Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HJXynx2uFMrozK0BwN_XiNicEXc.roa
File: HJXynx2uFMrozK0BwN_XiNicEXc.roa (raw, json)
Hash identifier: XBl8zf0cmZgPFmTC1lgt4taQCGc6CeICpMmTKkOBzjQ=
Subject key identifier: 1C:95:F2:9F:1D:AE:14:CA:E8:CC:AD:01:C0:DF:D7:88:D8:9C:11:77
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0197F2D3AEDC60C5491464B1178B3F9AFE5C
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HJXynx2uFMrozK0BwN_XiNicEXc.roa
Signing time: Thu 10 Jul 2025 05:34:08 +0000
ROA not before: Thu 10 Jul 2025 05:34:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 45.248.55.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
193.160.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f2:d3:ae:dc:60:c5:49:14:64:b1:17:8b:3f:9a:fe:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 10 05:34:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c95f29f1dae14cae8ccad01c0dfd788d89c1177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:06:82:9e:3a:b1:01:ab:57:76:fe:f0:a4:d7:
e8:76:91:56:70:a0:96:0f:35:cb:2b:7f:f3:d2:3d:
6f:59:0f:1d:18:80:93:d4:da:06:eb:aa:df:67:cb:
30:46:e2:d8:c2:43:8e:2d:0d:f8:d6:17:a6:86:e9:
5b:27:1c:b4:ab:42:ab:f1:00:85:7d:47:3e:4c:72:
f9:20:cf:72:9b:31:85:40:62:29:1e:74:48:5c:7f:
0f:72:47:db:61:cc:78:7d:e0:ce:80:ea:a6:9a:5a:
9e:22:0f:ee:b8:3b:f2:38:64:ce:6b:76:e2:a2:6c:
25:47:1f:6e:43:23:a9:66:d1:c7:43:b7:88:69:09:
50:19:61:78:ab:8e:78:06:ac:db:03:aa:2d:71:7e:
75:e9:69:5a:21:21:a9:03:9a:4d:ac:38:cf:88:1a:
0b:fc:08:3d:e9:6d:0a:ee:6f:f0:2e:23:5a:e7:5a:
6b:2b:51:c0:ff:ce:76:1f:66:53:6c:9f:0f:f6:74:
73:1f:c9:31:f1:50:de:cb:ae:a0:e9:ad:5d:57:e2:
2d:64:1a:c3:1e:98:7b:6b:95:d1:a4:dc:7e:40:46:
fb:bc:80:b9:42:ba:e3:ae:c9:56:b2:39:cc:a8:bf:
71:48:af:de:d2:7b:56:ce:a9:16:c0:b9:01:70:3c:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:95:F2:9F:1D:AE:14:CA:E8:CC:AD:01:C0:DF:D7:88:D8:9C:11:77
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HJXynx2uFMrozK0BwN_XiNicEXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.248.55.0/24
94.154.177.0/24
185.52.136.0/24
185.253.122.0/24
192.145.71.0/24
193.160.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:ce:1f:ce:0a:3c:bf:6c:71:30:75:2d:9e:ea:09:14:08:7b:
80:2f:a9:7d:b9:04:05:c6:74:5d:6c:40:6f:ea:35:2e:8d:a4:
ca:f1:c3:fa:b1:f3:c8:15:b6:5a:62:f7:6b:28:55:45:49:fc:
22:55:50:64:76:66:4b:0d:83:44:ff:9c:5e:1a:a4:f6:82:a8:
3c:15:46:8c:e1:02:c6:9c:22:f0:95:a9:6c:f4:c0:43:33:c1:
e3:2f:ba:00:94:a6:ab:d2:32:2a:fa:7b:62:f9:7f:e6:c4:75:
0d:87:57:f3:e3:c0:19:5a:75:a1:a0:b7:50:92:8a:2a:d7:65:
a7:38:ed:8a:9a:8c:3b:66:3c:68:ab:47:9f:38:0b:9b:35:78:
3d:be:14:66:f1:8f:73:a1:c8:fd:c4:10:99:ac:16:7c:66:9f:
1e:5d:9d:13:90:1b:2b:61:9a:87:43:57:47:24:f3:4d:e8:8d:
62:84:2d:ad:df:98:fe:a9:6d:51:cb:fc:f6:2c:dc:52:6a:cf:
37:fd:7f:75:b1:bc:a6:d4:3d:0d:22:fc:80:a8:32:0c:e4:32:
b2:c6:a9:02:c3:59:40:d6:95:37:06:a3:7f:8d:51:20:4b:c8:
86:c9:f2:83:b9:d9:f6:19:20:cd:d5:1a:ec:32:f2:4c:47:58:
cc:52:a5:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZfy067cYMVJFGSxF4s/mv5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzEwMDUzNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk1ZjI5ZjFkYWUxNGNhZThjY2FkMDFjMGRmZDc4OGQ4OWMxMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AaCnjqxAatXdv7wpNfodpFWcKCW
DzXLK3/z0j1vWQ8dGICT1NoG66rfZ8swRuLYwkOOLQ341hemhulbJxy0q0Kr8QCF
fUc+THL5IM9ymzGFQGIpHnRIXH8PckfbYcx4feDOgOqmmlqeIg/uuDvyOGTOa3bi
omwlRx9uQyOpZtHHQ7eIaQlQGWF4q454BqzbA6otcX516WlaISGpA5pNrDjPiBoL
/Ag96W0K7m/wLiNa51prK1HA/852H2ZTbJ8P9nRzH8kx8VDey66g6a1dV+ItZBrD
Hph7a5XRpNx+QEb7vIC5QrrjrslWsjnMqL9xSK/e0ntWzqkWwLkBcDykYQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFByV8p8drhTK6MytAcDf14jYnBF3MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSEpYeW54MnVGTXJvekswQndOX1hpTmljRVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALfg3AwQA
XpqxAwQAuTSIAwQAuf16AwQAwJFHAwQCwaBQMA0GCSqGSIb3DQEBCwUAA4IBAQBf
zh/OCjy/bHEwdS2e6gkUCHuAL6l9uQQFxnRdbEBv6jUujaTK8cP6sfPIFbZaYvdr
KFVFSfwiVVBkdmZLDYNE/5xeGqT2gqg8FUaM4QLGnCLwlals9MBDM8HjL7oAlKar
0jIq+nti+X/mxHUNh1fz48AZWnWhoLdQkooq12WnOO2Kmow7Zjxoq0efOAubNXg9
vhRm8Y9zocj9xBCZrBZ8Zp8eXZ0TkBsrYZqHQ1dHJPNN6I1ihC2t35j+qW1Ry/z2
LNxSas83/X91sbym1D0NIvyAqDIM5DKyxqkCw1lA1pU3BqN/jVEgS8iGyfKDudn2
GSDN1RrsMvJMR1jMUqVN
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:58:13 2025 by rpki-client