Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wDIMfUx_5_eyOh1X1u0faeLDxK4.roa
File: wDIMfUx_5_eyOh1X1u0faeLDxK4.roa (raw, json)
Hash identifier: +7CvkzrCd1apszDwmTqh+NabHvA5I0dOpIcyiBUcKOQ=
Subject key identifier: C0:32:0C:7D:4C:7F:E7:F7:B2:3A:1D:57:D6:ED:1F:69:E2:C3:C4:AE
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0197F14484489448BCEFBE594291255A1E2A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wDIMfUx_5_eyOh1X1u0faeLDxK4.roa
Signing time: Wed 09 Jul 2025 22:18:08 +0000
ROA not before: Wed 09 Jul 2025 22:18:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:40:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f1:44:84:48:94:48:bc:ef:be:59:42:91:25:5a:1e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 9 22:18:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0320c7d4c7fe7f7b23a1d57d6ed1f69e2c3c4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:46:c2:2e:bd:06:38:25:e0:99:3a:61:1c:27:
57:91:d0:65:e0:d0:f4:e7:b8:ec:44:1c:06:94:3f:
e7:ca:6b:8c:48:88:cf:fc:5e:11:4f:e0:75:0e:36:
ab:b2:f8:4a:8d:49:71:4d:34:6f:a8:2c:16:cd:0b:
8c:d4:a7:e1:ea:c2:2e:ae:3d:c3:bc:e5:37:f0:0e:
ea:4e:66:be:b9:93:a2:d9:0b:a7:06:68:45:b6:ee:
e6:3f:94:3c:02:77:dc:96:5e:7a:37:81:55:f5:5e:
a1:02:d3:7f:e5:d0:81:f0:be:f4:82:8d:7e:85:35:
4d:65:84:c7:f5:3e:aa:f6:d4:58:9c:d4:ab:b5:0a:
26:05:35:63:28:6e:37:19:2a:f8:15:25:4e:12:c8:
2f:2b:b0:be:3b:2a:d4:15:7e:0b:c7:40:5b:fa:a0:
75:7d:75:f4:c6:a4:4f:03:5e:11:30:23:b9:1d:2c:
c4:6c:48:fe:df:b9:27:71:4b:46:0b:d4:49:66:49:
dc:dd:76:ad:cb:96:2a:3d:cf:39:56:81:f3:27:7c:
59:ae:91:e3:61:70:c1:9e:6d:64:4c:1e:bc:51:c3:
87:f9:f5:8e:7d:10:9d:24:74:aa:0d:8d:5b:2b:9b:
55:71:dc:50:6d:0f:31:34:ac:96:1c:56:48:62:cb:
40:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:32:0C:7D:4C:7F:E7:F7:B2:3A:1D:57:D6:ED:1F:69:E2:C3:C4:AE
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wDIMfUx_5_eyOh1X1u0faeLDxK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.96.0/23
77.239.104.0/23
77.239.122.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
63:2d:3e:02:40:30:73:30:c0:81:9a:c3:87:0f:07:ee:61:8d:
b4:1b:f4:a9:8e:bc:66:8f:01:d4:86:96:8b:e5:1d:48:22:e4:
21:39:54:ed:af:53:75:70:f2:cb:36:c4:0d:68:62:bb:bc:56:
8a:a3:a8:10:19:e6:08:19:bc:ec:72:42:0a:f3:5f:0b:70:46:
6f:d9:9c:c0:8c:27:d4:83:1c:e9:8e:0c:32:85:d9:b7:da:47:
0a:f4:43:7b:3e:ab:46:b7:28:df:f0:1b:ae:c6:17:f9:1b:fe:
23:10:78:26:41:76:82:dc:1e:af:df:9b:c2:12:d3:87:9c:71:
22:aa:62:9b:df:fc:5c:2e:f5:f2:fe:54:94:b1:25:68:86:93:
1e:22:1e:5e:34:8d:d4:7d:27:6b:69:63:f8:56:9c:e7:d5:cd:
64:fa:d0:1a:1e:3f:e9:9a:5c:54:24:7e:ee:46:fb:47:ca:ce:
d7:55:08:ef:6b:de:57:4d:f1:0d:0b:ec:fb:ed:6d:cb:80:69:
b4:ab:3d:2e:c3:91:ec:9a:52:2a:db:81:8f:9d:d8:a0:8c:aa:
55:fe:c3:74:b9:f3:f2:3a:a0:67:e1:c4:7c:55:e3:4b:32:7f:
4a:56:94:40:93:30:b7:cc:ce:12:0a:68:f4:2b:d3:91:bb:7c:
39:92:3a:27
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZfxRIRIlEi8775ZQpElWh4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzA5MjIxODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDMyMGM3ZDRjN2ZlN2Y3YjIzYTFkNTdkNmVkMWY2OWUyYzNjNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0bCLr0GOCXgmTphHCdXkdBl4ND0
57jsRBwGlD/nymuMSIjP/F4RT+B1DjarsvhKjUlxTTRvqCwWzQuM1Kfh6sIurj3D
vOU38A7qTma+uZOi2QunBmhFtu7mP5Q8Anfcll56N4FV9V6hAtN/5dCB8L70go1+
hTVNZYTH9T6q9tRYnNSrtQomBTVjKG43GSr4FSVOEsgvK7C+OyrUFX4Lx0Bb+qB1
fXX0xqRPA14RMCO5HSzEbEj+37kncUtGC9RJZknc3Xaty5YqPc85VoHzJ3xZrpHj
YXDBnm1kTB68UcOH+fWOfRCdJHSqDY1bK5tVcdxQbQ8xNKyWHFZIYstAfwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMAyDH1Mf+f3sjodV9btH2niw8SuMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvd0RJTWZVeF81X2V5T2gxWDF1MGZhZUxEeEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAQLxJAwQA
QLxLAwQBQLxgAwQBTe9oAwQBTe96AwQAlvFpAwQAlvFsAwQAlvF7AwQBubh6AwQA
uc+FMA0GCSqGSIb3DQEBCwUAA4IBAQBjLT4CQDBzMMCBmsOHDwfuYY20G/Spjrxm
jwHUhpaL5R1IIuQhOVTtr1N1cPLLNsQNaGK7vFaKo6gQGeYIGbzsckIK818LcEZv
2ZzAjCfUgxzpjgwyhdm32kcK9EN7PqtGtyjf8Buuxhf5G/4jEHgmQXaC3B6v35vC
EtOHnHEiqmKb3/xcLvXy/lSUsSVohpMeIh5eNI3UfSdraWP4Vpzn1c1k+tAaHj/p
mlxUJH7uRvtHys7XVQjva95XTfENC+z77W3LgGm0qz0uw5HsmlIq24GPndigjKpV
/sN0ufPyOqBn4cR8VeNLMn9KVpRAkzC3zM4SCmj0K9ORu3w5kjon
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:02:19 2025 by rpki-client