Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/HEjVBYhRooI93fkmZsfGrrmmosQ.roa
File: HEjVBYhRooI93fkmZsfGrrmmosQ.roa (raw, json)
Hash identifier: 4FmqxtW6POL9+QvLglepn8JIFD+UHvfa+cN2eKjIrrs=
Subject key identifier: 1C:48:D5:05:88:51:A2:82:3D:DD:F9:26:66:C7:C6:AE:B9:A6:A2:C4
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 01980E01B18018E4BB01EC646BF7940240C1
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/HEjVBYhRooI93fkmZsfGrrmmosQ.roa
Signing time: Tue 15 Jul 2025 12:14:08 +0000
ROA not before: Tue 15 Jul 2025 12:14:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56798
IP address blocks: 45.66.220.0/22 maxlen: 22
45.86.36.0/24 maxlen: 24
91.200.144.0/24 maxlen: 24
91.207.207.0/24 maxlen: 24
185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
195.114.125.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
2a0f:9180:1::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
2a10:d440:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.mft
rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:01:b1:80:18:e4:bb:01:ec:64:6b:f7:94:02:40:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Jul 15 12:14:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c48d5058851a2823dddf92666c7c6aeb9a6a2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:cd:de:a4:cd:63:ad:11:44:33:5d:94:99:
f9:50:30:55:42:93:8d:d4:66:93:68:ed:ad:50:db:
7a:ff:65:d5:44:10:b5:15:6f:ab:21:47:c9:40:4a:
4f:d8:49:f5:c0:2f:53:e9:6f:58:b0:a0:48:e5:e8:
0a:c4:b7:d4:10:0f:78:d0:31:36:f6:b0:34:aa:e5:
b9:b8:25:90:f5:d4:fb:4b:98:6b:4e:49:d4:a1:6a:
79:4f:b9:a0:c2:06:62:d7:b3:97:53:ca:db:55:d1:
46:a5:07:37:df:92:89:c1:ff:c5:23:b8:e5:06:0f:
48:0c:9a:56:05:fe:4f:0d:d8:34:e8:16:7b:b0:18:
9d:01:a5:56:3c:9b:d1:b1:be:82:5c:50:07:9b:32:
ea:a6:ef:fa:5d:c8:6f:9b:23:64:ce:cc:31:db:dd:
ce:be:37:65:3a:ab:e2:3d:4f:80:b5:f2:9d:03:f1:
84:b4:51:56:49:e0:0d:d0:70:69:5b:cc:9c:38:af:
28:20:76:29:b4:32:88:e3:14:df:3b:cf:82:74:3a:
42:e8:4b:38:a2:89:a7:d2:66:ba:ac:fd:eb:67:cd:
2e:93:44:c3:00:70:f0:45:ca:70:ab:c2:12:45:1d:
5f:89:9b:5e:99:bf:50:a6:a9:5e:77:cb:1c:6b:9d:
21:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:48:D5:05:88:51:A2:82:3D:DD:F9:26:66:C7:C6:AE:B9:A6:A2:C4
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/HEjVBYhRooI93fkmZsfGrrmmosQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
45.86.36.0/24
91.200.144.0/24
91.207.207.0/24
185.34.102.0/24
185.54.7.0/24
193.17.33.0/24
195.114.125.0/24
IPv6:
2a0f:9180::/29
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:d5:95:9e:94:da:0f:42:bc:e2:df:bb:e2:ce:f6:b7:c2:f3:
cb:9f:0a:28:fc:c2:2f:4a:f1:22:1c:5d:d4:ca:73:71:e2:a8:
9f:13:96:a0:ed:e3:e1:5a:8d:fd:e4:24:0e:fc:6c:92:c0:62:
cc:b6:a9:9d:11:53:5e:0e:3f:45:56:04:41:34:8e:e9:56:73:
ba:21:ff:7b:41:da:5c:ba:57:02:8d:48:b6:80:5f:21:46:4f:
90:cf:64:97:3c:94:fe:12:23:de:7e:52:06:a5:70:99:6f:ec:
c0:34:8a:a8:68:75:47:4e:ec:d2:13:1f:8f:d2:d1:18:f7:da:
f2:19:92:7f:a9:2d:6d:56:dc:02:52:78:ea:74:67:ec:17:42:
8e:f4:69:1c:bd:e5:ec:50:be:a7:d1:07:89:6b:50:42:71:76:
8a:47:8b:1d:4c:c1:55:08:b8:f8:40:ba:7f:92:6f:83:19:55:
1c:66:45:54:8f:f3:6e:9f:66:45:60:87:60:f8:31:68:20:96:
6b:04:37:98:9b:f5:ee:f8:f7:6b:f2:8c:08:e9:43:7e:fa:68:
4b:a6:3f:a1:38:29:a8:22:fd:57:17:6f:25:be:e3:60:8e:37:
bd:ac:c9:ea:4c:0f:6b:c7:b1:2c:fe:c9:7a:64:ab:ec:5f:12:
e7:bf:80:31
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZgOAbGAGOS7Aexka/eUAkDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjUwNzE1MTIxNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQ4ZDUwNTg4NTFhMjgyM2RkZGY5MjY2NmM3YzZhZWI5YTZhMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgLN3qTNY60RRDNdlJn5UDBVQpON
1GaTaO2tUNt6/2XVRBC1FW+rIUfJQEpP2En1wC9T6W9YsKBI5egKxLfUEA940DE2
9rA0quW5uCWQ9dT7S5hrTknUoWp5T7mgwgZi17OXU8rbVdFGpQc335KJwf/FI7jl
Bg9IDJpWBf5PDdg06BZ7sBidAaVWPJvRsb6CXFAHmzLqpu/6XchvmyNkzswx293O
vjdlOqviPU+AtfKdA/GEtFFWSeAN0HBpW8ycOK8oIHYptDKI4xTfO8+CdDpC6Es4
oomn0ma6rP3rZ80uk0TDAHDwRcpwq8ISRR1fiZtemb9Qpqled8sca50hIQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFBxI1QWIUaKCPd35JmbHxq65pqLEMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvSEVqVkJZaFJvb0k5M2ZrbVpzZkdycm1tb3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA2BAIAATAwAwQCLULcAwQA
LVYkAwQAW8iQAwQAW8/PAwQAuSJmAwQAuTYHAwQAwREhAwQAw3J9MCEEAgACMBsD
BQMqD5GAMBIDBwAqENRAAAEDBwAqENRAAAIwDQYJKoZIhvcNAQELBQADggEBADzV
lZ6U2g9CvOLfu+LO9rfC88ufCij8wi9K8SIcXdTKc3HiqJ8TlqDt4+Fajf3kJA78
bJLAYsy2qZ0RU14OP0VWBEE0julWc7oh/3tB2ly6VwKNSLaAXyFGT5DPZJc8lP4S
I95+UgalcJlv7MA0iqhodUdO7NITH4/S0Rj32vIZkn+pLW1W3AJSeOp0Z+wXQo70
aRy95exQvqfRB4lrUEJxdopHix1MwVUIuPhAun+Sb4MZVRxmRVSP826fZkVgh2D4
MWgglmsEN5ib9e7492vyjAjpQ376aEumP6E4Kagi/VcXbyW+42CON72syepMD2vH
sSz+yXpkq+xfEue/gDE=
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:07:09 2025 by rpki-client