Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HDa3e7FjJLN4vkvamkngXm5ePcs.roa
File: HDa3e7FjJLN4vkvamkngXm5ePcs.roa (raw, json)
Hash identifier: BV1R1fWNSV5+twcq/e5sRskaP6g+7NvvjjOA/kt/3rQ=
Subject key identifier: 1C:36:B7:7B:B1:63:24:B3:78:BE:4B:DA:9A:49:E0:5E:6E:5E:3D:CB
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01977D60FDC6558249C461C26F7771FC3EB7
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HDa3e7FjJLN4vkvamkngXm5ePcs.roa
Signing time: Tue 17 Jun 2025 10:13:17 +0000
ROA not before: Tue 17 Jun 2025 10:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 77.47.180.0/22 maxlen: 24
195.178.128.0/22 maxlen: 24
212.111.211.0/24 maxlen: 24
212.111.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:60:fd:c6:55:82:49:c4:61:c2:6f:77:71:fc:3e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jun 17 10:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c36b77bb16324b378be4bda9a49e05e6e5e3dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:40:c6:8d:7d:fa:e4:78:3b:a2:60:c8:b0:7a:
9d:27:37:b4:8a:c6:73:b9:ee:79:0a:bd:36:c9:73:
7d:e0:93:4a:a9:47:9b:b5:e8:ec:22:29:f7:93:01:
55:a8:e2:30:33:bd:a4:9e:be:b0:a6:bd:d5:40:f5:
e9:8b:a8:55:0e:9a:da:9e:60:94:12:20:34:a3:94:
6c:2f:f4:0d:7c:80:1b:02:d9:52:25:a1:7a:51:22:
9c:48:ea:47:38:db:39:db:91:cd:6e:7b:22:77:f4:
20:09:7a:b9:74:44:47:12:3b:df:db:1d:94:b6:5a:
ef:fa:72:01:d2:b1:90:58:96:b4:c7:75:21:81:78:
79:08:c7:11:8e:db:87:d4:54:82:73:37:e4:ae:1c:
fe:d5:96:0b:0d:18:18:2f:2e:58:6a:78:67:b0:f0:
0a:0a:80:f5:9d:4a:0a:a8:5f:eb:76:fe:5b:4b:4e:
a9:85:5d:7b:03:d3:44:76:5a:da:6c:3c:74:1b:9c:
d4:cc:b9:81:a3:2d:65:53:b6:5e:04:9a:98:64:b0:
f3:d0:19:c2:8b:33:4d:42:5b:17:60:af:0e:35:aa:
23:41:d7:07:b0:6c:73:4a:cb:37:89:dc:29:a8:85:
43:03:dc:0d:7d:1b:e3:52:e7:33:b8:a8:4c:2c:2d:
1b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:36:B7:7B:B1:63:24:B3:78:BE:4B:DA:9A:49:E0:5E:6E:5E:3D:CB
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HDa3e7FjJLN4vkvamkngXm5ePcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.180.0/22
195.178.128.0/22
212.111.211.0/24
212.111.218.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:67:a5:29:98:51:d8:ae:ed:c4:b6:2c:d1:ce:1b:9e:1e:af:
e0:3f:24:c5:18:f0:42:22:d1:2a:4a:36:81:e0:91:a1:e7:e7:
f1:24:f9:e6:8f:99:cf:61:b6:7a:80:50:de:b3:06:9b:e8:0a:
8a:dd:fd:03:8d:a2:9c:00:c3:22:92:84:74:8c:2d:c2:14:4e:
d7:dc:06:25:c4:d3:77:d8:db:3b:82:df:44:e4:18:70:1d:11:
7f:b9:ee:b9:f0:33:aa:32:59:6f:25:96:1d:51:e0:82:cb:6e:
91:04:2f:d1:ae:73:3b:c7:80:5a:ac:b5:df:0f:13:bc:bd:33:
cc:04:90:43:2d:23:7a:0d:dc:8a:fe:25:1d:f0:4d:51:9a:a1:
c1:1f:27:aa:e9:49:15:16:8c:0f:a4:69:95:c3:c5:c7:4d:43:
24:06:e9:a5:a0:27:46:c8:54:67:49:de:b1:f9:f4:4d:e9:0a:
b9:72:e3:da:11:30:a7:eb:83:a1:53:eb:22:01:53:7b:33:32:
b1:d9:60:4c:29:bb:0f:4d:a0:7b:cf:96:f4:e5:7e:75:aa:42:
c9:81:cc:ec:c1:7e:5f:bd:0f:0a:b4:02:ba:7d:4c:bb:b9:60:
ec:96:7c:eb:db:17:e7:fb:a8:88:65:95:a6:d0:57:7b:d8:59:
8f:d2:87:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZd9YP3GVYJJxGHCb3dx/D63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwNjE3MTAxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM2Yjc3YmIxNjMyNGIzNzhiZTRiZGE5YTQ5ZTA1ZTZlNWUzZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkDGjX365Hg7omDIsHqdJze0isZz
ue55Cr02yXN94JNKqUebtejsIin3kwFVqOIwM72knr6wpr3VQPXpi6hVDpranmCU
EiA0o5RsL/QNfIAbAtlSJaF6USKcSOpHONs525HNbnsid/QgCXq5dERHEjvf2x2U
tlrv+nIB0rGQWJa0x3UhgXh5CMcRjtuH1FSCczfkrhz+1ZYLDRgYLy5YanhnsPAK
CoD1nUoKqF/rdv5bS06phV17A9NEdlrabDx0G5zUzLmBoy1lU7ZeBJqYZLDz0BnC
izNNQlsXYK8ONaojQdcHsGxzSss3idwpqIVDA9wNfRvjUuczuKhMLC0bNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBw2t3uxYySzeL5L2ppJ4F5uXj3LMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvSERhM2U3RmpKTE40dmt2YW1rbmdYbTVlUGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTS+0AwQC
w7KAAwQA1G/TAwQB1G/aMA0GCSqGSIb3DQEBCwUAA4IBAQBeZ6UpmFHYru3EtizR
zhueHq/gPyTFGPBCItEqSjaB4JGh5+fxJPnmj5nPYbZ6gFDeswab6AqK3f0DjaKc
AMMikoR0jC3CFE7X3AYlxNN32Ns7gt9E5BhwHRF/ue658DOqMllvJZYdUeCCy26R
BC/RrnM7x4BarLXfDxO8vTPMBJBDLSN6DdyK/iUd8E1RmqHBHyeq6UkVFowPpGmV
w8XHTUMkBumloCdGyFRnSd6x+fRN6Qq5cuPaETCn64OhU+siAVN7MzKx2WBMKbsP
TaB7z5b05X51qkLJgczswX5fvQ8KtAK6fUy7uWDslnzr2xfn+6iIZZWm0Fd72FmP
0oeF
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:07:36 2025 by rpki-client