Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/HJo0Q6u7BHPf7uGGtOh1Cm5Rgr4.roa
File: HJo0Q6u7BHPf7uGGtOh1Cm5Rgr4.roa (raw, json)
Hash identifier: KO4VFFsczF64WfUlIBm0orog3QT9gcqLspybHYHoxis=
Subject key identifier: 1C:9A:34:43:AB:BB:04:73:DF:EE:E1:86:B4:E8:75:0A:6E:51:82:BE
Certificate issuer: /CN=2b051ef23060eb51bfd8c79795f6a4daf48a3aa0
Certificate serial: 0197923EDF3B71835F432DAB72FD6EF5AA09
Authority key identifier: 2B:05:1E:F2:30:60:EB:51:BF:D8:C7:97:95:F6:A4:DA:F4:8A:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwUe8jBg61G_2MeXlfak2vSKOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/HJo0Q6u7BHPf7uGGtOh1Cm5Rgr4.roa
Signing time: Sat 21 Jun 2025 11:28:03 +0000
ROA not before: Sat 21 Jun 2025 11:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215419
IP address blocks: 195.234.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/KwUe8jBg61G_2MeXlfak2vSKOqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/KwUe8jBg61G_2MeXlfak2vSKOqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwUe8jBg61G_2MeXlfak2vSKOqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 17:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:92:3e:df:3b:71:83:5f:43:2d:ab:72:fd:6e:f5:aa:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b051ef23060eb51bfd8c79795f6a4daf48a3aa0
Validity
Not Before: Jun 21 11:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c9a3443abbb0473dfeee186b4e8750a6e5182be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:99:06:b8:e9:93:af:9e:7f:98:13:bf:c9:
6c:aa:f5:8f:aa:71:49:34:c2:86:a5:ea:f3:0f:fb:
07:24:f8:62:cb:f2:8b:1f:08:35:3e:4d:e0:bd:03:
f3:ef:3a:98:fc:45:8b:84:82:21:8f:f5:f5:f5:d0:
c3:13:8b:2e:99:be:df:8a:e0:06:8f:c5:b1:a5:ac:
d1:6c:d6:77:62:28:a9:be:78:fe:07:9b:a0:bc:8f:
3f:a2:93:f8:89:7e:b6:f4:15:79:82:98:45:50:d8:
16:0c:42:49:ab:c7:2d:11:2e:57:d5:4f:94:5b:4f:
4d:a1:9c:ac:b1:c7:b4:f2:ac:a0:97:0a:7b:63:4b:
03:37:47:a3:74:ec:2d:d9:df:2d:e3:ad:b7:a5:0f:
ad:29:40:28:dc:de:9e:74:b9:22:02:53:ac:c7:1d:
a2:55:36:6c:f4:03:88:98:e7:86:53:c7:8b:5a:38:
93:65:ff:3b:69:55:23:2a:8d:ff:fb:9e:4d:a7:94:
0e:ff:e9:16:0e:bc:0e:93:76:70:c2:a5:36:21:e7:
90:c1:86:de:ef:9c:ac:9c:70:98:80:61:6f:31:e4:
65:27:ca:35:a7:ec:d4:56:19:75:7b:2d:a4:35:19:
27:92:2b:38:7e:33:e0:be:78:6e:5e:39:db:86:1a:
10:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9A:34:43:AB:BB:04:73:DF:EE:E1:86:B4:E8:75:0A:6E:51:82:BE
X509v3 Authority Key Identifier:
keyid:2B:05:1E:F2:30:60:EB:51:BF:D8:C7:97:95:F6:A4:DA:F4:8A:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwUe8jBg61G_2MeXlfak2vSKOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/HJo0Q6u7BHPf7uGGtOh1Cm5Rgr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/KwUe8jBg61G_2MeXlfak2vSKOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.153.0/24
Signature Algorithm: sha256WithRSAEncryption
74:5b:28:4f:af:90:cf:9e:51:af:32:10:7c:7a:6f:e7:ca:fd:
a9:d0:89:57:d9:2e:68:cb:53:aa:c7:9f:dd:41:ce:13:89:58:
59:31:c3:a0:54:69:c7:95:31:a8:a1:4d:fb:20:d8:c1:73:cc:
c3:e7:1e:11:d2:ec:5c:bc:df:f9:e7:d5:2d:2d:6f:ed:ad:55:
a4:41:da:90:e2:e5:78:53:c8:de:f8:78:58:12:09:73:a3:c9:
dd:f4:79:e4:f0:28:72:4f:27:a8:30:6c:52:87:02:f5:60:ab:
bb:7d:59:ed:02:05:75:a7:2c:2a:97:5c:14:f2:a7:48:c0:c4:
0c:3e:f5:55:31:22:8b:ec:ee:f4:ea:0a:78:7a:f5:a0:5d:fc:
e2:a0:c8:f0:cc:08:6e:9a:f6:3a:6b:c4:60:ab:f2:83:96:ac:
c0:d8:4b:c3:5f:b0:4e:eb:a7:80:74:c2:c2:0e:83:cc:7a:3a:
4f:e5:23:57:6f:c0:3c:11:9d:a5:70:85:c2:94:f0:a2:c0:e3:
69:c3:b7:49:a5:42:ca:3b:5e:ac:aa:c4:f4:cc:6b:00:6c:cf:
c0:eb:5e:63:2c:08:31:51:49:44:35:be:e6:90:b3:2f:1b:01:
1b:cf:a7:d5:6f:26:d7:fa:d1:99:e4:c6:f7:e3:07:bb:1b:3f:
c5:68:3b:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeSPt87cYNfQy2rcv1u9aoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDUxZWYyMzA2MGViNTFiZmQ4Yzc5Nzk1ZjZhNGRhZjQ4
YTNhYTAwHhcNMjUwNjIxMTEyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzlhMzQ0M2FiYmIwNDczZGZlZWUxODZiNGU4NzUwYTZlNTE4MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVqZBrjpk6+ef5gTv8lsqvWPqnFJ
NMKGperzD/sHJPhiy/KLHwg1Pk3gvQPz7zqY/EWLhIIhj/X19dDDE4sumb7fiuAG
j8WxpazRbNZ3Yiipvnj+B5ugvI8/opP4iX629BV5gphFUNgWDEJJq8ctES5X1U+U
W09NoZyssce08qyglwp7Y0sDN0ejdOwt2d8t4623pQ+tKUAo3N6edLkiAlOsxx2i
VTZs9AOImOeGU8eLWjiTZf87aVUjKo3/+55Np5QO/+kWDrwOk3ZwwqU2IeeQwYbe
75ysnHCYgGFvMeRlJ8o1p+zUVhl1ey2kNRknkis4fjPgvnhuXjnbhhoQXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByaNEOruwRz3+7hhrTodQpuUYK+MB8GA1UdIwQY
MBaAFCsFHvIwYOtRv9jHl5X2pNr0ijqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dVZThqQmc2MUdfMk1lWGxmYWsydlNLT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zODE3OWMtMjVhYi00MzY4LThjZjgt
NTdlNTkzY2Y5YTRlLzEvSEpvMFE2dTdCSFBmN3VHR3RPaDFDbTVSZ3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zODE3OWMtMjVhYi00MzY4LThjZjgtNTdlNTkzY2Y5YTRl
LzEvS3dVZThqQmc2MUdfMk1lWGxmYWsydlNLT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qZMA0G
CSqGSIb3DQEBCwUAA4IBAQB0WyhPr5DPnlGvMhB8em/nyv2p0IlX2S5oy1Oqx5/d
Qc4TiVhZMcOgVGnHlTGooU37INjBc8zD5x4R0uxcvN/559UtLW/trVWkQdqQ4uV4
U8je+HhYEglzo8nd9Hnk8ChyTyeoMGxShwL1YKu7fVntAgV1pywql1wU8qdIwMQM
PvVVMSKL7O706gp4evWgXfzioMjwzAhumvY6a8Rgq/KDlqzA2EvDX7BO66eAdMLC
DoPMejpP5SNXb8A8EZ2lcIXClPCiwONpw7dJpULKO16sqsT0zGsAbM/A615jLAgx
UUlENb7mkLMvGwEbz6fVbybX+tGZ5Mb34we7Gz/FaDuK
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:25:48 2025 by rpki-client