Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/H8rXW80yzjDwYfO1_MwWk5OH3jU.roa
File: H8rXW80yzjDwYfO1_MwWk5OH3jU.roa (raw, json)
Hash identifier: zhGby14CHFbYwyq/g0pFACCjs2O75GSjpQWLRvdMLlc=
Subject key identifier: 1F:CA:D7:5B:CD:32:CE:30:F0:61:F3:B5:FC:CC:16:93:93:87:DE:35
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0198CC60FA49A850FDC8D8BF17ECB749FBE2
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/H8rXW80yzjDwYfO1_MwWk5OH3jU.roa
Signing time: Thu 21 Aug 2025 11:26:04 +0000
ROA not before: Thu 21 Aug 2025 11:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 984
IP address blocks: 95.177.63.0/24 maxlen: 24
95.177.67.0/24 maxlen: 24
95.177.74.0/24 maxlen: 24
95.177.85.0/24 maxlen: 24
213.177.226.0/23 maxlen: 24
213.177.230.0/23 maxlen: 24
213.177.234.0/23 maxlen: 24
213.177.238.0/23 maxlen: 24
213.177.242.0/23 maxlen: 24
213.177.246.0/23 maxlen: 24
213.177.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:60:fa:49:a8:50:fd:c8:d8:bf:17:ec:b7:49:fb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Aug 21 11:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fcad75bcd32ce30f061f3b5fccc16939387de35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0b:a5:1f:30:2f:a7:f4:16:9f:be:27:34:35:
67:e9:58:aa:e5:d6:0d:0c:56:16:98:57:46:bf:ab:
fa:dc:9f:8d:0d:6c:13:e3:b9:6e:4a:6f:4c:7c:91:
bc:d4:1d:de:4b:00:f4:5e:64:bc:a5:90:69:63:bc:
6f:21:a2:f6:ed:53:07:d4:4b:b4:66:2e:6c:b8:50:
1a:8c:f6:8f:02:2c:1c:96:58:b1:b5:66:7c:37:c2:
3c:cf:c3:05:4e:19:6f:9a:d0:76:c2:0c:40:e4:6f:
21:00:40:01:cc:4a:a3:82:bd:e4:57:f1:54:0c:67:
e3:12:7b:0b:02:e2:66:ea:8f:23:47:8d:18:e4:0c:
5f:1d:5a:c6:6a:c8:31:92:86:4a:f0:1a:e7:5b:6d:
9d:00:dc:d8:60:e8:3e:f4:f4:95:c5:f8:5b:5f:fa:
f0:3f:9b:fe:bc:99:9b:b3:e7:64:18:a7:6b:92:94:
63:06:80:19:66:6a:40:5b:8b:53:3a:95:b4:31:76:
cc:38:aa:dc:6a:fb:f9:95:86:8f:23:95:b0:81:42:
19:35:e3:ba:4f:bf:ed:a1:50:1d:38:7c:27:cf:8e:
77:4c:6f:80:c1:ad:6a:62:7e:08:38:10:19:6f:75:
4c:e8:19:f7:a3:48:cc:77:8f:a9:f7:c8:73:c2:01:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CA:D7:5B:CD:32:CE:30:F0:61:F3:B5:FC:CC:16:93:93:87:DE:35
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/H8rXW80yzjDwYfO1_MwWk5OH3jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.177.63.0/24
95.177.67.0/24
95.177.74.0/24
95.177.85.0/24
213.177.226.0/23
213.177.230.0/23
213.177.234.0/23
213.177.238.0/23
213.177.242.0/23
213.177.246.0/23
213.177.250.0/23
Signature Algorithm: sha256WithRSAEncryption
af:fa:65:d1:4b:04:a4:1c:31:7f:22:fa:61:ad:95:ea:5f:7a:
cc:81:61:aa:c9:9a:2a:e7:93:59:b4:f1:1b:b5:19:a3:1e:a3:
2c:ed:51:c6:f9:5a:65:44:2c:fb:52:a6:e3:72:cc:8c:97:a0:
0c:ea:1e:61:c1:4f:a9:e3:cd:a2:22:82:3a:8d:cf:70:76:b1:
51:8c:fa:0b:5f:55:06:73:75:cb:6c:12:d1:78:b4:d7:32:cb:
f5:cd:ef:3d:be:45:49:06:4e:ce:23:ef:81:93:db:35:aa:6c:
a3:72:8e:42:07:c8:45:01:42:f2:a3:4a:ff:a3:26:92:71:2a:
f5:08:eb:da:7e:90:82:19:33:dc:54:b8:da:ed:5d:61:f7:4a:
a4:a4:0c:72:19:99:9a:ba:54:e0:97:e1:2e:01:5f:1d:9a:2d:
2b:81:05:5e:65:ea:ee:a7:90:de:ae:bf:bd:6e:59:bb:b0:f3:
1a:30:e6:66:03:54:61:93:69:82:d9:40:a8:00:3e:bc:72:27:
9c:2c:60:68:2a:0e:0a:c7:dc:f7:8a:fa:cf:41:58:f1:50:f8:
a3:20:98:ed:f6:18:04:9b:1b:6c:08:f8:7a:f5:9b:f8:d4:a8:
d2:2b:8d:7d:2d:96:4c:05:3d:e7:fe:1b:f5:33:a6:a4:7a:61:
a9:70:50:94
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZjMYPpJqFD9yNi/F+y3SfviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwODIxMTEyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNhZDc1YmNkMzJjZTMwZjA2MWYzYjVmY2NjMTY5MzkzODdkZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wulHzAvp/QWn74nNDVn6Viq5dYN
DFYWmFdGv6v63J+NDWwT47luSm9MfJG81B3eSwD0XmS8pZBpY7xvIaL27VMH1Eu0
Zi5suFAajPaPAiwcllixtWZ8N8I8z8MFThlvmtB2wgxA5G8hAEABzEqjgr3kV/FU
DGfjEnsLAuJm6o8jR40Y5AxfHVrGasgxkoZK8BrnW22dANzYYOg+9PSVxfhbX/rw
P5v+vJmbs+dkGKdrkpRjBoAZZmpAW4tTOpW0MXbMOKrcavv5lYaPI5WwgUIZNeO6
T7/toVAdOHwnz453TG+Awa1qYn4IOBAZb3VM6Bn3o0jMd4+p98hzwgH9VwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFB/K11vNMs4w8GHztfzMFpOTh941MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSDhyWFc4MHl6akR3WWZPMV9Nd1drNU9IM2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX7E/AwQA
X7FDAwQAX7FKAwQAX7FVAwQB1bHiAwQB1bHmAwQB1bHqAwQB1bHuAwQB1bHyAwQB
1bH2AwQB1bH6MA0GCSqGSIb3DQEBCwUAA4IBAQCv+mXRSwSkHDF/IvphrZXqX3rM
gWGqyZoq55NZtPEbtRmjHqMs7VHG+VplRCz7UqbjcsyMl6AM6h5hwU+p482iIoI6
jc9wdrFRjPoLX1UGc3XLbBLReLTXMsv1ze89vkVJBk7OI++Bk9s1qmyjco5CB8hF
AULyo0r/oyaScSr1COvafpCCGTPcVLja7V1h90qkpAxyGZmaulTgl+EuAV8dmi0r
gQVeZerup5Derr+9blm7sPMaMOZmA1Rhk2mC2UCoAD68ciecLGBoKg4Kx9z3ivrP
QVjxUPijIJjt9hgEmxtsCPh69Zv41KjSK419LZZMBT3n/hv1M6akemGpcFCU
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:04:37 2025 by rpki-client