Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJb6X3nSZJqpua_4sh2yv0msH3k.roa
File: DJb6X3nSZJqpua_4sh2yv0msH3k.roa (raw, json)
Hash identifier: qyn9jd1jR0DGOI92U9JzJLQKB1svut0OBUPFhG4lxo8=
Subject key identifier: 0C:96:FA:5F:79:D2:64:9A:A9:B9:AF:F8:B2:1D:B2:BF:49:AC:1F:79
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0198F737A8A03E7992C3484768FA3D081584
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJb6X3nSZJqpua_4sh2yv0msH3k.roa
Signing time: Fri 29 Aug 2025 19:04:36 +0000
ROA not before: Fri 29 Aug 2025 19:04:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 77.239.112.0/22 maxlen: 24
150.241.96.0/22 maxlen: 24
193.23.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f7:37:a8:a0:3e:79:92:c3:48:47:68:fa:3d:08:15:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Aug 29 19:04:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c96fa5f79d2649aa9b9aff8b21db2bf49ac1f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:0e:09:3c:20:41:c3:2d:67:4e:52:cb:e5:
7b:8b:55:2f:6f:6e:30:32:07:7d:93:78:1d:07:23:
b2:d7:2b:03:37:16:98:3a:aa:69:a8:0c:9d:19:45:
af:97:e5:2e:d7:4b:dd:07:5c:df:c6:ce:af:72:7d:
59:8e:9a:5c:bd:70:08:6e:3a:cc:32:27:b6:23:bc:
c4:47:b8:a4:22:89:fc:56:73:21:13:73:3a:1d:9f:
dd:aa:d4:0d:03:db:c6:88:b4:a5:d5:9d:13:e1:03:
76:29:7f:9a:9a:90:1a:08:e2:24:d3:e2:5d:ab:a5:
9e:e9:57:71:e4:42:9e:e4:8e:0d:e6:ca:83:9c:19:
2f:a4:bc:65:1c:f1:23:c8:c2:5c:97:2b:fe:5b:73:
7a:6c:6a:5a:7c:38:2b:e3:1e:f4:25:26:d7:57:7b:
25:4f:34:13:dc:51:4f:78:35:93:19:27:71:33:99:
e3:98:3e:13:b6:88:20:07:aa:74:65:d8:05:e2:7a:
ef:79:c3:dc:50:fe:2a:41:5d:fa:26:f3:a3:3d:98:
1c:80:64:09:27:bb:43:5c:53:1a:de:45:36:75:b2:
00:34:2a:3b:85:8a:a6:28:f0:8a:ca:2e:6e:ae:38:
2d:9a:54:d6:eb:46:1f:68:21:a3:7b:e3:c2:2d:dd:
87:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:96:FA:5F:79:D2:64:9A:A9:B9:AF:F8:B2:1D:B2:BF:49:AC:1F:79
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJb6X3nSZJqpua_4sh2yv0msH3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.112.0/22
150.241.96.0/22
193.23.192.0/22
Signature Algorithm: sha256WithRSAEncryption
09:c5:70:c1:2a:e6:4a:f0:cc:25:9d:d5:ec:6b:fe:98:4c:c8:
d5:41:f7:90:56:78:a9:1c:0a:21:be:b2:a7:11:3d:ba:1c:f7:
19:0f:eb:bf:be:00:99:24:af:dc:ce:69:d5:c3:1d:df:98:36:
c6:f0:d7:57:d3:e1:22:8b:43:c7:c5:d4:ee:7b:57:a8:7b:31:
d4:9f:53:5d:1d:ce:74:bf:37:2f:7a:32:ec:29:b4:92:fa:ee:
90:ac:83:73:81:c4:50:d3:fa:33:3d:3f:8a:77:a8:f2:c9:62:
4d:95:9c:3d:98:5d:db:09:e7:1e:49:d6:50:8d:d3:f7:99:34:
67:7a:ee:66:1c:0c:ba:4e:e9:aa:c4:eb:28:6e:26:d4:83:e0:
97:20:8a:d9:7e:2f:a5:b4:52:1d:88:e0:a6:e2:26:ee:d8:87:
c2:f8:e0:ac:fe:6b:26:03:fc:5b:82:dd:0e:bf:4f:f4:20:19:
44:7a:cf:10:19:a6:aa:f2:ae:86:54:2a:17:a4:e7:2b:bd:94:
cc:ad:ac:86:e6:05:e3:1a:47:db:2b:8b:de:5a:81:02:d7:e5:
e9:9b:3d:10:c6:10:6d:ae:c9:83:46:23:5a:fa:c1:c6:97:09:
63:8e:15:34:c0:35:e3:ef:49:1a:8e:09:af:78:a3:a2:22:22:
a9:0b:9b:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZj3N6igPnmSw0hHaPo9CBWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwODI5MTkwNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk2ZmE1Zjc5ZDI2NDlhYTliOWFmZjhiMjFkYjJiZjQ5YWMxZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6QOCTwgQcMtZ05Sy+V7i1Uvb24w
Mgd9k3gdByOy1ysDNxaYOqppqAydGUWvl+Uu10vdB1zfxs6vcn1ZjppcvXAIbjrM
Mie2I7zER7ikIon8VnMhE3M6HZ/dqtQNA9vGiLSl1Z0T4QN2KX+ampAaCOIk0+Jd
q6We6Vdx5EKe5I4N5sqDnBkvpLxlHPEjyMJclyv+W3N6bGpafDgr4x70JSbXV3sl
TzQT3FFPeDWTGSdxM5njmD4TtoggB6p0ZdgF4nrvecPcUP4qQV36JvOjPZgcgGQJ
J7tDXFMa3kU2dbIANCo7hYqmKPCKyi5urjgtmlTW60YfaCGje+PCLd2HJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAyW+l950mSaqbmv+LIdsr9JrB95MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvREpiNlgzblNaSnFwdWFfNHNoMnl2MG1zSDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTe9wAwQC
lvFgAwQCwRfAMA0GCSqGSIb3DQEBCwUAA4IBAQAJxXDBKuZK8MwlndXsa/6YTMjV
QfeQVnipHAohvrKnET26HPcZD+u/vgCZJK/czmnVwx3fmDbG8NdX0+Eii0PHxdTu
e1eoezHUn1NdHc50vzcvejLsKbSS+u6QrINzgcRQ0/ozPT+Kd6jyyWJNlZw9mF3b
CeceSdZQjdP3mTRneu5mHAy6TumqxOsobibUg+CXIIrZfi+ltFIdiOCm4ibu2IfC
+OCs/msmA/xbgt0Ov0/0IBlEes8QGaaq8q6GVCoXpOcrvZTMrayG5gXjGkfbK4ve
WoEC1+Xpmz0QxhBtrsmDRiNa+sHGlwljjhU0wDXj70kajgmveKOiIiKpC5se
-----END CERTIFICATE-----
Generated at Fri Sep 5 17:58:43 2025 by rpki-client