Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AH9IWPeSjn4zPMXrJdOOZZAn9Aw.roa
File: AH9IWPeSjn4zPMXrJdOOZZAn9Aw.roa (raw, json)
Hash identifier: NZOres5BfCUJDRAZEdwJLZ3pKyCM0qr94CohvGLshJM=
Subject key identifier: 00:7F:48:58:F7:92:8E:7E:33:3C:C5:EB:25:D3:8E:65:90:27:F4:0C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0198C44665CF3A5BE577101AEB2614A4CD82
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AH9IWPeSjn4zPMXrJdOOZZAn9Aw.roa
Signing time: Tue 19 Aug 2025 21:40:04 +0000
ROA not before: Tue 19 Aug 2025 21:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
82.163.68.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
185.86.142.0/23 maxlen: 24
188.215.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 21:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c4:46:65:cf:3a:5b:e5:77:10:1a:eb:26:14:a4:cd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 19 21:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=007f4858f7928e7e333cc5eb25d38e659027f40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ac:2e:65:33:22:1a:3e:11:c3:f6:11:ef:ac:
13:0f:62:ca:be:43:af:b8:cc:a3:d2:02:a9:8f:28:
8c:36:5b:4d:5d:4a:7a:a1:7b:a1:6e:94:7d:18:6b:
b3:65:eb:dc:97:28:22:1f:6a:c4:80:c8:7c:4c:40:
6d:07:ee:25:09:4d:bd:33:50:c2:be:fc:cf:b5:e0:
c2:ea:00:20:0d:a5:96:e7:51:f6:b6:1f:e5:06:5f:
84:e7:9a:4a:89:2d:60:a3:32:bc:a1:3b:20:15:39:
26:35:8c:b3:95:d0:07:ae:8c:7e:2a:d2:70:8b:43:
29:61:df:3d:3e:99:bf:0e:70:57:d7:d2:b9:4a:a9:
66:1b:c7:52:14:28:80:ef:8b:21:74:bf:0d:9a:ee:
3a:17:77:a7:75:78:64:2d:82:3b:28:05:11:5f:55:
40:00:19:d9:93:18:d3:2c:a1:97:9d:73:74:e2:28:
48:62:b6:e6:bb:7f:64:68:68:e6:14:53:c2:01:88:
7a:22:cb:22:62:eb:7f:99:d5:10:ba:76:3c:a7:20:
5d:94:b4:12:74:f3:78:13:af:1f:4b:68:54:aa:81:
c1:e1:bb:51:af:75:aa:fd:81:96:ff:64:32:b2:d8:
61:c8:11:51:72:b1:d9:c9:ca:38:fb:80:50:b8:5d:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7F:48:58:F7:92:8E:7E:33:3C:C5:EB:25:D3:8E:65:90:27:F4:0C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AH9IWPeSjn4zPMXrJdOOZZAn9Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.208.0/20
82.163.68.0/22
149.126.88.0/22
185.86.142.0/23
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:d3:94:61:d8:b9:92:4f:44:29:7f:86:5b:6e:ea:e7:c1:07:
3d:c2:14:ad:be:ca:1b:c8:7f:93:2d:2e:dd:d3:f7:15:ad:23:
15:ea:23:f4:fe:96:e9:63:15:78:16:c4:08:cc:b7:a4:ee:c4:
1d:9e:c1:8b:98:5b:cb:d3:4f:cf:64:4f:dc:77:c5:ff:17:c2:
1b:2c:f4:0c:d8:f7:f1:e9:c0:d1:9f:51:e9:9e:e8:25:9a:68:
be:fe:e4:d0:8a:a2:a8:99:e6:0f:7d:00:ac:96:5e:85:e3:d6:
95:30:d6:b3:d5:3b:63:59:38:1c:83:1f:32:8b:17:e0:9d:c1:
06:47:f8:d7:c6:80:37:df:dd:ab:4f:a7:41:8c:27:8c:d5:d4:
7b:36:12:99:2c:ee:94:f0:6d:e3:3b:6f:82:3e:d4:c2:43:d1:
f1:1d:05:7f:e8:cf:d8:5b:c6:81:ee:d3:78:df:5a:7b:3f:5a:
e5:21:56:df:d0:dc:ca:88:e6:42:02:24:50:57:2a:f9:7a:54:
1b:d7:ca:71:3b:22:ff:21:cc:06:d5:c4:b5:6c:33:3b:49:1b:
00:77:85:76:a6:3f:0f:f6:26:74:82:ba:de:d0:aa:27:09:25:
14:ee:db:97:fe:25:11:fe:61:45:d2:93:38:af:09:e6:f0:f3:
74:45:7d:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjERmXPOlvldxAa6yYUpM2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwODE5MjE0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdmNDg1OGY3OTI4ZTdlMzMzY2M1ZWIyNWQzOGU2NTkwMjdmNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96wuZTMiGj4Rw/YR76wTD2LKvkOv
uMyj0gKpjyiMNltNXUp6oXuhbpR9GGuzZevclygiH2rEgMh8TEBtB+4lCU29M1DC
vvzPteDC6gAgDaWW51H2th/lBl+E55pKiS1gozK8oTsgFTkmNYyzldAHrox+KtJw
i0MpYd89Ppm/DnBX19K5SqlmG8dSFCiA74shdL8Nmu46F3endXhkLYI7KAURX1VA
ABnZkxjTLKGXnXN04ihIYrbmu39kaGjmFFPCAYh6IssiYut/mdUQunY8pyBdlLQS
dPN4E68fS2hUqoHB4btRr3Wq/YGW/2QysthhyBFRcrHZyco4+4BQuF085wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAB/SFj3ko5+MzzF6yXTjmWQJ/QMMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQUg5SVdQZVNqbjR6UE1YckpkT09aWkFuOUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEJdrQAwQC
UqNEAwQClX5YAwQBuVaOAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQA+05Rh2LmS
T0Qpf4ZbburnwQc9whStvsobyH+TLS7d0/cVrSMV6iP0/pbpYxV4FsQIzLek7sQd
nsGLmFvL00/PZE/cd8X/F8IbLPQM2Pfx6cDRn1Hpnuglmmi+/uTQiqKomeYPfQCs
ll6F49aVMNaz1TtjWTgcgx8yixfgncEGR/jXxoA3392rT6dBjCeM1dR7NhKZLO6U
8G3jO2+CPtTCQ9HxHQV/6M/YW8aB7tN431p7P1rlIVbf0NzKiOZCAiRQVyr5elQb
18pxOyL/IcwG1cS1bDM7SRsAd4V2pj8P9iZ0grre0KonCSUU7tuX/iUR/mFF0pM4
rwnm8PN0RX3w
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:26 2025 by rpki-client