Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/huTpztbsQALNaxE7iUdUxmvpFuk.roa
File: huTpztbsQALNaxE7iUdUxmvpFuk.roa (raw, json)
Hash identifier: sMf2UqH7zZTc0SKWY1HAbVuZYKZQgSMeRF7P6Xn93AA=
Subject key identifier: 86:E4:E9:CE:D6:EC:40:02:CD:6B:11:3B:89:47:54:C6:6B:E9:16:E9
Certificate issuer: /CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0
Certificate serial: 019A017643925D2D828DE7AAAD83BC894EDB
Authority key identifier: C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/huTpztbsQALNaxE7iUdUxmvpFuk.roa
Signing time: Mon 20 Oct 2025 11:51:58 +0000
ROA not before: Mon 20 Oct 2025 11:51:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43969
IP address blocks: 45.148.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:76:43:92:5d:2d:82:8d:e7:aa:ad:83:bc:89:4e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0
Validity
Not Before: Oct 20 11:51:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86e4e9ced6ec4002cd6b113b894754c66be916e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a5:81:73:69:ae:74:f1:d7:3f:22:ed:88:83:
07:2e:10:31:aa:51:d1:f1:ff:53:4c:6d:42:2a:5a:
20:4f:cf:f5:f6:6b:9d:57:d6:a5:6a:4c:9f:3e:ae:
1e:81:fa:f9:07:7e:5d:ff:6c:c6:24:51:26:47:34:
37:a9:ed:d1:bb:d6:6a:74:0e:db:2e:c6:99:95:21:
34:7b:c0:ce:40:e9:7f:2e:5a:41:d2:d4:ca:56:c3:
73:fa:ac:9e:29:a1:59:ce:46:79:b1:2b:9c:d9:d2:
5a:e9:ff:6a:13:2f:79:ec:24:34:a5:1e:b7:14:cd:
62:a5:43:e1:37:cc:2a:80:22:8e:0a:7c:27:26:62:
65:90:1d:cd:fb:e1:8b:78:4c:e7:55:c9:7b:4d:b5:
cf:25:3d:34:d0:b3:3d:32:29:31:60:6e:f1:f6:38:
ad:a8:2d:2b:48:11:a9:42:1f:26:29:c8:85:fd:75:
de:b2:60:cf:b3:d6:6e:07:44:dc:a7:29:5f:65:00:
2d:9e:25:32:52:d9:97:57:3f:3f:d2:f4:eb:41:60:
d5:b9:0e:95:fa:7f:e8:a6:df:bf:71:93:75:39:0d:
be:35:a4:f3:8c:89:d1:6e:20:04:a5:92:e4:4a:3a:
05:61:48:fd:e8:fd:ab:30:f3:6a:12:6b:b3:ea:3c:
fc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E4:E9:CE:D6:EC:40:02:CD:6B:11:3B:89:47:54:C6:6B:E9:16:E9
X509v3 Authority Key Identifier:
keyid:C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/huTpztbsQALNaxE7iUdUxmvpFuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.204.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:28:ad:60:9f:e6:ad:66:44:ad:d9:7b:4a:c0:d2:17:1f:5e:
aa:64:95:e8:55:1d:7e:85:c9:77:ae:1a:09:1d:63:9e:05:ad:
0f:13:88:44:34:cc:ca:e3:ed:91:1c:69:1b:43:42:21:b3:c9:
13:8f:47:ac:e1:5f:59:a7:1f:04:ad:60:e0:83:95:db:c0:a5:
d3:05:68:3d:e5:02:dd:2e:85:a8:19:e6:25:c0:9d:10:5c:fa:
5f:01:fe:a6:99:3f:54:96:cb:da:ba:bd:05:e7:6b:8a:ae:b7:
ad:23:3f:2a:3f:61:d7:6b:e3:1f:37:9f:51:4f:9d:26:e8:43:
fa:65:09:c6:08:83:c6:0e:00:b9:f3:80:69:8e:ca:56:70:fe:
cb:2a:fa:3a:e6:a7:62:70:34:21:2c:3d:6c:b5:63:b5:5d:b7:
2d:11:b3:3b:68:f6:e7:17:af:11:7f:bc:08:ee:98:a2:db:7c:
17:b1:3d:68:eb:b0:5c:0a:38:b4:35:d4:72:00:e1:fe:ad:12:
d2:20:a3:f2:9c:c0:99:9b:95:a7:55:7d:55:7c:d1:5d:8c:b2:
c6:bf:ee:2b:e7:f5:b8:de:3a:03:13:44:7d:21:84:9e:27:3d:
a3:17:52:be:ac:42:c9:30:59:7c:da:46:86:87:ec:10:21:46:
9b:00:ba:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoBdkOSXS2CjeeqrYO8iU7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWYzOTFkNjBlMWExMzljY2M0MmIxN2EzMmE5NTM2M2Rm
NWNmYjAwHhcNMjUxMDIwMTE1MTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU0ZTljZWQ2ZWM0MDAyY2Q2YjExM2I4OTQ3NTRjNjZiZTkxNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqWBc2mudPHXPyLtiIMHLhAxqlHR
8f9TTG1CKlogT8/19mudV9alakyfPq4egfr5B35d/2zGJFEmRzQ3qe3Ru9ZqdA7b
LsaZlSE0e8DOQOl/LlpB0tTKVsNz+qyeKaFZzkZ5sSuc2dJa6f9qEy957CQ0pR63
FM1ipUPhN8wqgCKOCnwnJmJlkB3N++GLeEznVcl7TbXPJT000LM9MikxYG7x9jit
qC0rSBGpQh8mKciF/XXesmDPs9ZuB0TcpylfZQAtniUyUtmXVz8/0vTrQWDVuQ6V
+n/opt+/cZN1OQ2+NaTzjInRbiAEpZLkSjoFYUj96P2rMPNqEmuz6jz8vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbk6c7W7EACzWsRO4lHVMZr6RbpMB8GA1UdIwQY
MBaAFMcfOR1g4aE5zMQrF6MqlTY99c+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAt
NjU0MWNjMDA2ZWFjLzEvaHVUcHp0YnNRQUxOYXhFN2lVZFV4bXZwRnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAtNjU0MWNjMDA2ZWFj
LzEveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZTMMA0G
CSqGSIb3DQEBCwUAA4IBAQCxKK1gn+atZkSt2XtKwNIXH16qZJXoVR1+hcl3rhoJ
HWOeBa0PE4hENMzK4+2RHGkbQ0Ihs8kTj0es4V9Zpx8ErWDgg5XbwKXTBWg95QLd
LoWoGeYlwJ0QXPpfAf6mmT9Ulsvaur0F52uKrretIz8qP2HXa+MfN59RT50m6EP6
ZQnGCIPGDgC584BpjspWcP7LKvo65qdicDQhLD1stWO1XbctEbM7aPbnF68Rf7wI
7pii23wXsT1o67BcCji0NdRyAOH+rRLSIKPynMCZm5WnVX1VfNFdjLLGv+4r5/W4
3joDE0R9IYSeJz2jF1K+rELJMFl82kaGh+wQIUabALri
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:21:19 2025 by rpki-client