Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h6DJ1THiZ0X8sGBb4oJp5nf0R3w.roa
File: h6DJ1THiZ0X8sGBb4oJp5nf0R3w.roa (raw, json)
Hash identifier: iHM/8jWyv2o4Yf1dc3qNnS4f7tsThPg7SNXPObICnmA=
Subject key identifier: 87:A0:C9:D5:31:E2:67:45:FC:B0:60:5B:E2:82:69:E6:77:F4:47:7C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0197EF3C7FB2047CCC261E88F1E95748E5C5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h6DJ1THiZ0X8sGBb4oJp5nf0R3w.roa
Signing time: Wed 09 Jul 2025 12:50:08 +0000
ROA not before: Wed 09 Jul 2025 12:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.13.189.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ef:3c:7f:b2:04:7c:cc:26:1e:88:f1:e9:57:48:e5:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 9 12:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87a0c9d531e26745fcb0605be28269e677f4477c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:13:80:1c:98:62:5e:47:fc:22:53:66:8f:
d2:42:0d:54:1c:c1:ec:13:7a:e3:3a:bf:ea:42:25:
f7:89:93:a4:ed:25:cb:1c:38:a1:09:d2:21:be:96:
71:8f:5b:69:31:1b:05:88:e7:d6:9a:7a:b6:de:07:
40:48:8e:af:63:90:f3:80:2a:8e:d3:c3:cc:1c:0b:
f0:8a:d6:62:7c:56:c7:76:23:24:a0:b5:af:f0:bb:
2c:91:19:3c:ad:d7:cb:08:8c:ae:db:fa:eb:4e:ce:
8b:38:3c:f8:f8:19:e5:04:9a:f2:82:c3:b6:58:b2:
b7:73:8c:6c:9e:72:6d:22:19:3a:a4:34:41:53:a2:
0e:c6:12:e9:55:95:8f:4c:e6:3e:6d:62:12:2e:56:
ee:af:53:ec:16:5c:94:15:73:01:31:d9:45:c7:6e:
fc:c1:79:5d:02:7f:a7:fc:3b:37:05:c9:96:b0:65:
c7:a0:ed:e4:4f:27:05:ff:ff:af:95:44:8a:3b:60:
91:d2:87:20:b2:bc:27:f1:d8:ef:03:6f:c1:6c:30:
9c:b7:97:90:21:c5:8c:e1:da:33:ad:77:74:1c:fb:
e4:3c:e3:b0:6f:36:96:27:64:4f:94:b0:27:a2:53:
a3:cb:5a:16:88:83:db:b2:9f:5e:38:1a:4d:7b:1a:
e8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A0:C9:D5:31:E2:67:45:FC:B0:60:5B:E2:82:69:E6:77:F4:47:7C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h6DJ1THiZ0X8sGBb4oJp5nf0R3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.189.0/24
195.177.92.0/24
195.177.95.0/24
195.211.189.0-195.211.190.255
Signature Algorithm: sha256WithRSAEncryption
8f:61:fe:88:d0:f0:ea:63:f6:28:67:8a:54:c4:56:1c:4f:6b:
ad:3a:09:33:7d:62:12:28:8f:6e:9a:53:e4:71:e2:30:21:0a:
46:43:c5:29:82:7e:04:91:75:6d:e6:d0:79:65:88:96:1a:56:
1a:dc:96:c0:eb:da:81:64:2b:77:90:0a:15:01:8a:76:eb:b2:
55:a9:f0:37:9c:56:11:bb:df:06:f9:88:a2:81:92:a3:0f:e2:
dc:7d:25:a6:e7:68:87:05:20:a1:40:cf:be:0a:9f:97:bc:be:
bb:b3:53:36:e9:31:9e:f2:fc:17:16:3d:d0:e7:d2:24:1c:e6:
07:f3:34:5d:5c:64:f5:79:04:9a:c0:e8:2d:cf:4f:d1:e8:1c:
5a:4d:3b:35:b5:82:7c:dc:6f:55:33:98:02:7a:f0:92:d7:5e:
40:86:77:8f:2f:17:6a:bc:2a:38:fb:7b:af:27:81:e7:96:77:
36:7f:b0:b1:02:a1:61:b1:9c:90:b7:41:64:f0:cf:53:9b:5b:
40:4f:c5:fc:96:a7:4e:c8:d5:55:59:a0:f3:72:9a:12:83:82:
88:39:dd:3d:29:8a:fd:cf:8c:43:85:16:4f:47:21:61:7d:a7:
be:ba:74:35:b6:18:6e:7f:d8:35:83:60:11:27:33:b3:92:b1:
75:d7:c9:ee
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfvPH+yBHzMJh6I8elXSOXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNzA5MTI1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2EwYzlkNTMxZTI2NzQ1ZmNiMDYwNWJlMjgyNjllNjc3ZjQ0NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr0TgByYYl5H/CJTZo/SQg1UHMHs
E3rjOr/qQiX3iZOk7SXLHDihCdIhvpZxj1tpMRsFiOfWmnq23gdASI6vY5DzgCqO
08PMHAvwitZifFbHdiMkoLWv8LsskRk8rdfLCIyu2/rrTs6LODz4+BnlBJrygsO2
WLK3c4xsnnJtIhk6pDRBU6IOxhLpVZWPTOY+bWISLlbur1PsFlyUFXMBMdlFx278
wXldAn+n/Ds3BcmWsGXHoO3kTycF//+vlUSKO2CR0ocgsrwn8djvA2/BbDCct5eQ
IcWM4dozrXd0HPvkPOOwbzaWJ2RPlLAnolOjy1oWiIPbsp9eOBpNexroaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIegydUx4mdF/LBgW+KCaeZ39Ed8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaDZESjFUSGlaMFg4c0dCYjRvSnA1bmYwUjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQ29AwQA
w7FcAwQAw7FfMAwDBADD070DBADD074wDQYJKoZIhvcNAQELBQADggEBAI9h/ojQ
8Opj9ihnilTEVhxPa606CTN9YhIoj26aU+Rx4jAhCkZDxSmCfgSRdW3m0HlliJYa
VhrclsDr2oFkK3eQChUBinbrslWp8DecVhG73wb5iKKBkqMP4tx9JabnaIcFIKFA
z74Kn5e8vruzUzbpMZ7y/BcWPdDn0iQc5gfzNF1cZPV5BJrA6C3PT9HoHFpNOzW1
gnzcb1UzmAJ68JLXXkCGd48vF2q8Kjj7e68ngeeWdzZ/sLECoWGxnJC3QWTwz1Ob
W0BPxfyWp07I1VVZoPNymhKDgog53T0piv3PjEOFFk9HIWF9p766dDW2GG5/2DWD
YBEnM7OSsXXXye4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:30:18 2025 by rpki-client