Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/ShcB7M4n9ogYHPKGKINq1OFlYQE.roa
File: ShcB7M4n9ogYHPKGKINq1OFlYQE.roa (raw, json)
Hash identifier: 0lxbmjia+IK2SXLQdUwFIR3DeJjvc+MgWpfi98mGURE=
Subject key identifier: 4A:17:01:EC:CE:27:F6:88:18:1C:F2:86:28:83:6A:D4:E1:65:61:01
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 0198C0ED756C4738C963AAD8DACE72B12D1E
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/ShcB7M4n9ogYHPKGKINq1OFlYQE.roa
Signing time: Tue 19 Aug 2025 06:04:04 +0000
ROA not before: Tue 19 Aug 2025 06:04:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.246.220.0/24 maxlen: 24
88.80.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c0:ed:75:6c:47:38:c9:63:aa:d8:da:ce:72:b1:2d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Aug 19 06:04:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a1701ecce27f688181cf28628836ad4e1656101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:15:23:62:e2:c8:6b:82:4c:2c:ba:1b:1d:
06:a7:b0:69:74:4c:99:6c:4a:2e:18:73:ee:1a:b8:
a9:a4:5d:09:9a:d4:9f:88:77:17:ce:f6:ff:73:c3:
0a:46:eb:2b:34:db:e8:9a:d8:fa:18:9f:45:ae:a0:
6d:72:9c:02:6a:b1:7c:7d:de:38:d5:03:ba:6d:1b:
ca:7e:34:50:25:3c:f8:cb:21:c1:9e:d2:ec:47:be:
3d:58:a8:d8:3d:69:8e:73:85:2d:13:7d:a5:e6:bb:
ee:53:b3:a2:13:fd:35:0e:2b:b7:49:1d:c2:8f:30:
68:49:b5:e6:32:f7:76:fc:df:6f:81:23:f8:40:6e:
e6:bf:39:fe:90:c3:d7:c3:fa:c7:34:4c:44:60:10:
7c:3c:75:34:8f:04:6a:fa:cd:7f:f9:ae:ea:bd:2c:
b6:c1:be:90:3d:f8:e2:be:48:97:98:c7:87:c0:e2:
2b:e9:cf:f0:b6:17:db:28:77:60:3d:fc:d9:d7:da:
40:dc:fb:72:37:38:bd:f8:68:94:66:b4:9e:08:36:
10:b6:a6:f4:95:7b:ce:ce:91:c2:a0:1c:4a:4a:20:
9d:e7:2e:fa:ca:16:a3:e5:81:9e:6a:35:cc:c1:55:
c2:df:a5:b9:4c:65:0e:c7:90:ee:c4:c0:f4:ab:5c:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:17:01:EC:CE:27:F6:88:18:1C:F2:86:28:83:6A:D4:E1:65:61:01
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/ShcB7M4n9ogYHPKGKINq1OFlYQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.220.0/24
88.80.140.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:03:b0:b1:64:ac:3a:0a:3d:31:ee:f8:4f:2a:38:38:f2:b7:
0c:17:da:3a:58:b4:6f:9b:22:a0:e7:58:83:cb:4b:23:ea:a3:
96:d7:2c:7f:36:f0:61:20:75:33:ca:3d:0c:04:cd:cd:25:23:
3c:a7:9d:ab:ad:76:d5:05:cc:01:c6:83:7a:75:1b:54:51:16:
9f:23:82:78:ae:97:e8:7e:4d:f0:36:30:a4:78:69:6f:1c:dc:
80:64:12:5b:3e:4f:aa:9d:6b:a4:7c:a1:9e:63:be:f1:46:1e:
eb:36:55:08:f1:00:02:7e:3c:f0:49:5e:f8:75:4f:1b:2a:ff:
27:8e:ab:46:3d:20:36:21:83:66:38:25:4c:b2:20:8a:1c:88:
4c:18:9e:78:97:93:65:41:af:c7:da:66:7f:d2:ff:25:78:e7:
e5:e7:c4:7a:67:30:db:a0:e2:72:b9:af:a7:e1:a4:aa:a3:31:
98:22:43:a6:ae:dd:11:a0:42:b3:09:f9:37:85:04:77:c0:af:
44:89:a3:04:b0:62:2d:be:a2:5a:0d:65:4d:36:03:bc:dc:4c:
e4:31:16:a8:1c:a3:b5:52:df:48:6b:f0:0d:eb:3e:2c:48:8e:
b7:61:c5:f0:ce:ad:8e:f4:aa:84:a4:af:64:f0:53:a8:1f:32:
d9:1f:89:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjA7XVsRzjJY6rY2s5ysS0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwODE5MDYwNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE3MDFlY2NlMjdmNjg4MTgxY2YyODYyODgzNmFkNGUxNjU2MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiksVI2LiyGuCTCy6Gx0Gp7BpdEyZ
bEouGHPuGrippF0JmtSfiHcXzvb/c8MKRusrNNvomtj6GJ9FrqBtcpwCarF8fd44
1QO6bRvKfjRQJTz4yyHBntLsR749WKjYPWmOc4UtE32l5rvuU7OiE/01Diu3SR3C
jzBoSbXmMvd2/N9vgSP4QG7mvzn+kMPXw/rHNExEYBB8PHU0jwRq+s1/+a7qvSy2
wb6QPfjivkiXmMeHwOIr6c/wthfbKHdgPfzZ19pA3PtyNzi9+GiUZrSeCDYQtqb0
lXvOzpHCoBxKSiCd5y76yhaj5YGeajXMwVXC36W5TGUOx5DuxMD0q1yo8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoXAezOJ/aIGBzyhiiDatThZWEBMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvU2hjQjdNNG45b2dZSFBLR0tJTnExT0ZsWVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbcAwQA
WFCMMA0GCSqGSIb3DQEBCwUAA4IBAQBMA7CxZKw6Cj0x7vhPKjg48rcMF9o6WLRv
myKg51iDy0sj6qOW1yx/NvBhIHUzyj0MBM3NJSM8p52rrXbVBcwBxoN6dRtUURaf
I4J4rpfofk3wNjCkeGlvHNyAZBJbPk+qnWukfKGeY77xRh7rNlUI8QACfjzwSV74
dU8bKv8njqtGPSA2IYNmOCVMsiCKHIhMGJ54l5NlQa/H2mZ/0v8leOfl58R6ZzDb
oOJyua+n4aSqozGYIkOmrt0RoEKzCfk3hQR3wK9EiaMEsGItvqJaDWVNNgO83Ezk
MRaoHKO1Ut9Ia/AN6z4sSI63YcXwzq2O9KqEpK9k8FOoHzLZH4kG
-----END CERTIFICATE-----
Generated at Wed Aug 20 21:37:25 2025 by rpki-client