Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hdIxNPniriLqDPal4vVmN4LTzUI.roa
File: hdIxNPniriLqDPal4vVmN4LTzUI.roa (raw, json)
Hash identifier: GKik+pViPBdwqK82mbEHx8mM74JFPwndzNJY/KfTOPc=
Subject key identifier: 85:D2:31:34:F9:E2:AE:22:EA:0C:F6:A5:E2:F5:66:37:82:D3:CD:42
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0198B43981949D20214C90AAEF78A3ABC682
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hdIxNPniriLqDPal4vVmN4LTzUI.roa
Signing time: Sat 16 Aug 2025 18:52:04 +0000
ROA not before: Sat 16 Aug 2025 18:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400072
IP address blocks: 62.164.224.0/19 maxlen: 20
212.32.96.0/19 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b4:39:81:94:9d:20:21:4c:90:aa:ef:78:a3:ab:c6:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 16 18:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85d23134f9e2ae22ea0cf6a5e2f5663782d3cd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:ca:5d:73:92:fa:7c:e7:2f:d8:ca:75:58:
7a:b5:9f:5d:ca:0a:c1:83:c1:9e:9e:cb:2b:b6:5a:
f1:58:53:38:ae:01:66:72:ad:f0:29:d3:01:a6:2b:
94:21:ea:1a:9b:65:68:92:ea:fb:b2:a0:90:ba:99:
42:ce:6b:da:cb:44:7d:3d:b7:0d:02:8c:04:64:13:
bd:6c:89:3b:6e:14:b3:5d:c0:f9:ba:a6:f2:b1:75:
0a:89:3e:18:e5:52:88:21:14:8c:cb:a1:9c:db:46:
7a:19:5b:5b:41:d2:c2:74:44:3e:ec:6a:d1:1d:0c:
08:5e:a4:6d:bb:d0:8d:83:db:1c:d7:40:d3:10:d3:
60:a8:39:44:08:cd:af:65:4d:82:ca:27:4b:3f:86:
b8:3d:d7:9b:87:43:4e:63:71:9d:4f:e1:94:59:a9:
79:18:0d:92:fc:d8:8c:29:a8:dc:cb:2b:1c:f7:2f:
00:e8:60:d2:3c:9d:48:18:1b:70:90:52:76:61:8e:
08:76:ff:21:c5:e4:b4:c7:16:88:82:61:e8:89:12:
bc:e7:df:47:aa:e1:61:02:7a:b6:53:ff:5b:da:4f:
2a:9e:68:49:bc:bb:0a:81:3c:68:94:df:cb:66:cb:
c9:9c:fd:2b:80:da:a0:2e:96:7f:bc:65:21:90:16:
3e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D2:31:34:F9:E2:AE:22:EA:0C:F6:A5:E2:F5:66:37:82:D3:CD:42
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hdIxNPniriLqDPal4vVmN4LTzUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/19
212.32.96.0/19
Signature Algorithm: sha256WithRSAEncryption
98:ac:de:e4:e2:7e:69:ff:c1:dc:7f:2b:b3:80:0e:04:d2:61:
c2:b8:7c:b9:84:bc:fd:f5:3c:9f:61:7e:5b:a8:e0:36:2e:89:
7c:39:37:10:44:04:61:03:26:96:16:b6:90:b6:ea:92:02:ee:
31:a1:9a:c9:6a:f1:45:88:49:12:08:9a:52:41:ed:67:6e:df:
a5:39:e6:b6:10:19:24:1d:b7:eb:02:52:3e:1e:bc:7f:91:a1:
bf:2b:cd:3c:c0:04:94:4b:f5:cd:ea:2a:04:8a:fa:e3:8f:c4:
d4:cb:f5:ec:62:f1:38:0a:03:6b:8d:b9:51:fe:09:bc:93:b5:
88:cd:8a:53:28:d7:bb:6e:43:37:bb:de:77:bb:1a:f4:61:cb:
52:cc:43:e6:5a:57:f2:fd:da:1d:ad:6f:b0:a0:07:51:fe:3d:
32:0f:b5:52:b6:85:d5:1e:eb:ac:bd:a8:d4:e0:e3:c6:f4:d8:
f7:72:a7:ef:f1:31:00:7c:d3:8d:b2:a1:97:a0:6d:20:67:c7:
82:b4:b8:d5:e7:3a:e4:87:27:8a:ba:56:84:04:f5:eb:79:43:
93:94:b6:6e:90:49:e4:af:cf:17:34:0d:a9:31:a1:f1:6a:00:
81:4c:a0:9f:75:51:28:f7:30:84:61:f6:73:d3:7d:77:f1:03:
d7:0e:2b:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZi0OYGUnSAhTJCq73ijq8aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwODE2MTg1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQyMzEzNGY5ZTJhZTIyZWEwY2Y2YTVlMmY1NjYzNzgyZDNjZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL7KXXOS+nznL9jKdVh6tZ9dygrB
g8GenssrtlrxWFM4rgFmcq3wKdMBpiuUIeoam2Vokur7sqCQuplCzmvay0R9PbcN
AowEZBO9bIk7bhSzXcD5uqbysXUKiT4Y5VKIIRSMy6Gc20Z6GVtbQdLCdEQ+7GrR
HQwIXqRtu9CNg9sc10DTENNgqDlECM2vZU2CyidLP4a4Pdebh0NOY3GdT+GUWal5
GA2S/NiMKajcyysc9y8A6GDSPJ1IGBtwkFJ2YY4Idv8hxeS0xxaIgmHoiRK8599H
quFhAnq2U/9b2k8qnmhJvLsKgTxolN/LZsvJnP0rgNqgLpZ/vGUhkBY+0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIXSMTT54q4i6gz2peL1ZjeC081CMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvaGRJeE5QbmlyaUxxRFBhbDR2Vm1ONExUelVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFPqTgAwQF
1CBgMA0GCSqGSIb3DQEBCwUAA4IBAQCYrN7k4n5p/8HcfyuzgA4E0mHCuHy5hLz9
9TyfYX5bqOA2Lol8OTcQRARhAyaWFraQtuqSAu4xoZrJavFFiEkSCJpSQe1nbt+l
Oea2EBkkHbfrAlI+Hrx/kaG/K808wASUS/XN6ioEivrjj8TUy/XsYvE4CgNrjblR
/gm8k7WIzYpTKNe7bkM3u953uxr0YctSzEPmWlfy/dodrW+woAdR/j0yD7VStoXV
HuusvajU4OPG9Nj3cqfv8TEAfNONsqGXoG0gZ8eCtLjV5zrkhyeKulaEBPXreUOT
lLZukEnkr88XNA2pMaHxagCBTKCfdVEo9zCEYfZz03138QPXDisx
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:48:37 2025 by rpki-client