Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/hdbgy59MRssZX30bGqV8gIYXM48.roa
File: hdbgy59MRssZX30bGqV8gIYXM48.roa (raw, json)
Hash identifier: g1IyZ0aHYMFjjiI9SIYZwd4GtNo/PD9i0KvcrdPt5KQ=
Subject key identifier: 85:D6:E0:CB:9F:4C:46:CB:19:5F:7D:1B:1A:A5:7C:80:86:17:33:8F
Certificate issuer: /CN=96dd885ff4d389abaabd03a5175d09741acba60d
Certificate serial: 0197A1A5B35E0D645871953FBC870D4F17AE
Authority key identifier: 96:DD:88:5F:F4:D3:89:AB:AA:BD:03:A5:17:5D:09:74:1A:CB:A6:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lt2IX_TTiauqvQOlF10JdBrLpg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/hdbgy59MRssZX30bGqV8gIYXM48.roa
Signing time: Tue 24 Jun 2025 11:14:40 +0000
ROA not before: Tue 24 Jun 2025 11:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 193.26.116.0/22 maxlen: 22
2a07:f4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/lt2IX_TTiauqvQOlF10JdBrLpg0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/lt2IX_TTiauqvQOlF10JdBrLpg0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lt2IX_TTiauqvQOlF10JdBrLpg0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:a5:b3:5e:0d:64:58:71:95:3f:bc:87:0d:4f:17:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96dd885ff4d389abaabd03a5175d09741acba60d
Validity
Not Before: Jun 24 11:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85d6e0cb9f4c46cb195f7d1b1aa57c808617338f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:e6:72:45:50:ca:81:66:87:d0:6e:60:dc:
c1:4b:e2:7f:15:cb:36:9f:12:12:5b:09:8b:f7:c9:
f2:e8:77:5b:16:3f:94:fb:48:bd:10:86:52:32:09:
0f:02:41:de:d0:cf:46:8a:18:49:be:73:be:4d:ee:
31:b9:f7:7e:de:f1:1f:de:0c:39:df:62:bb:3e:75:
55:9d:fe:a7:34:91:75:32:38:7f:49:5c:07:9b:f7:
cf:e2:dc:ed:16:23:4a:95:1b:6b:ad:bf:7b:a9:b5:
58:8e:b7:ca:df:23:91:75:96:7b:f2:c1:12:63:2f:
89:9b:51:b3:85:c2:64:45:2a:3c:f2:d5:d0:fa:3a:
ea:d2:82:36:f2:2d:e1:8d:c7:9d:6a:21:45:1a:02:
85:37:96:ba:ba:1c:e0:6b:d8:92:54:93:7e:02:a3:
d6:19:5a:0e:4b:b2:c7:34:58:40:f6:f0:15:02:3c:
0a:96:e5:9d:9d:e3:20:20:7f:82:32:c2:b3:bb:f4:
ac:e7:1e:73:b0:b7:34:90:a2:cb:a6:23:c7:64:c1:
82:7d:e6:24:e3:cc:83:82:a1:b7:72:c2:ac:5a:72:
33:36:d3:78:f8:e9:2d:0d:09:f1:e2:f2:86:10:70:
9d:54:18:09:1a:51:d8:3f:14:ea:9c:65:58:28:82:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D6:E0:CB:9F:4C:46:CB:19:5F:7D:1B:1A:A5:7C:80:86:17:33:8F
X509v3 Authority Key Identifier:
keyid:96:DD:88:5F:F4:D3:89:AB:AA:BD:03:A5:17:5D:09:74:1A:CB:A6:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lt2IX_TTiauqvQOlF10JdBrLpg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/hdbgy59MRssZX30bGqV8gIYXM48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0c5265-32af-48f2-906d-b652c85556bb/1/lt2IX_TTiauqvQOlF10JdBrLpg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.116.0/22
IPv6:
2a07:f4c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:d5:7f:5b:43:a9:1c:51:f8:f6:66:37:1e:42:94:77:fd:b4:
d4:4a:91:5d:04:0b:f7:20:92:06:a8:ce:d9:97:e4:e0:0a:18:
35:6f:c3:b4:37:e5:18:19:97:bb:d3:1b:32:92:b4:de:39:95:
33:21:77:3d:b0:39:29:10:b1:7a:6c:91:07:8f:5d:b1:da:18:
c3:b6:86:17:71:bb:79:d9:0c:a2:e1:90:d0:cc:6b:a4:89:5a:
a3:3d:af:f9:82:ca:c3:af:43:a3:3f:4a:9f:d2:f1:1c:8e:fb:
8d:4a:5b:b5:1b:b6:14:22:35:ab:f5:a0:f5:a0:b3:56:ab:9d:
b8:70:5b:2a:e3:9b:c7:4a:5a:d6:34:6a:2f:f6:33:e2:19:99:
45:65:bc:39:0a:08:3b:8b:6c:1c:0e:cd:b8:ba:1a:86:09:83:
15:e3:04:ae:17:14:75:ef:02:39:b6:34:cc:71:c9:d3:82:4f:
60:d0:54:df:d2:bb:f5:69:19:40:11:f2:1c:a7:75:71:df:08:
07:68:35:2a:84:a0:8e:2f:49:75:51:32:f2:6f:e2:0a:cb:bc:
5e:5d:93:d2:a9:3a:9f:8a:50:8f:d0:ea:2d:c1:20:03:1d:63:
16:9b:a7:09:f3:35:a1:62:30:a8:62:d3:ff:88:a8:d4:25:dd:
59:e6:f3:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZehpbNeDWRYcZU/vIcNTxeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZGQ4ODVmZjRkMzg5YWJhYWJkMDNhNTE3NWQwOTc0MWFj
YmE2MGQwHhcNMjUwNjI0MTExNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQ2ZTBjYjlmNGM0NmNiMTk1ZjdkMWIxYWE1N2M4MDg2MTczMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk/mckVQyoFmh9BuYNzBS+J/Fcs2
nxISWwmL98ny6HdbFj+U+0i9EIZSMgkPAkHe0M9GihhJvnO+Te4xufd+3vEf3gw5
32K7PnVVnf6nNJF1Mjh/SVwHm/fP4tztFiNKlRtrrb97qbVYjrfK3yORdZZ78sES
Yy+Jm1GzhcJkRSo88tXQ+jrq0oI28i3hjcedaiFFGgKFN5a6uhzga9iSVJN+AqPW
GVoOS7LHNFhA9vAVAjwKluWdneMgIH+CMsKzu/Ss5x5zsLc0kKLLpiPHZMGCfeYk
48yDgqG3csKsWnIzNtN4+OktDQnx4vKGEHCdVBgJGlHYPxTqnGVYKIL2iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIXW4MufTEbLGV99GxqlfICGFzOPMB8GA1UdIwQY
MBaAFJbdiF/004mrqr0DpRddCXQay6YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHQySVhfVFRpYXVxdlFPbEYxMEpkQnJMcGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wYzUyNjUtMzJhZi00OGYyLTkwNmQt
YjY1MmM4NTU1NmJiLzEvaGRiZ3k1OU1Sc3NaWDMwYkdxVjhnSVlYTTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wYzUyNjUtMzJhZi00OGYyLTkwNmQtYjY1MmM4NTU1NmJi
LzEvbHQySVhfVFRpYXVxdlFPbEYxMEpkQnJMcGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwRp0MA0E
AgACMAcDBQMqB/TAMA0GCSqGSIb3DQEBCwUAA4IBAQBt1X9bQ6kcUfj2ZjceQpR3
/bTUSpFdBAv3IJIGqM7Zl+TgChg1b8O0N+UYGZe70xsykrTeOZUzIXc9sDkpELF6
bJEHj12x2hjDtoYXcbt52Qyi4ZDQzGukiVqjPa/5gsrDr0OjP0qf0vEcjvuNSlu1
G7YUIjWr9aD1oLNWq524cFsq45vHSlrWNGov9jPiGZlFZbw5Cgg7i2wcDs24uhqG
CYMV4wSuFxR17wI5tjTMccnTgk9g0FTf0rv1aRlAEfIcp3Vx3wgHaDUqhKCOL0l1
UTLyb+IKy7xeXZPSqTqfilCP0OotwSADHWMWm6cJ8zWhYjCoYtP/iKjUJd1Z5vNu
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:38:05 2025 by rpki-client