Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E9wVhtIxaZaxe5i4Dz65V9mI8YE.roa
File: E9wVhtIxaZaxe5i4Dz65V9mI8YE.roa (raw, json)
Hash identifier: JXV+8LqhwGrJp1sc2icXMtzcRDiN+ufICW/F3M8NBNg=
Subject key identifier: 13:DC:15:86:D2:31:69:96:B1:7B:98:B8:0F:3E:B9:57:D9:88:F1:81
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0197C784413069BCBE4FA3C06958E34E6F90
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E9wVhtIxaZaxe5i4Dz65V9mI8YE.roa
Signing time: Tue 01 Jul 2025 19:43:42 +0000
ROA not before: Tue 01 Jul 2025 19:43:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:84:41:30:69:bc:be:4f:a3:c0:69:58:e3:4e:6f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 1 19:43:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13dc1586d2316996b17b98b80f3eb957d988f181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cf:93:ba:8f:75:20:4a:a4:2c:f1:0b:93:4d:
67:57:37:7a:f1:7d:e9:73:2f:e9:b3:8e:5d:09:89:
92:24:b5:d6:0a:4a:50:cc:e6:c7:95:4a:1b:26:a8:
e7:79:d8:19:36:8e:74:e1:3d:10:65:54:c5:c4:19:
cf:cf:a0:01:79:37:fb:02:03:f9:c4:80:a0:0e:01:
67:a7:ab:8d:45:53:b9:aa:6f:22:51:f4:51:61:06:
92:a6:cd:12:1f:41:77:5a:c1:a9:d2:d6:40:a9:d4:
e9:c2:19:33:0f:93:65:c9:a1:e1:ad:75:31:00:06:
ad:b0:b0:25:5e:3c:2d:e4:bf:36:49:11:8a:00:a4:
2f:71:ad:27:52:f3:d5:84:74:e0:5b:95:4a:81:08:
6b:d0:b7:92:36:1c:5c:4a:eb:ae:18:bd:a8:c1:ae:
60:76:e0:b3:6c:23:d6:fc:15:a1:25:ca:d9:c4:20:
33:1c:19:e2:60:1b:51:2c:15:9a:a2:93:4a:01:13:
13:6c:39:d6:53:d8:b8:25:65:64:6d:2a:33:3b:a2:
7a:c9:c4:b2:da:49:fb:f6:13:02:ec:b3:74:ee:8a:
70:8c:3b:7e:fb:c1:82:b2:e5:1d:61:25:8c:ac:5c:
0e:73:1c:25:85:a7:6a:18:19:16:76:b5:15:32:67:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DC:15:86:D2:31:69:96:B1:7B:98:B8:0F:3E:B9:57:D9:88:F1:81
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E9wVhtIxaZaxe5i4Dz65V9mI8YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/22
64.188.99.0/24
77.239.106.0/24
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
00:62:65:d8:aa:30:7c:cd:ab:67:12:61:5a:1e:23:d7:f8:9b:
8b:1a:b7:06:91:62:46:44:43:b8:d1:54:a3:12:40:1b:3b:e9:
d9:c5:8d:cc:60:44:e3:09:22:6e:93:8a:0d:b2:69:f4:17:f8:
0d:05:e3:51:41:31:9d:e7:33:fd:c0:91:6c:fe:17:8f:4b:38:
78:cd:46:2d:57:81:64:8a:ed:c7:17:32:6c:2f:a9:18:b5:f3:
7c:1f:5f:87:e6:b7:54:bb:45:43:a4:f5:4b:59:af:01:cc:01:
3b:77:a4:28:f6:9c:58:09:1c:e7:cb:e4:1d:a7:5e:a4:63:74:
74:31:db:56:fd:3d:5f:1b:51:38:da:6f:bf:70:be:a4:d0:1e:
5d:27:96:bc:ae:ef:a1:de:9b:e9:9f:0d:a1:d3:4a:d8:03:65:
04:5f:a3:c0:44:b2:27:a0:ab:f9:12:fa:9a:a1:7a:3c:6a:35:
cb:60:c7:3c:f9:0f:c4:a1:1d:27:83:fd:9b:ca:67:90:ec:33:
56:55:ea:7c:bf:66:95:9d:b2:f5:6b:64:3d:a3:4f:bd:e2:61:
b4:78:52:29:1b:82:7e:5e:0e:ae:de:b3:01:c7:4f:af:b4:b8:
60:95:62:e9:c3:49:b4:6d:0a:97:21:d7:5b:df:8a:8c:1f:74:
17:6e:2a:49
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfHhEEwaby+T6PAaVjjTm+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzAxMTk0MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RjMTU4NmQyMzE2OTk2YjE3Yjk4YjgwZjNlYjk1N2Q5ODhmMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM+Tuo91IEqkLPELk01nVzd68X3p
cy/ps45dCYmSJLXWCkpQzObHlUobJqjnedgZNo504T0QZVTFxBnPz6ABeTf7AgP5
xICgDgFnp6uNRVO5qm8iUfRRYQaSps0SH0F3WsGp0tZAqdTpwhkzD5NlyaHhrXUx
AAatsLAlXjwt5L82SRGKAKQvca0nUvPVhHTgW5VKgQhr0LeSNhxcSuuuGL2owa5g
duCzbCPW/BWhJcrZxCAzHBniYBtRLBWaopNKARMTbDnWU9i4JWVkbSozO6J6ycSy
2kn79hMC7LN07opwjDt++8GCsuUdYSWMrFwOcxwlhadqGBkWdrUVMmdBMwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBPcFYbSMWmWsXuYuA8+uVfZiPGBMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRTl3Vmh0SXhhWmF4ZTVpNER6NjVWOW1JOFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJS4QAwQA
QLxjAwQATe9qMAwDBACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBAABiZdiq
MHzNq2cSYVoeI9f4m4satwaRYkZEQ7jRVKMSQBs76dnFjcxgROMJIm6Tig2yafQX
+A0F41FBMZ3nM/3AkWz+F49LOHjNRi1XgWSK7ccXMmwvqRi183wfX4fmt1S7RUOk
9UtZrwHMATt3pCj2nFgJHOfL5B2nXqRjdHQx21b9PV8bUTjab79wvqTQHl0nlryu
76Hem+mfDaHTStgDZQRfo8BEsiegq/kS+pqhejxqNctgxzz5D8ShHSeD/ZvKZ5Ds
M1ZV6ny/ZpWdsvVrZD2jT73iYbR4Uikbgn5eDq7eswHHT6+0uGCVYunDSbRtCpch
11vfiowfdBduKkk=
-----END CERTIFICATE-----
Generated at Wed Jul 2 10:53:35 2025 by rpki-client