Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/HmBHMAAoUy9qKm5EF-apsYNvL-Y.roa
File: HmBHMAAoUy9qKm5EF-apsYNvL-Y.roa (raw, json)
Hash identifier: l1nynbFOV66i2gHUQws1+HFlLSzuk9i9xbBDIJI0tVk=
Subject key identifier: 1E:60:47:30:00:28:53:2F:6A:2A:6E:44:17:E6:A9:B1:83:6F:2F:E6
Certificate issuer: /CN=51b2c401ce5c9e881cd9a3be8efec60022da0eb6
Certificate serial: 0197CAB6BB0177FFF6FAB77D3E0E83C32F62
Authority key identifier: 51:B2:C4:01:CE:5C:9E:88:1C:D9:A3:BE:8E:FE:C6:00:22:DA:0E:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbLEAc5cnogc2aO-jv7GACLaDrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/HmBHMAAoUy9qKm5EF-apsYNvL-Y.roa
Signing time: Wed 02 Jul 2025 10:37:42 +0000
ROA not before: Wed 02 Jul 2025 10:37:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.170.5.0/24 maxlen: 24
185.170.6.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/UbLEAc5cnogc2aO-jv7GACLaDrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/UbLEAc5cnogc2aO-jv7GACLaDrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UbLEAc5cnogc2aO-jv7GACLaDrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:b6:bb:01:77:ff:f6:fa:b7:7d:3e:0e:83:c3:2f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51b2c401ce5c9e881cd9a3be8efec60022da0eb6
Validity
Not Before: Jul 2 10:37:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e6047300028532f6a2a6e4417e6a9b1836f2fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:dd:64:e3:f9:23:29:b5:61:a0:20:47:2f:
5f:b8:f2:c7:67:e5:d4:27:ca:af:07:e5:cc:75:20:
27:cb:3e:ce:53:a1:9d:4e:0c:29:f8:e2:b0:de:1e:
39:18:6b:cd:04:e9:20:8d:a8:a8:e6:00:69:f3:55:
7b:85:30:2b:12:94:b8:cc:6f:e5:76:a6:7a:6f:57:
b0:fe:8c:37:e4:07:89:a3:43:ef:37:3a:bc:5a:7e:
6e:4f:2e:79:b1:6c:c4:d9:87:95:f3:bb:bf:2f:73:
de:99:56:ec:cf:6e:76:a8:89:68:5f:46:5e:57:ee:
8a:14:33:a7:ac:fe:6c:bd:6b:32:d2:03:05:08:08:
c4:7a:66:75:f8:ca:df:79:37:90:26:a9:0c:e8:74:
de:28:32:0a:77:71:a5:21:82:66:30:95:85:7a:66:
6a:29:6d:dd:e0:12:23:81:dc:01:3e:76:66:62:1f:
33:12:07:48:61:0d:b2:b1:dd:ff:a3:69:6c:f7:8d:
b7:2f:54:a8:e7:45:f8:9f:01:c2:15:7f:48:71:51:
10:dd:86:de:06:a3:94:0e:33:80:79:c5:fa:8b:b7:
08:5f:32:c7:66:cd:f2:7e:6e:b8:69:94:3e:d6:d9:
49:0f:0b:9b:49:d7:2c:53:17:89:29:68:d4:6a:b0:
65:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:60:47:30:00:28:53:2F:6A:2A:6E:44:17:E6:A9:B1:83:6F:2F:E6
X509v3 Authority Key Identifier:
keyid:51:B2:C4:01:CE:5C:9E:88:1C:D9:A3:BE:8E:FE:C6:00:22:DA:0E:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbLEAc5cnogc2aO-jv7GACLaDrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/HmBHMAAoUy9qKm5EF-apsYNvL-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/794f36-9d2a-41bd-928c-94d1b1d16b85/1/UbLEAc5cnogc2aO-jv7GACLaDrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.5.0-185.170.7.255
Signature Algorithm: sha256WithRSAEncryption
47:10:10:69:bf:54:d2:4b:42:e7:78:90:50:94:75:57:71:3d:
01:cb:59:93:97:15:ff:40:88:d2:dc:08:34:41:5e:aa:34:51:
7c:0a:1c:74:56:87:04:65:5b:b3:a0:45:a1:aa:f5:22:52:3f:
06:1f:b5:c8:41:f8:0d:dc:26:d8:11:69:54:c2:38:8c:2e:aa:
c4:56:db:6a:f3:30:c3:19:1f:3e:88:3c:23:d3:88:fe:9b:cb:
e7:81:1d:fb:a6:13:d8:3f:02:7d:1d:2e:9f:c1:3b:2e:52:59:
4d:e9:7d:62:94:1d:bc:81:f8:f5:9f:2f:6a:89:05:e5:a0:e4:
db:ab:ed:97:d0:91:24:db:7b:82:7c:90:b7:e2:7b:c2:d1:8f:
fd:2f:0f:52:93:b5:2e:87:ba:04:24:d6:92:81:38:83:7f:b0:
a2:75:38:92:df:6c:45:d0:1b:62:6e:44:9b:1a:e6:ef:82:be:
db:e5:61:cf:75:0c:64:8d:44:6a:3c:96:db:79:06:34:c1:2d:
50:02:cd:c2:00:ff:60:98:b2:a5:5a:2c:a6:d9:b4:eb:29:b3:
ff:51:06:c7:79:15:2a:33:f7:32:3f:b8:18:fd:75:c8:6e:49:
16:b0:4a:52:2f:9b:62:a5:9a:dc:b0:a3:86:c7:52:61:55:91:
45:7a:14:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZfKtrsBd//2+rd9Pg6Dwy9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjJjNDAxY2U1YzllODgxY2Q5YTNiZThlZmVjNjAwMjJk
YTBlYjYwHhcNMjUwNzAyMTAzNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYwNDczMDAwMjg1MzJmNmEyYTZlNDQxN2U2YTliMTgzNmYyZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYbdZOP5Iym1YaAgRy9fuPLHZ+XU
J8qvB+XMdSAnyz7OU6GdTgwp+OKw3h45GGvNBOkgjaio5gBp81V7hTArEpS4zG/l
dqZ6b1ew/ow35AeJo0PvNzq8Wn5uTy55sWzE2YeV87u/L3PemVbsz252qIloX0Ze
V+6KFDOnrP5svWsy0gMFCAjEemZ1+MrfeTeQJqkM6HTeKDIKd3GlIYJmMJWFemZq
KW3d4BIjgdwBPnZmYh8zEgdIYQ2ysd3/o2ls9423L1So50X4nwHCFX9IcVEQ3Ybe
BqOUDjOAecX6i7cIXzLHZs3yfm64aZQ+1tlJDwubSdcsUxeJKWjUarBlqwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB5gRzAAKFMvaipuRBfmqbGDby/mMB8GA1UdIwQY
MBaAFFGyxAHOXJ6IHNmjvo7+xgAi2g62MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJMRUFjNWNub2djMmFPLWp2N0dBQ0xhRHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83OTRmMzYtOWQyYS00MWJkLTkyOGMt
OTRkMWIxZDE2Yjg1LzEvSG1CSE1BQW9VeTlxS201RUYtYXBzWU52TC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83OTRmMzYtOWQyYS00MWJkLTkyOGMtOTRkMWIxZDE2Yjg1
LzEvVWJMRUFjNWNub2djMmFPLWp2N0dBQ0xhRHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5qgUD
BAO5qgAwDQYJKoZIhvcNAQELBQADggEBAEcQEGm/VNJLQud4kFCUdVdxPQHLWZOX
Ff9AiNLcCDRBXqo0UXwKHHRWhwRlW7OgRaGq9SJSPwYftchB+A3cJtgRaVTCOIwu
qsRW22rzMMMZHz6IPCPTiP6by+eBHfumE9g/An0dLp/BOy5SWU3pfWKUHbyB+PWf
L2qJBeWg5Nur7ZfQkSTbe4J8kLfie8LRj/0vD1KTtS6HugQk1pKBOIN/sKJ1OJLf
bEXQG2JuRJsa5u+CvtvlYc91DGSNRGo8ltt5BjTBLVACzcIA/2CYsqVaLKbZtOsp
s/9RBsd5FSoz9zI/uBj9dchuSRawSlIvm2Klmtywo4bHUmFVkUV6FDk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:13:55 2025 by rpki-client