Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_171H9Sm2ep0k1F8xWMaAxZEl2I.roa
File: _171H9Sm2ep0k1F8xWMaAxZEl2I.roa (raw, json)
Hash identifier: /dkzcei49nxixDHTcMEG9JbROZxQxr4pzlGL3IHAVmE=
Subject key identifier: FF:5E:F5:1F:D4:A6:D9:EA:74:93:51:7C:C5:63:1A:03:16:44:97:62
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0198BC17AA9FCEB43AF6A9B871C23861ADAF
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_171H9Sm2ep0k1F8xWMaAxZEl2I.roa
Signing time: Mon 18 Aug 2025 07:32:04 +0000
ROA not before: Mon 18 Aug 2025 07:32:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.143.210.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 13:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:17:aa:9f:ce:b4:3a:f6:a9:b8:71:c2:38:61:ad:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Aug 18 07:32:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff5ef51fd4a6d9ea7493517cc5631a0316449762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ea:59:b3:5f:89:17:8f:7d:bc:fe:6a:91:69:
e9:3f:cd:fe:29:e2:b8:e2:4a:a5:06:18:dc:0b:75:
46:bf:8c:4c:eb:5a:38:ec:74:a0:bc:69:30:b0:e5:
06:cf:f1:25:60:22:68:2f:74:36:34:ff:9e:e4:06:
db:e3:3c:ea:17:e0:b6:a2:f2:2f:2b:44:18:ab:0d:
59:18:2a:81:3d:ee:e0:b6:18:09:73:4f:9c:f2:04:
e2:3c:94:d0:bb:8b:b6:36:bb:3a:0f:cb:a2:c3:70:
54:a0:42:cc:90:c0:98:45:7e:bc:ce:7a:34:1a:9f:
74:9f:da:09:b4:a6:dc:ce:ff:1a:b9:2d:cc:ea:74:
f4:3c:73:b4:9a:d8:cb:70:1f:e6:8a:fa:9e:e6:e8:
b0:50:da:99:a2:5d:a6:c0:61:88:51:eb:29:8a:c9:
39:4e:92:41:f4:13:cf:17:6d:a6:49:29:81:a8:99:
e1:82:a7:bc:fe:48:a7:a6:f9:44:0b:6b:5f:ed:07:
91:ae:ba:ac:a2:3b:2d:4d:1e:51:9a:24:5e:da:95:
c0:f3:4b:50:e5:be:ac:66:7e:84:6c:e2:28:71:b7:
8a:50:bd:42:3d:35:6b:8f:4e:d0:6b:93:6e:6a:dc:
a5:0a:46:05:9a:12:81:78:62:d6:bc:1b:29:ac:b9:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5E:F5:1F:D4:A6:D9:EA:74:93:51:7C:C5:63:1A:03:16:44:97:62
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_171H9Sm2ep0k1F8xWMaAxZEl2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.210.0/24
194.143.217.0-194.143.218.255
194.143.222.0/23
195.114.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:28:26:ab:5d:97:35:aa:59:b0:7a:2f:7c:08:ea:91:33:38:
6b:51:67:e8:6e:3b:1a:67:af:06:45:87:d7:ce:14:84:99:6f:
9c:54:2c:f7:15:16:67:44:da:f6:3f:09:04:2c:28:90:df:7a:
df:56:61:d3:3b:ab:dc:4c:f2:e3:c4:c6:a2:27:7d:61:2b:a2:
d4:26:f0:98:8d:e2:69:9c:aa:f0:08:23:44:37:20:1d:e9:13:
6b:87:20:10:c8:c3:ff:a1:dd:96:6a:f2:a9:c2:4c:20:39:cc:
75:4c:d4:2d:bc:ab:7a:83:6e:fa:1e:76:ca:56:5d:a7:d2:09:
18:51:21:f9:a9:24:6c:37:00:b3:5d:e0:d1:cb:85:e9:95:4b:
42:a7:b1:aa:ba:3d:d3:7d:07:6b:cf:20:8f:7b:b6:c0:25:65:
79:a0:2c:be:4c:3b:6f:62:86:77:1c:4a:d9:9d:2d:69:35:60:
b0:be:17:f5:6f:7f:13:c2:62:97:64:58:aa:89:24:32:c0:55:
ad:2f:81:6d:e2:4c:b5:0e:b9:95:e5:7c:ad:28:85:da:6e:99:
d1:43:be:f2:ae:aa:b3:48:0c:9c:3c:74:01:ea:62:f5:e9:86:
0a:df:fd:c7:76:6e:1b:ba:78:53:99:51:d4:cb:1c:d4:1e:a3:
d3:e8:18:ae
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZi8F6qfzrQ69qm4ccI4Ya2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwODE4MDczMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVlZjUxZmQ0YTZkOWVhNzQ5MzUxN2NjNTYzMWEwMzE2NDQ5NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2epZs1+JF499vP5qkWnpP83+KeK4
4kqlBhjcC3VGv4xM61o47HSgvGkwsOUGz/ElYCJoL3Q2NP+e5Abb4zzqF+C2ovIv
K0QYqw1ZGCqBPe7gthgJc0+c8gTiPJTQu4u2Nrs6D8uiw3BUoELMkMCYRX68zno0
Gp90n9oJtKbczv8auS3M6nT0PHO0mtjLcB/mivqe5uiwUNqZol2mwGGIUespisk5
TpJB9BPPF22mSSmBqJnhgqe8/kinpvlEC2tf7QeRrrqsojstTR5RmiRe2pXA80tQ
5b6sZn6EbOIocbeKUL1CPTVrj07Qa5NuatylCkYFmhKBeGLWvBsprLl2XwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP9e9R/UptnqdJNRfMVjGgMWRJdiMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvXzE3MUg5U20yZXAwazFGOHhXTWFBeFpFbDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwo/SMAwD
BADCj9kDBADCj9oDBAHCj94DBADDcs0wDQYJKoZIhvcNAQELBQADggEBAJsoJqtd
lzWqWbB6L3wI6pEzOGtRZ+huOxpnrwZFh9fOFISZb5xULPcVFmdE2vY/CQQsKJDf
et9WYdM7q9xM8uPExqInfWErotQm8JiN4mmcqvAII0Q3IB3pE2uHIBDIw/+h3ZZq
8qnCTCA5zHVM1C28q3qDbvoedspWXafSCRhRIfmpJGw3ALNd4NHLhemVS0Knsaq6
PdN9B2vPII97tsAlZXmgLL5MO29ihnccStmdLWk1YLC+F/VvfxPCYpdkWKqJJDLA
Va0vgW3iTLUOuZXlfK0ohdpumdFDvvKuqrNIDJw8dAHqYvXphgrf/cd2bhu6eFOZ
UdTLHNQeo9PoGK4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:52:52 2025 by rpki-client