Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hKLij3lR7HyJjmbWrdb5jlrUFjk.roa
File: hKLij3lR7HyJjmbWrdb5jlrUFjk.roa (raw, json)
Hash identifier: 8U2GCz+IInasWxbu3UUYm0xZvNJhWzm6tC83fiGPw4k=
Subject key identifier: 84:A2:E2:8F:79:51:EC:7C:89:8E:66:D6:AD:D6:F9:8E:5A:D4:16:39
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0198372FF1E92A3DF7FD4C2B502F37934792
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hKLij3lR7HyJjmbWrdb5jlrUFjk.roa
Signing time: Wed 23 Jul 2025 12:09:05 +0000
ROA not before: Wed 23 Jul 2025 12:09:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216260
IP address blocks: 91.92.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 19:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:2f:f1:e9:2a:3d:f7:fd:4c:2b:50:2f:37:93:47:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 23 12:09:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84a2e28f7951ec7c898e66d6add6f98e5ad41639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:30:1d:03:01:95:6f:4b:4f:b4:b1:58:78:
f5:92:14:e7:9f:86:64:da:dc:23:98:4f:d8:23:f3:
50:ce:fd:b2:bd:d6:1d:13:b8:f6:67:05:7d:2b:e0:
81:db:dc:b4:9f:f9:44:c7:26:49:1f:be:7c:95:98:
de:21:e3:09:a6:8b:91:41:01:5f:e4:9a:08:d4:46:
77:14:b3:b8:91:16:08:0e:ba:13:d0:80:c2:b8:f3:
bf:ec:06:b3:d9:8e:cb:1d:9a:e8:40:64:90:7e:70:
a7:13:67:67:de:6c:de:04:4e:f5:5a:be:a1:34:b9:
98:6d:2c:bf:54:a9:1a:28:16:72:29:27:b7:c1:16:
96:4e:0a:4a:84:5f:a7:40:8e:16:5e:9d:a6:cc:86:
ff:96:04:40:ae:78:2c:f7:6c:53:98:6f:99:88:ec:
c2:ba:ea:eb:41:24:ce:b9:61:b0:bf:f4:c6:2e:9a:
09:61:bc:f9:c6:04:9c:a8:01:a1:eb:fe:89:1c:7f:
76:fb:90:5f:12:47:de:b5:89:cb:e8:c5:81:8e:8c:
44:5e:c6:c6:b8:11:9a:e0:06:6c:63:bf:ca:57:64:
9d:fd:92:4c:c9:b5:21:ca:0a:67:96:f0:9a:e6:95:
97:83:e6:9c:5b:9b:ae:a1:47:db:e7:f6:23:95:2b:
14:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A2:E2:8F:79:51:EC:7C:89:8E:66:D6:AD:D6:F9:8E:5A:D4:16:39
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hKLij3lR7HyJjmbWrdb5jlrUFjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.70.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9e:7a:17:73:ff:94:bb:5a:24:fe:01:05:c1:c5:68:e6:12:
00:b1:0e:f5:a6:71:b2:5e:b7:cf:ea:20:91:af:1b:58:b6:15:
ec:0e:c1:76:2d:f9:2f:6e:e0:69:be:d7:a4:ba:cd:d8:11:f4:
62:e1:82:19:6c:6d:e9:be:ec:88:33:27:5a:ed:e9:78:4f:9e:
2f:ef:eb:f4:52:34:e4:fa:72:91:5a:14:1a:23:d0:56:11:6c:
58:3f:ad:0c:7b:b4:f1:1c:90:4b:e9:c0:f4:0d:dc:d3:a2:52:
74:6e:88:b9:f4:2d:88:aa:6d:b6:77:37:e5:c5:c8:aa:3c:36:
dc:86:75:25:3b:9f:0a:52:cd:78:15:fd:51:1e:d6:0e:fc:32:
06:65:89:1d:e1:61:57:5b:8c:9c:97:b6:a7:06:6c:bb:af:66:
2a:30:e6:e9:81:14:d2:65:4a:d3:f9:94:f9:33:63:b0:ec:5e:
ba:e9:f4:53:5e:83:7a:41:33:db:b6:f8:94:7c:ac:63:83:9c:
42:b1:5e:6f:5e:fe:8f:02:a8:70:c3:8d:12:2a:9e:52:e1:88:
e8:3a:06:0a:f1:03:d7:72:ba:ff:59:f9:f8:56:b6:8b:16:0a:
80:bc:16:00:f8:04:ea:d3:f4:d1:26:51:93:7c:59:27:d2:29:
e4:e3:07:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZg3L/HpKj33/UwrUC83k0eSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzIzMTIwOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGEyZTI4Zjc5NTFlYzdjODk4ZTY2ZDZhZGQ2Zjk4ZTVhZDQxNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMEwHQMBlW9LT7SxWHj1khTnn4Zk
2twjmE/YI/NQzv2yvdYdE7j2ZwV9K+CB29y0n/lExyZJH758lZjeIeMJpouRQQFf
5JoI1EZ3FLO4kRYIDroT0IDCuPO/7Aaz2Y7LHZroQGSQfnCnE2dn3mzeBE71Wr6h
NLmYbSy/VKkaKBZyKSe3wRaWTgpKhF+nQI4WXp2mzIb/lgRArngs92xTmG+ZiOzC
uurrQSTOuWGwv/TGLpoJYbz5xgScqAGh6/6JHH92+5BfEkfetYnL6MWBjoxEXsbG
uBGa4AZsY7/KV2Sd/ZJMybUhygpnlvCa5pWXg+acW5uuoUfb5/YjlSsUrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISi4o95Uex8iY5m1q3W+Y5a1BY5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaEtMaWozbFI3SHlKam1iV3JkYjVqbHJVRmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1xGMA0G
CSqGSIb3DQEBCwUAA4IBAQCBnnoXc/+Uu1ok/gEFwcVo5hIAsQ71pnGyXrfP6iCR
rxtYthXsDsF2LfkvbuBpvtekus3YEfRi4YIZbG3pvuyIMyda7el4T54v7+v0UjTk
+nKRWhQaI9BWEWxYP60Me7TxHJBL6cD0DdzTolJ0boi59C2Iqm22dzflxciqPDbc
hnUlO58KUs14Ff1RHtYO/DIGZYkd4WFXW4ycl7anBmy7r2YqMObpgRTSZUrT+ZT5
M2Ow7F666fRTXoN6QTPbtviUfKxjg5xCsV5vXv6PAqhww40SKp5S4YjoOgYK8QPX
crr/Wfn4VraLFgqAvBYA+ATq0/TRJlGTfFkn0ink4weh
-----END CERTIFICATE-----
Generated at Thu Aug 7 05:09:16 2025 by rpki-client