Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ht8KrfgzzZ_VDBCKB8tET_mMAAU.roa
File: Ht8KrfgzzZ_VDBCKB8tET_mMAAU.roa (raw, json)
Hash identifier: qSbsZt1zMhs+51mrF5s0v/tqLgchTKOY64O0tjC1Hi4=
Subject key identifier: 1E:DF:0A:AD:F8:33:CD:9F:D5:0C:10:8A:07:CB:44:4F:F9:8C:00:05
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196FC7EDEBAD8B2A218B2DDC57F2ED64341
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ht8KrfgzzZ_VDBCKB8tET_mMAAU.roa
Signing time: Fri 23 May 2025 09:34:55 +0000
ROA not before: Fri 23 May 2025 09:34:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.12.255.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
94.156.253.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 08:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:7e:de:ba:d8:b2:a2:18:b2:dd:c5:7f:2e:d6:43:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 23 09:34:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1edf0aadf833cd9fd50c108a07cb444ff98c0005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:60:39:a5:cc:69:94:47:f3:cc:8e:e2:f2:5e:
e2:d5:81:d8:0d:53:11:49:84:28:9a:a9:e5:4b:cb:
6d:7a:96:d0:11:40:57:35:2a:39:63:c6:d6:63:ac:
44:8a:06:b1:7c:34:e2:f2:e0:e9:85:f3:c1:e7:fc:
5c:9f:5d:db:e5:bb:53:82:f2:90:89:34:9d:4f:cd:
0f:00:65:1f:ce:6d:21:20:25:bb:44:7c:68:5e:64:
09:20:d5:0b:16:d8:54:de:1b:e3:02:43:3f:2f:7c:
d7:03:e2:2c:3f:00:23:0f:11:08:67:4c:81:40:96:
28:06:d8:b0:1e:da:26:63:0a:af:a4:34:50:7f:74:
78:b8:49:99:2a:d9:97:d4:98:77:df:25:6a:e1:47:
ff:1e:df:9e:e5:ea:f4:4c:03:8d:ea:b9:1a:26:07:
fb:52:8e:39:5a:4f:6a:b5:82:fb:b3:a2:6c:e4:72:
61:04:ce:4b:e2:61:b7:b6:b2:aa:ea:c1:bb:52:c6:
a0:ac:25:55:b0:6c:bc:9b:d2:20:5d:a8:ac:86:e1:
62:68:a2:22:85:17:04:ad:11:3c:72:d1:0e:96:a1:
f8:d4:cf:6b:c2:1b:dd:e9:1a:4b:3c:77:30:2e:f5:
5e:0a:d0:c8:f6:26:f2:f0:25:63:b5:4c:fa:4f:30:
32:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DF:0A:AD:F8:33:CD:9F:D5:0C:10:8A:07:CB:44:4F:F9:8C:00:05
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ht8KrfgzzZ_VDBCKB8tET_mMAAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
87.120.33.0/24
87.121.58.0/24
94.103.127.0/24
94.156.79.0/24
94.156.253.0/24
141.98.4.0/24
147.78.100.0/24
Signature Algorithm: sha256WithRSAEncryption
29:97:ad:a5:fb:6d:84:56:2a:8d:65:27:a9:02:c9:48:f7:bb:
04:66:f2:5a:6c:c6:6b:ac:32:54:78:83:ca:37:c7:98:d0:5b:
d2:bf:2e:af:c4:4c:3f:32:7e:62:4c:0c:b8:bd:b6:c5:c2:65:
6a:0b:fc:a6:f7:c6:be:b1:25:bc:72:e6:22:b1:46:45:be:5c:
80:13:8b:88:82:17:2a:57:fb:90:af:3b:83:b4:c3:62:15:55:
ad:ba:db:4f:ff:d0:88:a4:c1:86:62:eb:83:d5:f8:aa:53:bc:
c6:cf:f0:19:99:8c:0b:84:ec:a3:a4:e3:2c:71:73:e7:3a:eb:
63:74:1b:62:af:67:98:a3:de:22:37:9c:12:71:9a:5e:81:da:
46:8f:8f:fb:49:21:26:a4:7d:8c:e5:ce:ab:80:d0:a5:6a:30:
e5:d8:03:2d:32:8f:f3:3b:d7:6c:75:92:6d:a1:10:9c:d7:63:
a5:90:22:f3:72:95:06:73:6b:4b:c1:c9:df:a1:c9:a3:48:2c:
87:f5:27:65:f4:00:be:22:39:6f:b2:56:70:78:6d:48:12:e6:
2b:e2:fb:a6:af:1c:9a:78:51:ea:c2:14:c1:dd:a5:e9:9e:77:
ed:ed:41:53:4d:92:8f:eb:7d:82:60:c2:c4:2b:68:37:4d:3e:
7d:23:bf:23
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZb8ft662LKiGLLdxX8u1kNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTIzMDkzNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRmMGFhZGY4MzNjZDlmZDUwYzEwOGEwN2NiNDQ0ZmY5OGMwMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WA5pcxplEfzzI7i8l7i1YHYDVMR
SYQomqnlS8ttepbQEUBXNSo5Y8bWY6xEigaxfDTi8uDphfPB5/xcn13b5btTgvKQ
iTSdT80PAGUfzm0hICW7RHxoXmQJINULFthU3hvjAkM/L3zXA+IsPwAjDxEIZ0yB
QJYoBtiwHtomYwqvpDRQf3R4uEmZKtmX1Jh33yVq4Uf/Ht+e5er0TAON6rkaJgf7
Uo45Wk9qtYL7s6Js5HJhBM5L4mG3trKq6sG7UsagrCVVsGy8m9IgXaishuFiaKIi
hRcErRE8ctEOlqH41M9rwhvd6RpLPHcwLvVeCtDI9iby8CVjtUz6TzAyqwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB7fCq34M82f1QwQigfLRE/5jAAFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSHQ4S3JmZ3p6Wl9WREJDS0I4dEVUX21NQUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQz/AwQA
V3ghAwQAV3k6AwQAXmd/AwQAXpxPAwQAXpz9AwQAjWIEAwQAk05kMA0GCSqGSIb3
DQEBCwUAA4IBAQApl62l+22EViqNZSepAslI97sEZvJabMZrrDJUeIPKN8eY0FvS
vy6vxEw/Mn5iTAy4vbbFwmVqC/ym98a+sSW8cuYisUZFvlyAE4uIghcqV/uQrzuD
tMNiFVWtuttP/9CIpMGGYuuD1fiqU7zGz/AZmYwLhOyjpOMscXPnOutjdBtir2eY
o94iN5wScZpegdpGj4/7SSEmpH2M5c6rgNClajDl2AMtMo/zO9dsdZJtoRCc12Ol
kCLzcpUGc2tLwcnfocmjSCyH9Sdl9AC+IjlvslZweG1IEuYr4vumrxyaeFHqwhTB
3aXpnnft7UFTTZKP632CYMLEK2g3TT59I78j
-----END CERTIFICATE-----
Generated at Wed Jun 4 12:11:55 2025 by rpki-client