Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/H9x10BlhOPw86EI5C2pvE1Zw13M.roa
File: H9x10BlhOPw86EI5C2pvE1Zw13M.roa (raw, json)
Hash identifier: QHucV9qKNzN6PEkHvdTSmlNETO8zOFnoDJVkHCpBCPE=
Subject key identifier: 1F:DC:75:D0:19:61:38:FC:3C:E8:42:39:0B:6A:6F:13:56:70:D7:73
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 019954472FEF75E6DD926AF58A9AECC2A702
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/H9x10BlhOPw86EI5C2pvE1Zw13M.roa
Signing time: Tue 16 Sep 2025 20:46:15 +0000
ROA not before: Tue 16 Sep 2025 20:46:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56958
IP address blocks: 45.130.16.0/22 maxlen: 22
178.211.133.0/24 maxlen: 24
185.237.234.0/23 maxlen: 23
201.46.112.0/23 maxlen: 23
2a12:d280::/31 maxlen: 31
2a12:d282::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:54:47:2f:ef:75:e6:dd:92:6a:f5:8a:9a:ec:c2:a7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Sep 16 20:46:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fdc75d0196138fc3ce842390b6a6f135670d773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:86:f9:33:d6:bd:01:89:25:38:0b:19:f7:
7d:4d:fc:33:18:52:fd:eb:b6:b5:ce:9a:38:ca:81:
77:27:4e:73:3b:29:4f:3b:a2:23:3e:40:19:53:81:
0c:05:fb:6d:03:10:2e:a0:77:6d:97:b9:c6:0d:c4:
57:d3:04:84:e1:57:65:92:0c:06:13:5a:80:1b:b6:
b5:a8:24:fd:e3:6a:94:14:1d:23:5e:20:2c:1e:f1:
04:ba:6f:e3:55:b7:6a:51:de:60:17:a4:df:6c:9d:
35:90:10:f1:5f:a2:b5:91:09:ce:c3:65:51:d0:7b:
32:ba:d6:ab:7b:c2:3b:3f:93:4c:95:4a:1e:8e:18:
2a:66:f1:6b:93:b7:4a:4a:5e:7a:cb:65:90:61:ac:
b0:3d:53:cd:cf:a6:e2:a5:60:2b:c7:16:dd:b6:76:
13:92:06:2f:72:48:5c:d0:c5:e3:1f:4b:42:5e:74:
d9:22:94:4e:47:0b:13:da:2f:4a:cf:94:58:36:83:
ab:a3:22:f7:09:91:25:d9:2f:68:69:64:66:14:14:
ec:66:4b:e2:7f:3a:c6:65:92:0a:9e:6f:1e:5d:de:
75:c0:5f:fa:46:18:23:69:fe:68:c7:5d:63:84:1d:
08:45:d4:a4:46:e6:64:20:d8:0f:97:20:4e:f6:83:
c3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DC:75:D0:19:61:38:FC:3C:E8:42:39:0B:6A:6F:13:56:70:D7:73
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/H9x10BlhOPw86EI5C2pvE1Zw13M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/22
178.211.133.0/24
185.237.234.0/23
201.46.112.0/23
IPv6:
2a12:d280::/30
Signature Algorithm: sha256WithRSAEncryption
8c:c6:a4:25:35:fe:6a:86:a9:46:f3:a6:71:f9:4d:0e:bc:5a:
d6:df:11:65:30:63:15:1a:6d:ab:20:03:5a:55:9f:a5:a3:14:
f0:35:9b:ca:b4:81:0f:7b:58:39:24:f0:4f:f0:9e:73:6b:5d:
30:d8:83:87:e8:fb:e9:c6:59:a2:85:92:35:4c:c6:d2:33:e9:
0f:c8:eb:6a:50:a5:22:c5:77:07:7e:dc:0f:52:e4:87:db:a1:
1f:c4:7b:4f:11:bb:f6:fc:5c:a2:bd:f7:50:e4:dd:dd:51:52:
19:27:be:e2:3d:1d:a7:5d:b0:0d:fc:d2:ff:08:68:50:9a:f0:
9a:36:2e:5a:0a:55:c9:73:84:a8:82:9d:d0:92:a0:cb:8d:1c:
9a:6c:9e:e1:65:c5:de:98:3b:a4:6b:73:45:ba:4c:08:4c:6d:
7f:9b:37:21:5c:93:ec:72:45:f1:07:71:34:59:2c:9a:6a:41:
f5:7e:9a:67:1c:e1:49:f0:b4:d8:f9:42:8b:9d:96:1d:f0:3e:
74:f3:f7:b8:36:ff:9d:67:f8:2f:a9:76:9b:1c:ac:e9:8e:2f:
5c:4c:1b:8c:b0:c2:a0:c4:60:e6:81:c9:a7:89:7a:44:2f:c3:
01:61:fd:75:35:7f:3d:78:db:31:a8:e3:bf:da:4d:72:75:b9:
3c:8f:3c:1b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZlURy/vdebdkmr1iprswqcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjUwOTE2MjA0NjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRjNzVkMDE5NjEzOGZjM2NlODQyMzkwYjZhNmYxMzU2NzBkNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2yG+TPWvQGJJTgLGfd9TfwzGFL9
67a1zpo4yoF3J05zOylPO6IjPkAZU4EMBfttAxAuoHdtl7nGDcRX0wSE4VdlkgwG
E1qAG7a1qCT942qUFB0jXiAsHvEEum/jVbdqUd5gF6TfbJ01kBDxX6K1kQnOw2VR
0Hsyutare8I7P5NMlUoejhgqZvFrk7dKSl56y2WQYaywPVPNz6bipWArxxbdtnYT
kgYvckhc0MXjH0tCXnTZIpRORwsT2i9Kz5RYNoOroyL3CZEl2S9oaWRmFBTsZkvi
fzrGZZIKnm8eXd51wF/6Rhgjaf5ox11jhB0IRdSkRuZkINgPlyBO9oPDzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFB/cddAZYTj8POhCOQtqbxNWcNdzMB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvSDl4MTBCbGhPUHc4NkVJNUMycHZFMVp3MTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYIQAwQA
stOFAwQBue3qAwQByS5wMA0EAgACMAcDBQIqEtKAMA0GCSqGSIb3DQEBCwUAA4IB
AQCMxqQlNf5qhqlG86Zx+U0OvFrW3xFlMGMVGm2rIANaVZ+loxTwNZvKtIEPe1g5
JPBP8J5za10w2IOH6PvpxlmihZI1TMbSM+kPyOtqUKUixXcHftwPUuSH26EfxHtP
Ebv2/FyivfdQ5N3dUVIZJ77iPR2nXbAN/NL/CGhQmvCaNi5aClXJc4Sogp3QkqDL
jRyabJ7hZcXemDuka3NFukwITG1/mzchXJPsckXxB3E0WSyaakH1fppnHOFJ8LTY
+UKLnZYd8D508/e4Nv+dZ/gvqXabHKzpji9cTBuMsMKgxGDmgcmniXpEL8MBYf11
NX89eNsxqOO/2k1ydbk8jzwb
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:21 2025 by rpki-client