Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HYmXSqGbvAV8Ke8qTBOz4TvI5no.roa
File: HYmXSqGbvAV8Ke8qTBOz4TvI5no.roa (raw, json)
Hash identifier: hoV/1F9HHmPR3/MyRnYui0bDiRCuPwlZh/EHNnVaPaw=
Subject key identifier: 1D:89:97:4A:A1:9B:BC:05:7C:29:EF:2A:4C:13:B3:E1:3B:C8:E6:7A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0198AC2CA7A1531150E58232328FA022399B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HYmXSqGbvAV8Ke8qTBOz4TvI5no.roa
Signing time: Fri 15 Aug 2025 05:21:04 +0000
ROA not before: Fri 15 Aug 2025 05:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/23 maxlen: 23
89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:2c:a7:a1:53:11:50:e5:82:32:32:8f:a0:22:39:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 15 05:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d89974aa19bbc057c29ef2a4c13b3e13bc8e67a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c7:1d:10:d0:3c:cf:c9:b6:a9:38:4e:6f:9e:
d1:80:18:1e:0c:10:a8:32:80:14:4a:1d:4b:38:ce:
64:9b:1e:b8:1a:ea:c1:09:4d:5f:ee:7f:05:38:da:
8d:a4:f1:57:b6:53:c9:08:4b:fb:4a:44:aa:b2:22:
47:4e:40:9f:0f:7a:3e:9e:1a:26:b9:ba:6f:c5:2f:
99:91:2c:0a:fa:2b:85:8b:d9:07:9e:12:8a:7c:db:
df:ac:de:e6:8f:80:21:b5:76:13:ed:6a:b8:d0:98:
f1:0f:a1:69:07:ba:30:41:87:84:9a:ad:c7:44:21:
52:dc:42:a6:ab:0b:ec:fb:33:75:bd:7a:1e:06:99:
90:15:2c:46:bd:06:52:b8:f0:41:b5:c6:f6:ad:74:
27:c2:c0:34:6f:be:15:f6:19:05:8c:bf:2f:6d:35:
55:68:29:b8:f8:18:be:49:25:1e:84:be:92:31:b4:
ea:61:d0:81:63:7c:f4:81:ac:03:fa:c9:5f:01:e3:
5f:f1:9e:66:9b:ee:16:be:df:26:e3:c8:1f:0b:98:
79:7e:ec:16:cb:be:78:64:1a:91:00:c6:fa:00:9c:
48:73:8f:75:c3:a9:55:7d:35:a7:c3:59:8b:cf:d5:
33:2a:15:92:62:16:f3:76:6c:04:b4:3f:95:68:fd:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:89:97:4A:A1:9B:BC:05:7C:29:EF:2A:4C:13:B3:E1:3B:C8:E6:7A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HYmXSqGbvAV8Ke8qTBOz4TvI5no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.231.0/24
89.37.119.0/24
89.40.82.0/24
89.47.99.0/24
89.47.117.0-89.47.118.255
89.47.125.0/24
Signature Algorithm: sha256WithRSAEncryption
62:ed:38:0d:56:fe:e5:1e:09:79:9e:b6:97:c5:67:11:2c:e2:
2e:9a:79:76:e3:b2:d8:cb:e4:71:8e:27:fd:31:de:8f:5b:8d:
65:ce:1d:5c:97:05:64:24:96:e0:34:69:b6:16:10:30:0d:d4:
6e:3b:66:dc:05:27:4a:09:fc:92:7c:6f:42:d0:f4:d7:f0:e9:
3e:7e:7c:67:61:23:3d:b1:43:2f:64:b6:c5:3e:ec:ee:c1:d3:
d0:14:d6:9e:19:ae:3a:99:c2:45:ac:b6:8a:7f:c0:6f:11:19:
a2:95:3a:74:49:81:84:8c:d1:9c:66:2b:f4:c1:86:bb:0c:6c:
18:ca:3a:86:65:93:81:58:5e:32:83:57:68:59:ef:38:51:28:
47:1c:ac:a6:c6:af:8f:be:25:71:14:e4:e5:2c:a0:c8:f4:cd:
58:33:2f:50:5b:e0:ae:3c:40:e0:ed:ae:14:5e:45:2e:36:c8:
57:cd:51:97:5d:6f:97:22:da:0d:aa:4d:5d:31:4b:af:26:9b:
93:1e:8b:94:f8:23:61:eb:8d:74:aa:a2:07:fb:8a:6a:60:c6:
48:01:d0:29:6f:b6:b5:9b:c5:06:85:f4:7a:08:a2:98:1a:73:
b7:e8:79:03:a2:c7:c6:fa:a3:dc:3c:6d:85:86:9f:7c:7d:24:
2f:4c:2a:70
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZisLKehUxFQ5YIyMo+gIjmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwODE1MDUyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg5OTc0YWExOWJiYzA1N2MyOWVmMmE0YzEzYjNlMTNiYzhlNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiscdENA8z8m2qThOb57RgBgeDBCo
MoAUSh1LOM5kmx64GurBCU1f7n8FONqNpPFXtlPJCEv7SkSqsiJHTkCfD3o+nhom
ubpvxS+ZkSwK+iuFi9kHnhKKfNvfrN7mj4AhtXYT7Wq40JjxD6FpB7owQYeEmq3H
RCFS3EKmqwvs+zN1vXoeBpmQFSxGvQZSuPBBtcb2rXQnwsA0b74V9hkFjL8vbTVV
aCm4+Bi+SSUehL6SMbTqYdCBY3z0gawD+slfAeNf8Z5mm+4Wvt8m48gfC5h5fuwW
y754ZBqRAMb6AJxIc491w6lVfTWnw1mLz9UzKhWSYhbzdmwEtD+VaP0N7wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFB2Jl0qhm7wFfCnvKkwTs+E7yOZ6MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSFltWFNxR2J2QVY4S2U4cVRCT3o0VHZJNW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBWSLgAwQA
WSLnAwQAWSV3AwQAWShSAwQAWS9jMAwDBABZL3UDBABZL3YDBABZL30wDQYJKoZI
hvcNAQELBQADggEBAGLtOA1W/uUeCXmetpfFZxEs4i6aeXbjstjL5HGOJ/0x3o9b
jWXOHVyXBWQkluA0abYWEDAN1G47ZtwFJ0oJ/JJ8b0LQ9Nfw6T5+fGdhIz2xQy9k
tsU+7O7B09AU1p4ZrjqZwkWstop/wG8RGaKVOnRJgYSM0ZxmK/TBhrsMbBjKOoZl
k4FYXjKDV2hZ7zhRKEccrKbGr4++JXEU5OUsoMj0zVgzL1Bb4K48QODtrhReRS42
yFfNUZddb5ci2g2qTV0xS68mm5Mei5T4I2HrjXSqogf7impgxkgB0ClvtrWbxQaF
9HoIopgac7foeQOix8b6o9w8bYWGn3x9JC9MKnA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:51:08 2025 by rpki-client