Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h-F1gGgYkv5Ygcn7V9-pwLU7FKs.roa
File: h-F1gGgYkv5Ygcn7V9-pwLU7FKs.roa (raw, json)
Hash identifier: DKGHHA7PfkIPekmqGeE/iQySyusk5NtKBel7AGulqm8=
Subject key identifier: 87:E1:75:80:68:18:92:FE:58:81:C9:FB:57:DF:A9:C0:B5:3B:14:AB
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01991D37DF1B9702D6545A6F6BA54C21D854
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h-F1gGgYkv5Ygcn7V9-pwLU7FKs.roa
Signing time: Sat 06 Sep 2025 04:10:24 +0000
ROA not before: Sat 06 Sep 2025 04:10:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.231.30.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.233.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1d:37:df:1b:97:02:d6:54:5a:6f:6b:a5:4c:21:d8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 6 04:10:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87e17580681892fe5881c9fb57dfa9c0b53b14ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:bb:6f:08:4b:ef:d1:70:a7:48:60:2d:2d:
4e:9d:ba:fd:e0:68:38:72:f8:21:26:a3:fd:9f:88:
cf:4d:ae:2e:6c:3e:96:14:a1:b4:9c:0f:53:d5:65:
b0:fc:5d:e1:46:c4:a2:f6:99:d9:b8:f6:e7:69:22:
5f:e5:e5:6a:29:8d:fc:aa:3e:60:5c:c2:e0:8f:59:
c5:b6:48:82:ce:46:e4:10:39:63:2f:82:9b:4b:2f:
b1:b4:68:f8:f1:c3:c9:9c:21:24:c8:88:11:68:08:
f1:d0:95:2f:f5:9d:77:81:13:c6:d0:3c:99:0d:4a:
a6:c2:bb:41:86:2f:f3:06:7a:ef:03:e8:7e:a2:6b:
1a:0a:ee:ce:1f:a7:26:0e:b6:5e:7d:f1:23:82:b8:
c8:3e:65:62:e6:20:63:4d:85:5d:f5:10:66:fd:e3:
46:28:f0:d6:8f:29:1d:a7:7f:25:06:11:2c:12:1a:
0c:07:c7:cd:50:c3:7b:e9:df:d3:14:cd:e2:9b:b4:
78:ce:12:61:8d:e5:37:f3:d1:28:d9:84:57:58:88:
15:94:a1:7c:54:6a:13:75:92:0f:47:8a:bb:9c:67:
5c:f6:fb:53:27:84:a8:84:86:ed:c5:21:55:ae:70:
99:83:a0:f7:a3:c1:36:74:06:18:70:e9:d8:eb:34:
ea:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E1:75:80:68:18:92:FE:58:81:C9:FB:57:DF:A9:C0:B5:3B:14:AB
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h-F1gGgYkv5Ygcn7V9-pwLU7FKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.231.30.0/24
77.90.54.0/24
87.239.131.0/24
94.249.233.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
27:0c:ac:e7:46:89:98:0a:58:55:51:9c:6b:5b:a7:b9:0c:e8:
2b:82:59:cb:95:1e:cf:24:29:5b:d6:d3:aa:be:dd:02:5c:63:
ee:8c:2b:25:87:49:6d:a6:d5:9f:cb:05:49:a1:10:8f:9d:d5:
d9:9e:b8:1e:20:25:c9:d9:fe:ea:c3:20:12:59:45:cc:0e:42:
9a:09:99:fb:1e:c8:42:49:ad:39:08:6b:3e:8b:16:48:11:ee:
d4:ae:84:bb:19:6b:f1:35:a5:16:8c:10:35:8a:a6:42:09:d7:
9c:bc:be:09:d9:94:b4:2a:f2:fa:43:72:c0:f6:3e:cb:0f:6e:
30:7d:10:f3:f2:a6:6e:90:e8:d4:68:66:2e:82:e4:57:c4:51:
c0:d1:c3:3e:10:6f:76:2f:d5:8d:35:26:22:c0:9f:20:e8:3f:
8f:24:ad:a8:50:d3:81:48:83:31:ef:da:ae:cc:67:7d:1f:e3:
77:c7:5c:25:75:2a:f3:aa:7f:e2:ae:d9:5f:10:63:46:b9:c6:
24:d0:3c:a8:b2:7e:68:6d:a7:1f:e4:fc:e1:16:01:b7:25:b5:
00:e6:87:6f:cc:1a:7f:5f:85:b0:69:70:3e:2d:6d:e5:44:58:
8a:54:c9:6a:73:1d:75:c5:52:65:ef:73:2e:4e:e0:6a:74:18:
33:df:3c:82
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZkdN98blwLWVFpva6VMIdhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwOTA2MDQxMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2UxNzU4MDY4MTg5MmZlNTg4MWM5ZmI1N2RmYTljMGI1M2IxNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLS7bwhL79Fwp0hgLS1Onbr94Gg4
cvghJqP9n4jPTa4ubD6WFKG0nA9T1WWw/F3hRsSi9pnZuPbnaSJf5eVqKY38qj5g
XMLgj1nFtkiCzkbkEDljL4KbSy+xtGj48cPJnCEkyIgRaAjx0JUv9Z13gRPG0DyZ
DUqmwrtBhi/zBnrvA+h+omsaCu7OH6cmDrZeffEjgrjIPmVi5iBjTYVd9RBm/eNG
KPDWjykdp38lBhEsEhoMB8fNUMN76d/TFM3im7R4zhJhjeU389Eo2YRXWIgVlKF8
VGoTdZIPR4q7nGdc9vtTJ4SohIbtxSFVrnCZg6D3o8E2dAYYcOnY6zTqWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIfhdYBoGJL+WIHJ+1ffqcC1OxSrMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaC1GMWdHZ1lrdjVZZ2NuN1Y5LXB3TFU3RktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOBAwQA
BeceAwQATVo2AwQAV++DAwQAXvnpAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQAn
DKznRomYClhVUZxrW6e5DOgrglnLlR7PJClb1tOqvt0CXGPujCslh0ltptWfywVJ
oRCPndXZnrgeICXJ2f7qwyASWUXMDkKaCZn7HshCSa05CGs+ixZIEe7UroS7GWvx
NaUWjBA1iqZCCdecvL4J2ZS0KvL6Q3LA9j7LD24wfRDz8qZukOjUaGYuguRXxFHA
0cM+EG92L9WNNSYiwJ8g6D+PJK2oUNOBSIMx79quzGd9H+N3x1wldSrzqn/irtlf
EGNGucYk0Dyosn5obacf5PzhFgG3JbUA5odvzBp/X4WwaXA+LW3lRFiKVMlqcx11
xVJl73MuTuBqdBgz3zyC
-----END CERTIFICATE-----
Generated at Sat Sep 6 08:05:58 2025 by rpki-client