Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HHzsEBFa2A05NKAPqXI5OVwnNw8.roa
File: HHzsEBFa2A05NKAPqXI5OVwnNw8.roa (raw, json)
Hash identifier: 8OesrSo0HOp6GSF2gGuN1ejfkOvUPRQ23ED1PAULVsg=
Subject key identifier: 1C:7C:EC:10:11:5A:D8:0D:39:34:A0:0F:A9:72:39:39:5C:27:37:0F
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0199CDE14AFF3952210374DDBCAE1A09B3E5
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HHzsEBFa2A05NKAPqXI5OVwnNw8.roa
Signing time: Fri 10 Oct 2025 11:28:38 +0000
ROA not before: Fri 10 Oct 2025 11:28:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52180
IP address blocks: 141.105.129.0/24 maxlen: 24
141.105.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:e1:4a:ff:39:52:21:03:74:dd:bc:ae:1a:09:b3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Oct 10 11:28:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c7cec10115ad80d3934a00fa97239395c27370f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9f:36:6a:1f:4c:ed:ca:0a:63:26:4d:dc:43:
1a:c4:e6:55:08:1b:90:31:ce:5a:ef:86:29:fe:e5:
12:42:14:92:e2:42:f9:83:cf:18:fa:68:e9:e2:84:
44:05:26:b6:ab:c4:ac:4b:22:e0:20:17:02:5a:f6:
5f:a0:a3:31:b1:3d:99:f2:c9:be:cd:18:2d:12:51:
c7:19:f9:e6:98:9f:1d:99:93:c1:5b:67:d2:58:21:
9a:4f:87:c8:51:86:ac:85:85:79:d8:87:8d:e0:45:
a9:98:78:3f:2c:6f:ad:b5:dc:f0:5a:e3:51:d7:db:
41:5b:88:47:1d:6a:b4:8c:fe:c9:c1:84:80:9a:45:
3f:20:90:5a:12:c0:ff:ae:e3:41:e5:c8:01:d4:3c:
31:4c:16:98:5c:3c:5b:4d:76:18:9c:64:03:23:b5:
53:9e:ab:67:84:9b:61:c2:22:ed:ad:fa:3c:41:8c:
fb:24:54:31:b0:27:5b:ee:22:8d:d0:4c:10:56:cf:
9e:40:7b:92:33:43:9b:5c:c8:ef:7b:63:73:f2:2f:
47:6a:f7:cf:ec:eb:1d:7d:c4:db:9f:90:7a:19:b0:
0c:33:15:aa:3b:6f:d4:3d:dd:d1:f4:57:90:4b:d1:
29:a4:77:fe:69:f1:51:78:e2:f7:1e:c6:88:ff:01:
fb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7C:EC:10:11:5A:D8:0D:39:34:A0:0F:A9:72:39:39:5C:27:37:0F
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HHzsEBFa2A05NKAPqXI5OVwnNw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.129.0/24
141.105.139.0/24
Signature Algorithm: sha256WithRSAEncryption
82:a8:c0:c0:13:4d:55:4e:8f:53:ea:5e:1b:4a:ae:7a:78:b1:
d1:0e:2a:4b:ec:a7:2c:3e:c5:1d:84:24:68:a8:95:e2:e6:df:
42:7d:2a:9f:db:e8:36:77:83:6e:3c:f3:a6:e7:00:c1:f7:20:
b4:70:04:09:76:68:c4:72:4b:2a:cb:eb:0e:8a:31:ef:0d:c6:
ed:cf:a0:e1:7c:cf:b1:8f:1f:3a:6c:0b:b3:01:78:ca:83:df:
87:67:14:d3:db:d2:72:3e:05:7d:29:e5:40:1e:f1:88:07:5e:
f4:d3:56:a7:fc:64:e6:33:23:f5:19:f3:5a:93:f4:2a:e3:41:
54:9e:a6:de:36:f9:65:56:09:80:c8:69:b3:b5:50:8f:a8:2b:
3e:70:f7:60:e8:f7:53:16:96:72:10:8b:37:8e:74:d8:f4:cb:
da:34:21:0c:ab:2e:ec:48:42:f9:32:e4:ad:d1:3f:07:e0:8e:
88:c6:d4:96:73:fc:fe:48:ec:5b:33:b7:af:1d:66:98:f7:d6:
57:f9:cc:69:c9:0a:a3:a4:6c:a9:34:a4:79:80:0e:3f:12:bb:
3c:6d:df:e9:c5:24:e9:bf:e4:cc:03:00:aa:15:81:b2:3f:09:
b2:5e:f7:8d:c7:2a:53:43:fc:7b:9a:fa:46:da:18:7f:d5:10:
aa:1f:00:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnN4Ur/OVIhA3TdvK4aCbPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjUxMDEwMTEyODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzdjZWMxMDExNWFkODBkMzkzNGEwMGZhOTcyMzkzOTVjMjczNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp582ah9M7coKYyZN3EMaxOZVCBuQ
Mc5a74Yp/uUSQhSS4kL5g88Y+mjp4oREBSa2q8SsSyLgIBcCWvZfoKMxsT2Z8sm+
zRgtElHHGfnmmJ8dmZPBW2fSWCGaT4fIUYashYV52IeN4EWpmHg/LG+ttdzwWuNR
19tBW4hHHWq0jP7JwYSAmkU/IJBaEsD/ruNB5cgB1DwxTBaYXDxbTXYYnGQDI7VT
nqtnhJthwiLtrfo8QYz7JFQxsCdb7iKN0EwQVs+eQHuSM0ObXMjve2Nz8i9HavfP
7OsdfcTbn5B6GbAMMxWqO2/UPd3R9FeQS9EppHf+afFReOL3HsaI/wH7WQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBx87BARWtgNOTSgD6lyOTlcJzcPMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvSEh6c0VCRmEyQTA1TktBUHFYSTVPVnduTnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjWmBAwQA
jWmLMA0GCSqGSIb3DQEBCwUAA4IBAQCCqMDAE01VTo9T6l4bSq56eLHRDipL7Kcs
PsUdhCRoqJXi5t9CfSqf2+g2d4NuPPOm5wDB9yC0cAQJdmjEcksqy+sOijHvDcbt
z6DhfM+xjx86bAuzAXjKg9+HZxTT29JyPgV9KeVAHvGIB17001an/GTmMyP1GfNa
k/Qq40FUnqbeNvllVgmAyGmztVCPqCs+cPdg6PdTFpZyEIs3jnTY9MvaNCEMqy7s
SEL5MuSt0T8H4I6IxtSWc/z+SOxbM7evHWaY99ZX+cxpyQqjpGypNKR5gA4/Ers8
bd/pxSTpv+TMAwCqFYGyPwmyXveNxypTQ/x7mvpG2hh/1RCqHwB+
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:27:12 2025 by rpki-client