Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y1IDSpXXtUNyHALVbbQ84uLmifw.roa
File: Y1IDSpXXtUNyHALVbbQ84uLmifw.roa (raw, json)
Hash identifier: xaS62KXLF425t4lHwSRa8NFjlMrbEPErz6Zwsj4GNzw=
Subject key identifier: 63:52:03:4A:95:D7:B5:43:72:1C:02:D5:6D:B4:3C:E2:E2:E6:89:FC
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019871F8D3BC677300968F43DCD136D90C75
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y1IDSpXXtUNyHALVbbQ84uLmifw.roa
Signing time: Sun 03 Aug 2025 22:06:29 +0000
ROA not before: Sun 03 Aug 2025 22:06:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.88.0/22 maxlen: 24
64.188.112.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
193.23.200.0/24 maxlen: 24
193.23.201.0/24 maxlen: 24
193.23.202.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:71:f8:d3:bc:67:73:00:96:8f:43:dc:d1:36:d9:0c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Aug 3 22:06:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6352034a95d7b543721c02d56db43ce2e2e689fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:19:3e:82:8e:53:31:74:5c:ae:fd:60:71:0b:
35:8e:62:07:96:9d:9b:cf:99:44:31:82:30:02:a9:
37:78:c3:4a:e2:f5:95:d4:5b:fa:bf:19:e9:3e:ac:
97:0a:85:cd:aa:3e:5c:23:a2:e7:80:59:89:3b:4c:
6b:0d:b8:f8:2c:5d:59:a1:b4:ec:dc:be:78:f3:93:
f3:eb:13:c4:01:fc:36:33:fa:08:f9:12:c1:c4:49:
47:90:bc:9e:c6:75:c4:a5:80:2e:3c:96:d6:b5:5a:
31:0c:b8:b7:00:c7:ce:f6:72:89:db:31:8c:55:06:
2f:9e:05:a9:eb:67:08:36:f1:8f:5f:2c:7f:55:e9:
94:1c:f8:b1:1f:70:8a:1d:5d:a3:12:37:e2:75:cb:
c3:d9:34:99:01:6c:53:b4:98:28:da:cb:14:19:1e:
01:17:fc:a1:c0:8f:81:e2:64:c0:bd:e3:71:82:ca:
e3:8f:79:29:9d:a7:e2:50:00:37:bf:58:51:0d:91:
f3:8d:4d:cc:21:f0:8e:67:6b:06:85:d5:7a:dc:e5:
3c:82:97:93:a7:5b:ee:fe:59:8d:c7:4b:af:88:a0:
22:4f:56:42:0d:78:f4:8d:e3:e1:61:2a:60:56:a2:
92:cf:6a:49:ba:dd:9f:71:c5:6e:5f:49:52:96:15:
81:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:52:03:4A:95:D7:B5:43:72:1C:02:D5:6D:B4:3C:E2:E2:E6:89:FC
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y1IDSpXXtUNyHALVbbQ84uLmifw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.88.0/22
64.188.112.0/22
193.23.196.0/24
193.23.200.0-193.23.202.255
193.23.204.0/22
Signature Algorithm: sha256WithRSAEncryption
51:a4:6e:15:d5:50:c0:47:84:5d:27:0a:58:2c:31:94:20:a7:
62:80:19:2b:a4:92:67:e6:88:91:85:e5:0e:8c:43:2b:2c:1f:
cf:50:98:5a:f5:19:40:fc:2c:6f:87:cc:71:15:d5:36:75:ee:
52:69:61:1d:5e:76:51:5c:58:0d:56:24:54:7f:ab:38:bd:94:
f9:b5:67:a7:74:12:df:5b:0e:7e:66:db:ac:b3:e4:78:1d:42:
a5:dc:a6:a2:60:64:5c:17:2e:fa:13:ed:b3:76:e4:95:81:66:
1c:a1:67:40:d4:e6:06:1f:6c:12:75:1e:1a:65:e2:20:53:77:
e4:78:b6:73:e0:32:d1:c0:03:fa:08:d1:63:67:04:3c:6f:23:
39:fe:cb:52:54:2b:4c:df:d5:63:68:51:4f:60:4a:68:57:7f:
a8:9e:87:b4:05:4c:d5:fa:eb:61:20:6f:58:15:6a:af:36:9c:
bf:bc:2e:2f:94:a8:14:a3:66:f7:83:7c:da:43:3f:aa:4b:b7:
c2:06:1a:8c:ee:03:41:b1:53:29:3f:5f:46:e5:27:2b:bb:db:
d6:dc:62:36:ca:5a:dc:4a:cd:c9:db:60:56:b5:9b:58:4f:a6:
a9:61:7e:23:86:01:d2:42:d6:44:9b:e1:09:af:27:8e:ec:2d:
7c:a4:0e:fb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhx+NO8Z3MAlo9D3NE22Qx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwODAzMjIwNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzUyMDM0YTk1ZDdiNTQzNzIxYzAyZDU2ZGI0M2NlMmUyZTY4OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhk+go5TMXRcrv1gcQs1jmIHlp2b
z5lEMYIwAqk3eMNK4vWV1Fv6vxnpPqyXCoXNqj5cI6LngFmJO0xrDbj4LF1ZobTs
3L5485Pz6xPEAfw2M/oI+RLBxElHkLyexnXEpYAuPJbWtVoxDLi3AMfO9nKJ2zGM
VQYvngWp62cINvGPXyx/VemUHPixH3CKHV2jEjfidcvD2TSZAWxTtJgo2ssUGR4B
F/yhwI+B4mTAveNxgsrjj3kpnafiUAA3v1hRDZHzjU3MIfCOZ2sGhdV63OU8gpeT
p1vu/lmNx0uviKAiT1ZCDXj0jePhYSpgVqKSz2pJut2fccVuX0lSlhWBswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGNSA0qV17VDchwC1W20POLi5on8MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWTFJRFNwWFh0VU55SEFMVmJiUTg0dUxtaWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCQLxYAwQC
QLxwAwQAwRfEMAwDBAPBF8gDBADBF8oDBALBF8wwDQYJKoZIhvcNAQELBQADggEB
AFGkbhXVUMBHhF0nClgsMZQgp2KAGSukkmfmiJGF5Q6MQyssH89QmFr1GUD8LG+H
zHEV1TZ17lJpYR1edlFcWA1WJFR/qzi9lPm1Z6d0Et9bDn5m26yz5HgdQqXcpqJg
ZFwXLvoT7bN25JWBZhyhZ0DU5gYfbBJ1Hhpl4iBTd+R4tnPgMtHAA/oI0WNnBDxv
Izn+y1JUK0zf1WNoUU9gSmhXf6ieh7QFTNX662Egb1gVaq82nL+8Li+UqBSjZveD
fNpDP6pLt8IGGozuA0GxUyk/X0blJyu729bcYjbKWtxKzcnbYFa1m1hPpqlhfiOG
AdJC1kSb4QmvJ47sLXykDvs=
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:31:43 2025 by rpki-client