Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/HDL5ZJqNUyVr9DbXIHa7pOPbkPY.roa
File: HDL5ZJqNUyVr9DbXIHa7pOPbkPY.roa (raw, json)
Hash identifier: iNFv7uh4fJNYsidDC1mbFWGoIExhoy9Ks/MOwn2QcMo=
Subject key identifier: 1C:32:F9:64:9A:8D:53:25:6B:F4:36:D7:20:76:BB:A4:E3:DB:90:F6
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 01995E9A70D0DE1EED461B01EDB03CDEC47B
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/HDL5ZJqNUyVr9DbXIHa7pOPbkPY.roa
Signing time: Thu 18 Sep 2025 20:53:23 +0000
ROA not before: Thu 18 Sep 2025 20:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
163.76.192.0/20 maxlen: 24
2a03:5d67::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5e:9a:70:d0:de:1e:ed:46:1b:01:ed:b0:3c:de:c4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Sep 18 20:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c32f9649a8d53256bf436d72076bba4e3db90f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:af:ef:5a:96:31:71:34:d7:bb:4b:35:e3:4e:
31:db:b0:39:e0:0e:26:d5:73:3e:e3:4c:99:e5:10:
f5:72:db:40:8c:81:93:d1:9c:7a:fc:2d:d5:47:55:
a4:9c:41:d4:1c:95:f5:78:2f:24:a8:eb:2c:4f:88:
ea:99:0d:75:27:f2:dc:dd:60:10:c1:57:2f:64:29:
eb:30:76:a4:9b:c3:9c:46:f2:3c:7c:68:a4:1a:04:
cb:70:e8:9d:ca:64:4c:c5:b8:04:00:ea:c1:3f:2d:
8f:df:b5:95:dc:ae:50:9c:69:27:d8:6f:c1:81:93:
81:28:b0:6d:42:ee:3b:e6:09:70:dd:5c:c8:a5:29:
b1:07:86:90:3c:7b:ce:9c:d5:30:84:1c:07:81:d0:
5e:0d:b4:a9:21:76:4c:79:d3:16:79:78:39:4e:77:
df:5e:e2:fe:6a:c2:1c:de:e8:8b:47:a7:60:16:09:
ef:fd:6a:13:e5:2e:e5:b4:9e:23:4f:06:19:e6:b3:
22:e4:fa:9d:b3:57:2e:d4:81:1d:21:9a:45:aa:a1:
1e:1a:49:af:07:5e:d7:a2:7f:cc:6c:89:e5:48:ad:
48:d2:a1:5c:7e:bf:fb:3d:f1:47:e9:dc:a8:78:bd:
63:e9:44:df:0a:6a:fb:14:db:47:cd:ab:ae:c8:b5:
2b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:32:F9:64:9A:8D:53:25:6B:F4:36:D7:20:76:BB:A4:E3:DB:90:F6
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/HDL5ZJqNUyVr9DbXIHa7pOPbkPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0-163.76.207.255
IPv6:
2a03:5d67::/32
Signature Algorithm: sha256WithRSAEncryption
39:77:aa:5b:0f:93:42:72:be:e1:fc:bc:ea:51:ed:5a:34:e8:
f0:30:fc:bf:17:a8:66:9e:7f:97:86:53:20:b2:36:6a:43:3f:
14:65:28:65:0c:8e:5b:7c:f4:12:7e:de:8e:e7:bb:b6:fa:59:
2d:f8:e0:c7:15:6b:c8:2f:24:b1:dc:6f:95:de:b3:bd:27:1a:
18:69:33:aa:a7:3d:ad:30:e8:f1:42:a2:37:fd:f0:fc:12:29:
a5:23:1b:33:af:e7:95:0c:b9:58:96:58:1e:1b:f8:40:09:3d:
7b:29:19:6e:25:86:3c:69:8e:3f:56:bd:17:53:e2:e0:4b:f4:
4f:7b:a0:c0:6d:fa:b6:46:67:62:2b:b4:a6:04:c7:47:fd:be:
89:59:d2:fc:d5:e9:0e:bc:1d:1f:89:d5:1d:0a:ae:e9:2f:d8:
97:74:7b:ca:6d:a7:15:ef:51:51:d6:dc:df:fc:56:c0:49:1a:
3b:16:fe:b1:10:ab:cf:4b:b4:ea:ce:28:99:6a:95:f2:73:1b:
fa:9c:4d:ef:0b:eb:6c:35:28:9f:b2:17:b0:8a:77:2c:bb:1a:
49:c4:ec:69:44:8b:8a:03:2e:2c:8d:5f:c5:3a:1a:e1:a0:e6:
24:12:23:af:af:cb:a6:39:6d:89:e3:79:0b:f6:64:e8:62:0d:
6d:f4:9e:f0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZlemnDQ3h7tRhsB7bA83sR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjUwOTE4MjA1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMyZjk2NDlhOGQ1MzI1NmJmNDM2ZDcyMDc2YmJhNGUzZGI5MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4q/vWpYxcTTXu0s1404x27A54A4m
1XM+40yZ5RD1cttAjIGT0Zx6/C3VR1WknEHUHJX1eC8kqOssT4jqmQ11J/Lc3WAQ
wVcvZCnrMHakm8OcRvI8fGikGgTLcOidymRMxbgEAOrBPy2P37WV3K5QnGkn2G/B
gZOBKLBtQu475glw3VzIpSmxB4aQPHvOnNUwhBwHgdBeDbSpIXZMedMWeXg5Tnff
XuL+asIc3uiLR6dgFgnv/WoT5S7ltJ4jTwYZ5rMi5Pqds1cu1IEdIZpFqqEeGkmv
B17Xon/MbInlSK1I0qFcfr/7PfFH6dyoeL1j6UTfCmr7FNtHzauuyLUrsQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFBwy+WSajVMla/Q21yB2u6Tj25D2MB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvSERMNVpKcU5VeVZyOURiWElIYTdwT1Bia1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAeR4IAD
BAWR4MAwDAMEB6NMgAMEBKNMwDANBAIAAjAHAwUAKgNdZzANBgkqhkiG9w0BAQsF
AAOCAQEAOXeqWw+TQnK+4fy86lHtWjTo8DD8vxeoZp5/l4ZTILI2akM/FGUoZQyO
W3z0En7ejue7tvpZLfjgxxVryC8ksdxvld6zvScaGGkzqqc9rTDo8UKiN/3w/BIp
pSMbM6/nlQy5WJZYHhv4QAk9eykZbiWGPGmOP1a9F1Pi4Ev0T3ugwG36tkZnYiu0
pgTHR/2+iVnS/NXpDrwdH4nVHQqu6S/Yl3R7ym2nFe9RUdbc3/xWwEkaOxb+sRCr
z0u06s4omWqV8nMb+pxN7wvrbDUon7IXsIp3LLsaScTsaUSLigMuLI1fxToa4aDm
JBIjr6/LpjltieN5C/Zk6GINbfSe8A==
-----END CERTIFICATE-----
Generated at Fri Sep 19 12:42:10 2025 by rpki-client