
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4GnfbDQJcHQ0YMdLymiE_wZR3Sk.roa
File: 4GnfbDQJcHQ0YMdLymiE_wZR3Sk.roa (raw, json)
Hash identifier: v5f8D/Of1Fdx6Yya0EeDkOsdiRIcLbPt49RV2L1gp3o=
Subject key identifier: E0:69:DF:6C:34:09:70:74:34:60:C7:4B:CA:68:84:FF:06:51:DD:29
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01985C8753341D8A3D4FC0BB9A8DF203397F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4GnfbDQJcHQ0YMdLymiE_wZR3Sk.roa
Signing time: Wed 30 Jul 2025 18:10:29 +0000
ROA not before: Wed 30 Jul 2025 18:10:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5c:87:53:34:1d:8a:3d:4f:c0:bb:9a:8d:f2:03:39:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 30 18:10:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e069df6c340970743460c74bca6884ff0651dd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0b:ee:29:64:c1:6d:53:76:64:dc:26:27:c0:
aa:7d:a8:a0:40:a3:a8:a3:df:b2:ef:c2:b2:11:28:
7b:0c:b9:61:47:82:cc:3b:c2:ac:b6:a0:cd:41:f9:
c9:fb:fe:de:43:fe:5e:23:f7:27:cb:a3:d7:cc:af:
25:fe:c8:cf:f6:d7:94:0a:63:12:40:19:78:be:c2:
4b:82:93:35:b9:97:17:79:c6:3e:42:c3:5e:6d:66:
28:c3:d1:a3:81:5b:d9:24:e6:6b:69:d4:2b:71:e8:
9c:45:e6:04:a5:0f:f1:2e:f6:53:92:61:26:8d:52:
e5:ed:df:1b:fb:d3:58:16:ea:7d:e0:d1:73:51:bc:
06:05:54:37:9a:00:63:2f:42:de:9d:ef:e6:b4:54:
ee:61:81:f7:e1:89:9c:1d:76:7a:ea:a0:e8:68:d9:
15:35:bd:b3:7a:f0:9d:7d:84:6e:2c:b5:0d:07:33:
6b:86:50:6a:c4:52:c5:7b:78:27:f1:c9:f5:0a:b0:
6d:e9:d6:63:ab:9c:a3:0e:34:d7:b7:f4:46:4b:5b:
b0:6f:ca:a9:e4:fb:92:9b:54:f0:13:fa:46:17:5e:
84:43:a1:11:3c:cc:77:47:b9:f7:c8:55:5e:f8:a8:
b1:82:92:3e:5c:c3:1e:e1:4b:c1:83:49:c4:fe:bd:
f0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:69:DF:6C:34:09:70:74:34:60:C7:4B:CA:68:84:FF:06:51:DD:29
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4GnfbDQJcHQ0YMdLymiE_wZR3Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.96.0/23
64.188.124.0-64.188.126.255
77.239.104.0/23
77.239.122.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
39:51:2b:aa:bb:98:de:db:c4:91:ce:35:c0:f3:7d:ad:ba:8a:
01:ee:7a:3e:b8:88:11:cc:5c:96:22:e6:59:9d:7a:ab:91:68:
70:29:29:fc:5f:c7:5b:00:b1:54:cc:d3:0d:25:4d:0f:17:27:
a8:bb:d7:2b:71:1b:ad:9e:c2:70:d7:13:90:37:aa:e3:57:62:
e0:e8:1b:21:b4:ed:49:28:9c:ea:d5:bb:85:7d:c1:68:5d:82:
92:9a:d6:ca:e2:cb:76:22:1a:62:2e:28:8d:a4:3b:6d:79:49:
a3:9d:cb:ac:98:fd:89:98:71:8e:eb:fa:65:da:9f:7d:4d:a7:
00:8c:82:a4:f6:32:e0:86:90:d2:d3:12:61:10:9e:38:d5:5f:
48:f1:a4:30:4f:bc:0b:4d:22:8e:04:f9:c6:c8:e7:de:05:06:
04:a0:91:0e:cc:6e:19:16:86:d0:f5:e4:4b:a1:e6:cc:92:25:
46:26:5e:93:1a:e7:02:8f:50:71:b3:26:15:10:72:a3:f2:af:
d3:cd:31:4e:11:2d:f8:43:cd:fd:ff:b8:be:86:5c:90:8f:d9:
f1:ac:19:63:90:3e:e9:1b:43:ad:13:ed:31:d2:c5:b2:b1:cf:
17:78:23:5b:94:4e:3a:e3:43:a1:4c:c9:92:c3:9c:de:07:3d:
6f:40:27:0f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZhch1M0HYo9T8C7mo3yAzl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzMwMTgxMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY5ZGY2YzM0MDk3MDc0MzQ2MGM3NGJjYTY4ODRmZjA2NTFkZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgvuKWTBbVN2ZNwmJ8CqfaigQKOo
o9+y78KyESh7DLlhR4LMO8KstqDNQfnJ+/7eQ/5eI/cny6PXzK8l/sjP9teUCmMS
QBl4vsJLgpM1uZcXecY+QsNebWYow9GjgVvZJOZradQrceicReYEpQ/xLvZTkmEm
jVLl7d8b+9NYFup94NFzUbwGBVQ3mgBjL0Lene/mtFTuYYH34YmcHXZ66qDoaNkV
Nb2zevCdfYRuLLUNBzNrhlBqxFLFe3gn8cn1CrBt6dZjq5yjDjTXt/RGS1uwb8qp
5PuSm1TwE/pGF16EQ6ERPMx3R7n3yFVe+KixgpI+XMMe4UvBg0nE/r3wgwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFOBp32w0CXB0NGDHS8pohP8GUd0pMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNEduZmJEUUpjSFEwWU1kTHltaUVfd1pSM1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAQLxJAwQA
QLxLAwQBQLxgMAwDBAJAvHwDBABAvH4DBAFN72gDBAFN73oDBACW8WkDBACW8WwD
BACW8XsDBAG5uHoDBAC5z4UwDQYJKoZIhvcNAQELBQADggEBADlRK6q7mN7bxJHO
NcDzfa26igHuej64iBHMXJYi5lmdequRaHApKfxfx1sAsVTM0w0lTQ8XJ6i71ytx
G62ewnDXE5A3quNXYuDoGyG07UkonOrVu4V9wWhdgpKa1sriy3YiGmIuKI2kO215
SaOdy6yY/YmYcY7r+mXan31NpwCMgqT2MuCGkNLTEmEQnjjVX0jxpDBPvAtNIo4E
+cbI594FBgSgkQ7MbhkWhtD15Euh5sySJUYmXpMa5wKPUHGzJhUQcqPyr9PNMU4R
LfhDzf3/uL6GXJCP2fGsGWOQPukbQ60T7THSxbKxzxd4I1uUTjrjQ6FMyZLDnN4H
PW9AJw8=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:14:13 2025 by rpki-client