Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/F7hFHVt5GnAjfb0AGvjaQBNPnKg.roa
File: F7hFHVt5GnAjfb0AGvjaQBNPnKg.roa (raw, json)
Hash identifier: btzZxwXvt98Q7y5uMwpF7P7FoBwM/PNcqw+tRVhi4ns=
Subject key identifier: 17:B8:45:1D:5B:79:1A:70:23:7D:BD:00:1A:F8:DA:40:13:4F:9C:A8
Certificate issuer: /CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Certificate serial: 01987463D7964B54209F65836498C5E1ED88
Authority key identifier: 95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/F7hFHVt5GnAjfb0AGvjaQBNPnKg.roa
Signing time: Mon 04 Aug 2025 09:22:36 +0000
ROA not before: Mon 04 Aug 2025 09:22:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 45.139.78.0/24 maxlen: 24
45.139.79.0/24 maxlen: 24
80.248.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 09:22:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:63:d7:96:4b:54:20:9f:65:83:64:98:c5:e1:ed:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Validity
Not Before: Aug 4 09:22:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b8451d5b791a70237dbd001af8da40134f9ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:01:46:1d:f7:83:9e:3f:c7:87:96:ab:96:
a2:b4:8b:c2:80:b7:47:0f:02:47:de:80:30:4b:f4:
25:1e:31:ff:a2:25:44:dc:c7:a0:d4:98:15:79:86:
b9:a6:f5:6b:88:8b:1b:03:1d:73:8b:e4:40:cc:2d:
ea:6a:53:d8:a6:6c:59:6c:33:34:27:23:4d:53:a2:
15:82:55:28:d1:e7:d8:19:03:5e:b0:06:ac:26:5a:
15:f2:a4:a7:f9:6b:c3:e4:7f:ab:0b:f2:b5:8d:0e:
1b:f2:1e:7a:50:82:fa:74:a6:ea:e3:1f:b2:b3:e6:
12:96:67:76:b7:11:8a:99:c1:f2:29:4a:f5:0b:29:
ec:da:be:56:07:01:fd:b7:2f:e2:22:35:21:77:5b:
3b:55:b1:ce:cd:39:d7:80:aa:d5:32:47:b8:a1:04:
e1:36:af:1e:b6:23:37:a7:5a:ae:d4:a4:51:e5:3e:
0b:fc:84:90:26:46:3c:41:0e:01:84:5e:71:1c:53:
96:8e:77:ca:5c:06:16:6a:97:7d:aa:82:bf:71:ce:
37:cb:90:d4:1a:35:e7:df:6a:54:24:6a:d7:54:56:
7f:e0:26:5e:af:b7:a3:bb:dd:12:4b:78:9f:5f:1a:
8e:45:57:2f:a0:f8:e2:d7:60:d3:5f:74:6b:05:59:
d2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B8:45:1D:5B:79:1A:70:23:7D:BD:00:1A:F8:DA:40:13:4F:9C:A8
X509v3 Authority Key Identifier:
keyid:95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/F7hFHVt5GnAjfb0AGvjaQBNPnKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.78.0/23
80.248.60.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a9:2d:04:3b:7a:64:75:b8:36:1d:b9:8d:ef:ab:24:47:4d:
0e:a7:35:59:f3:04:b7:32:40:fe:39:35:3f:ed:09:ca:f9:9e:
4c:e2:5f:5e:5e:0f:f5:40:b0:a9:43:1f:bd:44:ef:2b:74:b2:
fb:f0:88:02:f3:32:3c:7c:ee:17:61:66:e3:e8:0b:c3:89:cf:
b1:9e:58:ba:9a:26:64:a2:c5:e9:24:18:ca:6c:97:60:0c:44:
01:da:e6:f5:b9:6b:04:f1:3a:e1:7e:c1:d4:a3:b9:8f:47:e4:
e2:06:7b:fb:7c:90:0a:04:36:b1:7f:dc:ef:96:31:02:37:80:
64:65:aa:79:a2:fe:a9:3d:44:1b:55:5c:df:d5:1e:ed:83:b8:
ff:95:83:08:b7:5f:3d:a9:fc:75:58:cf:2e:97:b5:09:8e:3e:
2b:43:95:9c:bd:8b:67:1b:81:06:71:55:b7:52:64:92:32:b0:
b4:4c:a4:13:5a:d6:e1:0f:dd:8c:5b:53:a6:74:32:18:4f:41:
18:36:2d:73:32:d8:ea:7d:f9:5f:1a:ff:d9:63:51:42:c8:ae:
a8:e4:88:b6:2a:b0:14:d0:cb:d0:50:5f:5b:fd:ef:fa:05:e2:
a4:cd:50:7a:2d:4c:65:3e:2f:52:ae:a6:4c:d0:ed:0e:8e:1e:
0d:c8:74:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZh0Y9eWS1Qgn2WDZJjF4e2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTIzNDIwY2NmZWUwMzhjZGNhZWI0MzkyMzEwYTA1OThh
ZjdhM2UwHhcNMjUwODA0MDkyMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I4NDUxZDViNzkxYTcwMjM3ZGJkMDAxYWY4ZGE0MDEzNGY5Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK8BRh33g54/x4eWq5aitIvCgLdH
DwJH3oAwS/QlHjH/oiVE3Meg1JgVeYa5pvVriIsbAx1zi+RAzC3qalPYpmxZbDM0
JyNNU6IVglUo0efYGQNesAasJloV8qSn+WvD5H+rC/K1jQ4b8h56UIL6dKbq4x+y
s+YSlmd2txGKmcHyKUr1Cyns2r5WBwH9ty/iIjUhd1s7VbHOzTnXgKrVMke4oQTh
Nq8etiM3p1qu1KRR5T4L/ISQJkY8QQ4BhF5xHFOWjnfKXAYWapd9qoK/cc43y5DU
GjXn32pUJGrXVFZ/4CZer7eju90SS3ifXxqORVcvoPji12DTX3RrBVnSYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBe4RR1beRpwI329ABr42kATT5yoMB8GA1UdIwQY
MBaAFJWSNCDM/uA4zcrrQ5IxCgWYr3o+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzct
NTIwMGZjMTZmZjhjLzEvRjdoRkhWdDVHbkFqZmIwQUd2amFRQk5QbktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzctNTIwMGZjMTZmZjhj
LzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYtOAwQA
UPg8MA0GCSqGSIb3DQEBCwUAA4IBAQBkqS0EO3pkdbg2HbmN76skR00OpzVZ8wS3
MkD+OTU/7QnK+Z5M4l9eXg/1QLCpQx+9RO8rdLL78IgC8zI8fO4XYWbj6AvDic+x
nli6miZkosXpJBjKbJdgDEQB2ub1uWsE8TrhfsHUo7mPR+TiBnv7fJAKBDaxf9zv
ljECN4BkZap5ov6pPUQbVVzf1R7tg7j/lYMIt189qfx1WM8ul7UJjj4rQ5WcvYtn
G4EGcVW3UmSSMrC0TKQTWtbhD92MW1OmdDIYT0EYNi1zMtjqfflfGv/ZY1FCyK6o
5Ii2KrAU0MvQUF9b/e/6BeKkzVB6LUxlPi9SrqZM0O0Ojh4NyHSE
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:04:07 2025 by rpki-client