Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/t9Hub0VgibfKFRiUb9DKUemf9ag.roa
File: t9Hub0VgibfKFRiUb9DKUemf9ag.roa (raw, json)
Hash identifier: FD1W+M7wjFIPvm7l/7lEP4sOOKAD+9HyI7zM7EMUt74=
Subject key identifier: B7:D1:EE:6F:45:60:89:B7:CA:15:18:94:6F:D0:CA:51:E9:9F:F5:A8
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019A046C61DEE30AB0DFDF9C018C2010E837
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/t9Hub0VgibfKFRiUb9DKUemf9ag.roa
Signing time: Tue 21 Oct 2025 01:40:03 +0000
ROA not before: Tue 21 Oct 2025 01:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
144.31.26.0/23 maxlen: 24
144.31.89.0/24 maxlen: 24
144.31.137.0/24 maxlen: 24
144.31.192.0/23 maxlen: 24
144.31.198.0/23 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:6c:61:de:e3:0a:b0:df:df:9c:01:8c:20:10:e8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Oct 21 01:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7d1ee6f456089b7ca1518946fd0ca51e99ff5a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:ec:bb:ab:c1:ff:70:67:0b:ba:b9:60:5c:
94:da:08:ad:50:6c:22:63:d0:7d:2e:8d:bc:3c:19:
22:fc:2d:ae:db:1b:1c:eb:17:b0:6b:f5:b5:9c:f3:
82:8c:86:ca:c6:8a:30:92:58:89:c6:e0:0c:1b:bf:
30:38:d4:82:f2:59:4c:c8:f5:b4:76:3b:d7:fc:d2:
33:8f:60:fe:bf:7e:ee:67:b2:82:62:57:4a:cd:c0:
c9:11:59:53:89:78:f7:f1:a8:bd:05:d5:8c:76:d3:
02:0c:54:59:8c:59:99:88:ee:1c:5a:22:e4:6d:b3:
e5:d4:59:f9:ff:5d:be:96:2d:b9:0c:c2:f3:7d:d9:
b1:72:3c:c3:33:96:f7:c0:db:94:58:d2:ed:b3:aa:
ce:ff:2a:49:a8:90:ef:74:9c:57:80:c5:19:0e:e2:
c4:87:ee:28:96:a6:2b:6b:97:e9:ad:5f:2e:67:4c:
d8:bf:d9:c9:2f:14:6d:e2:4e:c3:c0:1d:42:2f:35:
c0:aa:90:15:58:25:f5:8e:85:2e:eb:71:4e:6f:76:
39:c3:f3:df:84:ad:8a:d8:52:3c:46:66:1d:28:00:
b7:bd:30:9f:0b:ef:e7:a7:f3:55:07:47:28:d2:69:
6e:50:ad:d5:25:9f:58:48:0d:c7:7b:dc:0a:f4:b3:
b6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D1:EE:6F:45:60:89:B7:CA:15:18:94:6F:D0:CA:51:E9:9F:F5:A8
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/t9Hub0VgibfKFRiUb9DKUemf9ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.92.0-64.188.97.255
64.188.124.0-64.188.126.255
77.239.104.0/23
77.239.122.0/23
144.31.26.0/23
144.31.89.0/24
144.31.137.0/24
144.31.192.0/23
144.31.198.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
64:af:81:b0:3c:d1:c6:21:bf:57:ae:9c:9a:67:d1:f7:ad:2a:
52:99:59:bd:3e:02:99:a3:f0:40:36:6c:8c:14:30:7d:23:5c:
0b:69:4a:64:c2:d2:1c:2b:8e:a7:83:7f:d0:4c:c9:d0:57:9f:
5a:c2:27:55:44:87:99:a1:ed:d5:4f:5f:1b:e3:17:ce:82:87:
a2:f0:a5:21:7a:81:21:27:c5:09:71:89:4e:76:b4:18:32:92:
63:26:83:f2:c4:cb:82:9b:75:ef:2d:7b:0b:b4:47:19:46:ad:
8c:8b:4b:72:a6:f1:a0:80:ee:83:cf:43:0f:5a:5c:5d:40:ea:
e4:de:f4:03:46:04:f6:2d:3e:fe:3a:d9:fb:cf:0a:48:6d:af:
cb:3f:a3:df:f9:17:48:45:d0:1c:e0:bc:75:50:bd:4c:45:12:
42:81:79:18:0a:6b:96:7c:84:ea:46:a1:17:da:26:7c:5f:b3:
12:05:8b:67:80:c4:af:45:54:64:13:c4:59:10:ec:bd:49:21:
64:ef:e4:42:de:95:40:41:6f:c6:3a:c8:3f:74:38:02:4e:77:
b3:a1:46:08:34:d1:c2:5e:41:d4:66:32:33:e4:d1:fc:19:ea:
c0:5d:6f:e2:ba:29:1b:43:ad:08:3d:7c:be:d7:19:78:a8:87:
0c:e0:1f:5e
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZoEbGHe4wqw39+cAYwgEOg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMDIxMDE0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QxZWU2ZjQ1NjA4OWI3Y2ExNTE4OTQ2ZmQwY2E1MWU5OWZmNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSbsu6vB/3BnC7q5YFyU2gitUGwi
Y9B9Lo28PBki/C2u2xsc6xewa/W1nPOCjIbKxoowkliJxuAMG78wONSC8llMyPW0
djvX/NIzj2D+v37uZ7KCYldKzcDJEVlTiXj38ai9BdWMdtMCDFRZjFmZiO4cWiLk
bbPl1Fn5/12+li25DMLzfdmxcjzDM5b3wNuUWNLts6rO/ypJqJDvdJxXgMUZDuLE
h+4olqYra5fprV8uZ0zYv9nJLxRt4k7DwB1CLzXAqpAVWCX1joUu63FOb3Y5w/Pf
hK2K2FI8RmYdKAC3vTCfC+/np/NVB0co0mluUK3VJZ9YSA3He9wK9LO2bwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFLfR7m9FYIm3yhUYlG/QylHpn/WoMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdDlIdWIwVmdpYmZLRlJpVWI5REtVZW1mOWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAEC8SQME
AEC8SzAMAwQCQLxcAwQBQLxgMAwDBAJAvHwDBABAvH4DBAFN72gDBAFN73oDBAGQ
HxoDBACQH1kDBACQH4kDBAGQH8ADBAGQH8YDBACW8WkDBACW8WwDBACW8XsDBAG5
uHoDBAC5z4UwDQYJKoZIhvcNAQELBQADggEBAGSvgbA80cYhv1eunJpn0fetKlKZ
Wb0+Apmj8EA2bIwUMH0jXAtpSmTC0hwrjqeDf9BMydBXn1rCJ1VEh5mh7dVPXxvj
F86Ch6LwpSF6gSEnxQlxiU52tBgykmMmg/LEy4Kbde8tewu0RxlGrYyLS3Km8aCA
7oPPQw9aXF1A6uTe9ANGBPYtPv462fvPCkhtr8s/o9/5F0hF0BzgvHVQvUxFEkKB
eRgKa5Z8hOpGoRfaJnxfsxIFi2eAxK9FVGQTxFkQ7L1JIWTv5ELelUBBb8Y6yD90
OAJOd7OhRgg00cJeQdRmMjPk0fwZ6sBdb+K6KRtDrQg9fL7XGXiohwzgH14=
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:01:08 2025 by rpki-client