Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7U5r4Z78USqFCwYw4la5x2Ttau4.roa
File: 7U5r4Z78USqFCwYw4la5x2Ttau4.roa (raw, json)
Hash identifier: Hl4szBUmDGPcuAuZuPxLvXKsotlJPuFHIrSE9zQ+sO0=
Subject key identifier: ED:4E:6B:E1:9E:FC:51:2A:85:0B:06:30:E2:56:B9:C7:64:ED:6A:EE
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019A1B01EFF5EED990A1A08EE0B40C267183
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7U5r4Z78USqFCwYw4la5x2Ttau4.roa
Signing time: Sat 25 Oct 2025 10:55:03 +0000
ROA not before: Sat 25 Oct 2025 10:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215439
IP address blocks: 64.188.64.0/22 maxlen: 24
77.239.125.0/24 maxlen: 24
144.31.30.0/24 maxlen: 24
144.31.95.0/24 maxlen: 24
144.31.164.0/22 maxlen: 24
144.31.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 12:18:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:01:ef:f5:ee:d9:90:a1:a0:8e:e0:b4:0c:26:71:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Oct 25 10:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed4e6be19efc512a850b0630e256b9c764ed6aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:48:ed:bf:03:c8:c2:15:e4:3e:83:2c:7e:39:
27:4a:7d:47:8b:94:ce:af:f3:2f:c5:9e:f2:7a:8f:
e2:44:3b:20:dd:63:a6:ac:8c:f3:4e:1b:93:13:a6:
3f:e2:75:32:5c:d7:f7:37:f0:c3:44:57:bb:22:d7:
05:ce:b9:56:83:23:21:c6:b1:0b:94:ea:62:d1:1f:
0e:fe:07:ce:e4:26:aa:2c:40:33:d7:1c:4c:2c:78:
ee:fe:75:ce:d1:3c:f5:f9:7d:b3:da:00:f6:ef:ec:
3a:5d:e6:2a:3b:52:e5:b2:11:72:ab:3f:98:a9:a8:
ce:ac:a1:44:36:bd:db:f4:e6:f6:70:51:f1:83:64:
9a:b0:54:9e:ef:76:e1:00:55:b0:7b:ff:ba:11:9d:
21:fc:5d:5e:40:00:5d:42:a7:27:1c:b5:46:f2:c9:
d0:73:0e:f8:72:cf:04:39:cf:59:f5:63:28:00:47:
27:5b:53:98:16:f6:0f:91:42:8c:b9:f4:51:79:1c:
d7:bf:e7:0d:05:5f:5a:6a:da:40:8b:fd:fd:6e:c3:
64:0a:4d:ba:2b:07:51:c5:47:0e:86:ea:d1:ae:a6:
8b:6a:40:b8:f3:7b:10:74:68:97:40:b8:cf:15:a3:
bb:07:73:b6:8a:cf:68:e5:80:19:db:20:3a:a4:ec:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4E:6B:E1:9E:FC:51:2A:85:0B:06:30:E2:56:B9:C7:64:ED:6A:EE
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7U5r4Z78USqFCwYw4la5x2Ttau4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.64.0/22
77.239.125.0/24
144.31.30.0/24
144.31.95.0/24
144.31.164.0/22
144.31.212.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b9:fc:b4:1a:2d:1a:dd:db:a0:96:f5:32:23:d3:ad:b2:34:
7d:60:a7:37:ad:94:7a:08:0f:b9:d5:05:7f:7b:52:a7:13:cb:
52:f8:ab:74:26:91:a6:64:b6:46:a7:de:d7:79:34:f3:28:ae:
46:fd:eb:86:77:ad:77:1f:f8:74:1c:8b:77:36:ce:ea:3a:62:
ba:21:13:2e:cb:95:b5:3c:95:5e:86:5d:d6:07:b0:ef:eb:db:
3e:1b:0f:fe:e5:92:7a:d6:8c:ea:1e:a8:53:c1:0e:25:25:1e:
0d:93:62:28:01:5e:21:b8:cf:dc:e9:ed:26:45:10:72:d7:32:
bf:ae:d1:bb:48:0e:64:36:49:33:8a:96:5e:ad:53:fb:c6:7a:
4f:d8:da:f0:d4:9b:a9:6e:30:ec:70:1b:85:94:e1:07:6b:d6:
ef:29:ef:94:8d:46:09:d9:93:47:88:33:5e:b4:a5:e4:b8:6f:
4b:80:c8:96:4d:dc:11:1e:43:db:e1:9b:b2:28:54:04:24:35:
f6:b2:18:03:0d:48:ba:ed:42:64:9b:1d:f3:42:5d:c3:b7:21:
9a:ef:1e:c6:a6:03:3a:3a:57:7b:de:f0:e1:0b:73:d1:43:39:
00:e3:59:f6:5d:40:07:16:58:1b:38:84:b4:1e:21:85:08:81:
8f:4c:da:c8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZobAe/17tmQoaCO4LQMJnGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMDI1MTA1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDRlNmJlMTllZmM1MTJhODUwYjA2MzBlMjU2YjljNzY0ZWQ2YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60jtvwPIwhXkPoMsfjknSn1Hi5TO
r/MvxZ7yeo/iRDsg3WOmrIzzThuTE6Y/4nUyXNf3N/DDRFe7ItcFzrlWgyMhxrEL
lOpi0R8O/gfO5CaqLEAz1xxMLHju/nXO0Tz1+X2z2gD27+w6XeYqO1LlshFyqz+Y
qajOrKFENr3b9Ob2cFHxg2SasFSe73bhAFWwe/+6EZ0h/F1eQABdQqcnHLVG8snQ
cw74cs8EOc9Z9WMoAEcnW1OYFvYPkUKMufRReRzXv+cNBV9aatpAi/39bsNkCk26
KwdRxUcOhurRrqaLakC483sQdGiXQLjPFaO7B3O2is9o5YAZ2yA6pOwk5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO1Oa+Ge/FEqhQsGMOJWucdk7WruMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvN1U1cjRaNzhVU3FGQ3dZdzRsYTV4MlR0YXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCQLxAAwQA
Te99AwQAkB8eAwQAkB9fAwQCkB+kAwQAkB/UMA0GCSqGSIb3DQEBCwUAA4IBAQBl
ufy0Gi0a3duglvUyI9OtsjR9YKc3rZR6CA+51QV/e1KnE8tS+Kt0JpGmZLZGp97X
eTTzKK5G/euGd613H/h0HIt3Ns7qOmK6IRMuy5W1PJVehl3WB7Dv69s+Gw/+5ZJ6
1ozqHqhTwQ4lJR4Nk2IoAV4huM/c6e0mRRBy1zK/rtG7SA5kNkkzipZerVP7xnpP
2Nrw1JupbjDscBuFlOEHa9bvKe+UjUYJ2ZNHiDNetKXkuG9LgMiWTdwRHkPb4Zuy
KFQEJDX2shgDDUi67UJkmx3zQl3DtyGa7x7GpgM6Old73vDhC3PRQzkA41n2XUAH
FlgbOIS0HiGFCIGPTNrI
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:52:04 2025 by rpki-client