Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hLGIvroi4K2knw8qTcXDTTt3L4s.roa
File: hLGIvroi4K2knw8qTcXDTTt3L4s.roa (raw, json)
Hash identifier: W4q6G3Oq+duv319S70JCkF11uOY6i6y7i2ApP7qoY7w=
Subject key identifier: 84:B1:88:BE:BA:22:E0:AD:A4:9F:0F:2A:4D:C5:C3:4D:3B:77:2F:8B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197CF95D604E1FD2332A333600B767A5154
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hLGIvroi4K2knw8qTcXDTTt3L4s.roa
Signing time: Thu 03 Jul 2025 09:19:52 +0000
ROA not before: Thu 03 Jul 2025 09:19:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.233.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.18.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
94.249.193.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:95:d6:04:e1:fd:23:32:a3:33:60:0b:76:7a:51:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 3 09:19:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84b188beba22e0ada49f0f2a4dc5c34d3b772f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:c2:17:14:db:fa:9f:a2:bd:b1:3f:ff:df:
67:1d:63:44:a3:9f:fd:41:24:b6:31:99:7c:05:a6:
6c:9e:d8:da:06:f3:9a:3b:ad:35:db:a5:32:a0:33:
b2:7d:f7:11:c8:8e:e9:db:ab:40:ff:53:61:12:9b:
97:cb:97:93:fc:5f:82:f4:c1:b0:54:ee:18:24:95:
be:0e:e9:86:d4:50:37:d0:15:41:fd:5d:b0:20:01:
dc:9a:9b:c6:7a:da:1a:e0:36:d2:e5:36:dd:4f:9d:
d5:1f:17:97:46:ac:68:62:2b:72:24:50:c5:5d:b4:
25:ef:54:67:04:28:7c:85:01:e9:7b:ff:e2:fe:16:
f3:96:9a:64:3d:88:e3:e9:02:2f:1d:f7:b6:0a:1d:
2d:15:44:f2:29:dc:ee:42:fd:83:4c:1f:f4:c6:39:
b4:44:52:e6:bf:e8:96:0b:4a:6f:1a:48:b5:8a:6b:
80:3e:80:f6:de:7e:8c:52:43:ca:28:01:e9:13:ee:
9b:66:83:b1:8d:75:0b:3b:6d:1e:9a:13:40:6f:e0:
15:3f:e8:de:4a:55:23:9f:2a:c7:c9:91:74:d3:ea:
5d:16:f4:c7:56:5d:08:9f:bc:82:5b:27:6a:b2:5d:
da:26:9b:d0:95:71:23:37:62:1a:78:85:5b:b9:e3:
57:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B1:88:BE:BA:22:E0:AD:A4:9F:0F:2A:4D:C5:C3:4D:3B:77:2F:8B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hLGIvroi4K2knw8qTcXDTTt3L4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.233.0/24
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.18.0/24
77.90.51.0/24
94.249.193.0/24
94.249.214.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0c:b9:9d:2e:f0:6d:b7:c8:2b:c8:32:08:9f:a1:f6:54:13:
9a:9d:8e:29:07:65:0f:09:10:e9:f5:98:84:40:9f:86:fc:f2:
81:0b:a6:3b:f9:fb:9a:dd:0a:88:00:2a:39:34:b8:1b:ed:b8:
78:2b:42:da:0a:4f:a2:71:91:9f:c1:ca:29:48:29:52:a3:0d:
91:13:b1:05:0e:c8:04:f4:48:a1:c0:2c:42:cf:f5:09:85:52:
ed:ff:fb:90:62:50:f1:6f:dc:22:92:eb:65:58:30:b3:fa:a0:
15:ba:5a:ec:2e:83:45:22:66:5a:8d:5f:2b:0c:27:7d:aa:8d:
7d:f6:54:14:93:c1:5e:6b:a4:37:51:a7:42:54:b7:a1:9c:96:
9f:a8:be:c6:08:05:ea:d4:e1:69:b7:ba:a2:55:53:94:5a:16:
28:22:7f:8b:a9:f9:12:e1:14:17:76:16:f4:96:00:1f:79:b3:
4f:4e:ba:d9:ef:9c:45:23:62:14:35:93:19:57:18:61:ef:98:
db:bc:64:f0:99:ee:13:39:e2:7a:95:4c:ae:92:f3:7b:ef:dc:
be:7b:a1:62:90:43:02:5e:c0:55:86:2d:73:6d:3e:ec:d5:cf:
21:20:79:83:8f:f7:7f:f5:ed:79:51:9f:04:31:9e:97:cd:a5:
26:2f:56:7c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZfPldYE4f0jMqMzYAt2elFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzAzMDkxOTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGIxODhiZWJhMjJlMGFkYTQ5ZjBmMmE0ZGM1YzM0ZDNiNzcyZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9rCFxTb+p+ivbE//99nHWNEo5/9
QSS2MZl8BaZsntjaBvOaO60126UyoDOyffcRyI7p26tA/1NhEpuXy5eT/F+C9MGw
VO4YJJW+DumG1FA30BVB/V2wIAHcmpvGetoa4DbS5TbdT53VHxeXRqxoYityJFDF
XbQl71RnBCh8hQHpe//i/hbzlppkPYjj6QIvHfe2Ch0tFUTyKdzuQv2DTB/0xjm0
RFLmv+iWC0pvGki1imuAPoD23n6MUkPKKAHpE+6bZoOxjXULO20emhNAb+AVP+je
SlUjnyrHyZF00+pdFvTHVl0In7yCWydqsl3aJpvQlXEjN2IaeIVbueNXSQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFISxiL66IuCtpJ8PKk3Fw007dy+LMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaExHSXZyb2k0SzJrbnc4cVRjWERUVHQzTDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABa/pAwQA
TVoAAwQATVoCAwQATVoIAwQATVoNAwQATVoSAwQATVozAwQAXvnBAwQAXvnWMA0G
CSqGSIb3DQEBCwUAA4IBAQAWDLmdLvBtt8gryDIIn6H2VBOanY4pB2UPCRDp9ZiE
QJ+G/PKBC6Y7+fua3QqIACo5NLgb7bh4K0LaCk+icZGfwcopSClSow2RE7EFDsgE
9EihwCxCz/UJhVLt//uQYlDxb9wikutlWDCz+qAVulrsLoNFImZajV8rDCd9qo19
9lQUk8Fea6Q3UadCVLehnJafqL7GCAXq1OFpt7qiVVOUWhYoIn+LqfkS4RQXdhb0
lgAfebNPTrrZ75xFI2IUNZMZVxhh75jbvGTwme4TOeJ6lUyukvN779y+e6FikEMC
XsBVhi1zbT7s1c8hIHmDj/d/9e15UZ8EMZ6XzaUmL1Z8
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:05:07 2025 by rpki-client