Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H7riRd-N106KX0i1mDF2VRCYnEc.roa
File: H7riRd-N106KX0i1mDF2VRCYnEc.roa (raw, json)
Hash identifier: NA570He5c22fo1zyWpfXqctkYrqhzyDYex5XaIbuKFE=
Subject key identifier: 1F:BA:E2:45:DF:8D:D7:4E:8A:5F:48:B5:98:31:76:55:10:98:9C:47
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019976D9B71AB77B19FDEDE5B165D031562D
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H7riRd-N106KX0i1mDF2VRCYnEc.roa
Signing time: Tue 23 Sep 2025 13:53:23 +0000
ROA not before: Tue 23 Sep 2025 13:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 46.38.138.0/24 maxlen: 24
46.38.143.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
212.80.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:d9:b7:1a:b7:7b:19:fd:ed:e5:b1:65:d0:31:56:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Sep 23 13:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fbae245df8dd74e8a5f48b59831765510989c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:2d:71:11:ea:14:d2:cf:73:df:ad:a5:d2:
55:46:38:a0:bd:ee:f0:a2:99:42:67:3e:08:79:a0:
39:49:e8:cd:66:93:c4:e7:db:a7:9d:cd:fa:e6:3e:
bb:b3:98:5c:00:2d:58:8e:f6:54:3c:ca:8b:8c:b1:
ce:c7:47:7e:97:ad:c7:06:df:98:18:2f:65:7d:97:
1b:d4:48:96:53:d7:fc:d4:29:cf:b6:77:1a:fd:09:
41:35:6f:c2:0d:36:32:40:c7:95:f3:5a:45:31:15:
e8:0e:63:f0:35:d6:18:66:51:c6:90:61:5c:f9:95:
cf:f3:49:77:b6:04:f8:90:b1:f7:8b:53:be:f1:17:
f5:da:3d:9e:a7:e7:37:5f:88:e0:76:8b:65:a4:99:
f0:3d:44:99:69:c3:1a:d6:5f:1e:8e:76:85:db:cc:
c7:02:41:e4:d1:cb:94:d1:b3:07:64:3e:88:3d:94:
be:20:27:06:87:e3:05:e4:2b:c8:5f:ce:9d:0d:e6:
dd:37:19:16:c4:8e:48:9d:6b:2e:94:e4:01:64:91:
3e:82:bf:64:9c:97:a3:0f:9f:4a:91:37:23:fb:99:
d5:62:56:a3:93:e1:5a:e4:02:d8:0c:7d:85:77:52:
22:a1:ac:98:b3:b6:e8:60:d1:dc:5b:f7:e0:fd:35:
b9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BA:E2:45:DF:8D:D7:4E:8A:5F:48:B5:98:31:76:55:10:98:9C:47
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H7riRd-N106KX0i1mDF2VRCYnEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.138.0/24
46.38.143.0/24
109.94.164.0/24
212.80.8.0-212.80.10.255
212.80.31.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0e:da:56:01:9f:fb:f0:32:61:4f:e6:a0:09:cf:50:b8:d0:
e0:aa:97:54:70:18:b9:9c:39:d2:31:d9:c1:73:eb:f7:87:f9:
3a:c5:14:4a:e5:fe:d1:2c:13:8d:58:ef:93:d4:c4:1c:ed:31:
c8:ff:bf:18:42:de:64:4e:ad:64:fe:1f:48:f8:15:42:5b:85:
4f:13:99:53:34:e4:44:30:b2:15:66:02:74:1e:f8:03:2c:0f:
15:0e:70:f1:26:37:d0:a8:76:f2:18:5f:24:ab:b6:95:b7:08:
be:9a:d6:ba:da:ad:3d:cc:89:b5:91:04:db:b4:7a:d0:6b:c6:
df:d0:e2:68:02:3d:ac:5f:d4:7a:a5:35:6d:19:1a:9b:29:9b:
60:5a:76:8e:e0:ef:cc:34:c0:ac:1f:7f:75:2d:a5:06:94:2b:
2d:2c:e7:aa:85:f8:67:c1:e7:8b:ef:e8:96:d1:a5:4f:fe:ea:
fc:1f:5e:78:fe:d3:c8:cb:23:f0:e0:b5:ac:4a:9e:2b:d4:a5:
a2:a0:43:1f:c1:f5:f1:4f:68:85:f2:52:c5:7c:8b:d8:49:76:
ee:6f:ae:73:fa:ac:41:b3:52:e4:2c:5c:d6:af:22:a9:34:ba:
6c:aa:0b:83:64:03:db:a0:20:96:ed:d0:85:6b:58:85:60:d9:
71:bb:59:de
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZl22bcat3sZ/e3lsWXQMVYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwOTIzMTM1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmJhZTI0NWRmOGRkNzRlOGE1ZjQ4YjU5ODMxNzY1NTEwOTg5YzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ8tcRHqFNLPc9+tpdJVRjigve7w
oplCZz4IeaA5SejNZpPE59unnc365j67s5hcAC1YjvZUPMqLjLHOx0d+l63HBt+Y
GC9lfZcb1EiWU9f81CnPtnca/QlBNW/CDTYyQMeV81pFMRXoDmPwNdYYZlHGkGFc
+ZXP80l3tgT4kLH3i1O+8Rf12j2ep+c3X4jgdotlpJnwPUSZacMa1l8ejnaF28zH
AkHk0cuU0bMHZD6IPZS+ICcGh+MF5CvIX86dDebdNxkWxI5InWsulOQBZJE+gr9k
nJejD59KkTcj+5nVYlajk+Fa5ALYDH2Fd1IioayYs7boYNHcW/fg/TW5fwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB+64kXfjddOil9ItZgxdlUQmJxHMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSDdyaVJkLU4xMDZLWDBpMW1ERjJWUkNZbkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALiaKAwQA
LiaPAwQAbV6kMAwDBAPUUAgDBADUUAoDBADUUB8wDQYJKoZIhvcNAQELBQADggEB
AEQO2lYBn/vwMmFP5qAJz1C40OCql1RwGLmcOdIx2cFz6/eH+TrFFErl/tEsE41Y
75PUxBztMcj/vxhC3mROrWT+H0j4FUJbhU8TmVM05EQwshVmAnQe+AMsDxUOcPEm
N9CodvIYXySrtpW3CL6a1rrarT3MibWRBNu0etBrxt/Q4mgCPaxf1HqlNW0ZGpsp
m2Bado7g78w0wKwff3UtpQaUKy0s56qF+GfB54vv6JbRpU/+6vwfXnj+08jLI/Dg
taxKnivUpaKgQx/B9fFPaIXyUsV8i9hJdu5vrnP6rEGzUuQsXNavIqk0umyqC4Nk
A9ugIJbt0IVrWIVg2XG7Wd4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:03 2025 by rpki-client