
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HjUbHI7aX25iVhab0lso8dRqV_4.roa
File: HjUbHI7aX25iVhab0lso8dRqV_4.roa (raw, json)
Hash identifier: 0REU2g0MEJQKeIiJcHq2HYM6d2KNhD9vS+mjUsahpK4=
Subject key identifier: 1E:35:1B:1C:8E:DA:5F:6E:62:56:16:9B:D2:5B:28:F1:D4:6A:57:FE
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01997641BC81E1E5507D7B8A10BDD4323230
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HjUbHI7aX25iVhab0lso8dRqV_4.roa
Signing time: Tue 23 Sep 2025 11:07:23 +0000
ROA not before: Tue 23 Sep 2025 11:07:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212335
IP address blocks: 2.56.184.0/24 maxlen: 24
2.56.185.0/24 maxlen: 24
2.56.186.0/24 maxlen: 24
2.56.187.0/24 maxlen: 24
45.11.154.0/24 maxlen: 24
85.8.168.0/24 maxlen: 24
85.8.169.0/24 maxlen: 24
85.8.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:41:bc:81:e1:e5:50:7d:7b:8a:10:bd:d4:32:32:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Sep 23 11:07:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e351b1c8eda5f6e6256169bd25b28f1d46a57fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:33:db:a5:5a:44:7c:a7:d8:38:56:ee:e0:90:
c3:02:e5:b8:85:ed:56:13:8a:31:91:cf:a0:7a:6b:
5e:4a:7b:e0:33:ac:65:e2:18:cd:9b:1e:21:d2:1c:
31:f0:70:b6:f0:35:45:3d:b2:bb:46:1f:33:c9:2c:
b7:63:bc:65:28:6e:7a:08:27:b4:e2:13:87:6f:b0:
5c:01:e2:f2:39:93:e2:80:f4:90:a4:10:d8:59:9e:
2a:da:24:fd:c4:a2:f0:5a:c9:b1:86:84:6c:a2:75:
7c:8b:a7:c9:f8:88:74:ea:c3:f0:9f:33:2d:00:01:
9b:95:5b:16:5a:52:ee:ae:42:98:39:9e:a6:b3:ac:
ea:65:21:70:ae:08:aa:34:f6:8c:e3:0c:ce:b0:9e:
d2:fd:86:54:d3:ef:c2:e8:83:9c:7d:c6:70:37:e6:
6b:38:00:5a:e1:1c:7e:99:a1:12:66:cf:29:53:4e:
be:99:0e:61:5c:cf:06:ef:7f:e9:93:35:11:68:37:
2d:bd:c3:0e:09:48:46:ee:22:95:f8:b7:c1:e0:70:
56:59:85:f4:25:64:81:ad:02:b9:5f:72:b0:41:9d:
ff:bf:26:e7:05:dc:4a:75:8f:16:30:be:b3:30:0e:
97:ef:84:93:9c:a4:39:1f:ef:a1:c1:85:6f:3c:e3:
a0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:35:1B:1C:8E:DA:5F:6E:62:56:16:9B:D2:5B:28:F1:D4:6A:57:FE
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HjUbHI7aX25iVhab0lso8dRqV_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
45.11.154.0/24
85.8.168.0/23
85.8.171.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a9:c8:20:a2:67:1f:5b:56:91:dd:cc:63:04:a9:5d:a6:13:
21:f1:4e:f6:c1:95:cc:1e:c3:56:8d:ac:3a:d2:0a:c1:50:41:
c1:4f:4c:8b:97:85:8e:7b:53:85:52:a6:2c:7f:97:7a:fc:94:
cf:13:5b:e9:a0:7e:a1:32:28:f2:06:28:be:da:d4:55:34:ce:
41:9b:33:ec:52:75:73:bd:1a:d9:8a:5d:d6:1f:56:fa:d2:68:
1e:b2:9b:7e:0c:1c:53:bc:57:14:ce:3f:c7:6a:0e:3b:d6:22:
6f:15:20:60:b9:b7:7d:92:0e:0a:81:ef:48:e0:f5:72:ad:14:
72:c2:6e:da:0a:31:3a:d9:9b:3e:98:fb:53:cc:6a:6c:07:cc:
95:7a:9b:9c:85:4b:f8:80:51:ec:0e:11:f2:f5:11:55:d5:d8:
b2:d2:9a:4c:1e:d0:5d:16:0a:4e:ce:58:db:d8:3f:56:b8:78:
09:7c:05:04:56:84:90:7d:83:18:c6:6f:82:7c:67:b2:e0:db:
c3:9c:af:2d:f1:55:96:9a:e0:7e:4d:78:e1:41:5c:b0:bd:52:
92:ae:17:2c:44:e1:a3:d7:da:13:73:0f:22:89:63:0d:80:5e:
e2:dc:34:00:49:3e:bf:93:ac:e7:d1:86:b3:61:82:67:14:c3:
41:4f:0b:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZl2QbyB4eVQfXuKEL3UMjIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwOTIzMTEwNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM1MWIxYzhlZGE1ZjZlNjI1NjE2OWJkMjViMjhmMWQ0NmE1N2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDPbpVpEfKfYOFbu4JDDAuW4he1W
E4oxkc+gemteSnvgM6xl4hjNmx4h0hwx8HC28DVFPbK7Rh8zySy3Y7xlKG56CCe0
4hOHb7BcAeLyOZPigPSQpBDYWZ4q2iT9xKLwWsmxhoRsonV8i6fJ+Ih06sPwnzMt
AAGblVsWWlLurkKYOZ6ms6zqZSFwrgiqNPaM4wzOsJ7S/YZU0+/C6IOcfcZwN+Zr
OABa4Rx+maESZs8pU06+mQ5hXM8G73/pkzURaDctvcMOCUhG7iKV+LfB4HBWWYX0
JWSBrQK5X3KwQZ3/vybnBdxKdY8WML6zMA6X74STnKQ5H++hwYVvPOOg3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB41GxyO2l9uYlYWm9JbKPHUalf+MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvSGpVYkhJN2FYMjVpVmhhYjBsc284ZFJxVl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAji4AwQA
LQuaAwQBVQioAwQAVQirMA0GCSqGSIb3DQEBCwUAA4IBAQA8qcggomcfW1aR3cxj
BKldphMh8U72wZXMHsNWjaw60grBUEHBT0yLl4WOe1OFUqYsf5d6/JTPE1vpoH6h
MijyBii+2tRVNM5BmzPsUnVzvRrZil3WH1b60mgespt+DBxTvFcUzj/Hag471iJv
FSBgubd9kg4Kge9I4PVyrRRywm7aCjE62Zs+mPtTzGpsB8yVepuchUv4gFHsDhHy
9RFV1diy0ppMHtBdFgpOzljb2D9WuHgJfAUEVoSQfYMYxm+CfGey4NvDnK8t8VWW
muB+TXjhQVywvVKSrhcsROGj19oTcw8iiWMNgF7i3DQAST6/k6zn0YazYYJnFMNB
Twtn
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:56 2025 by rpki-client