Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/rHvEoVyfIfL2AxYfgW2LA2I2ddY.roa
File: rHvEoVyfIfL2AxYfgW2LA2I2ddY.roa (raw, json)
Hash identifier: YuMCHBdiDbRQw6K5z8b2lhpk5+LWo/r8M/4ge+STWnU=
Subject key identifier: AC:7B:C4:A1:5C:9F:21:F2:F6:03:16:1F:81:6D:8B:03:62:36:75:D6
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0198CCF39E04E6E9C22E3ADF2019AB2309C9
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/rHvEoVyfIfL2AxYfgW2LA2I2ddY.roa
Signing time: Thu 21 Aug 2025 14:06:14 +0000
ROA not before: Thu 21 Aug 2025 14:06:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:f3:9e:04:e6:e9:c2:2e:3a:df:20:19:ab:23:09:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Aug 21 14:06:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac7bc4a15c9f21f2f603161f816d8b03623675d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:98:f7:b3:ac:e5:02:04:5d:ff:b2:69:8c:82:
a4:18:c3:29:21:42:3d:ed:2d:04:64:7f:b4:08:7a:
6a:e2:97:19:fd:34:96:91:0d:0e:1c:d8:05:0d:2e:
c5:cc:d1:00:40:33:05:b4:dd:62:89:42:bc:f8:4f:
3a:1b:6d:44:38:92:d7:1d:28:21:6a:e6:c1:a3:64:
83:6a:ef:15:96:59:6f:a7:8b:4a:33:82:b6:32:ea:
91:58:ed:5d:39:77:5f:4e:ab:ea:29:c1:c8:0b:5e:
12:10:ed:95:ed:9c:27:f3:62:63:d6:9e:3c:c9:7c:
0f:df:37:62:92:ec:58:59:7b:e3:b6:60:6f:96:2d:
f3:7c:5f:a6:24:73:af:42:e9:21:da:9d:6c:63:93:
92:5d:2b:84:c8:62:ab:c7:a2:15:fa:8e:22:dc:e0:
d7:5b:e6:77:ae:15:1a:ce:6e:6f:8b:37:f1:a0:77:
2e:09:6c:d2:3d:2a:26:95:b7:cf:70:37:46:18:f4:
78:77:75:75:19:37:3d:54:01:22:65:0c:58:f3:71:
29:d3:fb:8f:a3:f3:fa:64:f1:5b:be:9e:35:74:6a:
f3:18:d9:5b:c9:d8:de:7e:23:9c:c1:29:3d:64:04:
39:ed:92:00:b5:ff:01:59:b1:7b:d7:ab:71:bf:a2:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7B:C4:A1:5C:9F:21:F2:F6:03:16:1F:81:6D:8B:03:62:36:75:D6
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/rHvEoVyfIfL2AxYfgW2LA2I2ddY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.51.255
185.86.6.0/24
185.254.28.0/23
193.35.152.0/23
194.62.52.0/24
194.62.54.0/23
Signature Algorithm: sha256WithRSAEncryption
09:dc:6e:4b:a6:d7:90:d9:cd:a5:34:2d:15:3f:7b:22:68:03:
01:99:d3:c0:80:96:cf:72:f0:ed:7f:58:cc:99:24:e7:09:2d:
40:4c:16:b2:cd:4f:7c:c7:05:31:b9:35:4f:14:e0:68:6f:92:
6b:1e:e4:ac:24:ac:6e:91:68:8a:01:ca:75:a7:3b:c9:e6:ee:
d6:81:65:6e:b1:98:23:3f:d0:df:f4:c0:6d:06:71:ad:35:2a:
95:5e:02:6f:22:54:15:13:6a:f7:8f:a6:13:57:7d:32:13:b3:
4b:03:f2:3e:61:4f:28:7f:22:38:b9:ce:b4:43:aa:e0:44:fe:
cb:5c:1c:7b:21:b0:4f:8f:3f:39:2c:28:d6:04:aa:7d:20:56:
44:8c:ff:e6:52:1c:34:e5:01:29:33:52:a4:96:4a:93:b5:86:
be:5e:c4:d5:b7:2a:20:57:82:77:6b:31:28:f9:52:13:3c:b5:
26:fd:06:a2:d3:55:e4:2e:d6:8e:67:4b:7d:5e:a2:79:ac:de:
95:a5:ea:2c:cd:3d:6b:a3:54:bf:52:71:95:03:49:b3:e4:4e:
f0:d6:c0:d3:c4:12:58:24:60:c2:87:15:4e:d3:98:67:03:48:
ce:c7:88:91:5a:ea:33:6e:b9:bd:65:16:0e:e7:4d:23:37:29:
2e:b1:96:ad
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZjM854E5unCLjrfIBmrIwnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwODIxMTQwNjE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdiYzRhMTVjOWYyMWYyZjYwMzE2MWY4MTZkOGIwMzYyMzY3NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5j3s6zlAgRd/7JpjIKkGMMpIUI9
7S0EZH+0CHpq4pcZ/TSWkQ0OHNgFDS7FzNEAQDMFtN1iiUK8+E86G21EOJLXHSgh
aubBo2SDau8Vlllvp4tKM4K2MuqRWO1dOXdfTqvqKcHIC14SEO2V7Zwn82Jj1p48
yXwP3zdikuxYWXvjtmBvli3zfF+mJHOvQukh2p1sY5OSXSuEyGKrx6IV+o4i3ODX
W+Z3rhUazm5vizfxoHcuCWzSPSomlbfPcDdGGPR4d3V1GTc9VAEiZQxY83Ep0/uP
o/P6ZPFbvp41dGrzGNlbydjefiOcwSk9ZAQ57ZIAtf8BWbF716txv6J30QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKx7xKFcnyHy9gMWH4FtiwNiNnXWMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvckh2RW9WeWZJZkwyQXhZZmdXMkxBMkkyZGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABt7DED
BAJt7DADBAC5VgYDBAG5/hwDBAHBI5gDBADCPjQDBAHCPjYwDQYJKoZIhvcNAQEL
BQADggEBAAncbkum15DZzaU0LRU/eyJoAwGZ08CAls9y8O1/WMyZJOcJLUBMFrLN
T3zHBTG5NU8U4Ghvkmse5KwkrG6RaIoBynWnO8nm7taBZW6xmCM/0N/0wG0Gca01
KpVeAm8iVBUTavePphNXfTITs0sD8j5hTyh/Iji5zrRDquBE/stcHHshsE+PPzks
KNYEqn0gVkSM/+ZSHDTlASkzUqSWSpO1hr5exNW3KiBXgndrMSj5UhM8tSb9BqLT
VeQu1o5nS31eonms3pWl6izNPWujVL9ScZUDSbPkTvDWwNPEElgkYMKHFU7TmGcD
SM7HiJFa6jNuub1lFg7nTSM3KS6xlq0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:27:36 2025 by rpki-client