Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rS_Rew_q8titCWQSRr50ylQdjog.roa
File: rS_Rew_q8titCWQSRr50ylQdjog.roa (raw, json)
Hash identifier: qlZwr414ZwMF23jxB4RLy7KDgq6wEGrJhKsxaR8Ztlw=
Subject key identifier: AD:2F:D1:7B:0F:EA:F2:D8:AD:09:64:12:46:BE:74:CA:54:1D:8E:88
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019A4C55CE5CB40B3763FE064DB6435575F5
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rS_Rew_q8titCWQSRr50ylQdjog.roa
Signing time: Tue 04 Nov 2025 00:48:03 +0000
ROA not before: Tue 04 Nov 2025 00:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
144.31.26.0/23 maxlen: 24
144.31.64.0/22 maxlen: 24
144.31.68.0/22 maxlen: 24
144.31.72.0/22 maxlen: 24
144.31.86.0/23 maxlen: 24
144.31.89.0/24 maxlen: 24
144.31.137.0/24 maxlen: 24
144.31.192.0/23 maxlen: 24
144.31.198.0/23 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 12:18:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:55:ce:5c:b4:0b:37:63:fe:06:4d:b6:43:55:75:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Nov 4 00:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad2fd17b0feaf2d8ad09641246be74ca541d8e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:86:c7:6a:b6:56:81:fb:1d:88:4a:ed:5a:4d:
36:5d:2c:ec:04:81:8d:c6:54:0d:ee:5e:58:8c:b9:
cb:e7:e9:82:ca:02:9e:f0:af:a4:1d:4f:15:fc:f5:
82:79:4c:a0:ec:71:19:f4:a4:51:a7:d9:1d:d9:02:
dc:d8:25:b7:86:b2:f1:0e:28:57:fa:67:39:2c:65:
cc:37:0e:02:1c:93:61:81:42:1c:c7:6c:fb:0b:ff:
c8:51:33:81:6d:d1:6e:46:2c:ad:e9:18:2c:b3:6d:
45:d9:3f:06:5c:4a:c5:04:e6:55:8b:c3:18:37:34:
e4:1d:3f:f4:e2:eb:d3:7c:f1:34:e7:d1:96:85:d5:
df:23:be:e4:37:73:53:24:65:b9:c5:27:09:4a:65:
bf:83:02:0a:fd:71:b3:8c:eb:ee:33:c3:02:0a:bd:
1e:5d:a7:84:eb:32:49:70:e4:3b:e6:ad:65:72:f1:
28:70:18:d2:53:78:9a:3c:5c:69:26:3c:d0:0c:a7:
c1:71:66:1c:77:9c:4e:a6:8c:f0:7f:ea:ee:18:0a:
1d:3c:80:be:3e:bd:93:da:ca:14:73:a4:df:ef:0d:
84:c5:ea:6e:0b:7f:f7:35:78:84:32:cf:39:a7:62:
08:85:87:78:66:9f:40:ec:79:cf:d1:b0:ce:cd:ab:
10:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2F:D1:7B:0F:EA:F2:D8:AD:09:64:12:46:BE:74:CA:54:1D:8E:88
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rS_Rew_q8titCWQSRr50ylQdjog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.92.0-64.188.97.255
64.188.124.0-64.188.126.255
77.239.104.0/23
77.239.122.0/23
144.31.26.0/23
144.31.64.0-144.31.75.255
144.31.86.0/23
144.31.89.0/24
144.31.137.0/24
144.31.192.0/23
144.31.198.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f5:a0:69:6c:03:f4:cf:e1:b2:d1:b9:58:a8:28:f4:c8:df:
14:3d:f5:cb:c5:ab:8a:2a:1a:a4:1d:0f:f5:d7:97:c9:ea:23:
e8:6d:16:31:f2:c8:c8:4e:bc:76:01:62:ff:39:91:a3:4b:95:
42:d5:9a:3f:3c:af:5f:d2:b2:5c:28:29:3a:71:9e:3c:02:6a:
aa:9e:83:f8:f1:08:c7:30:11:9c:fe:cd:60:f2:ee:40:3c:58:
bf:75:0b:1e:67:4c:33:08:f8:82:31:56:b4:69:f1:94:73:13:
22:e9:44:4c:73:dc:87:d6:fa:c8:ee:e4:41:36:b0:d4:96:6c:
34:45:31:a5:ff:41:60:1d:dd:43:28:1f:fb:85:61:bd:f5:0c:
32:0f:cd:40:b7:9a:fa:f0:1d:ab:da:b9:dd:fa:4a:99:49:98:
16:c8:dd:b9:f9:33:f4:63:ff:d4:ff:c3:a0:f6:5d:ac:68:8f:
c3:c1:df:eb:4e:c6:d4:9c:46:4b:53:06:3f:66:78:0e:fe:d9:
26:b0:76:aa:2e:0c:84:d5:b5:ee:d5:19:95:92:5b:7e:0a:f2:
61:28:24:7f:d1:84:fb:00:6a:9a:0c:cd:82:30:db:80:b6:14:
04:d3:d6:67:76:32:9c:77:66:3e:79:9c:34:a7:32:b2:78:96:
0b:53:25:4a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZpMVc5ctAs3Y/4GTbZDVXX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMTA0MDA0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJmZDE3YjBmZWFmMmQ4YWQwOTY0MTI0NmJlNzRjYTU0MWQ4ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4bHarZWgfsdiErtWk02XSzsBIGN
xlQN7l5YjLnL5+mCygKe8K+kHU8V/PWCeUyg7HEZ9KRRp9kd2QLc2CW3hrLxDihX
+mc5LGXMNw4CHJNhgUIcx2z7C//IUTOBbdFuRiyt6Rgss21F2T8GXErFBOZVi8MY
NzTkHT/04uvTfPE059GWhdXfI77kN3NTJGW5xScJSmW/gwIK/XGzjOvuM8MCCr0e
XaeE6zJJcOQ75q1lcvEocBjSU3iaPFxpJjzQDKfBcWYcd5xOpozwf+ruGAodPIC+
Pr2T2soUc6Tf7w2ExepuC3/3NXiEMs85p2IIhYd4Zp9A7HnP0bDOzasQYQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFK0v0XsP6vLYrQlkEka+dMpUHY6IMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvclNfUmV3X3E4dGl0Q1dRU1JyNTB5bFFkam9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABA
vEkDBABAvEswDAMEAkC8XAMEAUC8YDAMAwQCQLx8AwQAQLx+AwQBTe9oAwQBTe96
AwQBkB8aMAwDBAaQH0ADBAKQH0gDBAGQH1YDBACQH1kDBACQH4kDBAGQH8ADBAGQ
H8YDBACW8WkDBACW8WwDBACW8XsDBAG5uHoDBAC5z4UwDQYJKoZIhvcNAQELBQAD
ggEBAK31oGlsA/TP4bLRuVioKPTI3xQ99cvFq4oqGqQdD/XXl8nqI+htFjHyyMhO
vHYBYv85kaNLlULVmj88r1/SslwoKTpxnjwCaqqeg/jxCMcwEZz+zWDy7kA8WL91
Cx5nTDMI+IIxVrRp8ZRzEyLpRExz3IfW+sju5EE2sNSWbDRFMaX/QWAd3UMoH/uF
Yb31DDIPzUC3mvrwHavaud36SplJmBbI3bn5M/Rj/9T/w6D2Xaxoj8PB3+tOxtSc
RktTBj9meA7+2SawdqouDITVte7VGZWSW34K8mEoJH/RhPsAapoMzYIw24C2FATT
1md2Mpx3Zj55nDSnMrJ4lgtTJUo=
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:51:14 2025 by rpki-client