Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/hIS7p8oBVfka5-8RFV0HubayIdE.roa
File: hIS7p8oBVfka5-8RFV0HubayIdE.roa (raw, json)
Hash identifier: F5TIegvY+JSm5ZTBtrT5T05mvONHoneGNZ8NfzaAUc8=
Subject key identifier: 84:84:BB:A7:CA:01:55:F9:1A:E7:EF:11:15:5D:07:B9:B6:B2:21:D1
Certificate issuer: /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial: 01995331C836C3DB56E508E4104BE3528158
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/hIS7p8oBVfka5-8RFV0HubayIdE.roa
Signing time: Tue 16 Sep 2025 15:43:15 +0000
ROA not before: Tue 16 Sep 2025 15:43:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196735
IP address blocks: 188.75.128.0/18 maxlen: 24
2a01:b380::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:53:31:c8:36:c3:db:56:e5:08:e4:10:4b:e3:52:81:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Validity
Not Before: Sep 16 15:43:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8484bba7ca0155f91ae7ef11155d07b9b6b221d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:61:5a:bd:03:28:3b:ac:ef:43:f9:a6:18:f9:
f4:5f:33:3d:32:bb:6e:7b:c8:44:1d:84:f1:1b:7a:
54:30:e0:b6:e8:70:c5:7d:ee:f2:ad:21:6a:21:24:
7a:87:57:93:90:67:2c:cb:36:f6:4e:ad:64:fc:fb:
5f:6e:b7:ba:2c:91:96:a2:98:27:7c:9e:21:f7:d0:
db:53:d4:fe:18:7a:03:21:82:53:fc:97:5d:24:58:
10:90:c4:a6:a8:8e:fc:80:33:d0:75:cd:12:8b:fa:
bd:2d:f4:0f:70:7b:63:27:9e:02:2b:76:ab:01:f0:
c6:e6:00:40:c6:a8:46:1c:9f:8d:af:66:b2:a9:a5:
fe:d8:a9:f5:0a:74:cc:7b:4f:c1:49:34:60:bb:ca:
e4:0b:67:2f:8d:fc:e5:92:4e:7f:56:00:78:30:6e:
61:57:8a:a0:43:a6:d8:3a:f2:2c:b4:89:0a:e7:23:
8e:87:15:01:9f:b5:26:fb:61:36:86:13:b0:d3:17:
ba:b3:5d:e4:06:2a:d5:cd:f7:0d:9a:cf:34:b1:eb:
74:64:4c:cc:c0:28:6f:bc:66:69:16:fa:08:cc:b4:
9f:d1:87:05:2d:89:77:49:76:9a:f7:dd:d9:d0:2d:
ed:b9:79:d9:a6:1a:50:ff:a1:62:86:7f:7d:07:55:
dd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:84:BB:A7:CA:01:55:F9:1A:E7:EF:11:15:5D:07:B9:B6:B2:21:D1
X509v3 Authority Key Identifier:
keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/hIS7p8oBVfka5-8RFV0HubayIdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.75.128.0/18
IPv6:
2a01:b380::/32
Signature Algorithm: sha256WithRSAEncryption
a7:58:a5:be:61:2a:de:09:e5:04:57:7e:08:ca:4b:96:2d:33:
e5:28:08:b7:51:4a:65:92:26:d2:4c:35:0f:73:35:b6:a1:47:
6a:51:6a:bb:90:e0:48:7e:7c:35:ca:d5:ce:bd:48:71:9f:b6:
6d:c1:88:55:7f:e0:39:c8:df:cd:bc:a9:1f:08:b8:40:1a:44:
9b:43:3a:4f:53:04:1e:bb:6f:93:25:9c:31:64:41:67:6a:62:
c7:35:8b:74:00:78:64:a3:85:f2:59:21:43:9d:82:24:5a:7e:
bf:78:69:aa:a6:f7:12:87:fc:69:8a:0b:60:20:6a:c4:88:55:
0b:13:b0:3e:43:e3:70:2a:e7:00:1a:e3:10:d8:12:bd:2e:16:
b1:e2:e3:75:53:c7:38:94:24:85:9a:5c:26:13:d1:a1:d2:c6:
f9:e6:d9:f4:90:d9:7e:7a:12:af:92:2d:e4:51:5e:84:ef:47:
76:8e:9a:86:cf:58:d7:b4:bb:6b:a0:4d:69:1a:56:53:40:bd:
f0:42:b5:20:28:e3:42:e7:cd:cb:f9:60:ca:1f:28:e4:f0:d3:
93:62:67:b6:e4:f9:7e:0a:29:73:ac:61:7a:a4:a8:f5:42:34:
f5:da:e2:5d:20:a6:48:2f:55:9a:f1:76:c3:94:3b:8c:ad:68:
d1:97:d0:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZlTMcg2w9tW5QjkEEvjUoFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjUwOTE2MTU0MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg0YmJhN2NhMDE1NWY5MWFlN2VmMTExNTVkMDdiOWI2YjIyMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2FavQMoO6zvQ/mmGPn0XzM9Mrtu
e8hEHYTxG3pUMOC26HDFfe7yrSFqISR6h1eTkGcsyzb2Tq1k/Ptfbre6LJGWopgn
fJ4h99DbU9T+GHoDIYJT/JddJFgQkMSmqI78gDPQdc0Si/q9LfQPcHtjJ54CK3ar
AfDG5gBAxqhGHJ+Nr2ayqaX+2Kn1CnTMe0/BSTRgu8rkC2cvjfzlkk5/VgB4MG5h
V4qgQ6bYOvIstIkK5yOOhxUBn7Um+2E2hhOw0xe6s13kBirVzfcNms80set0ZEzM
wChvvGZpFvoIzLSf0YcFLYl3SXaa993Z0C3tuXnZphpQ/6Fihn99B1XdZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFISEu6fKAVX5GufvERVdB7m2siHRMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvaElTN3A4b0JWZmthNS04UkZWMEh1YmF5SWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGvEuAMA0E
AgACMAcDBQAqAbOAMA0GCSqGSIb3DQEBCwUAA4IBAQCnWKW+YSreCeUEV34IykuW
LTPlKAi3UUplkibSTDUPczW2oUdqUWq7kOBIfnw1ytXOvUhxn7ZtwYhVf+A5yN/N
vKkfCLhAGkSbQzpPUwQeu2+TJZwxZEFnamLHNYt0AHhko4XyWSFDnYIkWn6/eGmq
pvcSh/xpigtgIGrEiFULE7A+Q+NwKucAGuMQ2BK9Lhax4uN1U8c4lCSFmlwmE9Gh
0sb55tn0kNl+ehKvki3kUV6E70d2jpqGz1jXtLtroE1pGlZTQL3wQrUgKONC583L
+WDKHyjk8NOTYme25Pl+CilzrGF6pKj1QjT12uJdIKZIL1Wa8XbDlDuMrWjRl9Cu
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:15 2025 by rpki-client