Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/h4Sc-On0fGnCrbQAMGGHCBQw444.roa
File: h4Sc-On0fGnCrbQAMGGHCBQw444.roa (raw, json)
Hash identifier: 99hPyX1M0YDGGnRWf3hFQsXHQCdfTkTd4m5t1xJFVVs=
Subject key identifier: 87:84:9C:F8:E9:F4:7C:69:C2:AD:B4:00:30:61:87:08:14:30:E3:8E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01998564D94F8E7802417292E4F91DED7B50
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/h4Sc-On0fGnCrbQAMGGHCBQw444.roa
Signing time: Fri 26 Sep 2025 09:40:02 +0000
ROA not before: Fri 26 Sep 2025 09:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153589
IP address blocks: 192.71.161.0/24 maxlen: 24
193.235.110.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:64:d9:4f:8e:78:02:41:72:92:e4:f9:1d:ed:7b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 26 09:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87849cf8e9f47c69c2adb400306187081430e38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:d8:9e:c0:8c:2c:a3:9b:d1:52:df:8c:49:
a4:49:3e:2f:1b:84:60:63:26:e5:06:a3:b6:07:43:
4b:1a:96:0e:f1:23:a1:0c:79:5d:56:65:1b:5e:b3:
fb:5b:2d:b9:d9:c2:81:c3:45:b2:4b:a8:ea:0f:9b:
98:f2:d3:c2:da:d3:d1:ac:a2:37:98:82:00:7d:19:
2c:68:c0:e1:1f:9f:90:78:1e:8b:88:29:a0:46:a3:
44:30:72:ce:9b:ce:56:60:b4:77:f2:c6:ba:75:c3:
07:8b:6e:e0:fe:b8:47:c2:ab:e7:bc:93:1d:33:5b:
00:3e:03:2f:f1:89:84:39:8e:26:29:c5:ac:90:f3:
6a:03:6d:9f:63:b0:af:35:40:af:78:5e:fc:b9:2e:
93:62:eb:26:6d:25:80:c1:60:50:58:39:4e:1e:38:
c5:72:79:2c:9d:cc:34:88:07:b9:72:0e:89:aa:cb:
fc:5c:e0:2d:91:6c:03:e0:2d:fb:44:a2:b5:3c:0b:
d0:d4:dd:cc:bb:f7:af:e5:0a:86:68:df:0a:b4:dd:
6f:56:68:51:7e:41:d1:1b:1e:c7:bd:a3:b1:3e:fa:
6c:bf:77:b6:e8:88:93:f4:3a:32:d9:0c:db:f6:94:
c8:10:a2:73:a8:d0:0e:59:e7:a6:cb:5f:14:2d:5b:
b6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:84:9C:F8:E9:F4:7C:69:C2:AD:B4:00:30:61:87:08:14:30:E3:8E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/h4Sc-On0fGnCrbQAMGGHCBQw444.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.161.0/24
193.235.110.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:3f:28:70:c0:24:35:e1:ff:02:49:73:a8:56:5c:27:c3:47:
59:36:4c:79:1c:10:e0:98:9c:07:43:a5:03:46:01:b8:8b:4d:
59:8c:e6:ff:bb:66:7e:c6:2b:8b:22:e6:b0:62:49:ea:50:e5:
49:53:30:4c:29:22:e3:0b:1a:b5:32:9f:bd:22:b8:c0:d0:14:
b9:5f:db:ef:88:2c:fb:44:f2:0c:ea:5b:14:bf:92:13:c4:68:
06:95:d3:04:de:83:83:a8:4e:74:28:81:78:5f:88:78:c0:f4:
78:75:31:fc:05:9a:cf:c3:5f:12:69:f1:37:84:47:e3:e0:7e:
66:18:f7:30:4a:86:3b:92:e6:58:01:03:1b:c8:a7:a6:db:e2:
e8:02:5d:77:31:89:11:64:72:d8:0f:cc:06:98:0b:04:fa:28:
6a:e8:fa:0b:f6:18:01:3c:5f:e5:15:be:7b:58:a3:78:80:d0:
2e:da:bf:34:b2:90:8a:28:6a:e2:b2:6a:6b:64:a3:b1:1a:69:
b6:9e:f3:9f:62:17:e7:bc:f2:07:e4:b0:37:31:3d:39:68:2a:
6c:d7:c9:53:ef:30:a4:6a:2e:eb:0e:8f:81:6e:09:f2:0d:1f:
09:5d:1b:b1:8e:1a:b1:d8:2a:3d:f8:6d:da:9d:69:ff:79:7c:
e1:af:c4:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmFZNlPjngCQXKS5Pkd7XtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwOTI2MDk0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg0OWNmOGU5ZjQ3YzY5YzJhZGI0MDAzMDYxODcwODE0MzBlMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9PYnsCMLKOb0VLfjEmkST4vG4Rg
YyblBqO2B0NLGpYO8SOhDHldVmUbXrP7Wy252cKBw0WyS6jqD5uY8tPC2tPRrKI3
mIIAfRksaMDhH5+QeB6LiCmgRqNEMHLOm85WYLR38sa6dcMHi27g/rhHwqvnvJMd
M1sAPgMv8YmEOY4mKcWskPNqA22fY7CvNUCveF78uS6TYusmbSWAwWBQWDlOHjjF
cnksncw0iAe5cg6Jqsv8XOAtkWwD4C37RKK1PAvQ1N3Mu/ev5QqGaN8KtN1vVmhR
fkHRGx7HvaOxPvpsv3e26IiT9Doy2Qzb9pTIEKJzqNAOWeemy18ULVu2fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIeEnPjp9Hxpwq20ADBhhwgUMOOOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaDRTYy1PbjBmR25DcmJRQU1HR0hDQlF3NDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEehAwQB
wetuMA0GCSqGSIb3DQEBCwUAA4IBAQB9PyhwwCQ14f8CSXOoVlwnw0dZNkx5HBDg
mJwHQ6UDRgG4i01ZjOb/u2Z+xiuLIuawYknqUOVJUzBMKSLjCxq1Mp+9IrjA0BS5
X9vviCz7RPIM6lsUv5ITxGgGldME3oODqE50KIF4X4h4wPR4dTH8BZrPw18SafE3
hEfj4H5mGPcwSoY7kuZYAQMbyKem2+LoAl13MYkRZHLYD8wGmAsE+ihq6PoL9hgB
PF/lFb57WKN4gNAu2r80spCKKGrismprZKOxGmm2nvOfYhfnvPIH5LA3MT05aCps
18lT7zCkai7rDo+BbgnyDR8JXRuxjhqx2Co9+G3anWn/eXzhr8Rc
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:09 2025 by rpki-client