
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/hTqER8lEam9CCl5NIiQaUpJ8rf4.roa
File: hTqER8lEam9CCl5NIiQaUpJ8rf4.roa (raw, json)
Hash identifier: 9wP+fA/D6X4X3SoIN61o3QGU1yAgsnrrfT3p4Jwbdys=
Subject key identifier: 85:3A:84:47:C9:44:6A:6F:42:0A:5E:4D:22:24:1A:52:92:7C:AD:FE
Certificate issuer: /CN=04bec7578450f945d4f334df600c61a6f47232f2
Certificate serial: 0199AA05ACFD8FE981CB50E6F11686557C69
Authority key identifier: 04:BE:C7:57:84:50:F9:45:D4:F3:34:DF:60:0C:61:A6:F4:72:32:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/hTqER8lEam9CCl5NIiQaUpJ8rf4.roa
Signing time: Fri 03 Oct 2025 12:22:02 +0000
ROA not before: Fri 03 Oct 2025 12:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212904
IP address blocks: 185.243.29.0/24 maxlen: 24
185.243.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:aa:05:ac:fd:8f:e9:81:cb:50:e6:f1:16:86:55:7c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04bec7578450f945d4f334df600c61a6f47232f2
Validity
Not Before: Oct 3 12:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=853a8447c9446a6f420a5e4d22241a52927cadfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:54:a9:a6:d8:af:58:3f:9a:5c:d7:7c:fd:
08:91:94:16:a9:ab:cb:88:4e:2c:0e:40:3a:db:63:
d0:2d:40:5e:ad:12:0b:0a:8b:d3:c7:f1:a5:3b:d6:
9f:1d:99:d3:56:d8:90:bb:5a:19:e3:be:95:fd:1d:
6f:04:5d:c6:50:bd:d8:6c:0e:8e:cc:e0:f6:c5:14:
71:2a:4f:e1:12:b8:1d:88:85:bb:cf:79:ac:6f:0d:
c9:75:eb:0f:e2:1c:ff:0e:b8:dc:47:07:fe:14:a4:
d6:9d:62:dc:6a:52:d6:4f:8f:a4:26:81:44:d0:c7:
4f:1b:48:41:c3:50:75:62:7a:8f:d4:46:28:9d:18:
90:8f:9f:d2:61:9f:af:48:5b:30:62:d1:7d:c9:96:
6c:e8:ee:6a:98:92:6c:21:11:b6:27:2b:6f:56:5e:
0b:05:78:52:10:ef:3c:48:0f:d5:23:2d:04:c8:8b:
ce:dc:8d:c8:83:e4:90:14:e1:02:d9:88:42:de:e9:
7b:95:e4:7e:28:56:0c:28:f7:8f:e3:e2:8a:ad:10:
73:b7:08:0f:a4:7c:57:67:6b:10:de:dc:ae:24:2d:
0c:3a:fe:ae:ab:5c:29:5a:d0:9c:92:e2:79:21:7e:
18:91:20:c6:9e:bc:d1:0e:e2:3c:5e:83:ad:8b:85:
e8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3A:84:47:C9:44:6A:6F:42:0A:5E:4D:22:24:1A:52:92:7C:AD:FE
X509v3 Authority Key Identifier:
keyid:04:BE:C7:57:84:50:F9:45:D4:F3:34:DF:60:0C:61:A6:F4:72:32:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/hTqER8lEam9CCl5NIiQaUpJ8rf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b428e7-653c-46c7-973f-9db614cb127a/1/BL7HV4RQ-UXU8zTfYAxhpvRyMvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.29.0-185.243.30.255
Signature Algorithm: sha256WithRSAEncryption
40:91:21:50:8a:78:0a:01:02:4c:4e:90:1a:d5:d7:b1:71:f1:
f4:b4:5d:fc:8e:ae:49:3c:e6:b5:2d:0a:6f:0a:5d:0b:3b:26:
2d:14:53:f1:f7:e7:e0:78:fe:46:68:6c:75:41:68:e5:9f:fd:
be:45:6b:56:08:10:9c:6f:1a:e0:2d:47:a4:59:7f:db:bf:b3:
4d:65:68:d5:e4:dc:54:f5:7d:eb:61:bd:a2:e0:b6:72:0b:79:
8e:40:ae:9a:58:62:31:6b:f8:01:56:01:3f:2f:de:ef:89:92:
1a:a9:6f:4f:3c:0b:49:2e:05:10:1f:e7:2a:43:2f:89:d8:cc:
ee:cb:db:3c:05:0e:80:c0:69:21:07:e8:aa:37:ea:69:61:fe:
60:41:c1:81:68:4d:2c:61:b2:9a:19:7c:85:c2:84:0e:3b:da:
ad:48:24:19:f9:98:99:78:52:f9:c5:83:72:a6:21:43:4c:97:
ce:59:97:27:3b:3e:57:08:c0:fe:f3:f3:f6:97:87:65:0e:b2:
0a:ab:bd:9f:77:ac:9f:82:4b:59:42:9f:c8:3a:60:f6:a0:4e:
4d:f9:93:1f:1a:b1:76:10:60:cf:63:fe:00:40:f4:c0:be:b6:
36:b3:9d:ee:cb:71:e0:77:eb:21:0c:e1:a9:8b:75:ba:5b:93:
3b:1d:f0:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZmqBaz9j+mBy1Dm8RaGVXxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YmVjNzU3ODQ1MGY5NDVkNGYzMzRkZjYwMGM2MWE2ZjQ3
MjMyZjIwHhcNMjUxMDAzMTIyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNhODQ0N2M5NDQ2YTZmNDIwYTVlNGQyMjI0MWE1MjkyN2NhZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlItUqabYr1g/mlzXfP0IkZQWqavL
iE4sDkA622PQLUBerRILCovTx/GlO9afHZnTVtiQu1oZ476V/R1vBF3GUL3YbA6O
zOD2xRRxKk/hErgdiIW7z3msbw3JdesP4hz/DrjcRwf+FKTWnWLcalLWT4+kJoFE
0MdPG0hBw1B1YnqP1EYonRiQj5/SYZ+vSFswYtF9yZZs6O5qmJJsIRG2JytvVl4L
BXhSEO88SA/VIy0EyIvO3I3Ig+SQFOEC2YhC3ul7leR+KFYMKPeP4+KKrRBztwgP
pHxXZ2sQ3tyuJC0MOv6uq1wpWtCckuJ5IX4YkSDGnrzRDuI8XoOti4XoHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIU6hEfJRGpvQgpeTSIkGlKSfK3+MB8GA1UdIwQY
MBaAFAS+x1eEUPlF1PM032AMYab0cjLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkw3SFY0UlEtVVhVOHpUZllBeGhwdlJ5TXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNDI4ZTctNjUzYy00NmM3LTk3M2Yt
OWRiNjE0Y2IxMjdhLzEvaFRxRVI4bEVhbTlDQ2w1TklpUWFVcEo4cmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNDI4ZTctNjUzYy00NmM3LTk3M2YtOWRiNjE0Y2IxMjdh
LzEvQkw3SFY0UlEtVVhVOHpUZllBeGhwdlJ5TXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC58x0D
BAC58x4wDQYJKoZIhvcNAQELBQADggEBAECRIVCKeAoBAkxOkBrV17Fx8fS0XfyO
rkk85rUtCm8KXQs7Ji0UU/H35+B4/kZobHVBaOWf/b5Fa1YIEJxvGuAtR6RZf9u/
s01laNXk3FT1fethvaLgtnILeY5ArppYYjFr+AFWAT8v3u+Jkhqpb088C0kuBRAf
5ypDL4nYzO7L2zwFDoDAaSEH6Ko36mlh/mBBwYFoTSxhspoZfIXChA472q1IJBn5
mJl4UvnFg3KmIUNMl85Zlyc7PlcIwP7z8/aXh2UOsgqrvZ93rJ+CS1lCn8g6YPag
Tk35kx8asXYQYM9j/gBA9MC+tjazne7LceB36yEM4amLdbpbkzsd8Fw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:52 2025 by rpki-client