Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/3liyadxkeB4PeF6Cj_CpA_Z7U3U.roa
File: 3liyadxkeB4PeF6Cj_CpA_Z7U3U.roa (raw, json)
Hash identifier: BkpSf3XaltWEFzfRC33a/AQ/WD3A00IBXqDokzMsdrM=
Subject key identifier: DE:58:B2:69:DC:64:78:1E:0F:78:5E:82:8F:F0:A9:03:F6:7B:53:75
Certificate issuer: /CN=1e8612e30e96ccba89e75e04b7bba1c2b797c5c3
Certificate serial: 0198F6E0038033BA4B40BB97D23F3EF96300
Authority key identifier: 1E:86:12:E3:0E:96:CC:BA:89:E7:5E:04:B7:BB:A1:C2:B7:97:C5:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HoYS4w6WzLqJ514Et7uhwreXxcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/3liyadxkeB4PeF6Cj_CpA_Z7U3U.roa
Signing time: Fri 29 Aug 2025 17:28:52 +0000
ROA not before: Fri 29 Aug 2025 17:28:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200665
IP address blocks: 141.195.8.0/21 maxlen: 23
176.124.60.0/22 maxlen: 22
176.125.244.0/22 maxlen: 22
185.97.196.0/22 maxlen: 22
185.180.232.0/22 maxlen: 22
185.181.80.0/22 maxlen: 22
2a06:700::/29 maxlen: 32
2a0a:9b80::/32 maxlen: 32
2a0a:9c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/HoYS4w6WzLqJ514Et7uhwreXxcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/HoYS4w6WzLqJ514Et7uhwreXxcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HoYS4w6WzLqJ514Et7uhwreXxcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:e0:03:80:33:ba:4b:40:bb:97:d2:3f:3e:f9:63:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8612e30e96ccba89e75e04b7bba1c2b797c5c3
Validity
Not Before: Aug 29 17:28:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de58b269dc64781e0f785e828ff0a903f67b5375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cf:58:f8:e6:bc:ce:1b:c0:88:ce:25:b7:a8:
2f:34:36:e0:70:3f:cb:8c:b2:32:0e:29:af:e9:14:
26:0e:a6:cd:18:0e:08:25:e4:59:5c:da:fa:2e:a5:
9d:eb:41:e8:15:77:25:55:a0:da:61:9c:cb:b5:b8:
d6:d5:09:ea:fc:06:44:5c:5f:0e:60:7e:d5:17:58:
5a:53:45:f0:ac:16:84:28:72:78:2b:f2:50:ef:a5:
da:a4:18:a6:04:2e:d4:ac:f1:a0:67:a3:87:fa:27:
71:fe:13:ad:98:68:51:38:8e:63:25:fc:8d:6f:59:
1a:84:42:cc:94:e4:d8:a7:ab:23:1a:2f:f0:30:6b:
46:b3:66:4f:19:d8:2c:3f:31:89:7a:cb:ae:ee:36:
35:2e:d5:6e:4a:ea:3c:93:3c:f0:c0:7b:c4:38:2c:
f5:1c:87:b0:43:08:0f:72:81:65:2a:10:4d:c1:6b:
22:0a:39:d1:6a:c6:81:80:17:40:9b:bb:57:94:4e:
fe:ec:80:3a:84:49:2b:cf:3f:14:2e:93:28:ba:a8:
c6:62:82:a7:90:b6:a6:93:f1:88:ab:59:e8:2e:54:
c5:02:5e:dc:2c:b8:9e:c1:8e:a0:4b:98:9d:eb:84:
75:8f:37:72:b2:80:f5:a8:87:fd:14:15:9e:59:70:
9c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:58:B2:69:DC:64:78:1E:0F:78:5E:82:8F:F0:A9:03:F6:7B:53:75
X509v3 Authority Key Identifier:
keyid:1E:86:12:E3:0E:96:CC:BA:89:E7:5E:04:B7:BB:A1:C2:B7:97:C5:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HoYS4w6WzLqJ514Et7uhwreXxcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/3liyadxkeB4PeF6Cj_CpA_Z7U3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/HoYS4w6WzLqJ514Et7uhwreXxcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.195.8.0/21
176.124.60.0/22
176.125.244.0/22
185.97.196.0/22
185.180.232.0/22
185.181.80.0/22
IPv6:
2a06:700::/29
2a0a:9b80::/32
2a0a:9c80::/32
Signature Algorithm: sha256WithRSAEncryption
82:fb:ec:79:c3:65:69:be:fe:b0:db:27:52:76:cf:be:69:09:
e2:7c:90:d4:03:2d:06:82:a0:b3:b2:c2:78:e6:42:ae:e0:c6:
af:1f:d8:51:50:09:b6:dc:d9:f2:91:d2:4f:8e:bb:58:aa:f1:
b7:99:9e:14:64:b3:3b:9c:ab:0f:a7:48:30:f7:6c:36:78:e9:
a1:97:82:19:70:1c:23:43:be:85:e6:42:09:c8:4d:7d:5e:a7:
9e:93:11:56:07:8d:80:19:ae:1b:ca:c0:9b:0c:9c:b3:d4:8d:
57:1a:d1:c5:86:ef:3b:bd:8b:86:68:be:6f:a6:e2:03:fe:db:
95:06:b6:53:f1:cd:df:2a:91:35:4e:4b:a8:34:b1:aa:cd:50:
2d:73:30:07:a9:64:e4:19:d2:f5:66:39:a0:88:fe:0a:0e:62:
b2:6e:e8:42:6d:bb:11:87:85:2f:b5:7c:a0:26:38:89:15:a2:
77:d3:a2:ff:b0:d2:5d:9b:0d:5e:ce:12:7b:6e:0e:a0:9a:5e:
34:06:7a:ed:e9:27:16:44:90:3f:38:e5:35:e1:b0:44:78:65:
27:20:71:9a:da:8f:5a:ee:7d:a5:98:09:c2:e1:1d:11:e7:c1:
db:8f:84:7a:79:29:a0:c5:b2:73:cc:48:be:ef:f9:ff:5c:a7:
bf:1a:6a:82
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZj24AOAM7pLQLuX0j8++WMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlODYxMmUzMGU5NmNjYmE4OWU3NWUwNGI3YmJhMWMyYjc5
N2M1YzMwHhcNMjUwODI5MTcyODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU4YjI2OWRjNjQ3ODFlMGY3ODVlODI4ZmYwYTkwM2Y2N2I1Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s9Y+Oa8zhvAiM4lt6gvNDbgcD/L
jLIyDimv6RQmDqbNGA4IJeRZXNr6LqWd60HoFXclVaDaYZzLtbjW1Qnq/AZEXF8O
YH7VF1haU0XwrBaEKHJ4K/JQ76XapBimBC7UrPGgZ6OH+idx/hOtmGhROI5jJfyN
b1kahELMlOTYp6sjGi/wMGtGs2ZPGdgsPzGJesuu7jY1LtVuSuo8kzzwwHvEOCz1
HIewQwgPcoFlKhBNwWsiCjnRasaBgBdAm7tXlE7+7IA6hEkrzz8ULpMouqjGYoKn
kLamk/GIq1noLlTFAl7cLLiewY6gS5id64R1jzdysoD1qIf9FBWeWXCcgQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFN5YsmncZHgeD3hego/wqQP2e1N1MB8GA1UdIwQY
MBaAFB6GEuMOlsy6iedeBLe7ocK3l8XDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG9ZUzR3Nld6THFKNTE0RXQ3dWh3cmVYeGNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC83MzBiZDQtZGIzMy00NTUyLWJhZDUt
YjZkYzJiN2JmMzBhLzEvM2xpeWFkeGtlQjRQZUY2Q2pfQ3BBX1o3VTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC83MzBiZDQtZGIzMy00NTUyLWJhZDUtYjZkYzJiN2JmMzBh
LzEvSG9ZUzR3Nld6THFKNTE0RXQ3dWh3cmVYeGNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDjcMIAwQC
sHw8AwQCsH30AwQCuWHEAwQCubToAwQCubVQMBsEAgACMBUDBQMqBgcAAwUAKgqb
gAMFACoKnIAwDQYJKoZIhvcNAQELBQADggEBAIL77HnDZWm+/rDbJ1J2z75pCeJ8
kNQDLQaCoLOywnjmQq7gxq8f2FFQCbbc2fKR0k+Ou1iq8beZnhRkszucqw+nSDD3
bDZ46aGXghlwHCNDvoXmQgnITX1ep56TEVYHjYAZrhvKwJsMnLPUjVca0cWG7zu9
i4Zovm+m4gP+25UGtlPxzd8qkTVOS6g0sarNUC1zMAepZOQZ0vVmOaCI/goOYrJu
6EJtuxGHhS+1fKAmOIkVonfTov+w0l2bDV7OEntuDqCaXjQGeu3pJxZEkD845TXh
sER4ZScgcZraj1rufaWYCcLhHRHnwduPhHp5KaDFsnPMSL7v+f9cp78aaoI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:08:23 2025 by rpki-client