Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jhErt8aOmUu-YcOSQeQoyPUdOpE.roa
File: jhErt8aOmUu-YcOSQeQoyPUdOpE.roa (raw, json)
Hash identifier: Ch0yUGvFCySVPiyWtScucCCSE9gH1cuOX0vK3LmpabQ=
Subject key identifier: 8E:11:2B:B7:C6:8E:99:4B:BE:61:C3:92:41:E4:28:C8:F5:1D:3A:91
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01985AE6C5CD240631E297E41830BA570CB8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jhErt8aOmUu-YcOSQeQoyPUdOpE.roa
Signing time: Wed 30 Jul 2025 10:35:30 +0000
ROA not before: Wed 30 Jul 2025 10:35:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214361
IP address blocks: 94.183.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:e6:c5:cd:24:06:31:e2:97:e4:18:30:ba:57:0c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 30 10:35:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e112bb7c68e994bbe61c39241e428c8f51d3a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b7:6c:22:7f:65:31:a6:03:15:ac:cc:15:91:
1f:19:40:d5:a1:a6:ca:58:bb:91:df:b3:ca:42:1e:
f6:33:cf:6c:16:46:7a:55:19:5b:d5:fd:16:f3:56:
d7:50:db:8e:ee:4a:cc:76:ec:a1:1a:e6:4c:82:22:
4f:a7:5a:3d:e8:5d:16:34:7e:0e:d3:24:e8:3d:85:
16:04:05:40:7c:c5:bb:d4:38:7f:1d:0d:07:d7:d2:
c9:d9:24:84:0d:b2:a9:0d:2c:32:c0:be:b9:0e:b1:
a7:73:09:06:45:52:a6:60:e3:15:f3:b5:aa:25:1a:
01:2e:d3:6b:e2:72:42:85:18:5c:da:f8:de:b1:90:
3d:f8:58:ce:9c:10:1b:8e:f9:de:76:1a:36:bf:fd:
a3:6a:b7:8b:48:03:d2:7a:50:22:c7:1b:3e:ef:93:
71:67:20:3c:ec:38:8f:da:70:1b:e9:64:08:e4:52:
79:c9:75:6f:26:81:08:a2:a0:76:dd:15:9f:3d:10:
a3:ac:2d:4a:ee:49:88:89:9d:46:d1:dc:d5:ec:91:
1e:19:ad:0a:7a:7e:92:b1:8b:e2:1e:ac:e3:17:e3:
03:36:c6:50:f7:30:1f:14:23:42:92:1c:b3:b1:da:
2c:d6:ec:24:99:e9:94:37:18:8e:50:7b:6a:2b:9f:
52:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:11:2B:B7:C6:8E:99:4B:BE:61:C3:92:41:E4:28:C8:F5:1D:3A:91
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jhErt8aOmUu-YcOSQeQoyPUdOpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.179.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5e:ef:fd:e3:7a:aa:66:35:0a:0e:db:35:bc:53:94:98:11:
71:27:1c:af:9b:14:f3:71:be:cb:90:8d:79:52:a5:d1:8c:fa:
98:62:48:31:38:15:fc:ee:ca:27:64:ca:81:1b:0b:5f:28:34:
6e:77:63:88:04:06:b9:78:05:4d:79:4a:32:d6:68:37:f1:f8:
ba:7c:0a:3d:b6:c5:24:b2:a0:83:aa:1f:61:3d:ac:ed:c6:59:
92:ac:2b:dc:ae:36:b4:12:8b:3c:27:8b:85:6a:2d:0b:1c:72:
61:d1:01:8c:94:61:c8:10:8c:ec:25:b9:d9:e6:46:78:96:f9:
a8:78:4f:9b:9a:76:23:d8:7a:3d:64:9e:11:da:f1:3e:3d:fa:
7f:dd:51:ba:24:50:bd:2b:fd:fc:85:53:aa:4b:26:0f:f0:14:
6e:bf:d4:37:15:2b:78:7c:c8:be:de:4d:40:87:18:0c:0b:3c:
03:ec:00:1c:43:de:ab:25:36:ee:50:8c:e6:ed:e6:50:62:e6:
c0:7d:d6:75:33:d8:4e:41:82:30:ec:a3:96:f7:97:4c:79:8e:
b3:6b:2c:ac:07:03:74:69:07:d4:33:23:68:7f:d6:9b:05:0d:
b7:8e:3f:a8:3e:18:0a:3e:a4:56:3a:15:df:55:44:c7:97:7e:
66:6e:54:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZha5sXNJAYx4pfkGDC6Vwy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzMwMTAzNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTExMmJiN2M2OGU5OTRiYmU2MWMzOTI0MWU0MjhjOGY1MWQzYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7dsIn9lMaYDFazMFZEfGUDVoabK
WLuR37PKQh72M89sFkZ6VRlb1f0W81bXUNuO7krMduyhGuZMgiJPp1o96F0WNH4O
0yToPYUWBAVAfMW71Dh/HQ0H19LJ2SSEDbKpDSwywL65DrGncwkGRVKmYOMV87Wq
JRoBLtNr4nJChRhc2vjesZA9+FjOnBAbjvnedho2v/2jareLSAPSelAixxs+75Nx
ZyA87DiP2nAb6WQI5FJ5yXVvJoEIoqB23RWfPRCjrC1K7kmIiZ1G0dzV7JEeGa0K
en6SsYviHqzjF+MDNsZQ9zAfFCNCkhyzsdos1uwkmemUNxiOUHtqK59SZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4RK7fGjplLvmHDkkHkKMj1HTqRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvamhFcnQ4YU9tVXUtWWNPU1FlUW95UFVkT3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrezMA0G
CSqGSIb3DQEBCwUAA4IBAQBkXu/943qqZjUKDts1vFOUmBFxJxyvmxTzcb7LkI15
UqXRjPqYYkgxOBX87sonZMqBGwtfKDRud2OIBAa5eAVNeUoy1mg38fi6fAo9tsUk
sqCDqh9hPaztxlmSrCvcrja0Eos8J4uFai0LHHJh0QGMlGHIEIzsJbnZ5kZ4lvmo
eE+bmnYj2Ho9ZJ4R2vE+Pfp/3VG6JFC9K/38hVOqSyYP8BRuv9Q3FSt4fMi+3k1A
hxgMCzwD7AAcQ96rJTbuUIzm7eZQYubAfdZ1M9hOQYIw7KOW95dMeY6zayysBwN0
aQfUMyNof9abBQ23jj+oPhgKPqRWOhXfVUTHl35mblSF
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:31:05 2025 by rpki-client