Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/reXmHovw1tzlqd_KXfXrbFTE_b8.roa
File: reXmHovw1tzlqd_KXfXrbFTE_b8.roa (raw, json)
Hash identifier: E2Rb1CQReVoZ6TASrNDK8XXnZgZh7nGVBG5yexmY3yU=
Subject key identifier: AD:E5:E6:1E:8B:F0:D6:DC:E5:A9:DF:CA:5D:F5:EB:6C:54:C4:FD:BF
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01982DD19167E2C8BAD609B31151EC3CF33A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/reXmHovw1tzlqd_KXfXrbFTE_b8.roa
Signing time: Mon 21 Jul 2025 16:29:25 +0000
ROA not before: Mon 21 Jul 2025 16:29:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209693
IP address blocks: 64.188.76.0/24 maxlen: 24
64.188.77.0/24 maxlen: 24
64.188.78.0/24 maxlen: 24
64.188.79.0/24 maxlen: 24
77.239.124.0/24 maxlen: 24
87.251.16.0/24 maxlen: 24
87.251.17.0/24 maxlen: 24
87.251.18.0/24 maxlen: 24
87.251.19.0/24 maxlen: 24
150.241.100.0/24 maxlen: 24
150.241.101.0/24 maxlen: 24
150.241.102.0/24 maxlen: 24
150.241.103.0/24 maxlen: 24
193.23.216.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:40:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:d1:91:67:e2:c8:ba:d6:09:b3:11:51:ec:3c:f3:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 21 16:29:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ade5e61e8bf0d6dce5a9dfca5df5eb6c54c4fdbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:9e:42:5f:fd:8d:cd:c1:db:4e:a6:62:4d:
a5:73:0e:a0:1a:d5:5a:1a:97:08:9c:98:68:8c:3e:
76:06:9b:20:3f:b1:e9:b5:98:ac:04:bc:64:d9:f0:
5d:14:0c:2d:63:24:9c:e5:cc:61:10:a4:51:81:b9:
a1:3b:bf:45:99:cc:07:a0:a9:c3:66:87:09:b3:5d:
00:72:c8:4d:7a:05:2d:78:69:5c:8d:4d:ff:49:ef:
bf:08:74:09:ec:6d:c3:ae:ee:e1:60:d2:0c:c3:24:
36:53:01:46:e9:23:7f:8b:c2:24:39:0d:ef:6e:32:
5d:74:7f:54:f3:4d:d2:fc:e3:13:76:76:b2:45:3b:
27:b2:47:dd:8a:f0:54:05:e8:8e:8d:c2:2a:02:78:
53:37:e6:2e:61:b5:bd:1a:e4:34:32:b7:ab:ef:c3:
84:ed:48:be:02:30:3c:cd:d4:b8:46:4d:f2:ef:c3:
a3:32:1c:36:43:f5:61:27:8e:48:44:ec:6b:46:c6:
b6:3d:22:4c:4f:7b:4b:41:7a:db:5f:1e:92:e1:52:
9f:37:b5:93:89:38:33:46:22:48:1f:30:5e:34:09:
f3:e5:9b:7d:1b:77:73:92:06:75:45:4f:d9:d6:8d:
4a:70:8d:96:70:6a:c0:92:6f:28:2d:6b:91:65:d7:
e7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E5:E6:1E:8B:F0:D6:DC:E5:A9:DF:CA:5D:F5:EB:6C:54:C4:FD:BF
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/reXmHovw1tzlqd_KXfXrbFTE_b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.76.0/22
77.239.124.0/24
87.251.16.0/22
150.241.100.0/22
193.23.216.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
95:89:c7:d4:06:45:42:bf:3a:9f:9e:c9:0d:c3:14:a3:46:7c:
08:88:a6:f7:77:35:53:2d:58:eb:e1:cc:b1:17:74:ca:b7:eb:
0c:1e:fe:b4:07:66:6e:dd:9b:54:20:1a:8f:f5:bf:bd:c3:5c:
41:12:2b:c4:9e:d0:0a:e1:bc:79:0e:c3:11:b1:8c:56:3f:7e:
71:6c:0e:9d:57:14:6d:66:76:d9:90:b4:d1:4a:61:ca:b3:80:
7d:00:43:a6:40:c1:73:68:8e:23:78:cd:05:59:d8:ee:ec:0c:
60:9e:35:5d:2c:35:5a:80:7c:da:58:9d:ae:83:06:16:21:4b:
86:15:a7:67:88:9e:98:09:ed:67:70:77:d2:d1:09:9d:29:62:
27:35:20:fb:04:64:0e:7b:73:05:90:0d:49:37:8c:ec:9f:67:
10:48:f1:67:0b:2c:ac:dd:16:47:0f:f6:0d:fb:94:26:ca:24:
d5:5a:17:48:d4:bd:c0:80:cc:df:cc:b7:43:ed:5b:2c:76:e1:
40:1e:84:a1:ca:66:8c:db:71:0f:c5:c3:b7:e6:cf:8f:9b:76:
5f:10:5e:7c:47:57:d9:57:61:91:b9:74:95:bd:a6:1d:95:51:
11:16:a5:a6:f4:b7:48:5e:68:1b:93:15:79:c8:6f:51:42:0d:
e6:1c:b9:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgt0ZFn4si61gmzEVHsPPM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzIxMTYyOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU1ZTYxZThiZjBkNmRjZTVhOWRmY2E1ZGY1ZWI2YzU0YzRmZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/6eQl/9jc3B206mYk2lcw6gGtVa
GpcInJhojD52BpsgP7HptZisBLxk2fBdFAwtYySc5cxhEKRRgbmhO79FmcwHoKnD
ZocJs10AcshNegUteGlcjU3/Se+/CHQJ7G3Dru7hYNIMwyQ2UwFG6SN/i8IkOQ3v
bjJddH9U803S/OMTdnayRTsnskfdivBUBeiOjcIqAnhTN+YuYbW9GuQ0Mrer78OE
7Ui+AjA8zdS4Rk3y78OjMhw2Q/VhJ45IROxrRsa2PSJMT3tLQXrbXx6S4VKfN7WT
iTgzRiJIHzBeNAnz5Zt9G3dzkgZ1RU/Z1o1KcI2WcGrAkm8oLWuRZdfntQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK3l5h6L8Nbc5anfyl3162xUxP2/MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvcmVYbUhvdncxdHpscWRfS1hmWHJiRlRFX2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCQLxMAwQA
Te98AwQCV/sQAwQClvFkAwQAwRfYAwQAwRfdMA0GCSqGSIb3DQEBCwUAA4IBAQCV
icfUBkVCvzqfnskNwxSjRnwIiKb3dzVTLVjr4cyxF3TKt+sMHv60B2Zu3ZtUIBqP
9b+9w1xBEivEntAK4bx5DsMRsYxWP35xbA6dVxRtZnbZkLTRSmHKs4B9AEOmQMFz
aI4jeM0FWdju7AxgnjVdLDVagHzaWJ2ugwYWIUuGFadniJ6YCe1ncHfS0QmdKWIn
NSD7BGQOe3MFkA1JN4zsn2cQSPFnCyys3RZHD/YN+5QmyiTVWhdI1L3AgMzfzLdD
7VssduFAHoShymaM23EPxcO35s+Pm3ZfEF58R1fZV2GRuXSVvaYdlVERFqWm9LdI
XmgbkxV5yG9RQg3mHLmi
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:30:19 2025 by rpki-client