d:0e:be:7c:11:26:f7:c8:6d:f2:0f:19:52:
98:ba:8e:55:fc:9d:67:ad:2b:a4:3e:f8:94:33:7e:
c4:85:e5:58:85:76:0f:37:e7:17:a9:75:60:d0:a9:
e4:55:6b:50:c4:80:d4:93:2f:c1:8f:ad:04:65:a1:
98:ed:b6:e0:cc:8c:5f:77:10:6f:27:cc:0f:74:dc:
49:5b:30:9e:dc:42:61:c2:c2:4b:1e:39:7d:63:d4:
02:80:4b:c4:1f:03:31:19:c4:e1:52:9d:9e:45:62:
37:68:ea:0b:ac:b7:93:d4:12:cd:02:8a:2c:a3:95:
31:b8:ab:34:51:25:77:fe:97:a6:27:38:b6:30:f3:
84:20:f5:a4:cf:7c:8a:67:0e:7c:e9:01:34:4d:ce:
95:de:ed:d5:cc:bd:3c:1a:e3:08:66:d5:af:ec:90:
b4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8A:8C:AC:D6:B3:13:85:3E:E7:94:E3:32:6B:F5:2C:80:DC:73:F0
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j4qMrNazE4U-55TjMmv1LIDcc_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b4:1d:21:f9:3e:d4:11:97:6c:7a:3e:8f:38:4a:cd:6d:1b:
d1:60:7d:19:c2:4a:6c:ec:41:a5:43:ce:47:45:23:c0:48:4e:
99:82:03:8e:7c:11:c3:37:e1:06:1f:20:30:56:58:4f:9d:71:
f8:38:d8:88:bd:04:98:9a:1a:4c:17:7a:03:2e:ef:56:60:3d:
a2:28:d7:bd:f8:27:5c:03:6f:44:27:c7:17:df:97:74:b9:8e:
25:0c:4d:9b:b6:18:bd:2b:49:1a:4f:1f:da:98:e1:4c:0a:01:
9f:67:68:11:f5:b6:18:b2:1c:84:31:98:67:26:ed:b5:7f:1a:
70:12:50:5c:f0:52:18:b2:a6:c5:6d:3c:58:e0:b3:62:04:13:
5d:37:de:93:03:67:42:fa:21:84:55:5c:a1:ec:74:95:95:3c:
48:a4:ec:db:59:36:5b:1a:58:96:ca:d4:9e:ff:e7:0d:33:b3:
77:9d:9d:bf:00:5e:4e:e1:9a:4a:26:07:74:70:91:34:f9:40:
23:38:38:b2:db:6b:70:5e:8a:a2:b2:ab:5e:6b:cd:71:c1:79:
ab:2a:5a:ce:83:fb:3d:92:70:8c:b7:d0:58:57:63:ef:d0:6d:
98:32:94:15:e8:17:5b:2a:be:40:7c:80:7f:20:91:32:53:36:
58:02:a2:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZijmJ1jt0lJeIdyrlFDU9CAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwODEzMTMyMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjhhOGNhY2Q2YjMxMzg1M2VlNzk0ZTMzMjZiZjUyYzgwZGM3M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JUcqsBxfo3m6MRNDA3tsb9HEwOL
BTx3eZs7OTWWihJ72pwxwRQ86Mc2RxYWV8Siq2rq2UmLJeXjf1lQI/iaHWHF4bdj
u0H2KxGUVNqlKtUNRiLhXv0bEXhbnw0OvnwRJvfIbfIPGVKYuo5V/J1nrSukPviU
M37EheVYhXYPN+cXqXVg0KnkVWtQxIDUky/Bj60EZaGY7bbgzIxfdxBvJ8wPdNxJ
WzCe3EJhwsJLHjl9Y9QCgEvEHwMxGcThUp2eRWI3aOoLrLeT1BLNAooso5UxuKs0
USV3/pemJzi2MPOEIPWkz3yKZw586QE0Tc6V3u3VzL08GuMIZtWv7JC0vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+KjKzWsxOFPueU4zJr9SyA3HPwMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvajRxTXJOYXpFNFUtNTVUak1tdjFMSURjY19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbICMA0G
CSqGSIb3DQEBCwUAA4IBAQAQtB0h+T7UEZdsej6POErNbRvRYH0Zwkps7EGlQ85H
RSPASE6ZggOOfBHDN+EGHyAwVlhPnXH4ONiIvQSYmhpMF3oDLu9WYD2iKNe9+Cdc
A29EJ8cX35d0uY4lDE2bthi9K0kaTx/amOFMCgGfZ2gR9bYYshyEMZhnJu21fxpw
ElBc8FIYsqbFbTxY4LNiBBNdN96TA2dC+iGEVVyh7HSVlTxIpOzbWTZbGliWytSe
/+cNM7N3nZ2/AF5O4ZpKJgd0cJE0+UAjODiy22twXoqisqtea81xwXmrKlrOg/s9
knCMt9BYV2Pv0G2YMpQV6BdbKr5AfIB/IJEyUzZYAqLG
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:10:48 2025 by rpki-client