
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/hl9YaHYMtemKEI7D_jA4qgPzTFk.roa
File: hl9YaHYMtemKEI7D_jA4qgPzTFk.roa (raw, json)
Hash identifier: HxBm5oPeeE9yGfs365dZANWUtoaHONFCOpgK8z3kXuU=
Subject key identifier: 86:5F:58:68:76:0C:B5:E9:8A:10:8E:C3:FE:30:38:AA:03:F3:4C:59
Certificate issuer: /CN=a63c7f29b883f4b3c2436d963dc8532a1a634cca
Certificate serial: 01983C3F6866F19D0FFBCB9382CBA48696BD
Authority key identifier: A6:3C:7F:29:B8:83:F4:B3:C2:43:6D:96:3D:C8:53:2A:1A:63:4C:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/hl9YaHYMtemKEI7D_jA4qgPzTFk.roa
Signing time: Thu 24 Jul 2025 11:44:04 +0000
ROA not before: Thu 24 Jul 2025 11:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.192.208.0/24 maxlen: 24
185.192.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:3f:68:66:f1:9d:0f:fb:cb:93:82:cb:a4:86:96:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63c7f29b883f4b3c2436d963dc8532a1a634cca
Validity
Not Before: Jul 24 11:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=865f5868760cb5e98a108ec3fe3038aa03f34c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fe:60:11:6d:69:45:72:26:ae:f9:e6:c5:ce:
7e:92:8a:f7:0e:be:93:14:ad:9c:d2:b2:8f:64:ca:
97:40:d1:c6:85:2a:36:21:e7:9f:1e:34:f6:f3:ac:
11:4a:d6:ea:f0:5a:38:34:3d:c5:b8:b1:0e:55:fc:
99:e7:5a:7e:27:53:04:09:5f:a4:9b:0a:ae:c1:5d:
fa:ad:53:2e:e1:cb:b5:35:02:40:59:63:58:cf:29:
d0:93:da:ad:00:dc:84:a6:b9:95:47:39:dc:32:b3:
3c:0e:c8:c8:07:01:56:dc:93:e0:56:5d:bf:1b:2e:
30:e8:a7:ce:7a:81:8a:21:39:6d:39:40:72:a0:bc:
9b:a5:46:24:33:6f:4a:d9:09:18:3a:be:cd:4b:55:
bd:44:f4:79:0e:8f:45:6c:df:50:f5:7b:54:f8:af:
f0:ff:b2:57:e4:38:a8:f5:3c:4a:81:ba:aa:4a:01:
2a:a7:5a:4c:5f:45:1f:62:28:9c:8c:c4:68:65:20:
a1:7e:7f:40:23:ee:7c:50:8c:91:51:d9:1e:60:d9:
c5:8b:5d:51:d9:d1:a5:3f:b1:f6:d6:a0:85:7f:40:
37:d6:5e:f9:fa:d1:14:4d:10:1f:86:2b:b7:55:8b:
54:a1:ab:41:61:8b:30:84:d0:c1:91:71:e1:da:64:
0b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5F:58:68:76:0C:B5:E9:8A:10:8E:C3:FE:30:38:AA:03:F3:4C:59
X509v3 Authority Key Identifier:
keyid:A6:3C:7F:29:B8:83:F4:B3:C2:43:6D:96:3D:C8:53:2A:1A:63:4C:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/hl9YaHYMtemKEI7D_jA4qgPzTFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.208.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:51:fb:7c:43:85:85:10:f2:e8:cb:94:71:db:9c:4f:b8:fc:
69:1e:f6:ea:11:36:7e:c4:20:e1:24:c4:aa:7b:80:2b:ec:30:
a5:0a:79:80:6d:cc:a2:15:80:dd:74:10:ac:79:9c:24:ef:fb:
93:b5:7e:ba:a0:c8:ba:a5:c6:ef:64:4d:09:c5:c8:a3:b3:3b:
df:ca:26:a2:a0:a6:9e:58:b3:0c:70:20:72:cd:7a:06:1d:4d:
d7:18:35:80:67:18:06:4a:f8:70:87:53:5b:b1:f3:86:cb:3e:
20:86:6f:df:47:bb:06:92:79:8a:75:fc:77:76:8a:64:d4:a3:
f7:83:de:c7:5b:1e:0b:aa:ad:2c:c0:93:f5:11:f8:aa:8d:15:
7d:93:2e:43:1f:d1:24:b6:3c:e9:96:1e:d6:3e:35:ce:3f:a5:
5e:08:d7:b5:f1:15:60:45:27:1a:d6:3c:fb:b1:3a:f3:5c:06:
6b:4e:41:a8:1f:5f:cd:60:4b:a2:d6:81:9b:25:ce:cd:c5:9b:
a0:20:57:9c:34:67:a9:31:5b:4c:4b:95:04:2b:0f:29:05:71:
80:70:dc:f1:cd:e8:c8:85:bf:d2:a9:05:5a:18:fe:bf:f6:fa:
70:fc:c3:e1:96:e9:3f:01:ef:d9:71:5a:63:fb:4c:1c:a2:91:
78:9e:44:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZg8P2hm8Z0P+8uTgsukhpa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2M3ZjI5Yjg4M2Y0YjNjMjQzNmQ5NjNkYzg1MzJhMWE2
MzRjY2EwHhcNMjUwNzI0MTE0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVmNTg2ODc2MGNiNWU5OGExMDhlYzNmZTMwMzhhYTAzZjM0YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/5gEW1pRXImrvnmxc5+kor3Dr6T
FK2c0rKPZMqXQNHGhSo2IeefHjT286wRStbq8Fo4ND3FuLEOVfyZ51p+J1MECV+k
mwquwV36rVMu4cu1NQJAWWNYzynQk9qtANyEprmVRzncMrM8DsjIBwFW3JPgVl2/
Gy4w6KfOeoGKITltOUByoLybpUYkM29K2QkYOr7NS1W9RPR5Do9FbN9Q9XtU+K/w
/7JX5Dio9TxKgbqqSgEqp1pMX0UfYiicjMRoZSChfn9AI+58UIyRUdkeYNnFi11R
2dGlP7H21qCFf0A31l75+tEUTRAfhiu3VYtUoatBYYswhNDBkXHh2mQLWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZfWGh2DLXpihCOw/4wOKoD80xZMB8GA1UdIwQY
MBaAFKY8fym4g/SzwkNtlj3IUyoaY0zKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp4X0tiaUQ5TFBDUTIyV1BjaFRLaHBqVE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMDRkNzMtNjViYS00YmJlLTlmZGUt
ZGMyNmU5ZWU4NDEwLzEvaGw5WWFIWU10ZW1LRUk3RF9qQTRxZ1B6VEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMDRkNzMtNjViYS00YmJlLTlmZGUtZGMyNmU5ZWU4NDEw
LzEvcGp4X0tiaUQ5TFBDUTIyV1BjaFRLaHBqVE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucDQMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Uft8Q4WFEPLoy5Rx25xPuPxpHvbqETZ+xCDhJMSq
e4Ar7DClCnmAbcyiFYDddBCseZwk7/uTtX66oMi6pcbvZE0JxcijszvfyiaioKae
WLMMcCByzXoGHU3XGDWAZxgGSvhwh1NbsfOGyz4ghm/fR7sGknmKdfx3dopk1KP3
g97HWx4Lqq0swJP1EfiqjRV9ky5DH9Ektjzplh7WPjXOP6VeCNe18RVgRSca1jz7
sTrzXAZrTkGoH1/NYEui1oGbJc7NxZugIFecNGepMVtMS5UEKw8pBXGAcNzxzejI
hb/SqQVaGP6/9vpw/MPhluk/Ae/ZcVpj+0wcopF4nkTk
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:10 2025 by rpki-client