Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2UdFjksIEw7c9E0Pvj4C3TiZgM0.roa
File: 2UdFjksIEw7c9E0Pvj4C3TiZgM0.roa (raw, json)
Hash identifier: SK2t3H3DV3SFHlOZkQJw+SMjnZg5haygykAYMk0yWSA=
Subject key identifier: D9:47:45:8E:4B:08:13:0E:DC:F4:4D:0F:BE:3E:02:DD:38:99:80:CD
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019842A548FC8C22C47418C0FC47E14C084F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2UdFjksIEw7c9E0Pvj4C3TiZgM0.roa
Signing time: Fri 25 Jul 2025 17:33:04 +0000
ROA not before: Fri 25 Jul 2025 17:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7385
IP address blocks: 185.207.135.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:42:a5:48:fc:8c:22:c4:74:18:c0:fc:47:e1:4c:08:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 25 17:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d947458e4b08130edcf44d0fbe3e02dd389980cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:fa:ca:9b:66:ec:a6:8f:35:d7:a7:b0:49:
f1:a0:36:3e:d1:5a:d8:ba:50:5d:f6:75:f0:53:37:
99:94:81:d7:8a:68:35:c0:a7:e7:87:d9:2f:bb:2a:
eb:82:6e:b5:ec:70:e0:d7:72:99:49:32:86:94:9f:
16:4f:e9:55:0b:43:57:48:b3:4b:eb:13:65:f0:ca:
b1:88:f6:5f:10:5d:9b:72:c3:c1:0c:49:79:68:18:
61:d6:99:e3:f2:88:0e:9e:02:6c:65:bd:40:c3:2b:
3c:be:9e:69:d7:4e:48:2e:38:13:df:36:db:cd:1f:
37:e5:7a:2e:74:6a:dd:6a:a6:c1:cf:7b:9f:6f:20:
2e:22:b6:a5:d0:b4:14:93:04:41:e0:51:ca:92:35:
55:61:00:fd:44:e0:25:2b:99:41:b7:63:46:ef:90:
e4:bb:d6:76:ad:10:94:b5:a6:cd:51:e1:fa:f3:1a:
0d:ab:a1:ab:f6:f7:29:de:51:74:40:eb:65:91:52:
0e:f2:46:1e:bd:09:db:31:6f:43:1f:99:a7:14:2d:
4a:8c:28:92:e6:f8:15:fc:62:a9:8f:d8:2e:f1:1f:
d7:5f:a7:f4:f3:b4:89:e7:c2:0a:55:0a:66:0d:97:
9e:04:79:30:77:e1:05:c5:8e:69:ba:1a:27:7e:e0:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:47:45:8E:4B:08:13:0E:DC:F4:4D:0F:BE:3E:02:DD:38:99:80:CD
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2UdFjksIEw7c9E0Pvj4C3TiZgM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.135.0/24
185.216.104.0/22
Signature Algorithm: sha256WithRSAEncryption
54:8d:f0:be:6a:02:19:90:a4:cb:1d:41:09:20:1f:12:76:c7:
40:c0:9e:13:a6:09:09:83:52:f4:c3:f8:11:96:33:d1:94:22:
e7:29:55:8e:2a:3c:aa:00:56:82:49:46:76:52:78:50:50:af:
9c:49:f4:f9:81:c4:17:4b:76:5b:2b:80:ee:02:4f:0d:3f:c6:
79:30:63:f9:3a:0a:f4:4a:d8:e7:66:38:8b:9d:7c:69:b1:c2:
0c:f6:e2:d7:e7:77:59:9a:03:29:53:f1:4d:34:5c:fb:ec:74:
2c:b2:82:f6:ce:70:42:87:ad:df:b7:45:5d:33:59:78:f7:b6:
a9:1b:b3:10:55:ea:46:12:6d:3b:bf:37:81:08:17:e3:bc:94:
9e:bf:ae:37:6c:f3:fc:0c:ca:32:7a:bb:58:c6:37:71:17:32:
46:fa:70:a5:9f:af:49:60:b0:ac:99:bb:5a:03:43:c3:66:38:
84:de:63:e9:42:ab:5b:cd:02:2b:b3:ec:16:f3:e0:87:cb:ec:
aa:4e:83:0a:f8:64:82:cd:2c:98:91:90:90:9f:01:ef:31:95:
b3:5f:fb:ed:a2:6a:2d:b1:f0:7b:6b:45:5d:f6:af:6c:a1:8c:
de:60:56:2b:93:e3:9b:4b:b6:ee:ed:96:fe:dd:7a:10:f7:eb:
e0:01:ae:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhCpUj8jCLEdBjA/EfhTAhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzI1MTczMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ3NDU4ZTRiMDgxMzBlZGNmNDRkMGZiZTNlMDJkZDM4OTk4MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRn6yptm7KaPNdensEnxoDY+0VrY
ulBd9nXwUzeZlIHXimg1wKfnh9kvuyrrgm617HDg13KZSTKGlJ8WT+lVC0NXSLNL
6xNl8MqxiPZfEF2bcsPBDEl5aBhh1pnj8ogOngJsZb1Awys8vp5p105ILjgT3zbb
zR835XoudGrdaqbBz3ufbyAuIral0LQUkwRB4FHKkjVVYQD9ROAlK5lBt2NG75Dk
u9Z2rRCUtabNUeH68xoNq6Gr9vcp3lF0QOtlkVIO8kYevQnbMW9DH5mnFC1KjCiS
5vgV/GKpj9gu8R/XX6f087SJ58IKVQpmDZeeBHkwd+EFxY5puhonfuA7IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlHRY5LCBMO3PRND74+At04mYDNMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMlVkRmprc0lFdzdjOUUwUHZqNEMzVGlaZ00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc+HAwQC
udhoMA0GCSqGSIb3DQEBCwUAA4IBAQBUjfC+agIZkKTLHUEJIB8SdsdAwJ4TpgkJ
g1L0w/gRljPRlCLnKVWOKjyqAFaCSUZ2UnhQUK+cSfT5gcQXS3ZbK4DuAk8NP8Z5
MGP5Ogr0StjnZjiLnXxpscIM9uLX53dZmgMpU/FNNFz77HQssoL2znBCh63ft0Vd
M1l497apG7MQVepGEm07vzeBCBfjvJSev643bPP8DMoyertYxjdxFzJG+nCln69J
YLCsmbtaA0PDZjiE3mPpQqtbzQIrs+wW8+CHy+yqToMK+GSCzSyYkZCQnwHvMZWz
X/vtomotsfB7a0Vd9q9soYzeYFYrk+ObS7bu7Zb+3XoQ9+vgAa5G
-----END CERTIFICATE-----
Generated at Sat Jul 26 13:14:21 2025 by rpki-client