Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/H4YuarFLRv2DKAM6083yrFzz9JY.roa
File: H4YuarFLRv2DKAM6083yrFzz9JY.roa (raw, json)
Hash identifier: fMRUn4uvKnHkcfGAlHBm1byeQeTo8bCHBsHlwHjMTDA=
Subject key identifier: 1F:86:2E:6A:B1:4B:46:FD:83:28:03:3A:D3:CD:F2:AC:5C:F3:F4:96
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01990E5B1D29BF43BE7B4FAEA39BA387C5A9
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/H4YuarFLRv2DKAM6083yrFzz9JY.roa
Signing time: Wed 03 Sep 2025 06:54:36 +0000
ROA not before: Wed 03 Sep 2025 06:54:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 195.57.88.0/23 maxlen: 23
195.76.240.0/23 maxlen: 23
195.76.240.0/24 maxlen: 24
195.76.241.0/24 maxlen: 24
195.77.198.0/23 maxlen: 23
195.77.198.0/24 maxlen: 24
195.77.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 15:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:5b:1d:29:bf:43:be:7b:4f:ae:a3:9b:a3:87:c5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Sep 3 06:54:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f862e6ab14b46fd8328033ad3cdf2ac5cf3f496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:48:a2:e7:1a:d1:40:c4:6e:b5:fd:0d:21:c3:
c2:80:a3:c5:75:8c:8a:4d:8f:87:7f:05:14:c9:b0:
6a:83:a6:02:a1:c6:19:b0:c8:9f:14:e3:c0:d6:bc:
4e:a0:71:59:4f:2a:e0:32:22:31:0a:64:69:85:cf:
b4:ac:df:d4:b0:d3:9b:15:8d:72:93:c6:06:10:85:
00:b3:d7:e2:d3:18:f7:28:5d:6d:a9:8e:53:18:52:
a2:ad:75:30:91:85:8b:88:a6:e5:0a:80:21:63:3b:
6b:ed:fc:dc:97:ac:9f:8c:a4:5f:65:67:e3:26:61:
fa:c2:22:fe:f8:c7:f9:c5:d1:f8:1b:f2:81:4d:57:
14:0d:26:ea:17:01:2f:61:97:70:63:e6:cd:a7:66:
0b:fc:56:c2:1d:18:cb:4b:97:f7:bb:9d:14:8a:ea:
29:31:c3:66:e0:86:45:c5:75:1e:08:e8:6d:07:49:
2e:22:63:40:1e:62:ff:4c:aa:b5:17:5c:d1:d5:6f:
17:18:12:f1:aa:e1:10:c3:fc:41:74:08:8d:84:5b:
ff:82:d8:e5:85:4f:ed:73:21:d0:1e:f8:0a:15:ce:
59:2b:be:7b:67:d6:40:46:d3:61:c2:88:b3:31:0a:
aa:df:cf:ae:70:5d:bc:9c:d0:07:bd:0a:68:35:33:
b5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:86:2E:6A:B1:4B:46:FD:83:28:03:3A:D3:CD:F2:AC:5C:F3:F4:96
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/H4YuarFLRv2DKAM6083yrFzz9JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.57.88.0/23
195.76.240.0/23
195.77.198.0/23
Signature Algorithm: sha256WithRSAEncryption
70:0b:6c:9f:81:b2:57:87:b8:c5:3e:35:d2:68:38:00:8e:bc:
c9:d2:93:9a:19:b0:55:9a:e2:a2:fb:28:5a:98:66:d4:9e:3c:
13:49:06:3d:0a:06:b2:8f:06:29:49:0f:0e:5e:1c:1c:45:84:
e7:8c:9d:99:f5:3e:5e:30:39:e9:8c:95:6e:7f:c9:ae:8b:42:
43:43:68:4d:8d:ca:aa:43:f5:c5:c0:58:34:c5:8b:f6:c7:67:
2d:cd:2e:f6:3d:ae:57:a3:38:c8:d6:2f:3f:26:58:53:a0:f6:
62:55:b1:f6:91:fb:4f:70:42:f2:89:ca:5e:67:a1:e9:85:16:
ca:30:f3:91:62:8e:fb:78:21:44:58:42:0b:94:84:aa:7a:53:
57:1a:55:ef:53:70:d4:9a:1b:c2:b6:89:b7:35:93:20:fb:88:
6e:da:12:d5:9e:f6:d3:22:90:9f:2e:f3:55:d7:18:e1:98:0d:
66:97:01:6c:de:bd:ac:1c:8e:6e:45:1d:43:ad:67:7e:1d:75:
df:0e:8e:bc:76:f7:7e:5a:3a:c0:36:28:f1:d1:5f:45:97:e2:
5a:8f:61:0d:74:ee:b4:b7:c7:e7:3d:a5:81:81:26:f2:c9:02:
ea:b7:72:f9:96:fc:9c:a0:dc:77:49:b8:1c:55:68:b8:32:de:
22:d2:8d:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkOWx0pv0O+e0+uo5ujh8WpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwOTAzMDY1NDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg2MmU2YWIxNGI0NmZkODMyODAzM2FkM2NkZjJhYzVjZjNmNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0ii5xrRQMRutf0NIcPCgKPFdYyK
TY+HfwUUybBqg6YCocYZsMifFOPA1rxOoHFZTyrgMiIxCmRphc+0rN/UsNObFY1y
k8YGEIUAs9fi0xj3KF1tqY5TGFKirXUwkYWLiKblCoAhYztr7fzcl6yfjKRfZWfj
JmH6wiL++Mf5xdH4G/KBTVcUDSbqFwEvYZdwY+bNp2YL/FbCHRjLS5f3u50Uiuop
McNm4IZFxXUeCOhtB0kuImNAHmL/TKq1F1zR1W8XGBLxquEQw/xBdAiNhFv/gtjl
hU/tcyHQHvgKFc5ZK757Z9ZARtNhwoizMQqq38+ucF28nNAHvQpoNTO1OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB+GLmqxS0b9gygDOtPN8qxc8/SWMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvSDRZdWFyRkxSdjJES0FNNjA4M3lyRnp6OUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwzlYAwQB
w0zwAwQBw03GMA0GCSqGSIb3DQEBCwUAA4IBAQBwC2yfgbJXh7jFPjXSaDgAjrzJ
0pOaGbBVmuKi+yhamGbUnjwTSQY9CgayjwYpSQ8OXhwcRYTnjJ2Z9T5eMDnpjJVu
f8mui0JDQ2hNjcqqQ/XFwFg0xYv2x2ctzS72Pa5XozjI1i8/JlhToPZiVbH2kftP
cELyicpeZ6HphRbKMPORYo77eCFEWEILlISqelNXGlXvU3DUmhvCtom3NZMg+4hu
2hLVnvbTIpCfLvNV1xjhmA1mlwFs3r2sHI5uRR1DrWd+HXXfDo68dvd+WjrANijx
0V9Fl+Jaj2ENdO60t8fnPaWBgSbyyQLqt3L5lvycoNx3SbgcVWi4Mt4i0o3V
-----END CERTIFICATE-----
Generated at Tue Sep 9 23:38:09 2025 by rpki-client