Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4CRvSMfquAXpeo-gRluAavjxopk.roa
File: 4CRvSMfquAXpeo-gRluAavjxopk.roa (raw, json)
Hash identifier: mIrH7MGivzvy9d6Ni5o8uUERWFhoIUyPiFbTw/xN3cs=
Subject key identifier: E0:24:6F:48:C7:EA:B8:05:E9:7A:8F:A0:46:5B:80:6A:F8:F1:A2:99
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0197D1020F90A45547F8F857E6BC62DBBF34
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4CRvSMfquAXpeo-gRluAavjxopk.roa
Signing time: Thu 03 Jul 2025 15:57:42 +0000
ROA not before: Thu 03 Jul 2025 15:57:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 64.188.74.0/24 maxlen: 24
193.23.197.0/24 maxlen: 24
193.23.210.0/23 maxlen: 24
193.23.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:40:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d1:02:0f:90:a4:55:47:f8:f8:57:e6:bc:62:db:bf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 3 15:57:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0246f48c7eab805e97a8fa0465b806af8f1a299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:46:f9:4e:86:08:38:d3:9b:cf:b0:7d:71:
93:3f:ac:70:1d:49:06:41:1d:0d:22:c4:2e:c1:a1:
19:b4:49:22:6a:91:4f:e0:93:96:ee:5f:78:cf:a4:
92:c4:7c:5c:4c:ff:ba:2b:5c:d5:ad:48:5d:e2:10:
28:be:18:6f:fc:88:1b:75:68:db:14:46:a2:d7:e3:
a5:5a:46:b1:b5:b7:65:de:10:11:e9:39:ce:f7:70:
4a:59:31:1a:cf:5b:14:5b:51:1d:0a:01:d7:02:93:
5d:f2:91:6f:d0:27:0f:e3:e0:5c:a4:bf:bf:4d:7e:
46:c7:b5:4d:18:ae:4e:6a:40:44:65:ee:f2:6b:ff:
a0:33:95:c2:b1:c1:6a:8d:c7:43:91:f1:56:3b:0d:
1e:87:0f:0f:73:b8:cf:ba:98:f0:56:ea:6d:6f:58:
42:1b:0d:96:8a:6e:03:74:96:bd:89:84:41:e9:5e:
d6:ba:3b:b7:d1:87:1c:b3:54:df:fe:79:8b:b9:b8:
24:76:de:d4:15:a2:a2:d4:4e:e8:23:3c:70:27:6d:
06:f2:15:1f:36:d9:0a:64:2b:0e:6d:c7:13:ab:f7:
a6:bb:7f:b4:eb:de:90:03:8e:76:66:b6:10:5e:55:
de:b2:1e:7c:c0:0c:30:21:8e:38:e9:a7:a1:0f:a6:
c1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:24:6F:48:C7:EA:B8:05:E9:7A:8F:A0:46:5B:80:6A:F8:F1:A2:99
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4CRvSMfquAXpeo-gRluAavjxopk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.74.0/24
193.23.197.0/24
193.23.210.0/23
193.23.218.0/23
Signature Algorithm: sha256WithRSAEncryption
29:95:43:59:0e:f8:9d:24:df:dd:28:b1:b8:a3:3f:0e:6a:d6:
17:e0:4e:12:04:97:65:1b:d4:e0:2e:33:0b:5b:b5:f0:df:83:
ef:ad:3a:60:d1:0a:28:88:ea:fc:84:42:49:ee:d3:e2:4c:83:
6b:ef:0f:59:ba:1f:92:7f:a2:f2:65:94:9e:12:35:94:a0:51:
b7:39:9c:56:c7:56:9e:ca:c0:ef:9d:f5:1f:8e:02:1a:c3:c0:
d7:da:f9:d2:ab:17:fc:d1:20:47:b1:f2:1b:75:90:cc:97:34:
bd:92:3c:83:d1:0c:f4:e2:9f:2a:83:3d:19:a7:ba:7d:bc:03:
3d:f8:28:06:23:38:c9:87:9f:10:95:d4:79:4e:3b:70:e0:f4:
cf:51:ea:e2:0b:9b:c6:58:10:a6:e3:77:25:8a:aa:6c:65:3c:
a5:6e:43:94:e1:24:5e:ce:96:08:43:f2:e7:6e:9d:a6:ca:c9:
05:fa:ce:76:96:d7:bf:55:56:15:67:cb:53:74:7d:96:d8:95:
71:da:c5:d0:34:a5:fe:60:4b:40:2d:91:45:ad:5b:50:b1:e3:
6f:47:2a:eb:7d:3e:f1:41:fe:58:e6:50:fa:e8:47:27:82:05:
a3:6e:d8:0b:2f:eb:5c:0f:9b:ce:15:e0:0d:4b:84:d1:bd:b9:
86:f7:9b:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfRAg+QpFVH+PhX5rxi2780MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzAzMTU1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI0NmY0OGM3ZWFiODA1ZTk3YThmYTA0NjViODA2YWY4ZjFhMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAputG+U6GCDjTm8+wfXGTP6xwHUkG
QR0NIsQuwaEZtEkiapFP4JOW7l94z6SSxHxcTP+6K1zVrUhd4hAovhhv/IgbdWjb
FEai1+OlWkaxtbdl3hAR6TnO93BKWTEaz1sUW1EdCgHXApNd8pFv0CcP4+BcpL+/
TX5Gx7VNGK5OakBEZe7ya/+gM5XCscFqjcdDkfFWOw0ehw8Pc7jPupjwVuptb1hC
Gw2Wim4DdJa9iYRB6V7Wuju30Yccs1Tf/nmLubgkdt7UFaKi1E7oIzxwJ20G8hUf
NtkKZCsObccTq/emu3+0696QA452ZrYQXlXesh58wAwwIY446aehD6bBVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOAkb0jH6rgF6XqPoEZbgGr48aKZMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNENSdlNNZnF1QVhwZW8tZ1JsdUFhdmp4b3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQLxKAwQA
wRfFAwQBwRfSAwQBwRfaMA0GCSqGSIb3DQEBCwUAA4IBAQAplUNZDvidJN/dKLG4
oz8OatYX4E4SBJdlG9TgLjMLW7Xw34PvrTpg0QooiOr8hEJJ7tPiTINr7w9Zuh+S
f6LyZZSeEjWUoFG3OZxWx1aeysDvnfUfjgIaw8DX2vnSqxf80SBHsfIbdZDMlzS9
kjyD0Qz04p8qgz0Zp7p9vAM9+CgGIzjJh58QldR5Tjtw4PTPUeriC5vGWBCm43cl
iqpsZTylbkOU4SRezpYIQ/Lnbp2myskF+s52lte/VVYVZ8tTdH2W2JVx2sXQNKX+
YEtALZFFrVtQseNvRyrrfT7xQf5Y5lD66EcnggWjbtgLL+tcD5vOFeANS4TRvbmG
95tS
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:41:44 2025 by rpki-client