Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7krraT3vsYqjfvMnFF71I_IkhW4.roa
File: 7krraT3vsYqjfvMnFF71I_IkhW4.roa (raw, json)
Hash identifier: 0Eozeg6pzHtNYDtqs3R4jG/39UQzMT6GO46rhJ/NlvU=
Subject key identifier: EE:4A:EB:69:3D:EF:B1:8A:A3:7E:F3:27:14:5E:F5:23:F2:24:85:6E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0197564FC5C4CD203AB88820A67301D7FF0E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7krraT3vsYqjfvMnFF71I_IkhW4.roa
Signing time: Mon 09 Jun 2025 20:09:17 +0000
ROA not before: Mon 09 Jun 2025 20:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 37.46.20.0/22 maxlen: 24
77.239.108.0/22 maxlen: 24
87.251.16.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:4f:c5:c4:cd:20:3a:b8:88:20:a6:73:01:d7:ff:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 9 20:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee4aeb693defb18aa37ef327145ef523f224856e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a6:bb:cd:39:48:7a:51:08:f2:0a:ac:8e:9b:
dd:b8:e3:ff:3f:18:1f:c4:6e:4c:d1:2d:9c:94:bc:
d0:8f:d3:11:8b:46:85:b7:08:70:9f:a6:d0:3a:36:
bf:b4:8f:22:c9:f0:47:36:80:43:18:ab:a0:eb:63:
ab:7b:c1:b9:44:ba:3d:f7:78:c6:20:55:da:9a:8c:
9f:59:59:02:bc:b6:bc:37:42:34:51:c3:88:0d:26:
1e:e4:25:59:8c:45:e6:96:ad:61:fb:ab:db:c0:e4:
7f:92:ba:e7:33:0b:a2:15:93:6c:94:cb:91:32:13:
eb:3a:a0:73:af:d4:e6:36:2d:b1:4c:1f:fa:38:41:
04:a8:51:65:f6:14:51:a3:5c:ba:11:51:54:a0:d7:
d6:8c:51:e9:32:6c:40:5e:57:a9:ed:74:56:6a:84:
c5:50:c8:d3:ed:b1:60:b3:30:8d:26:62:aa:58:e3:
f8:db:51:aa:70:18:ec:c8:83:2f:2f:c6:39:5e:b9:
77:88:10:93:56:cc:c4:d5:bf:9a:59:83:8c:ad:77:
df:1a:db:9b:7b:ba:f6:84:09:4f:69:93:a5:26:94:
02:21:a1:2c:84:da:ce:5d:19:70:71:ea:33:d3:b2:
6e:a9:11:e6:40:f4:d2:8c:d0:8b:a9:9c:87:e1:1f:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4A:EB:69:3D:EF:B1:8A:A3:7E:F3:27:14:5E:F5:23:F2:24:85:6E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7krraT3vsYqjfvMnFF71I_IkhW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.20.0/22
77.239.108.0/22
87.251.16.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:16:41:02:26:48:2a:59:81:be:97:59:59:82:70:34:90:1b:
32:17:05:7f:e8:38:08:c2:89:b1:c0:ba:6a:9f:2d:96:fe:b3:
cb:88:5c:c5:36:9c:d4:a8:7f:d8:0a:d8:98:2f:b6:a8:2f:87:
d8:61:c0:dc:e1:a4:09:14:33:b9:fc:d4:8b:cf:83:64:d2:de:
bd:85:df:71:0d:85:63:00:d6:5a:13:12:9b:f0:3b:8a:de:39:
14:b4:6c:88:05:67:fa:78:b3:71:e6:5b:92:52:66:9d:b0:a3:
f7:6a:ae:f6:ce:a9:ea:ee:67:20:f6:57:44:26:d5:65:ab:d6:
35:2a:94:b3:2b:25:0e:3a:a0:42:78:1e:20:a1:55:5b:d6:a7:
18:d7:2b:27:98:4d:ca:17:7c:69:ea:bf:32:9f:c0:7c:f8:a4:
cd:f4:50:47:0c:ef:4b:fa:8b:62:21:eb:eb:7f:76:23:44:1a:
45:4a:f4:f3:6d:17:ef:2c:80:a4:8f:85:80:1e:f1:91:34:fb:
70:6b:88:47:2e:9e:5e:6a:ea:e8:6b:b7:ef:04:c5:c3:bb:20:
88:79:4f:0b:49:62:6c:56:c3:93:e0:c7:3b:d8:2c:ec:7b:26:
fa:52:29:58:29:4b:e3:b5:28:ad:5d:3d:65:86:da:2a:6e:30:
78:a6:68:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZdWT8XEzSA6uIggpnMB1/8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNjA5MjAwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTRhZWI2OTNkZWZiMThhYTM3ZWYzMjcxNDVlZjUyM2YyMjQ4NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaa7zTlIelEI8gqsjpvduOP/Pxgf
xG5M0S2clLzQj9MRi0aFtwhwn6bQOja/tI8iyfBHNoBDGKug62Ore8G5RLo993jG
IFXamoyfWVkCvLa8N0I0UcOIDSYe5CVZjEXmlq1h+6vbwOR/krrnMwuiFZNslMuR
MhPrOqBzr9TmNi2xTB/6OEEEqFFl9hRRo1y6EVFUoNfWjFHpMmxAXlep7XRWaoTF
UMjT7bFgszCNJmKqWOP421GqcBjsyIMvL8Y5Xrl3iBCTVszE1b+aWYOMrXffGtub
e7r2hAlPaZOlJpQCIaEshNrOXRlwceoz07JuqRHmQPTSjNCLqZyH4R9MqQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFO5K62k977GKo37zJxRe9SPyJIVuMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvN2tycmFUM3ZzWXFqZnZNbkZGNzFJX0lraFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCJS4UAwQC
Te9sAwQCV/sQAwQBlvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQEL
BQADggEBAG4WQQImSCpZgb6XWVmCcDSQGzIXBX/oOAjCibHAumqfLZb+s8uIXMU2
nNSof9gK2Jgvtqgvh9hhwNzhpAkUM7n81IvPg2TS3r2F33ENhWMA1loTEpvwO4re
ORS0bIgFZ/p4s3HmW5JSZp2wo/dqrvbOqeruZyD2V0Qm1WWr1jUqlLMrJQ46oEJ4
HiChVVvWpxjXKyeYTcoXfGnqvzKfwHz4pM30UEcM70v6i2Ih6+t/diNEGkVK9PNt
F+8sgKSPhYAe8ZE0+3BriEcunl5q6uhrt+8ExcO7IIh5TwtJYmxWw5PgxzvYLOx7
JvpSKVgpS+O1KK1dPWWG2ipuMHimaMk=
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:21:39 2025 by rpki-client