
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/ir7-RH8I6LOM7faVYPUvWtPtBkc.roa
File: ir7-RH8I6LOM7faVYPUvWtPtBkc.roa (raw, json)
Hash identifier: c3S12HvLqchLUsT4f7tqk56b2aJYvGDiRT3Sw4rhzw0=
Subject key identifier: 8A:BE:FE:44:7F:08:E8:B3:8C:ED:F6:95:60:F5:2F:5A:D3:ED:06:47
Certificate issuer: /CN=f13219221cc0a21326ce006c42825bac2be31e17
Certificate serial: 019827C912E8B2DF864FFDF5836222FB8A20
Authority key identifier: F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/ir7-RH8I6LOM7faVYPUvWtPtBkc.roa
Signing time: Sun 20 Jul 2025 12:22:25 +0000
ROA not before: Sun 20 Jul 2025 12:22:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 37.99.128.0/18 maxlen: 24
46.184.0.0/17 maxlen: 24
46.184.90.0/24 maxlen: 24
94.77.192.0/18 maxlen: 24
185.139.120.0/22 maxlen: 24
188.248.0.0/15 maxlen: 24
2a02:888::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:27:c9:12:e8:b2:df:86:4f:fd:f5:83:62:22:fb:8a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13219221cc0a21326ce006c42825bac2be31e17
Validity
Not Before: Jul 20 12:22:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8abefe447f08e8b38cedf69560f52f5ad3ed0647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:60:a0:47:63:f0:45:3e:2d:4c:88:04:95:
71:d4:eb:74:bd:ec:81:10:65:69:f7:dd:30:5c:9a:
54:56:5f:f7:ad:4e:3a:01:4f:89:c5:65:02:05:09:
c1:24:cf:47:27:b8:84:ab:9c:92:4d:4b:dd:02:82:
99:22:74:3d:c7:a5:a8:f4:42:b4:3f:5c:eb:16:0f:
47:8d:a4:f8:f8:42:d6:3f:18:96:d2:f5:0f:46:e4:
5a:41:a9:21:57:3d:1b:89:2d:7c:00:c3:34:e7:22:
5f:f9:bc:aa:7a:c8:b7:1b:14:67:71:a0:1d:b3:60:
19:79:29:73:24:91:d0:4b:5e:84:b2:7e:b4:59:9c:
e6:e5:66:73:74:69:25:f1:ef:18:80:3f:47:25:34:
8a:a6:6d:f6:7b:5a:cf:d9:9c:67:70:81:f9:86:09:
85:a5:8d:46:e0:9e:19:8b:7e:e5:d7:b1:aa:8e:e6:
d4:9c:33:ce:fb:62:d0:f3:b3:39:a8:93:4b:97:2b:
85:45:b3:2e:b2:24:84:fa:1c:09:93:d5:a7:bb:8e:
e0:a8:c9:7b:63:43:8e:c2:ac:7c:fa:26:03:08:e1:
e6:9d:aa:75:4f:5a:e8:e0:9d:83:bb:e3:26:ac:dd:
df:97:7e:31:89:41:31:98:c3:f5:c3:46:ee:7a:59:
3d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BE:FE:44:7F:08:E8:B3:8C:ED:F6:95:60:F5:2F:5A:D3:ED:06:47
X509v3 Authority Key Identifier:
keyid:F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/ir7-RH8I6LOM7faVYPUvWtPtBkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.128.0/18
46.184.0.0/17
94.77.192.0/18
185.139.120.0/22
188.248.0.0/15
IPv6:
2a02:888::/29
Signature Algorithm: sha256WithRSAEncryption
70:b8:2d:e2:96:29:b6:7c:45:74:b4:ea:c7:86:9e:ea:ef:53:
3d:4d:f7:af:c2:5e:dd:ff:d0:01:c6:e8:13:06:61:95:0d:fe:
ba:c8:41:2f:87:17:92:08:61:2b:05:40:bd:ff:03:c4:5e:e7:
bf:ee:13:1b:ed:ea:cd:6f:fc:f8:73:a0:36:e9:f7:56:10:9e:
35:3f:17:bf:b6:b1:6a:de:3c:12:4d:46:96:19:9b:f7:62:7d:
65:7d:74:68:d3:28:20:66:e3:2c:a2:0b:ec:ee:04:c1:2d:5a:
84:77:ed:3e:1e:e5:ff:86:4b:b0:09:9b:f6:fc:62:b7:82:50:
75:4f:11:dd:ec:a7:cb:2c:b6:9f:56:94:c5:46:fc:e3:cd:52:
00:f8:d9:91:b5:9b:7f:9d:6d:94:42:96:27:95:56:37:73:55:
ed:64:e5:3f:be:46:9e:e2:38:cc:3f:42:c8:e0:dc:51:f9:f9:
2d:e2:88:4f:37:49:38:e5:87:22:1c:d8:3d:3b:9d:9d:b2:89:
0f:6f:f5:d0:2d:f7:f5:ef:4c:53:3e:f3:18:3b:ab:5c:d6:e8:
da:b5:27:d2:2e:25:1f:2a:9f:12:a3:42:6d:fc:c9:a0:93:7e:
42:58:8e:ba:62:30:56:22:9c:21:71:7b:39:c9:f9:0b:dd:da:
63:67:05:b1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZgnyRLost+GT/31g2Ii+4ogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzIxOTIyMWNjMGEyMTMyNmNlMDA2YzQyODI1YmFjMmJl
MzFlMTcwHhcNMjUwNzIwMTIyMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJlZmU0NDdmMDhlOGIzOGNlZGY2OTU2MGY1MmY1YWQzZWQwNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kxgoEdj8EU+LUyIBJVx1Ot0veyB
EGVp990wXJpUVl/3rU46AU+JxWUCBQnBJM9HJ7iEq5ySTUvdAoKZInQ9x6Wo9EK0
P1zrFg9HjaT4+ELWPxiW0vUPRuRaQakhVz0biS18AMM05yJf+byqesi3GxRncaAd
s2AZeSlzJJHQS16Esn60WZzm5WZzdGkl8e8YgD9HJTSKpm32e1rP2ZxncIH5hgmF
pY1G4J4Zi37l17GqjubUnDPO+2LQ87M5qJNLlyuFRbMusiSE+hwJk9Wnu47gqMl7
Y0OOwqx8+iYDCOHmnap1T1ro4J2Du+MmrN3fl34xiUExmMP1w0buelk98wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIq+/kR/COizjO32lWD1L1rT7QZHMB8GA1UdIwQY
MBaAFPEyGSIcwKITJs4AbEKCW6wr4x4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMt
NDVlNjk2YTVhZTQ1LzEvaXI3LVJIOEk2TE9NN2ZhVllQVXZXdFB0QmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMtNDVlNjk2YTVhZTQ1
LzEvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQGJWOAAwQH
LrgAAwQGXk3AAwQCuYt4AwMBvPgwDQQCAAIwBwMFAyoCCIgwDQYJKoZIhvcNAQEL
BQADggEBAHC4LeKWKbZ8RXS06seGnurvUz1N96/CXt3/0AHG6BMGYZUN/rrIQS+H
F5IIYSsFQL3/A8Re57/uExvt6s1v/PhzoDbp91YQnjU/F7+2sWrePBJNRpYZm/di
fWV9dGjTKCBm4yyiC+zuBMEtWoR37T4e5f+GS7AJm/b8YreCUHVPEd3sp8sstp9W
lMVG/OPNUgD42ZG1m3+dbZRClieVVjdzVe1k5T++Rp7iOMw/Qsjg3FH5+S3iiE83
STjlhyIc2D07nZ2yiQ9v9dAt9/XvTFM+8xg7q1zW6Nq1J9IuJR8qnxKjQm38yaCT
fkJYjrpiMFYinCFxeznJ+Qvd2mNnBbE=
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:20:33 2025 by rpki-client