
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hDkefyVIo6CtSmC9usLxfbXSHJo.roa
File: hDkefyVIo6CtSmC9usLxfbXSHJo.roa (raw, json)
Hash identifier: 2L43qW8nvv7ZuypirwxJV5b95hzLgxd1pp/3t2CraNw=
Subject key identifier: 84:39:1E:7F:25:48:A3:A0:AD:4A:60:BD:BA:C2:F1:7D:B5:D2:1C:9A
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 0199D28A3A65391C192221D7B5400F2F03FB
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hDkefyVIo6CtSmC9usLxfbXSHJo.roa
Signing time: Sat 11 Oct 2025 09:11:38 +0000
ROA not before: Sat 11 Oct 2025 09:11:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206854
IP address blocks: 94.139.188.0/24 maxlen: 24
94.139.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.mft
rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d2:8a:3a:65:39:1c:19:22:21:d7:b5:40:0f:2f:03:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Oct 11 09:11:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84391e7f2548a3a0ad4a60bdbac2f17db5d21c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:57:68:ff:60:44:16:af:34:6a:b9:fc:b3:79:
0e:3f:60:f8:87:1c:9a:7a:22:80:17:48:61:d0:3e:
f1:8b:cf:53:d0:ba:08:18:4a:b6:85:98:a5:89:f9:
7b:ba:a0:9a:d9:4e:a8:6a:69:5c:00:1a:71:9a:cc:
e7:a7:fa:53:55:9b:1a:3f:78:55:0f:f1:47:a8:2e:
28:36:94:22:13:37:55:6b:6f:c5:72:c9:5c:96:2f:
0c:16:d8:d6:72:06:29:e5:27:78:58:57:35:bc:d3:
0a:58:5c:e5:8d:58:d3:4c:94:17:fd:12:39:a5:56:
62:b2:6e:96:62:66:17:11:00:e6:9a:da:c3:9a:a4:
87:10:82:bb:20:6a:5c:31:8e:fa:1f:f2:d5:05:cc:
12:61:aa:e4:26:75:47:5b:f4:89:6b:2f:bb:aa:ed:
51:09:36:a6:01:74:53:c2:88:d2:d3:98:3e:2c:9a:
72:06:4d:15:1d:07:b0:86:53:cc:09:52:80:5e:dd:
c8:05:d2:be:bf:c2:26:d2:b7:cc:a6:f4:17:69:81:
2f:b3:3c:45:90:dd:22:38:3c:7b:3d:3d:eb:72:17:
7a:d5:c6:44:29:2d:0d:69:c0:ae:b8:65:f8:29:8f:
6a:cf:b1:b4:c5:65:b7:f3:0e:a2:45:ca:77:36:1a:
88:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:39:1E:7F:25:48:A3:A0:AD:4A:60:BD:BA:C2:F1:7D:B5:D2:1C:9A
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hDkefyVIo6CtSmC9usLxfbXSHJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.188.0/24
94.139.190.0/23
Signature Algorithm: sha256WithRSAEncryption
39:23:9d:db:9c:a0:b6:b0:79:3b:96:d4:96:98:c4:68:2c:d6:
e9:38:91:c2:b1:5f:ae:07:b3:0f:14:26:15:3d:84:eb:26:05:
d6:6f:06:2b:01:9e:d9:3c:55:e0:3a:f6:70:80:73:ca:17:74:
a8:5a:e5:30:d3:94:15:d2:16:2c:42:e1:29:bb:57:61:0f:31:
8b:34:c6:d8:c1:ef:97:ba:80:42:96:df:53:7f:13:a5:fb:03:
a8:ab:07:8f:74:1e:c1:e9:81:18:66:8a:22:25:40:93:ad:1c:
56:6f:a5:93:4f:43:01:06:81:70:08:1f:29:6d:18:2b:7f:2b:
1b:61:ac:f3:f6:53:62:59:99:0b:30:c0:6c:10:9f:b1:37:22:
68:4f:25:3c:05:24:5a:42:37:21:fa:53:c0:ca:db:67:06:3f:
19:47:40:99:68:38:0f:d1:c5:09:1e:75:be:0d:24:54:9c:5c:
32:51:02:41:f9:76:d3:b7:53:45:88:55:33:6b:b5:04:48:5d:
a9:71:f6:f4:57:dd:82:0c:36:2d:63:9f:72:b3:5a:5c:96:75:
91:e6:77:a7:12:2e:91:62:f2:f8:c3:7f:92:e2:db:a6:76:a1:
fd:b3:7e:d1:ab:a1:fa:7d:c9:e1:31:c1:5d:6c:f6:57:a2:cb:
0f:0f:20:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnSijplORwZIiHXtUAPLwP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjUxMDExMDkxMTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDM5MWU3ZjI1NDhhM2EwYWQ0YTYwYmRiYWMyZjE3ZGI1ZDIxYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61do/2BEFq80arn8s3kOP2D4hxya
eiKAF0hh0D7xi89T0LoIGEq2hZilifl7uqCa2U6oamlcABpxmsznp/pTVZsaP3hV
D/FHqC4oNpQiEzdVa2/Fcslcli8MFtjWcgYp5Sd4WFc1vNMKWFzljVjTTJQX/RI5
pVZism6WYmYXEQDmmtrDmqSHEIK7IGpcMY76H/LVBcwSYarkJnVHW/SJay+7qu1R
CTamAXRTwojS05g+LJpyBk0VHQewhlPMCVKAXt3IBdK+v8Im0rfMpvQXaYEvszxF
kN0iODx7PT3rchd61cZEKS0NacCuuGX4KY9qz7G0xWW38w6iRcp3NhqIUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIQ5Hn8lSKOgrUpgvbrC8X210hyaMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvaERrZWZ5VklvNkN0U21DOXVzTHhmYlhTSEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXou8AwQB
Xou+MA0GCSqGSIb3DQEBCwUAA4IBAQA5I53bnKC2sHk7ltSWmMRoLNbpOJHCsV+u
B7MPFCYVPYTrJgXWbwYrAZ7ZPFXgOvZwgHPKF3SoWuUw05QV0hYsQuEpu1dhDzGL
NMbYwe+XuoBClt9TfxOl+wOoqwePdB7B6YEYZooiJUCTrRxWb6WTT0MBBoFwCB8p
bRgrfysbYazz9lNiWZkLMMBsEJ+xNyJoTyU8BSRaQjch+lPAyttnBj8ZR0CZaDgP
0cUJHnW+DSRUnFwyUQJB+XbTt1NFiFUza7UESF2pcfb0V92CDDYtY59ys1pclnWR
5nenEi6RYvL4w3+S4tumdqH9s37Rq6H6fcnhMcFdbPZXossPDyCr
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:45 2025 by rpki-client