Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/HVaoDMotksZf76Ju74TL_0gQqQw.roa
File: HVaoDMotksZf76Ju74TL_0gQqQw.roa (raw, json)
Hash identifier: 6Wt6s6Ldu4cKxpBhxwlW4dbeWtmB6JUQE70sEXR7L0k=
Subject key identifier: 1D:56:A8:0C:CA:2D:92:C6:5F:EF:A2:6E:EF:84:CB:FF:48:10:A9:0C
Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932
Certificate serial: 01974FAD779E46400BB2A175776814176EBA
Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/HVaoDMotksZf76Ju74TL_0gQqQw.roa
Signing time: Sun 08 Jun 2025 13:14:17 +0000
ROA not before: Sun 08 Jun 2025 13:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60631
IP address blocks: 193.5.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:ad:77:9e:46:40:0b:b2:a1:75:77:68:14:17:6e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d97a77930122879a766470df8d660c98442a9932
Validity
Not Before: Jun 8 13:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d56a80cca2d92c65fefa26eef84cbff4810a90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6f:50:56:88:11:1e:9a:a9:b7:9f:f0:f0:21:
40:b2:9a:da:1e:6a:d8:c2:7a:38:d1:14:e4:10:a7:
c1:d1:25:28:39:a7:71:af:ed:c3:0f:13:df:55:48:
4c:b1:35:42:c8:5c:cc:bb:30:1c:39:e1:56:d5:12:
28:a3:f2:41:dc:fc:32:5c:53:95:05:90:c3:25:af:
71:f3:03:a5:ff:ba:ec:6a:69:b1:65:41:77:2b:a9:
ca:36:37:33:64:ce:2e:5e:82:3e:36:0d:84:b4:12:
eb:9c:6f:b8:b6:73:67:0c:2f:8d:64:fb:43:6f:d5:
55:42:ff:05:25:b8:14:1f:bf:a5:ef:8f:ba:78:35:
d0:c2:b3:ab:a0:9e:b9:d2:20:37:eb:58:07:97:4d:
2b:d1:46:5d:4c:99:f4:77:47:16:d1:09:f9:e4:75:
b7:15:fc:0e:18:33:1c:ac:de:13:95:05:5b:18:1a:
f9:84:54:08:ac:50:77:6b:ae:86:79:21:94:a6:d1:
58:75:5b:8a:04:12:53:3f:d3:91:a5:0e:e5:dd:4d:
a8:f1:ea:28:e1:c1:5e:fd:d0:26:11:1e:bb:8b:dd:
32:ff:72:aa:42:fd:72:49:eb:f8:88:fc:aa:0e:9d:
e8:57:3c:6c:92:c9:22:b7:38:df:a4:24:14:9a:52:
e4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:56:A8:0C:CA:2D:92:C6:5F:EF:A2:6E:EF:84:CB:FF:48:10:A9:0C
X509v3 Authority Key Identifier:
keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/HVaoDMotksZf76Ju74TL_0gQqQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.44.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:af:e7:9f:41:f4:0a:ea:cb:9a:0c:b3:7c:49:ca:9b:14:ff:
1f:f8:d5:ef:a4:c0:10:69:51:cc:de:85:74:32:a2:7f:20:c7:
5c:d3:4a:2c:b5:e2:e8:6d:89:01:5c:57:91:25:7a:c3:5a:55:
2f:60:c1:c3:2c:da:c8:8e:7b:c1:46:58:b3:52:a9:b7:2b:fc:
64:ca:e2:62:ea:3b:aa:29:01:cb:b1:31:14:bb:0d:5c:4a:90:
be:06:03:d5:30:14:d1:05:8d:9d:4d:c2:ff:3b:c1:b8:cd:62:
9c:9b:6f:b5:b5:e6:17:67:6d:3b:d6:0f:05:32:7b:5e:d8:ba:
d8:c9:97:15:8e:d5:c1:13:d5:52:c5:01:1d:40:7e:86:95:c9:
c7:e7:ff:a5:a4:ac:96:b6:be:ac:9f:e3:a4:aa:df:fc:d5:2b:
5b:41:2d:65:71:f7:13:bf:4a:a2:f8:1b:8e:0d:8f:5c:22:df:
bf:16:27:11:1e:56:9b:58:f9:07:ac:f9:8a:bc:62:f2:24:ef:
7e:b3:43:21:29:9f:ea:39:4d:33:e3:50:3c:b1:fa:25:9d:18:
40:c9:64:1d:87:0d:1b:61:08:e7:62:14:6e:42:d5:44:c5:47:
29:7c:9f:c5:22:e8:b6:b0:4e:a8:5d:19:ea:de:4b:91:29:fb:
de:f9:76:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdPrXeeRkALsqF1d2gUF266MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy
YTk5MzIwHhcNMjUwNjA4MTMxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDU2YTgwY2NhMmQ5MmM2NWZlZmEyNmVlZjg0Y2JmZjQ4MTBhOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG9QVogRHpqpt5/w8CFAspraHmrY
wno40RTkEKfB0SUoOadxr+3DDxPfVUhMsTVCyFzMuzAcOeFW1RIoo/JB3PwyXFOV
BZDDJa9x8wOl/7rsammxZUF3K6nKNjczZM4uXoI+Ng2EtBLrnG+4tnNnDC+NZPtD
b9VVQv8FJbgUH7+l74+6eDXQwrOroJ650iA361gHl00r0UZdTJn0d0cW0Qn55HW3
FfwOGDMcrN4TlQVbGBr5hFQIrFB3a66GeSGUptFYdVuKBBJTP9ORpQ7l3U2o8eoo
4cFe/dAmER67i90y/3KqQv1ySev4iPyqDp3oVzxskskitzjfpCQUmlLkRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1WqAzKLZLGX++ibu+Ey/9IEKkMMB8GA1UdIwQY
MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt
Y2Q0NTlhNjU3MjFiLzEvSFZhb0RNb3Rrc1pmNzZKdTc0VExfMGdRcVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi
LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQUsMA0G
CSqGSIb3DQEBCwUAA4IBAQDrr+efQfQK6suaDLN8ScqbFP8f+NXvpMAQaVHM3oV0
MqJ/IMdc00osteLobYkBXFeRJXrDWlUvYMHDLNrIjnvBRlizUqm3K/xkyuJi6juq
KQHLsTEUuw1cSpC+BgPVMBTRBY2dTcL/O8G4zWKcm2+1teYXZ2071g8FMnte2LrY
yZcVjtXBE9VSxQEdQH6GlcnH5/+lpKyWtr6sn+Okqt/81StbQS1lcfcTv0qi+BuO
DY9cIt+/FicRHlabWPkHrPmKvGLyJO9+s0MhKZ/qOU0z41A8sfolnRhAyWQdhw0b
YQjnYhRuQtVExUcpfJ/FIui2sE6oXRnq3kuRKfve+XaX
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:14:03 2025 by rpki-client