Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/HPnvD8Ntnn9dO-DnJ5gUArgmEbQ.roa
File: HPnvD8Ntnn9dO-DnJ5gUArgmEbQ.roa (raw, json)
Hash identifier: PZJg6QjLztAzWO75yUPx+H4icTDOlKmcYmBRQX4HD7k=
Subject key identifier: 1C:F9:EF:0F:C3:6D:9E:7F:5D:3B:E0:E7:27:98:14:02:B8:26:11:B4
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 0198BA17E27BC68416A3985DBE8A71D01913
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/HPnvD8Ntnn9dO-DnJ5gUArgmEbQ.roa
Signing time: Sun 17 Aug 2025 22:13:04 +0000
ROA not before: Sun 17 Aug 2025 22:13:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47526
IP address blocks: 185.55.80.0/24 maxlen: 24
2a13:ccc0::/29 maxlen: 29
2a13:ccc0::/32 maxlen: 48
2a13:ccc1::/32 maxlen: 32
2a13:ccc2::/32 maxlen: 32
2a13:ccc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ba:17:e2:7b:c6:84:16:a3:98:5d:be:8a:71:d0:19:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Aug 17 22:13:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cf9ef0fc36d9e7f5d3be0e727981402b82611b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:b3:ec:ed:7d:4a:b5:97:fb:7e:71:01:7c:
8e:d0:0f:d1:f9:e2:56:a4:db:69:e6:b3:e3:01:58:
2c:3b:0a:3b:38:dd:08:b8:87:10:b4:b8:ea:5e:05:
ff:bc:a6:18:73:1d:d5:4b:70:a1:5d:f1:ca:a9:a1:
89:fb:e5:54:65:c8:91:d9:ec:00:91:b3:2c:8f:30:
43:9d:91:09:57:98:cb:4a:31:3c:41:81:b4:0b:c8:
f6:47:b7:f1:77:ef:d8:84:8b:2e:10:2b:55:70:fa:
6d:81:b1:da:2d:9b:72:35:3c:1f:1a:31:7b:d9:8d:
6c:12:42:a2:78:91:ea:b3:2b:c0:16:c6:7c:1b:ed:
1e:01:d5:fa:55:e9:44:c5:f3:3c:e4:5b:89:de:04:
65:7b:e6:0a:15:21:45:a9:f9:3e:46:8e:05:7a:1f:
b7:27:05:da:e8:a3:12:bf:24:ff:46:3a:6d:c3:3e:
bf:d1:c1:05:b5:3f:b3:fd:89:28:04:2f:f0:84:57:
58:80:39:7b:3d:ac:c7:b6:8a:97:f6:b9:48:d6:37:
49:2a:9f:27:f9:da:f5:fb:a3:8e:ef:9d:96:aa:a5:
0f:88:15:40:0c:33:ac:7d:61:56:f9:3f:c3:be:56:
22:e1:2f:35:a0:65:cf:f3:7d:1e:14:18:94:34:51:
1c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F9:EF:0F:C3:6D:9E:7F:5D:3B:E0:E7:27:98:14:02:B8:26:11:B4
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/HPnvD8Ntnn9dO-DnJ5gUArgmEbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.80.0/24
IPv6:
2a13:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:fd:51:5b:73:4d:21:66:79:e7:b3:fe:8c:1e:7b:8d:c1:c0:
4c:82:ae:45:8c:a1:96:09:56:79:2f:25:ee:76:69:d2:80:79:
9a:15:1d:2a:d5:f6:0b:34:88:b6:90:e2:e5:5e:3d:50:1e:ab:
63:f2:58:7a:4c:3a:56:51:2f:38:83:cf:94:29:bf:1f:17:e2:
20:75:38:64:5f:60:54:2f:67:ae:08:69:16:0b:cd:3a:86:b8:
a3:cb:8c:e6:84:7f:b1:65:fb:0d:03:6e:b9:35:11:cf:ad:ca:
21:06:03:73:6d:92:6e:2e:b3:22:fa:99:ec:06:85:28:cb:4c:
94:c3:ae:45:81:78:d5:8d:bf:ed:f0:bf:b4:3c:33:23:03:e3:
d5:d1:05:48:e2:38:f6:07:e6:de:75:f9:f8:52:c7:b0:ba:9f:
ef:56:42:0e:cf:bf:eb:91:3b:b3:cf:76:44:e2:9b:34:f3:5b:
d4:91:3f:03:88:be:1b:58:00:67:3d:e3:24:98:cf:87:09:e1:
7c:60:89:cd:44:8d:df:29:e1:3b:ac:89:79:a5:50:e0:38:b5:
94:4a:ea:83:f5:ea:ac:37:3e:07:6e:f2:f3:8c:3e:67:eb:fd:
fc:58:22:fb:1d:3d:d8:33:5a:ca:29:35:ec:d3:c5:84:9a:74:
26:8a:ea:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZi6F+J7xoQWo5hdvopx0BkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjUwODE3MjIxMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y5ZWYwZmMzNmQ5ZTdmNWQzYmUwZTcyNzk4MTQwMmI4MjYxMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEqz7O19SrWX+35xAXyO0A/R+eJW
pNtp5rPjAVgsOwo7ON0IuIcQtLjqXgX/vKYYcx3VS3ChXfHKqaGJ++VUZciR2ewA
kbMsjzBDnZEJV5jLSjE8QYG0C8j2R7fxd+/YhIsuECtVcPptgbHaLZtyNTwfGjF7
2Y1sEkKieJHqsyvAFsZ8G+0eAdX6VelExfM85FuJ3gRle+YKFSFFqfk+Ro4Feh+3
JwXa6KMSvyT/Rjptwz6/0cEFtT+z/YkoBC/whFdYgDl7PazHtoqX9rlI1jdJKp8n
+dr1+6OO752WqqUPiBVADDOsfWFW+T/DvlYi4S81oGXP830eFBiUNFEcFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBz57w/DbZ5/XTvg5yeYFAK4JhG0MB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvSFBudkQ4TnRubjlkTy1Ebko1Z1VBcmdtRWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTdQMA0E
AgACMAcDBQMqE8zAMA0GCSqGSIb3DQEBCwUAA4IBAQAb/VFbc00hZnnns/6MHnuN
wcBMgq5FjKGWCVZ5LyXudmnSgHmaFR0q1fYLNIi2kOLlXj1QHqtj8lh6TDpWUS84
g8+UKb8fF+IgdThkX2BUL2euCGkWC806hrijy4zmhH+xZfsNA265NRHPrcohBgNz
bZJuLrMi+pnsBoUoy0yUw65FgXjVjb/t8L+0PDMjA+PV0QVI4jj2B+bedfn4Usew
up/vVkIOz7/rkTuzz3ZE4ps081vUkT8DiL4bWABnPeMkmM+HCeF8YInNRI3fKeE7
rIl5pVDgOLWUSuqD9eqsNz4HbvLzjD5n6/38WCL7HT3YM1rKKTXs08WEmnQmiup1
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:12:04 2025 by rpki-client