Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7RHPHSIQ8khk5JCxXSZE_ERL7rI.roa
File: 7RHPHSIQ8khk5JCxXSZE_ERL7rI.roa (raw, json)
Hash identifier: xT9zhtHfDz9vB4Rh2njS5ZfrqJHBJkmDMbn1xVRE6iI=
Subject key identifier: ED:11:CF:1D:22:10:F2:48:64:E4:90:B1:5D:26:44:FC:44:4B:EE:B2
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019A0C1AEF92830B6872490D3B840DA5DA4B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7RHPHSIQ8khk5JCxXSZE_ERL7rI.roa
Signing time: Wed 22 Oct 2025 13:28:03 +0000
ROA not before: Wed 22 Oct 2025 13:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209630
IP address blocks: 93.152.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:1a:ef:92:83:0b:68:72:49:0d:3b:84:0d:a5:da:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 22 13:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed11cf1d2210f24864e490b15d2644fc444beeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:b5:89:68:ca:f9:92:3b:9c:61:28:08:5c:
4f:27:d9:ac:2a:f7:11:ce:af:03:37:d6:95:01:84:
2e:cf:f8:c9:42:5d:65:9d:0d:94:96:b3:0c:70:dd:
5e:63:37:cb:5c:9f:81:64:5f:a7:67:5a:fa:64:af:
83:c0:a9:6a:6d:43:10:5c:e1:bf:18:c1:66:10:a8:
9c:68:75:dc:d2:7d:82:6e:c1:25:74:07:4e:e9:4a:
b7:14:d1:17:9e:7b:f7:45:d4:c0:48:73:9a:07:e8:
85:1a:ad:3c:07:64:74:7f:57:96:80:05:dc:b8:39:
a5:36:91:f3:93:01:1f:84:c1:fd:0e:8a:0b:68:d9:
9e:8e:3a:d2:3b:f9:7a:bb:50:81:d0:48:22:0b:f9:
c0:58:bb:4f:fc:bf:24:a8:33:91:80:dc:5e:1b:45:
c4:14:34:7d:fd:41:d1:1b:5d:6e:6a:d4:13:4e:b2:
46:58:ec:40:c1:c2:49:b1:3e:5c:dc:96:5e:90:b1:
df:8c:df:f3:a3:da:35:14:83:30:e7:12:8d:9d:b3:
2e:17:7a:7b:74:f0:7c:e7:f2:09:36:3c:5b:09:35:
0c:0d:e8:2d:08:01:eb:c5:61:10:73:c6:ea:49:ac:
b6:27:af:a6:26:c3:26:13:c3:c5:a5:b3:3c:97:1b:
9e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:11:CF:1D:22:10:F2:48:64:E4:90:B1:5D:26:44:FC:44:4B:EE:B2
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7RHPHSIQ8khk5JCxXSZE_ERL7rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.233.0/24
Signature Algorithm: sha256WithRSAEncryption
16:27:96:e4:f7:cd:d5:26:17:a4:a3:e1:a8:07:78:67:b2:08:
5e:1b:d6:2e:f2:85:2d:b9:60:3e:eb:bd:ba:fa:f7:0a:02:28:
88:23:d0:9e:90:96:dc:3a:0a:ee:18:6d:99:ce:fe:0a:fa:69:
60:18:a9:0d:a0:34:f6:b0:81:ea:a4:cb:ab:d3:d4:19:b5:30:
3a:c0:db:4b:f2:db:ef:ad:2c:de:4c:fd:8a:5d:f6:7b:11:16:
20:ed:46:f0:c3:c6:e0:0e:ee:0c:8e:1d:98:8c:fc:12:fc:b5:
76:82:e7:03:83:e1:d7:dd:21:18:7c:d6:9f:e6:e6:d0:ad:40:
95:7a:14:c1:38:53:01:86:7f:5c:5f:93:f3:c8:7a:35:1a:7b:
7b:1f:0c:74:c9:d6:c2:d0:e1:21:a3:e7:46:0c:8b:18:79:b6:
8e:4a:0b:f5:e4:4c:57:17:e4:44:85:e3:ee:81:72:99:62:c9:
1a:36:2d:fc:63:28:09:5e:75:6b:81:b6:7a:6f:b4:3b:fa:82:
d9:a7:8f:c8:eb:84:20:c1:ad:98:de:2c:a6:98:93:d9:ec:50:
d7:ec:ad:b9:72:1f:17:7a:a8:3a:42:70:5b:32:18:d5:48:0f:
76:75:75:be:9b:5d:23:4b:3b:7b:a9:a9:29:3f:c5:23:44:b5:
e5:0d:46:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoMGu+SgwtockkNO4QNpdpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUxMDIyMTMyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDExY2YxZDIyMTBmMjQ4NjRlNDkwYjE1ZDI2NDRmYzQ0NGJlZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArme1iWjK+ZI7nGEoCFxPJ9msKvcR
zq8DN9aVAYQuz/jJQl1lnQ2UlrMMcN1eYzfLXJ+BZF+nZ1r6ZK+DwKlqbUMQXOG/
GMFmEKicaHXc0n2CbsEldAdO6Uq3FNEXnnv3RdTASHOaB+iFGq08B2R0f1eWgAXc
uDmlNpHzkwEfhMH9DooLaNmejjrSO/l6u1CB0EgiC/nAWLtP/L8kqDORgNxeG0XE
FDR9/UHRG11uatQTTrJGWOxAwcJJsT5c3JZekLHfjN/zo9o1FIMw5xKNnbMuF3p7
dPB85/IJNjxbCTUMDegtCAHrxWEQc8bqSay2J6+mJsMmE8PFpbM8lxuecQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0Rzx0iEPJIZOSQsV0mRPxES+6yMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvN1JIUEhTSVE4a2hrNUpDeFhTWkVfRVJMN3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZjpMA0G
CSqGSIb3DQEBCwUAA4IBAQAWJ5bk983VJheko+GoB3hnsgheG9Yu8oUtuWA+6726
+vcKAiiII9CekJbcOgruGG2Zzv4K+mlgGKkNoDT2sIHqpMur09QZtTA6wNtL8tvv
rSzeTP2KXfZ7ERYg7Ubww8bgDu4Mjh2YjPwS/LV2gucDg+HX3SEYfNaf5ubQrUCV
ehTBOFMBhn9cX5PzyHo1Gnt7Hwx0ydbC0OEho+dGDIsYebaOSgv15ExXF+REhePu
gXKZYskaNi38YygJXnVrgbZ6b7Q7+oLZp4/I64Qgwa2Y3iymmJPZ7FDX7K25ch8X
eqg6QnBbMhjVSA92dXW+m10jSzt7qakpP8UjRLXlDUbG
-----END CERTIFICATE-----
Generated at Mon Oct 27 18:13:50 2025 by rpki-client