Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/HKzdzhB_tB1CTilAmYWtNKDBWtk.roa
File: HKzdzhB_tB1CTilAmYWtNKDBWtk.roa (raw, json)
Hash identifier: zBSp/5jentJ6BgFADLJ2Trw78JB11wx/Q4B+hr4j+NM=
Subject key identifier: 1C:AC:DD:CE:10:7F:B4:1D:42:4E:29:40:99:85:AD:34:A0:C1:5A:D9
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019A2FCDBADFE6D643BADEC72B1AE8415D79
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/HKzdzhB_tB1CTilAmYWtNKDBWtk.roa
Signing time: Wed 29 Oct 2025 11:50:03 +0000
ROA not before: Wed 29 Oct 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197578
IP address blocks: 170.168.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:cd:ba:df:e6:d6:43:ba:de:c7:2b:1a:e8:41:5d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 29 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cacddce107fb41d424e29409985ad34a0c15ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:db:81:8c:22:2c:c0:e2:93:35:5e:6d:3d:d7:
4e:c6:9b:79:ec:40:a7:c2:4f:e2:78:ae:f2:eb:32:
40:1e:bd:64:01:4f:4a:f0:c5:83:73:f1:61:7b:d5:
a6:a9:00:93:22:a2:c1:e4:94:0e:41:99:09:ad:e7:
2d:f6:23:d3:1c:63:d8:26:df:af:14:2a:b0:00:81:
c4:f7:14:f0:47:8d:71:c1:d5:29:bb:50:57:a8:e4:
70:67:6f:fe:08:25:69:f2:93:0d:aa:c6:27:0f:5a:
8c:ce:fc:cd:a5:65:78:31:35:e9:ad:0b:81:2a:b9:
30:ed:93:0d:c9:46:02:41:ac:54:0b:1d:02:79:f4:
45:ef:70:c0:e7:df:ec:f2:b1:cf:9f:a7:6c:8a:b6:
0a:34:73:ae:31:ef:0e:6c:3f:11:6c:94:91:6b:1f:
db:05:39:08:a4:e4:bc:d6:0b:0f:08:19:d8:52:89:
fb:68:1f:2b:ae:a4:2e:f2:3e:af:15:cc:aa:01:e9:
e2:fa:50:2b:68:1f:95:bd:3c:5a:7b:1b:0c:e6:ea:
2d:68:b9:b1:db:c2:14:d6:ba:6b:77:f7:85:6e:11:
b1:5d:c1:44:87:c1:99:6d:4c:29:3c:04:f7:9f:e0:
10:05:37:4f:7e:96:07:50:af:96:17:5c:e6:01:c9:
5a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AC:DD:CE:10:7F:B4:1D:42:4E:29:40:99:85:AD:34:A0:C1:5A:D9
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/HKzdzhB_tB1CTilAmYWtNKDBWtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.77.0/24
Signature Algorithm: sha256WithRSAEncryption
39:44:91:64:6b:6e:87:df:a4:c4:70:bd:2d:6c:17:71:91:d0:
03:44:01:ba:e7:b3:88:8f:63:b1:23:a5:7a:3f:8c:ff:60:e4:
1b:c8:36:17:87:14:17:a9:3e:8a:a2:9e:99:e5:9e:a1:91:49:
c6:ff:b6:ad:23:8b:24:3e:24:e7:0a:9c:16:40:d0:ed:96:e5:
81:bc:65:a4:2b:8a:9e:37:4f:5f:ad:2c:92:48:17:9f:50:00:
a9:82:2b:7d:5e:fe:5a:0c:2e:e0:cb:a3:e3:08:60:dc:31:ae:
2c:8a:08:d6:4f:98:e9:f0:6e:f1:32:4f:f5:3a:81:9c:f3:85:
0a:11:51:26:ec:b8:57:5e:5b:73:ba:59:b7:78:c5:35:04:5b:
0b:a3:3d:08:bf:33:f9:7a:f8:86:04:3d:3c:fe:83:f8:3a:13:
72:15:c3:3d:d7:ee:f7:45:16:f0:76:ef:af:d1:7d:75:32:b0:
97:ca:9a:97:26:e1:2c:b2:43:58:d7:51:63:95:3c:80:f4:ba:
82:76:7c:45:e4:4d:f9:60:70:29:ab:55:7c:d8:28:49:f0:4c:
7a:d0:48:01:a4:53:bf:a0:02:84:8b:26:66:f9:a8:49:85:47:
a5:dc:ae:71:2e:89:9f:94:ba:fc:a7:2d:c6:82:4e:d9:92:70:
c9:ce:dc:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZovzbrf5tZDut7HKxroQV15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDI5MTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FjZGRjZTEwN2ZiNDFkNDI0ZTI5NDA5OTg1YWQzNGEwYzE1YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNuBjCIswOKTNV5tPddOxpt57ECn
wk/ieK7y6zJAHr1kAU9K8MWDc/Fhe9WmqQCTIqLB5JQOQZkJrect9iPTHGPYJt+v
FCqwAIHE9xTwR41xwdUpu1BXqORwZ2/+CCVp8pMNqsYnD1qMzvzNpWV4MTXprQuB
Krkw7ZMNyUYCQaxUCx0CefRF73DA59/s8rHPn6dsirYKNHOuMe8ObD8RbJSRax/b
BTkIpOS81gsPCBnYUon7aB8rrqQu8j6vFcyqAeni+lAraB+VvTxaexsM5uotaLmx
28IU1rprd/eFbhGxXcFEh8GZbUwpPAT3n+AQBTdPfpYHUK+WF1zmAclaGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBys3c4Qf7QdQk4pQJmFrTSgwVrZMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvSEt6ZHpoQl90QjFDVGlsQW1ZV3ROS0RCV3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqhNMA0G
CSqGSIb3DQEBCwUAA4IBAQA5RJFka26H36TEcL0tbBdxkdADRAG657OIj2OxI6V6
P4z/YOQbyDYXhxQXqT6Kop6Z5Z6hkUnG/7atI4skPiTnCpwWQNDtluWBvGWkK4qe
N09frSySSBefUACpgit9Xv5aDC7gy6PjCGDcMa4sigjWT5jp8G7xMk/1OoGc84UK
EVEm7LhXXltzulm3eMU1BFsLoz0IvzP5eviGBD08/oP4OhNyFcM91+73RRbwdu+v
0X11MrCXypqXJuEsskNY11FjlTyA9LqCdnxF5E35YHApq1V82ChJ8Ex60EgBpFO/
oAKEiyZm+ahJhUel3K5xLomflLr8py3Ggk7ZknDJztxz
-----END CERTIFICATE-----
Generated at Sat Nov 1 10:59:44 2025 by rpki-client