Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/hYCcmu80EUyB0QUlFyYt_FkytgA.roa
File: hYCcmu80EUyB0QUlFyYt_FkytgA.roa (raw, json)
Hash identifier: cgGY1MHKJ+uD74ohUaaRKz6ER9RverVshIvSInh2vbk=
Subject key identifier: 85:80:9C:9A:EF:34:11:4C:81:D1:05:25:17:26:2D:FC:59:32:B6:00
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019A24D22515C59F2FDA04E15D2B3A153457
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/hYCcmu80EUyB0QUlFyYt_FkytgA.roa
Signing time: Mon 27 Oct 2025 08:39:03 +0000
ROA not before: Mon 27 Oct 2025 08:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 124.198.136.0/22 maxlen: 24
158.173.130.0/23 maxlen: 24
170.62.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:29:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:d2:25:15:c5:9f:2f:da:04:e1:5d:2b:3a:15:34:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 27 08:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85809c9aef34114c81d1052517262dfc5932b600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8e:7a:ef:2c:e6:b5:62:3e:ed:e3:22:d0:e8:
d9:a1:b0:0b:75:55:28:65:5a:9f:ba:22:f5:26:93:
f0:69:ed:47:b4:cb:8e:6b:cf:fc:d0:94:18:c1:a9:
c1:44:bd:71:07:06:ce:42:71:61:bc:1e:f8:09:1b:
aa:bf:2b:03:47:2e:f4:ad:dc:64:9b:8a:5f:5f:c1:
0b:77:6a:c8:82:f1:7f:b9:74:2c:b2:95:d9:85:94:
d1:4a:ee:fa:71:45:ac:e5:02:15:69:ef:e5:56:a6:
fa:4d:30:76:d5:4b:9e:9d:dc:25:05:2a:49:b1:04:
8c:b2:b9:5f:66:8a:34:91:48:ec:2f:ad:2e:14:aa:
04:8d:48:a2:b6:62:7b:8f:ff:e2:fa:e4:f1:25:9d:
24:13:2b:5e:01:77:7c:56:f5:54:c3:b5:df:b3:58:
f1:73:b9:23:c3:f1:a1:48:f5:80:b1:b0:bc:7e:12:
2a:e9:01:44:6a:e8:af:94:02:f1:d6:4c:bd:f5:ac:
d6:4d:b0:f1:ed:c9:5f:45:26:cc:b1:aa:5c:85:2f:
14:cb:41:fe:68:30:5d:7b:d5:16:b4:dc:ec:68:67:
75:fd:07:6f:ae:2d:0f:3c:77:8e:ed:9a:37:16:f9:
64:8f:23:fa:7f:15:30:74:8a:2e:fa:c0:e8:e5:71:
76:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:80:9C:9A:EF:34:11:4C:81:D1:05:25:17:26:2D:FC:59:32:B6:00
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/hYCcmu80EUyB0QUlFyYt_FkytgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.136.0/22
158.173.130.0/23
170.62.240.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:f6:f2:d9:3d:f2:50:53:c5:59:5f:26:01:34:8a:4d:e1:52:
a3:36:b2:bd:83:b9:a9:d1:6d:f1:83:07:ca:29:37:ec:ef:81:
85:a6:bb:9a:4c:af:0f:67:06:12:ea:40:6f:d5:37:4e:7e:b6:
29:22:db:55:48:30:85:c0:2e:8f:41:04:c9:c8:e3:db:73:cd:
d6:95:1f:7c:37:fc:1e:ae:1a:9a:67:28:a8:86:93:4d:16:01:
7b:3a:88:5b:ec:a5:65:50:a7:f4:25:bf:d5:f6:da:2f:71:8a:
5b:3e:30:77:cc:7e:66:8a:03:d9:4f:88:60:db:20:c9:0c:0b:
e0:d3:50:43:9a:f3:8d:9a:ed:1b:52:01:75:ea:aa:25:ed:7f:
33:f7:c0:2d:0a:02:92:d2:d0:14:24:34:4c:8c:f3:15:43:55:
d6:4f:81:d0:91:31:6e:c3:11:bb:bb:dc:c8:af:01:97:41:f6:
e9:7f:fe:42:b1:4b:64:13:fe:05:da:f2:d1:11:31:86:61:cb:
ba:92:1a:a6:8a:cb:bd:c7:e8:46:bf:d8:20:de:17:22:50:0b:
bd:34:8f:1a:13:01:33:52:36:f3:aa:54:c1:d4:09:c9:2f:92:
1c:de:7f:aa:4a:3c:f0:44:8b:aa:9d:e4:5e:05:b5:e2:d9:ab:
32:49:39:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZok0iUVxZ8v2gThXSs6FTRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUxMDI3MDgzOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgwOWM5YWVmMzQxMTRjODFkMTA1MjUxNzI2MmRmYzU5MzJiNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo567yzmtWI+7eMi0OjZobALdVUo
ZVqfuiL1JpPwae1HtMuOa8/80JQYwanBRL1xBwbOQnFhvB74CRuqvysDRy70rdxk
m4pfX8ELd2rIgvF/uXQsspXZhZTRSu76cUWs5QIVae/lVqb6TTB21UuendwlBSpJ
sQSMsrlfZoo0kUjsL60uFKoEjUiitmJ7j//i+uTxJZ0kEyteAXd8VvVUw7Xfs1jx
c7kjw/GhSPWAsbC8fhIq6QFEauivlALx1ky99azWTbDx7clfRSbMsapchS8Uy0H+
aDBde9UWtNzsaGd1/Qdvri0PPHeO7Zo3FvlkjyP6fxUwdIou+sDo5XF2+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIWAnJrvNBFMgdEFJRcmLfxZMrYAMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvaFlDY211ODBFVXlCMFFVbEZ5WXRfRmt5dGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCfMaIAwQB
nq2CAwQCqj7wMA0GCSqGSIb3DQEBCwUAA4IBAQDR9vLZPfJQU8VZXyYBNIpN4VKj
NrK9g7mp0W3xgwfKKTfs74GFpruaTK8PZwYS6kBv1TdOfrYpIttVSDCFwC6PQQTJ
yOPbc83WlR98N/werhqaZyiohpNNFgF7Oohb7KVlUKf0Jb/V9tovcYpbPjB3zH5m
igPZT4hg2yDJDAvg01BDmvONmu0bUgF16qol7X8z98AtCgKS0tAUJDRMjPMVQ1XW
T4HQkTFuwxG7u9zIrwGXQfbpf/5CsUtkE/4F2vLRETGGYcu6khqmisu9x+hGv9gg
3hciUAu9NI8aEwEzUjbzqlTB1AnJL5Ic3n+qSjzwRIuqneReBbXi2asySTnE
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:31:10 2025 by rpki-client