Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/hx_fLybZMd0bewVXBVAM7S3L-GQ.roa
File: hx_fLybZMd0bewVXBVAM7S3L-GQ.roa (raw, json)
Hash identifier: sK9kED5NHQV+ZF0/R5VnMBtuYFGBIVWRa2IGw5jpGTA=
Subject key identifier: 87:1F:DF:2F:26:D9:31:DD:1B:7B:05:57:05:50:0C:ED:2D:CB:F8:64
Certificate issuer: /CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Certificate serial: 019A35F156B715829C35B87A7D397B45723E
Authority key identifier: BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/hx_fLybZMd0bewVXBVAM7S3L-GQ.roa
Signing time: Thu 30 Oct 2025 16:26:40 +0000
ROA not before: Thu 30 Oct 2025 16:26:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12779
IP address blocks: 194.180.52.0/24 maxlen: 24
194.180.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.mft
rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 09:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:f1:56:b7:15:82:9c:35:b8:7a:7d:39:7b:45:72:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Validity
Not Before: Oct 30 16:26:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=871fdf2f26d931dd1b7b055705500ced2dcbf864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1e:26:ca:18:b9:fc:51:41:de:45:ab:83:84:
b4:09:52:1d:54:61:2d:12:46:79:60:fe:58:ed:74:
81:cc:ca:bf:2c:90:84:40:36:79:fd:cb:15:c6:5a:
6c:6b:0a:8e:5a:7d:dd:c6:82:76:42:6b:41:f6:33:
28:94:81:f7:34:8d:b3:35:e2:76:f6:b6:ce:57:fe:
36:c1:c4:c3:d4:b8:c4:e2:5f:fa:a8:bb:1f:1a:83:
93:03:89:96:3f:21:51:d8:c5:2a:09:e4:9f:c3:b5:
5b:91:1f:26:14:96:fb:da:39:31:7e:d7:e6:10:3e:
ae:df:64:60:0e:ca:5f:64:b1:cd:11:ce:89:75:76:
94:87:50:4a:f6:ad:11:7e:89:ae:a5:3f:7b:6d:f1:
61:7e:c3:a6:28:fd:0e:6b:5b:e7:54:be:ca:1f:45:
11:a0:ce:2a:25:2f:29:0e:b2:d8:fd:f0:6e:d6:09:
68:d0:12:d9:74:32:23:21:21:93:14:35:b4:3d:97:
4f:0f:63:11:10:fb:26:ee:82:14:ed:ef:4c:4a:80:
e2:48:26:c4:96:8c:24:5c:d6:80:e3:44:11:a8:90:
a0:f8:77:34:aa:03:db:e4:fe:17:02:9e:9a:0f:61:
47:7b:d3:06:4c:d7:a8:d5:ce:c7:f9:af:27:ac:1e:
45:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1F:DF:2F:26:D9:31:DD:1B:7B:05:57:05:50:0C:ED:2D:CB:F8:64
X509v3 Authority Key Identifier:
keyid:BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/hx_fLybZMd0bewVXBVAM7S3L-GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.52.0/24
194.180.55.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:17:90:90:c2:2c:24:2c:c7:9d:56:d6:78:4c:16:2f:40:34:
ee:7c:2a:9b:66:ab:3c:4d:4b:6a:bb:b6:c9:1c:f0:eb:45:3f:
84:d6:99:2e:7c:0d:f0:8f:d8:52:62:f6:49:af:51:a9:84:c6:
7c:e5:d1:4d:4e:3d:e1:89:bd:d5:19:bc:f2:ff:f2:87:a3:a3:
33:9a:5b:3d:55:33:8a:ea:72:14:9d:4e:40:2f:88:9e:11:09:
43:e8:ee:f4:85:52:e2:68:f2:36:25:b8:22:d5:29:5a:55:d4:
a8:77:30:a6:7f:97:41:b4:d6:36:08:f1:77:4f:0d:60:5b:ba:
4b:68:00:a2:9f:b7:99:0f:cf:45:58:51:df:65:91:23:d0:7c:
de:a4:62:ac:cd:15:3b:63:83:21:e9:69:4f:95:d5:c4:cc:b4:
98:f7:07:e1:e7:25:8e:44:61:83:b5:75:35:25:86:1e:d9:94:
95:08:aa:ed:4c:2e:90:17:af:91:c4:69:d8:50:d0:d1:ea:6c:
2f:db:36:3d:52:60:d4:87:aa:df:b0:98:66:e8:59:3c:34:0a:
b7:38:3f:ac:4c:26:af:7b:96:55:f1:f9:84:e5:0e:0b:62:03:
ec:5f:c8:49:94:41:a8:4a:27:a6:4f:80:09:2b:e6:db:3c:3a:
f1:e3:9e:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZo18Va3FYKcNbh6fTl7RXI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzczMDFlMTRkNjViM2EzZDY4NmRhYWMxNmRmYzQ5YWM0
OGM3Y2QwHhcNMjUxMDMwMTYyNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFmZGYyZjI2ZDkzMWRkMWI3YjA1NTcwNTUwMGNlZDJkY2JmODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4x4myhi5/FFB3kWrg4S0CVIdVGEt
EkZ5YP5Y7XSBzMq/LJCEQDZ5/csVxlpsawqOWn3dxoJ2QmtB9jMolIH3NI2zNeJ2
9rbOV/42wcTD1LjE4l/6qLsfGoOTA4mWPyFR2MUqCeSfw7VbkR8mFJb72jkxftfm
ED6u32RgDspfZLHNEc6JdXaUh1BK9q0RfomupT97bfFhfsOmKP0Oa1vnVL7KH0UR
oM4qJS8pDrLY/fBu1glo0BLZdDIjISGTFDW0PZdPD2MREPsm7oIU7e9MSoDiSCbE
lowkXNaA40QRqJCg+Hc0qgPb5P4XAp6aD2FHe9MGTNeo1c7H+a8nrB5FfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIcf3y8m2THdG3sFVwVQDO0ty/hkMB8GA1UdIwQY
MBaAFLp3MB4U1ls6PWhtqsFt/EmsSMfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEt
NWM2OGY2YjBiMmM3LzEvaHhfZkx5YlpNZDBiZXdWWEJWQU03UzNMLUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEtNWM2OGY2YjBiMmM3
LzEvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwrQ0AwQA
wrQ3MA0GCSqGSIb3DQEBCwUAA4IBAQAeF5CQwiwkLMedVtZ4TBYvQDTufCqbZqs8
TUtqu7bJHPDrRT+E1pkufA3wj9hSYvZJr1GphMZ85dFNTj3hib3VGbzy//KHo6Mz
mls9VTOK6nIUnU5AL4ieEQlD6O70hVLiaPI2Jbgi1SlaVdSodzCmf5dBtNY2CPF3
Tw1gW7pLaACin7eZD89FWFHfZZEj0HzepGKszRU7Y4Mh6WlPldXEzLSY9wfh5yWO
RGGDtXU1JYYe2ZSVCKrtTC6QF6+RxGnYUNDR6mwv2zY9UmDUh6rfsJhm6Fk8NAq3
OD+sTCave5ZV8fmE5Q4LYgPsX8hJlEGoSiemT4AJK+bbPDrx454H
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:04:52 2025 by rpki-client