Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JXrXWWEdrlOAxsLEb215YsP36OI.roa
File: JXrXWWEdrlOAxsLEb215YsP36OI.roa (raw, json)
Hash identifier: LxUCqn0JmTO3q5jDUwaHYrVbupf5Tpjdv87Nft/gs/M=
Subject key identifier: 25:7A:D7:59:61:1D:AE:53:80:C6:C2:C4:6F:6D:79:62:C3:F7:E8:E2
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019777E49390FFB20C843BAE822A8762CC89
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JXrXWWEdrlOAxsLEb215YsP36OI.roa
Signing time: Mon 16 Jun 2025 08:39:17 +0000
ROA not before: Mon 16 Jun 2025 08:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.117.128.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.172.0.0/17 maxlen: 17
81.184.0.0/16 maxlen: 16
81.202.0.0/16 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.138.192.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 16
89.141.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.22.32.0/19 maxlen: 20
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.122.96.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:e4:93:90:ff:b2:0c:84:3b:ae:82:2a:87:62:cc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 16 08:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=257ad759611dae5380c6c2c46f6d7962c3f7e8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:88:01:5d:ab:60:6c:a7:1a:d3:44:fc:2c:
06:2c:62:30:ea:d9:5f:01:eb:bf:bc:b4:aa:c2:e1:
0a:cb:e2:d6:1a:e5:d0:38:e0:77:62:48:47:81:08:
23:b4:ef:35:c1:e2:a4:10:16:33:f9:9f:2d:e2:e2:
a9:f9:6e:59:e2:26:de:90:5c:f5:31:25:63:a0:12:
e3:9f:55:0b:51:b3:eb:52:0e:f2:dd:40:56:db:a5:
2c:bb:e0:ba:6e:d7:a6:bb:7c:cf:6b:b4:cb:23:b2:
aa:de:a6:68:30:ca:d4:5e:41:19:7b:3c:52:29:66:
f0:e6:11:60:2a:52:94:20:86:88:15:3b:9a:89:9b:
0d:f3:a7:cd:f3:2b:47:b5:2a:db:18:ab:2a:1e:6e:
cd:93:b2:aa:1d:f9:2a:56:ba:6d:03:2d:8b:c6:bb:
09:df:c7:7e:49:28:9f:b1:cd:5e:c0:04:ea:bd:8b:
3f:a8:03:41:c5:fb:e9:fa:d0:17:f0:7a:5e:31:fe:
4e:b4:38:b7:ca:a4:fe:9a:95:2e:ae:9b:b5:12:15:
7c:53:1e:2d:e4:4a:51:bc:42:fe:d6:b0:8c:02:ac:
66:b8:27:c1:93:7d:b1:b5:21:85:16:61:74:3d:f8:
f0:0b:32:9d:64:b8:02:ce:cb:2e:0f:9b:91:0c:f1:
fb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7A:D7:59:61:1D:AE:53:80:C6:C2:C4:6F:6D:79:62:C3:F7:E8:E2
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JXrXWWEdrlOAxsLEb215YsP36OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.154.0.0/15
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.117.128.0/17
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/16
82.159.0.0/16
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
09:8c:1f:bd:a8:01:e3:c0:e1:c1:80:a7:9e:05:8d:2a:54:e5:
aa:ca:b0:d8:69:e3:eb:87:82:f0:70:00:76:6a:fa:92:17:92:
54:bf:25:aa:f6:71:a2:29:ee:76:d4:ff:e0:3d:a4:18:d5:77:
88:20:06:9f:eb:b7:4d:ad:29:40:65:0a:49:a2:f7:69:e5:d6:
9f:34:b4:c8:b1:64:00:61:97:3c:6a:66:a8:54:88:1b:d5:a7:
2b:2c:31:30:e4:4a:28:a7:fb:70:e4:ad:46:ef:ec:9f:f7:2a:
b9:59:bb:82:6a:fb:40:0c:db:fe:a0:b2:be:e2:f3:3a:09:39:
9f:ff:e3:38:53:b9:e9:75:86:2a:65:0d:a3:b9:af:cc:8f:02:
f4:5f:97:bf:ed:12:0b:1c:43:d1:dd:ca:dc:57:ea:b0:e8:7f:
72:db:50:49:dd:6d:1a:54:44:fa:d2:de:d8:9b:ed:d9:ae:14:
27:6e:03:dc:c0:81:58:26:e0:43:a9:3b:be:93:dc:ac:f1:96:
1f:af:12:d0:54:51:e9:01:f2:23:b5:49:7c:5f:fb:d7:1c:5d:
b4:f9:03:c0:19:ee:83:b6:00:54:21:60:ca:dd:ff:c6:9c:ca:
ad:85:1a:12:14:63:a4:aa:cd:20:4c:d3:14:f1:c8:e3:8c:d4:
db:2e:e2:dc
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZd35JOQ/7IMhDuugiqHYsyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjE2MDgzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdhZDc1OTYxMWRhZTUzODBjNmMyYzQ2ZjZkNzk2MmMzZjdlOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+yIAV2rYGynGtNE/CwGLGIw6tlf
Aeu/vLSqwuEKy+LWGuXQOOB3YkhHgQgjtO81weKkEBYz+Z8t4uKp+W5Z4ibekFz1
MSVjoBLjn1ULUbPrUg7y3UBW26Usu+C6btemu3zPa7TLI7Kq3qZoMMrUXkEZezxS
KWbw5hFgKlKUIIaIFTuaiZsN86fN8ytHtSrbGKsqHm7Nk7KqHfkqVrptAy2LxrsJ
38d+SSifsc1ewATqvYs/qANBxfvp+tAX8HpeMf5OtDi3yqT+mpUurpu1EhV8Ux4t
5EpRvEL+1rCMAqxmuCfBk32xtSGFFmF0PfjwCzKdZLgCzssuD5uRDPH7mQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFCV611lhHa5TgMbCxG9teWLD9+jiMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvSlhyWFdXRWRybE9BeHNMRWIyMTVZc1AzNk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwMB
ApoDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAc+dYADAwE+rgMD
AFCuAwMAUOADAwFRPAMEB1GsAAMDAFG4AwMAUcoDAwBSnwMEBlLVgAMEBlOKwAME
BlOtgAMDA1R4AwQHVdsAAwMAVfsDAwFZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyA
AwQFwpXAAwQF1BXgAwQF1BYgAwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGg
AwQF1HpgAwQG1LfAAwMA1SUDBAfVyQADBAbV4wADBAbV50ADBAbV/kAwDQYJKoZI
hvcNAQELBQADggEBAAmMH72oAePA4cGAp54FjSpU5arKsNhp4+uHgvBwAHZq+pIX
klS/Jar2caIp7nbU/+A9pBjVd4ggBp/rt02tKUBlCkmi92nl1p80tMixZABhlzxq
ZqhUiBvVpyssMTDkSiin+3DkrUbv7J/3KrlZu4Jq+0AM2/6gsr7i8zoJOZ//4zhT
uel1hiplDaO5r8yPAvRfl7/tEgscQ9HdytxX6rDof3LbUEndbRpURPrS3tib7dmu
FCduA9zAgVgm4EOpO76T3Kzxlh+vEtBUUekB8iO1SXxf+9ccXbT5A8AZ7oO2AFQh
YMrd/8acyq2FGhIUY6SqzSBM0xTxyOOM1Nsu4tw=
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:00:11 2025 by rpki-client