Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSOUu6nfqfNU7hfW8IWjEdnaWWE.roa
File: hSOUu6nfqfNU7hfW8IWjEdnaWWE.roa (raw, json)
Hash identifier: 1VsLWKGLh7e02Kh0t5lUb2wPhZElFxl2bYTQlhIBiy0=
Subject key identifier: 85:23:94:BB:A9:DF:A9:F3:54:EE:17:D6:F0:85:A3:11:D9:DA:59:61
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019885B1EFB1578644CDE6318015A9FDDC2B
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSOUu6nfqfNU7hfW8IWjEdnaWWE.roa
Signing time: Thu 07 Aug 2025 18:01:27 +0000
ROA not before: Thu 07 Aug 2025 18:01:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207691
IP address blocks: 78.142.3.0/24 maxlen: 24
185.43.56.0/23 maxlen: 24
185.43.56.0/24 maxlen: 24
185.43.57.0/24 maxlen: 24
217.174.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:b1:ef:b1:57:86:44:cd:e6:31:80:15:a9:fd:dc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Aug 7 18:01:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=852394bba9dfa9f354ee17d6f085a311d9da5961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:d7:d1:84:49:dc:c3:1b:5f:a4:21:2e:d0:
30:32:43:f1:d4:43:c9:c1:e4:26:56:39:d2:76:e6:
4a:5f:f9:78:02:e5:79:ec:42:d0:7b:8c:11:83:b0:
76:da:35:69:a3:df:24:95:38:3e:c0:df:6d:38:ed:
93:8e:18:a7:22:f0:bc:a9:a8:85:44:4a:98:62:3b:
aa:8e:6a:e4:79:36:af:0d:43:24:30:e3:2d:91:02:
33:57:0d:9d:58:cf:11:e1:31:2e:c8:3b:28:ee:fb:
7f:d4:87:5e:63:14:5f:39:2d:3f:8e:d9:02:23:aa:
a7:7e:0d:14:cf:da:f2:84:2b:0a:82:c6:dc:c2:c8:
1f:73:18:5d:00:bb:95:5f:fb:56:ca:5a:53:41:51:
c7:59:80:b6:ea:a9:0f:03:1f:a7:18:fb:fc:99:79:
80:57:7a:6b:d2:28:2f:52:c9:a7:3d:8b:cd:c8:10:
a3:47:aa:f4:0f:15:d8:76:5d:6f:ce:71:0f:cb:5e:
3a:ae:5e:68:5d:6f:5b:3c:41:44:ca:31:bb:f3:c0:
e8:03:6c:ec:ef:26:2d:f2:7d:58:37:54:2e:81:37:
41:0b:67:41:ed:d6:81:c6:da:2d:c9:c3:9a:cc:08:
ec:d3:29:ed:6f:f2:09:79:99:cb:8f:ed:d4:e3:4a:
5a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:23:94:BB:A9:DF:A9:F3:54:EE:17:D6:F0:85:A3:11:D9:DA:59:61
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSOUu6nfqfNU7hfW8IWjEdnaWWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.3.0/24
185.43.56.0/23
217.174.145.0/24
Signature Algorithm: sha256WithRSAEncryption
37:21:33:7d:a1:83:0c:10:81:6d:6d:ca:fe:1b:45:3e:91:60:
99:cd:d0:09:fb:27:2a:1b:9c:5c:18:83:ba:b8:df:42:0b:1d:
94:66:fa:e3:24:f7:23:fa:33:8e:7d:03:57:57:a7:1d:db:2d:
4d:25:b9:1f:a7:54:b3:8c:41:cf:b6:8f:d8:bc:43:c6:0e:d4:
c4:f5:41:86:5b:77:82:54:aa:a5:a0:c9:fe:97:96:aa:fc:67:
74:bb:3b:05:07:a6:07:97:0e:70:69:d2:b8:9f:f9:90:89:1d:
f6:1e:b6:ef:c0:32:ab:01:64:dd:af:3e:2a:1d:a0:4e:1f:3d:
50:d6:ef:cd:28:6c:2e:f8:5d:72:7b:5d:8e:79:21:df:84:c5:
77:5f:05:27:76:cd:d5:ac:71:f2:6f:1a:b2:2c:f4:e6:b2:09:
a5:5e:a2:a6:37:08:f5:aa:8d:9f:c1:bf:df:e6:f8:52:e7:eb:
bc:1f:c0:ff:84:b8:6f:48:01:54:53:ec:f1:4b:f8:20:98:f9:
68:6d:af:13:6a:66:70:08:f3:7e:61:fa:d4:21:23:95:36:09:
89:c6:3b:2c:e6:44:bf:cd:5f:ec:07:aa:c8:6b:cc:f1:10:8e:
57:1e:22:2e:39:6c:46:28:dd:6d:96:97:ba:f7:43:f0:22:a4:
78:78:ca:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiFse+xV4ZEzeYxgBWp/dwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwODA3MTgwMTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIzOTRiYmE5ZGZhOWYzNTRlZTE3ZDZmMDg1YTMxMWQ5ZGE1OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveLX0YRJ3MMbX6QhLtAwMkPx1EPJ
weQmVjnSduZKX/l4AuV57ELQe4wRg7B22jVpo98klTg+wN9tOO2TjhinIvC8qaiF
REqYYjuqjmrkeTavDUMkMOMtkQIzVw2dWM8R4TEuyDso7vt/1IdeYxRfOS0/jtkC
I6qnfg0Uz9ryhCsKgsbcwsgfcxhdALuVX/tWylpTQVHHWYC26qkPAx+nGPv8mXmA
V3pr0igvUsmnPYvNyBCjR6r0DxXYdl1vznEPy146rl5oXW9bPEFEyjG788DoA2zs
7yYt8n1YN1QugTdBC2dB7daBxtotycOazAjs0yntb/IJeZnLj+3U40paQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIUjlLup36nzVO4X1vCFoxHZ2llhMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvaFNPVXU2bmZxZk5VN2hmVzhJV2pFZG5hV1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATo4DAwQB
uSs4AwQA2a6RMA0GCSqGSIb3DQEBCwUAA4IBAQA3ITN9oYMMEIFtbcr+G0U+kWCZ
zdAJ+ycqG5xcGIO6uN9CCx2UZvrjJPcj+jOOfQNXV6cd2y1NJbkfp1SzjEHPto/Y
vEPGDtTE9UGGW3eCVKqloMn+l5aq/Gd0uzsFB6YHlw5wadK4n/mQiR32HrbvwDKr
AWTdrz4qHaBOHz1Q1u/NKGwu+F1ye12OeSHfhMV3XwUnds3VrHHybxqyLPTmsgml
XqKmNwj1qo2fwb/f5vhS5+u8H8D/hLhvSAFUU+zxS/ggmPloba8TamZwCPN+YfrU
ISOVNgmJxjss5kS/zV/sB6rIa8zxEI5XHiIuOWxGKN1tlpe690PwIqR4eMrq
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:18:59 2025 by rpki-client