Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HTt9MYQmeAmER5SQDg0A0sO67Jo.roa
File: HTt9MYQmeAmER5SQDg0A0sO67Jo.roa (raw, json)
Hash identifier: uc15jB5Y0QLV/753t5GCZ6IjxGKzf2QAhM1bjcYfa+w=
Subject key identifier: 1D:3B:7D:31:84:26:78:09:84:47:94:90:0E:0D:00:D2:C3:BA:EC:9A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01988A973F882B275889D8A94FE1B2E8FDC9
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HTt9MYQmeAmER5SQDg0A0sO67Jo.roa
Signing time: Fri 08 Aug 2025 16:50:24 +0000
ROA not before: Fri 08 Aug 2025 16:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.101.0/24 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.38.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 23:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:97:3f:88:2b:27:58:89:d8:a9:4f:e1:b2:e8:fd:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Aug 8 16:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d3b7d3184267809844794900e0d00d2c3baec9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:38:95:e0:ab:87:60:ac:06:62:ca:3c:45:68:
94:97:3d:70:4e:7c:77:53:8c:4a:23:fd:d8:04:50:
0c:e2:4e:bd:2a:f7:6d:be:48:32:f2:92:b7:54:93:
6b:e0:44:df:54:98:88:46:ec:ae:be:2b:ac:84:28:
4e:84:d6:0a:e8:97:7d:d1:af:43:0c:b6:26:ea:fc:
30:ce:42:9a:74:37:cd:74:35:d2:79:49:0e:33:73:
1d:5c:b5:6d:ef:83:98:24:2d:a9:8b:1f:b0:bb:35:
22:9f:83:a0:f0:bb:6f:63:45:6d:cb:78:57:7c:33:
37:51:ff:c6:01:6f:76:24:20:54:ce:cd:bb:09:ad:
dc:dd:e4:9e:d5:3c:9d:b9:32:fe:c6:e0:35:17:36:
62:55:39:f2:38:5a:59:a8:5f:4b:de:b1:42:b2:55:
52:75:b5:b8:2d:99:f3:0c:28:c8:ff:69:7b:d6:24:
ea:71:67:65:ba:5b:7e:fc:39:c8:2f:c7:ad:8e:2c:
57:83:42:6e:02:03:bc:e6:d0:05:83:b1:1b:21:dc:
b9:93:fd:bf:5f:2c:cd:9d:33:fe:54:41:1c:11:a7:
57:90:0e:d2:fb:67:67:83:ef:65:70:f1:67:28:b2:
87:a4:f7:16:ef:a7:10:7a:6a:a9:4d:08:57:e4:7f:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3B:7D:31:84:26:78:09:84:47:94:90:0E:0D:00:D2:C3:BA:EC:9A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HTt9MYQmeAmER5SQDg0A0sO67Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.88.36.0/24
185.89.42.0/23
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:e5:89:04:f4:03:ef:6e:72:37:3c:c9:02:74:99:f1:29:3a:
0c:2a:bc:6b:d2:a1:bf:5a:98:0d:33:71:a3:f2:8f:4d:7f:1f:
e4:ae:c3:b7:ce:33:3f:d2:3c:af:32:4a:2c:17:8c:98:af:fb:
4a:dd:92:4b:a9:9b:61:c5:af:83:ad:49:ad:e6:b4:0b:8c:6c:
6a:d5:41:c8:9b:81:22:58:08:de:f8:32:88:49:87:e4:03:90:
b1:62:94:38:a0:89:59:8c:88:20:7a:8d:b8:c1:1f:6e:ca:51:
5e:42:45:32:72:3d:09:08:20:b0:89:ee:81:fd:15:59:3b:08:
16:86:3f:d2:41:00:43:c5:62:36:a5:57:1e:46:6e:28:98:d8:
75:fd:86:07:15:57:f3:02:32:c5:73:67:ed:c6:97:d8:92:98:
db:16:10:e3:8d:60:49:9a:b5:e8:9a:ea:02:7b:b9:1b:9a:f4:
fd:ee:3f:eb:8a:b5:02:17:84:f1:e7:32:e7:08:23:16:37:6c:
7d:96:5d:41:25:72:d7:80:98:58:0b:6e:db:c8:51:d0:c1:b5:
f8:d0:d9:09:f0:9a:00:b9:36:61:be:29:7c:a1:cd:3a:4a:94:
6b:b6:57:f4:9c:2d:39:40:d4:6f:30:fe:be:18:ac:c7:53:5b:
a5:c4:54:46
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZiKlz+IKydYidipT+Gy6P3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwODA4MTY1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNiN2QzMTg0MjY3ODA5ODQ0Nzk0OTAwZTBkMDBkMmMzYmFlYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DiV4KuHYKwGYso8RWiUlz1wTnx3
U4xKI/3YBFAM4k69Kvdtvkgy8pK3VJNr4ETfVJiIRuyuviushChOhNYK6Jd90a9D
DLYm6vwwzkKadDfNdDXSeUkOM3MdXLVt74OYJC2pix+wuzUin4Og8LtvY0Vty3hX
fDM3Uf/GAW92JCBUzs27Ca3c3eSe1TyduTL+xuA1FzZiVTnyOFpZqF9L3rFCslVS
dbW4LZnzDCjI/2l71iTqcWdlult+/DnIL8etjixXg0JuAgO85tAFg7EbIdy5k/2/
XyzNnTP+VEEcEadXkA7S+2dng+9lcPFnKLKHpPcW76cQemqpTQhX5H9c2QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFB07fTGEJngJhEeUkA4NANLDuuyaMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSFR0OU1ZUW1lQW1FUjVTUURnMEEwc082N0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAQW1
qAMEAAW3/wMEAFOr4AMEAVOr4gMEAI1iVwMEALlEuAMEAblE9gMEALlRrgMEALlR
uAMEALlRuwMEALlYJAMEAblZKgMEAblZaAMEArlZbDAMAwQAuV9lAwQDuV9gAwQA
uWAmAwQAwmgKAwQA1eh4AwQA1eh6MA0GCSqGSIb3DQEBCwUAA4IBAQBq5YkE9APv
bnI3PMkCdJnxKToMKrxr0qG/WpgNM3Gj8o9Nfx/krsO3zjM/0jyvMkosF4yYr/tK
3ZJLqZthxa+DrUmt5rQLjGxq1UHIm4EiWAje+DKISYfkA5CxYpQ4oIlZjIggeo24
wR9uylFeQkUycj0JCCCwie6B/RVZOwgWhj/SQQBDxWI2pVceRm4omNh1/YYHFVfz
AjLFc2ftxpfYkpjbFhDjjWBJmrXomuoCe7kbmvT97j/rirUCF4Tx5zLnCCMWN2x9
ll1BJXLXgJhYC27byFHQwbX40NkJ8JoAuTZhvil8oc06SpRrtlf0nC05QNRvMP6+
GKzHU1ulxFRG
-----END CERTIFICATE-----
Generated at Wed Aug 20 08:33:53 2025 by rpki-client