Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cnB4G_kIlChgNaU8Oi3eadMVmtM.roa
File: cnB4G_kIlChgNaU8Oi3eadMVmtM.roa (raw, json)
Hash identifier: +ZlQlGzQPSpISBNb0TBT6B4BdeuMN0O43d2V+K6HVDM=
Subject key identifier: 72:70:78:1B:F9:08:94:28:60:35:A5:3C:3A:2D:DE:69:D3:15:9A:D3
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0199EE7610EDCBC57107D39BCAA078800821
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cnB4G_kIlChgNaU8Oi3eadMVmtM.roa
Signing time: Thu 16 Oct 2025 19:18:58 +0000
ROA not before: Thu 16 Oct 2025 19:18:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
144.31.26.0/23 maxlen: 24
144.31.137.0/24 maxlen: 24
144.31.192.0/23 maxlen: 24
144.31.198.0/23 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ee:76:10:ed:cb:c5:71:07:d3:9b:ca:a0:78:80:08:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Oct 16 19:18:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7270781bf90894286035a53c3a2dde69d3159ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:0c:8a:d5:aa:ac:5b:4d:cb:0b:58:74:8f:
6c:44:0a:07:08:b1:d2:68:16:94:d2:7c:94:19:b5:
2d:bd:0b:6d:30:9d:bc:98:d5:6e:83:0e:02:bc:c0:
e9:7f:33:fe:4c:1c:57:15:ae:92:e7:ed:3f:55:89:
40:a9:8e:a3:0d:84:77:08:c8:2d:bd:4e:bb:5a:50:
bf:64:10:de:af:fb:90:24:79:a5:21:ea:05:c1:59:
b1:d0:0a:8f:48:15:ea:98:c1:b9:bf:21:2b:05:2f:
ba:3b:95:72:54:29:65:4c:86:2c:ed:f9:d4:b8:96:
8c:d7:97:b3:5e:be:ac:e4:78:7c:e0:f8:72:e0:17:
24:76:2b:69:1a:14:d4:36:d5:ac:6b:3f:7b:4c:90:
84:43:ca:d9:21:49:a0:f8:cc:ea:22:43:af:09:e8:
f8:a1:1a:b9:8f:6c:1f:c0:f2:73:58:f6:32:64:b3:
ea:97:50:fb:22:58:4b:02:ad:0f:ed:d2:29:82:9f:
a4:31:29:48:89:fa:4c:37:96:1d:88:16:fb:fb:cf:
9e:f2:03:e0:b1:0d:d5:c1:ab:f2:20:f5:ed:d3:de:
6e:59:4e:37:7b:7d:c2:86:85:5c:15:6e:c1:36:6d:
a1:41:a5:0c:dc:0c:6b:26:c9:31:77:45:ae:6e:95:
ce:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:70:78:1B:F9:08:94:28:60:35:A5:3C:3A:2D:DE:69:D3:15:9A:D3
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cnB4G_kIlChgNaU8Oi3eadMVmtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.92.0-64.188.97.255
64.188.124.0-64.188.126.255
77.239.104.0/23
77.239.122.0/23
144.31.26.0/23
144.31.137.0/24
144.31.192.0/23
144.31.198.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:b1:5b:14:da:25:46:4e:07:1b:99:9d:73:6b:77:4d:26:72:
bd:14:ee:0f:2c:b8:2f:47:eb:d8:a2:03:d3:bb:1f:4a:45:23:
84:db:fa:a3:77:5a:01:22:c3:94:ed:5f:99:ff:fc:cb:05:52:
7a:4a:c4:b8:69:c7:e9:55:67:1c:bb:4c:c6:55:74:4e:be:76:
58:78:71:cf:99:70:db:fd:65:01:16:06:89:c9:cc:4a:b0:41:
f2:76:bf:1d:f1:a6:66:44:aa:8f:53:69:0c:92:79:0a:35:f0:
57:c5:1e:d2:7c:8d:7d:63:df:10:ab:0b:66:d8:04:17:83:8a:
db:1d:30:b0:b0:12:8a:35:bb:24:c1:b4:79:3e:c9:31:3d:6f:
88:53:48:f6:fd:88:2b:b5:f2:88:27:10:38:9c:6f:a9:71:3e:
75:4e:f8:0d:dc:2e:68:f6:06:34:08:7d:ec:ce:99:50:29:86:
b0:98:c7:f1:61:39:0a:4c:49:a8:d6:9c:fd:02:1f:49:69:94:
0d:0e:ef:bb:06:bc:d4:c2:9b:32:7a:69:b2:a8:b5:d5:9f:58:
16:ee:ab:3c:d8:88:f7:e5:09:7c:49:c0:fa:3c:b4:8f:30:ce:
bb:f5:a7:c0:2f:ea:26:3c:14:2b:23:8d:91:33:2a:52:df:fe:
55:b6:e9:3c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZnudhDty8VxB9ObyqB4gAghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMDE2MTkxODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcwNzgxYmY5MDg5NDI4NjAzNWE1M2MzYTJkZGU2OWQzMTU5YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjcMitWqrFtNywtYdI9sRAoHCLHS
aBaU0nyUGbUtvQttMJ28mNVugw4CvMDpfzP+TBxXFa6S5+0/VYlAqY6jDYR3CMgt
vU67WlC/ZBDer/uQJHmlIeoFwVmx0AqPSBXqmMG5vyErBS+6O5VyVCllTIYs7fnU
uJaM15ezXr6s5Hh84Phy4BckditpGhTUNtWsaz97TJCEQ8rZIUmg+MzqIkOvCej4
oRq5j2wfwPJzWPYyZLPql1D7IlhLAq0P7dIpgp+kMSlIifpMN5YdiBb7+8+e8gPg
sQ3VwavyIPXt095uWU43e33ChoVcFW7BNm2hQaUM3AxrJskxd0WubpXOMQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHJweBv5CJQoYDWlPDot3mnTFZrTMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvY25CNEdfa0lsQ2hnTmFVOE9pM2VhZE1WbXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAEC8SQME
AEC8SzAMAwQCQLxcAwQBQLxgMAwDBAJAvHwDBABAvH4DBAFN72gDBAFN73oDBAGQ
HxoDBACQH4kDBAGQH8ADBAGQH8YDBACW8WkDBACW8WwDBACW8XsDBAG5uHoDBAC5
z4UwDQYJKoZIhvcNAQELBQADggEBAKuxWxTaJUZOBxuZnXNrd00mcr0U7g8suC9H
69iiA9O7H0pFI4Tb+qN3WgEiw5TtX5n//MsFUnpKxLhpx+lVZxy7TMZVdE6+dlh4
cc+ZcNv9ZQEWBonJzEqwQfJ2vx3xpmZEqo9TaQySeQo18FfFHtJ8jX1j3xCrC2bY
BBeDitsdMLCwEoo1uyTBtHk+yTE9b4hTSPb9iCu18ognEDicb6lxPnVO+A3cLmj2
BjQIfezOmVAphrCYx/FhOQpMSajWnP0CH0lplA0O77sGvNTCmzJ6abKotdWfWBbu
qzzYiPflCXxJwPo8tI8wzrv1p8Av6iY8FCsjjZEzKlLf/lW26Tw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:16 2025 by rpki-client