
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/H60TtWd0YinCrHFItkOy4Q09gMg.roa
File: H60TtWd0YinCrHFItkOy4Q09gMg.roa (raw, json)
Hash identifier: DyKdKi+xe67HQcM0pe0CES2i6G0OdRxtjONYY5E8R+Q=
Subject key identifier: 1F:AD:13:B5:67:74:62:29:C2:AC:71:48:B6:43:B2:E1:0D:3D:80:C8
Certificate issuer: /CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
Certificate serial: 019827B1459D1ECC932A7AE8A45389E68B5F
Authority key identifier: D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/H60TtWd0YinCrHFItkOy4Q09gMg.roa
Signing time: Sun 20 Jul 2025 11:56:25 +0000
ROA not before: Sun 20 Jul 2025 11:56:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215293
IP address blocks: 91.237.251.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
2a14:22c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:27:b1:45:9d:1e:cc:93:2a:7a:e8:a4:53:89:e6:8b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
Validity
Not Before: Jul 20 11:56:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fad13b567746229c2ac7148b643b2e10d3d80c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:ba:19:8e:b8:77:5e:b9:f1:2c:79:99:5e:
f8:73:a9:cd:0c:b8:25:9d:4d:23:ca:cf:ae:e1:db:
d9:9d:f3:6a:68:08:ef:33:fc:9c:39:e3:b0:eb:63:
52:0c:15:0f:8a:ec:fe:31:28:42:a5:11:d2:54:e7:
b3:b9:91:8a:c0:17:3a:1c:16:81:43:15:13:37:9d:
bf:83:28:19:89:47:f1:f8:c2:3f:d7:ba:16:b7:ff:
dd:c0:db:a8:35:b9:5d:20:f0:4f:92:da:65:30:b9:
2b:d0:2b:d9:ef:2b:5a:03:9d:33:0f:54:61:73:6e:
e3:cb:ae:cb:6d:a7:2f:b4:ae:01:85:9b:4b:60:f2:
df:43:f6:74:18:5f:aa:cc:3c:1c:4e:cb:2a:2e:75:
1d:ce:3f:6a:26:b8:e0:26:57:3f:15:df:d2:66:39:
47:41:a3:6b:72:41:c0:8f:ea:40:da:a9:d9:83:b4:
c2:de:98:fa:15:cb:90:f9:5b:c5:dc:02:59:9a:f7:
74:1f:61:94:91:02:f3:a6:b9:90:e9:8e:01:e8:00:
77:6c:e9:90:5e:13:1e:3b:e8:8c:8d:28:7a:6a:f9:
7e:5a:3e:59:bc:cf:dc:d1:c9:80:9b:dc:b7:f3:6a:
80:ce:c6:47:46:e2:2b:37:78:80:9d:62:56:41:1b:
7c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AD:13:B5:67:74:62:29:C2:AC:71:48:B6:43:B2:E1:0D:3D:80:C8
X509v3 Authority Key Identifier:
keyid:D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/H60TtWd0YinCrHFItkOy4Q09gMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.251.0/24
217.19.1.0/24
IPv6:
2a14:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:a1:a7:ad:ad:01:2b:10:09:0f:31:40:e8:45:db:b6:fc:07:
71:0c:15:7a:90:13:99:2f:c5:30:0b:ce:88:d1:c4:cb:9a:98:
e5:25:79:e2:ff:fc:55:7e:cc:a1:e6:89:76:ad:9f:70:78:2c:
6b:81:41:46:af:0d:cd:51:ad:1a:6c:5f:b9:a8:da:be:ec:4a:
8f:ca:69:ba:17:c7:0a:2c:3a:a2:d5:ab:70:22:08:e9:6c:18:
b1:73:c2:fc:51:6f:e7:2b:cc:5a:ee:61:9e:9c:65:e3:0f:34:
89:e1:c2:12:9f:c7:43:73:2a:a3:1c:f0:12:90:d0:18:81:3a:
d4:fe:09:47:cf:8f:85:81:51:03:f5:ad:2b:ea:3c:bf:d5:88:
45:46:fb:ff:e1:87:68:34:e3:3d:e5:0f:c9:ea:23:4c:f2:cb:
c0:df:dd:3b:0e:20:10:4c:7f:6b:1f:1e:fc:83:97:51:5f:62:
7c:37:42:b6:3e:3d:76:a5:4e:d3:d7:cb:b3:c2:92:2a:06:96:
c0:61:cb:14:e9:d8:0a:2f:d8:fb:64:80:9b:1a:da:53:3f:28:
6b:63:b8:52:12:69:cd:69:9a:92:19:39:8a:cc:ba:70:3d:3e:
7d:69:b5:5d:a3:ac:13:bf:17:c7:54:a4:f1:79:b8:95:6e:49:
0d:68:41:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZgnsUWdHsyTKnropFOJ5otfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YWE5YzExNjU3ZDhhMmE1NGNlNjcyODE0YjZiZGI5Nzk2
MTg4MzAwHhcNMjUwNzIwMTE1NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFkMTNiNTY3NzQ2MjI5YzJhYzcxNDhiNjQzYjJlMTBkM2Q4MGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTa6GY64d1658Sx5mV74c6nNDLgl
nU0jys+u4dvZnfNqaAjvM/ycOeOw62NSDBUPiuz+MShCpRHSVOezuZGKwBc6HBaB
QxUTN52/gygZiUfx+MI/17oWt//dwNuoNbldIPBPktplMLkr0CvZ7ytaA50zD1Rh
c27jy67LbacvtK4BhZtLYPLfQ/Z0GF+qzDwcTssqLnUdzj9qJrjgJlc/Fd/SZjlH
QaNrckHAj+pA2qnZg7TC3pj6FcuQ+VvF3AJZmvd0H2GUkQLzprmQ6Y4B6AB3bOmQ
XhMeO+iMjSh6avl+Wj5ZvM/c0cmAm9y382qAzsZHRuIrN3iAnWJWQRt8RwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB+tE7VndGIpwqxxSLZDsuENPYDIMB8GA1UdIwQY
MBaAFNWqnBFlfYoqVM5nKBS2vbl5YYgwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYt
Y2Y5OWQ1ZTI1N2U5LzEvSDYwVHRXZDBZaW5DckhGSXRrT3k0UTA5Z01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYtY2Y5OWQ1ZTI1N2U5
LzEvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+37AwQA
2RMBMA0EAgACMAcDBQMqFCLAMA0GCSqGSIb3DQEBCwUAA4IBAQCDoaetrQErEAkP
MUDoRdu2/AdxDBV6kBOZL8UwC86I0cTLmpjlJXni//xVfsyh5ol2rZ9weCxrgUFG
rw3NUa0abF+5qNq+7EqPymm6F8cKLDqi1atwIgjpbBixc8L8UW/nK8xa7mGenGXj
DzSJ4cISn8dDcyqjHPASkNAYgTrU/glHz4+FgVED9a0r6jy/1YhFRvv/4YdoNOM9
5Q/J6iNM8svA3907DiAQTH9rHx78g5dRX2J8N0K2Pj12pU7T18uzwpIqBpbAYcsU
6dgKL9j7ZICbGtpTPyhrY7hSEmnNaZqSGTmKzLpwPT59abVdo6wTvxfHVKTxebiV
bkkNaEGU
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:42:56 2025 by rpki-client