Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/rhH6smrg9sjBVF8EdLlBrHq9asg.roa
File: rhH6smrg9sjBVF8EdLlBrHq9asg.roa (raw, json)
Hash identifier: DaOe22ltVBO/ibaoIcUF3/3ob0LJmBz+/nN6WAZBhh0=
Subject key identifier: AE:11:FA:B2:6A:E0:F6:C8:C1:54:5F:04:74:B9:41:AC:7A:BD:6A:C8
Certificate issuer: /CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Certificate serial: 019A01B0EB50098FCFC4E2AA00740CBA55FF
Authority key identifier: 83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/rhH6smrg9sjBVF8EdLlBrHq9asg.roa
Signing time: Mon 20 Oct 2025 12:56:02 +0000
ROA not before: Mon 20 Oct 2025 12:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205111
IP address blocks: 91.103.153.0/24 maxlen: 24
91.103.155.0/24 maxlen: 24
144.89.64.0/23 maxlen: 23
144.89.66.0/23 maxlen: 23
185.230.212.0/23 maxlen: 23
185.230.212.0/24 maxlen: 24
185.230.214.0/23 maxlen: 23
199.67.72.0/23 maxlen: 23
199.67.74.0/24 maxlen: 24
199.67.75.0/24 maxlen: 24
199.67.88.0/23 maxlen: 23
199.67.90.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b0:eb:50:09:8f:cf:c4:e2:aa:00:74:0c:ba:55:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Validity
Not Before: Oct 20 12:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae11fab26ae0f6c8c1545f0474b941ac7abd6ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6b:24:d6:01:2d:4a:c4:bc:d9:67:37:bf:f2:
6c:49:9a:a3:8f:40:04:28:64:27:00:db:43:20:42:
17:e3:15:e8:39:66:06:62:cd:b9:36:2a:2a:b9:ff:
93:a2:bf:27:96:97:a6:5a:fe:82:dd:d0:e4:76:d5:
19:4a:a8:36:42:b8:5e:e0:e3:88:fc:78:e5:04:1d:
c8:8a:43:f1:18:28:0f:54:23:6e:8a:fc:4a:cf:58:
a6:ef:ea:ab:82:0c:2c:66:ce:b3:98:c5:4a:ed:c7:
24:1f:08:14:a6:42:61:cf:5e:52:96:d0:27:ef:a8:
e5:81:6c:8f:5b:46:ef:a5:40:0c:e2:98:2e:e2:77:
d9:4b:f9:97:ad:06:16:73:3d:7f:ef:a0:06:c6:3f:
e7:49:0e:3b:6e:79:04:f9:e2:dc:1e:4a:55:3d:ec:
9e:98:26:62:72:e2:52:a0:39:bc:04:38:5e:7c:0e:
33:9c:b8:75:a2:74:8c:83:b1:0b:42:a1:bc:58:5f:
18:c6:ef:75:2a:a3:04:a4:32:60:5b:61:ae:5a:06:
46:69:9b:aa:00:76:a9:1e:ec:67:00:78:b8:9a:8a:
85:0f:47:f9:c7:48:05:6d:0e:b8:a8:ca:98:1c:19:
30:37:25:6c:99:8e:03:92:b4:df:ab:b7:e7:ba:87:
f4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:11:FA:B2:6A:E0:F6:C8:C1:54:5F:04:74:B9:41:AC:7A:BD:6A:C8
X509v3 Authority Key Identifier:
keyid:83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/rhH6smrg9sjBVF8EdLlBrHq9asg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.153.0/24
91.103.155.0/24
144.89.64.0/22
185.230.212.0/22
199.67.72.0/22
199.67.88.0/22
Signature Algorithm: sha256WithRSAEncryption
68:3d:89:45:f2:90:5b:74:a0:dd:a7:7a:59:7c:9d:af:d7:d6:
b2:8b:ee:f1:6b:3e:fd:39:ba:63:3c:ae:d8:43:5d:08:cb:7e:
f3:9a:d7:e9:36:46:09:da:79:e7:2c:7b:f0:df:3f:d4:22:49:
44:f1:8a:44:4f:bb:7f:9b:e9:e5:58:33:a4:9a:80:c3:4d:4c:
62:b3:9e:dc:c3:e2:75:7a:ed:33:12:3a:57:47:72:15:05:ec:
15:aa:57:b7:46:22:56:7a:3f:7d:7f:d9:08:05:3a:ac:83:30:
e3:14:05:82:f1:14:b0:8b:40:ee:96:7c:a9:cc:cd:af:64:75:
51:b1:6d:1a:ec:cd:49:14:f7:41:aa:bf:d6:7a:80:11:b0:c2:
46:62:0f:57:6a:07:07:b0:ce:02:b0:f6:55:d2:80:79:60:df:
38:7d:38:b1:4c:35:c2:75:d1:b4:f6:b8:eb:4b:8c:c5:4b:e3:
44:18:b7:8a:8c:42:61:fa:0b:43:b5:71:be:90:4e:a3:5b:0e:
4a:a5:60:c0:21:bb:d0:6e:42:28:76:3d:0e:a9:4a:fd:7f:75:
46:5f:0e:cf:b3:c5:e9:e5:78:20:7f:fe:c9:8d:da:e2:98:1d:
93:16:ef:62:af:e8:69:11:f2:a6:bd:fc:ff:bc:bf:ff:48:af:
88:88:55:20
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZoBsOtQCY/PxOKqAHQMulX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjhmZDc0OTNhMmZlMDU2MjIyZGI0MWVkNjkzMDgzYjUw
ZWNjZmIwHhcNMjUxMDIwMTI1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTExZmFiMjZhZTBmNmM4YzE1NDVmMDQ3NGI5NDFhYzdhYmQ2YWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1msk1gEtSsS82Wc3v/JsSZqjj0AE
KGQnANtDIEIX4xXoOWYGYs25Nioquf+Tor8nlpemWv6C3dDkdtUZSqg2Qrhe4OOI
/HjlBB3IikPxGCgPVCNuivxKz1im7+qrggwsZs6zmMVK7cckHwgUpkJhz15SltAn
76jlgWyPW0bvpUAM4pgu4nfZS/mXrQYWcz1/76AGxj/nSQ47bnkE+eLcHkpVPeye
mCZicuJSoDm8BDhefA4znLh1onSMg7ELQqG8WF8Yxu91KqMEpDJgW2GuWgZGaZuq
AHapHuxnAHi4moqFD0f5x0gFbQ64qMqYHBkwNyVsmY4DkrTfq7fnuof0OQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK4R+rJq4PbIwVRfBHS5Qax6vWrIMB8GA1UdIwQY
MBaAFIP4/XSTov4FYiLbQe1pMIO1Dsz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAt
YTA0M2MyMzBmMzBkLzEvcmhINnNtcmc5c2pCVkY4RWRMbEJySHE5YXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAtYTA0M2MyMzBmMzBk
LzEvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW2eZAwQA
W2ebAwQCkFlAAwQCuebUAwQCx0NIAwQCx0NYMA0GCSqGSIb3DQEBCwUAA4IBAQBo
PYlF8pBbdKDdp3pZfJ2v19ayi+7xaz79ObpjPK7YQ10Iy37zmtfpNkYJ2nnnLHvw
3z/UIklE8YpET7t/m+nlWDOkmoDDTUxis57cw+J1eu0zEjpXR3IVBewVqle3RiJW
ej99f9kIBTqsgzDjFAWC8RSwi0DulnypzM2vZHVRsW0a7M1JFPdBqr/WeoARsMJG
Yg9XagcHsM4CsPZV0oB5YN84fTixTDXCddG09rjrS4zFS+NEGLeKjEJh+gtDtXG+
kE6jWw5KpWDAIbvQbkIodj0OqUr9f3VGXw7Ps8Xp5Xggf/7JjdrimB2TFu9ir+hp
EfKmvfz/vL//SK+IiFUg
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:49:30 2025 by rpki-client