Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HwKVy1yQ4bPFCoqhTaRIy9qwb1g.roa
File: HwKVy1yQ4bPFCoqhTaRIy9qwb1g.roa (raw, json)
Hash identifier: TUHFYUs21Rdlufk5+5Z5axe2QLTUJiHKUIz7Z3PIHYg=
Subject key identifier: 1F:02:95:CB:5C:90:E1:B3:C5:0A:8A:A1:4D:A4:48:CB:DA:B0:6F:58
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 0198D59DC8BC178863521149E9832BB5DC27
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HwKVy1yQ4bPFCoqhTaRIy9qwb1g.roa
Signing time: Sat 23 Aug 2025 06:29:04 +0000
ROA not before: Sat 23 Aug 2025 06:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205899
IP address blocks: 185.113.10.0/24 maxlen: 24
195.254.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:9d:c8:bc:17:88:63:52:11:49:e9:83:2b:b5:dc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Aug 23 06:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f0295cb5c90e1b3c50a8aa14da448cbdab06f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a0:f1:e6:5d:fc:50:75:74:7a:85:c3:8c:3c:
20:f8:d2:a6:18:9d:f2:06:c5:84:08:5b:1c:7c:3d:
dd:a7:2e:19:7f:96:38:f5:fe:99:d7:57:30:59:39:
2b:c6:10:00:f6:aa:db:b5:25:d4:fe:46:b7:eb:5e:
8d:1c:35:68:32:a7:b8:27:18:de:c3:66:7a:7a:d3:
cc:7f:b8:7f:34:56:bd:5d:fe:3f:75:e8:34:c9:61:
db:7b:bf:5b:44:0a:02:75:be:67:b3:d0:7f:2f:e8:
f7:5f:2e:e1:94:93:aa:b4:ca:ee:82:e4:d4:a8:da:
ce:8d:7b:e3:54:8a:e6:a9:93:53:61:4c:f4:86:15:
eb:a3:da:40:ce:33:fb:4f:b7:cd:7e:2c:a8:f1:0a:
0b:b5:79:13:03:fa:55:0e:9b:9a:77:cb:3e:34:3c:
92:5a:61:f5:c9:31:8f:61:e2:d6:fe:38:43:3c:e3:
a0:41:84:c6:88:91:2d:e0:5f:ba:96:e7:ce:cf:a5:
09:37:49:dd:27:9a:6a:34:b5:d5:c0:b9:31:36:d7:
db:1a:94:06:4a:1c:8e:0d:a0:ca:21:be:d4:dc:24:
1c:3b:44:20:15:71:7e:65:31:3d:5a:e7:40:66:b1:
aa:88:7e:79:05:5c:2f:f9:33:a5:c8:f2:04:a4:b9:
97:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:02:95:CB:5C:90:E1:B3:C5:0A:8A:A1:4D:A4:48:CB:DA:B0:6F:58
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HwKVy1yQ4bPFCoqhTaRIy9qwb1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.10.0/24
195.254.165.0/24
Signature Algorithm: sha256WithRSAEncryption
19:a6:dc:80:71:b0:25:55:f5:b4:80:2a:21:6d:3a:4c:20:d1:
09:2b:1a:3d:c5:e6:83:87:84:77:da:33:71:f2:a8:d7:13:2a:
b0:b6:f2:f7:dd:55:11:e4:3e:92:53:07:47:0e:69:e1:c1:49:
c5:3c:7f:b0:22:b4:3b:a8:a3:43:03:d8:cb:e8:f4:e2:40:83:
03:ff:bb:2d:f6:e9:d6:41:2a:59:43:51:e8:fe:2c:17:21:15:
27:ae:99:c6:10:a1:8d:c7:1e:73:37:69:9e:3c:04:4a:ab:c3:
af:2f:0a:ba:04:72:82:f7:bf:70:08:18:51:dd:55:1a:30:5b:
74:c8:c1:91:0c:81:97:4e:75:6a:67:cc:7f:8d:bd:d9:7c:36:
14:27:e1:ee:61:1e:78:81:7b:71:07:44:a9:bd:73:83:14:34:
46:1b:15:a4:d9:94:86:ac:7e:c6:f2:de:91:b9:86:f3:6b:03:
15:08:f9:d6:a3:bf:cd:e9:6b:32:76:a4:96:21:ad:60:42:9f:
3d:36:7b:ae:8a:53:1b:99:32:03:c3:08:47:f6:49:c2:cb:3a:
fc:3a:a6:26:d4:9d:f7:99:9d:c5:e9:a0:37:ae:dd:71:b3:87:
13:1c:11:19:2b:4d:03:ce:0f:5e:2f:4b:62:83:99:79:d2:14:
97:32:ed:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjVnci8F4hjUhFJ6YMrtdwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwODIzMDYyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAyOTVjYjVjOTBlMWIzYzUwYThhYTE0ZGE0NDhjYmRhYjA2ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaDx5l38UHV0eoXDjDwg+NKmGJ3y
BsWECFscfD3dpy4Zf5Y49f6Z11cwWTkrxhAA9qrbtSXU/ka3616NHDVoMqe4Jxje
w2Z6etPMf7h/NFa9Xf4/deg0yWHbe79bRAoCdb5ns9B/L+j3Xy7hlJOqtMruguTU
qNrOjXvjVIrmqZNTYUz0hhXro9pAzjP7T7fNfiyo8QoLtXkTA/pVDpuad8s+NDyS
WmH1yTGPYeLW/jhDPOOgQYTGiJEt4F+6lufOz6UJN0ndJ5pqNLXVwLkxNtfbGpQG
ShyODaDKIb7U3CQcO0QgFXF+ZTE9WudAZrGqiH55BVwv+TOlyPIEpLmXxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8ClctckOGzxQqKoU2kSMvasG9YMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvSHdLVnkxeVE0YlBGQ29xaFRhUkl5OXF3YjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXEKAwQA
w/6lMA0GCSqGSIb3DQEBCwUAA4IBAQAZptyAcbAlVfW0gCohbTpMINEJKxo9xeaD
h4R32jNx8qjXEyqwtvL33VUR5D6SUwdHDmnhwUnFPH+wIrQ7qKNDA9jL6PTiQIMD
/7st9unWQSpZQ1Ho/iwXIRUnrpnGEKGNxx5zN2mePARKq8OvLwq6BHKC979wCBhR
3VUaMFt0yMGRDIGXTnVqZ8x/jb3ZfDYUJ+HuYR54gXtxB0SpvXODFDRGGxWk2ZSG
rH7G8t6RuYbzawMVCPnWo7/N6WsydqSWIa1gQp89NnuuilMbmTIDwwhH9knCyzr8
OqYm1J33mZ3F6aA3rt1xs4cTHBEZK00Dzg9eL0tig5l50hSXMu0T
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:30:46 2025 by rpki-client