Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/pPHmbMikVBACOA-xj0C6dNDZYpM.roa
File: pPHmbMikVBACOA-xj0C6dNDZYpM.roa (raw, json)
Hash identifier: Tckf3zisW/juBkSkf5E1qa9SaVTAQq8IrgBpb3JvyX4=
Subject key identifier: A4:F1:E6:6C:C8:A4:54:10:02:38:0F:B1:8F:40:BA:74:D0:D9:62:93
Certificate issuer: /CN=d588212bf5dace1080dc45e2c55b92ff85c6c192
Certificate serial: 0196479F6437599ABD98BCCD6F876DE1E8D6
Authority key identifier: D5:88:21:2B:F5:DA:CE:10:80:DC:45:E2:C5:5B:92:FF:85:C6:C1:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/pPHmbMikVBACOA-xj0C6dNDZYpM.roa
Signing time: Fri 18 Apr 2025 06:39:10 +0000
ROA not before: Fri 18 Apr 2025 06:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207266
IP address blocks: 2a01:8840:4::/48 maxlen: 48
2a01:8840:5::/48 maxlen: 48
2a01:8840:15::/48 maxlen: 48
2a01:8840:19::/48 maxlen: 48
2a01:8840:1d::/48 maxlen: 48
2a01:8840:21::/48 maxlen: 48
2a01:8840:25::/48 maxlen: 48
2a01:8840:29::/48 maxlen: 48
2a01:8840:2d::/48 maxlen: 48
2a01:8840:31::/48 maxlen: 48
2a01:8840:35::/48 maxlen: 48
2a01:8840:39::/48 maxlen: 48
2a01:8840:3d::/48 maxlen: 48
2a01:8840:41::/48 maxlen: 48
2a01:8840:45::/48 maxlen: 48
2a01:8840:4d::/48 maxlen: 48
2a01:8840:51::/48 maxlen: 48
2a01:8840:55::/48 maxlen: 48
2a01:8840:59::/48 maxlen: 48
2a01:8840:5d::/48 maxlen: 48
2a01:8840:61::/48 maxlen: 48
2a01:8840:65::/48 maxlen: 48
2a01:8840:69::/48 maxlen: 48
2a01:8840:6d::/48 maxlen: 48
2a01:8840:71::/48 maxlen: 48
2a01:8840:75::/48 maxlen: 48
2a01:8840:79::/48 maxlen: 48
2a01:8840:7d::/48 maxlen: 48
2a01:8840:81::/48 maxlen: 48
2a01:8840:85::/48 maxlen: 48
2a01:8840:89::/48 maxlen: 48
2a01:8840:8d::/48 maxlen: 48
2a01:8840:91::/48 maxlen: 48
2a01:8840:95::/48 maxlen: 48
2a01:8840:99::/48 maxlen: 48
2a01:8840:9d::/48 maxlen: 48
2a01:8840:a1::/48 maxlen: 48
2a01:8840:a5::/48 maxlen: 48
2a01:8840:a9::/48 maxlen: 48
2a01:8840:ad::/48 maxlen: 48
2a01:8840:b1::/48 maxlen: 48
2a01:8840:b5::/48 maxlen: 48
2a01:8840:b9::/48 maxlen: 48
2a01:8840:bd::/48 maxlen: 48
2a01:8840:c1::/48 maxlen: 48
2a01:8840:c5::/48 maxlen: 48
2a01:8840:c9::/48 maxlen: 48
2a01:8840:cd::/48 maxlen: 48
2a01:8840:d1::/48 maxlen: 48
2a01:8840:d5::/48 maxlen: 48
2a01:8840:d9::/48 maxlen: 48
2a01:8840:dd::/48 maxlen: 48
2a01:8840:e1::/48 maxlen: 48
2a01:8840:e5::/48 maxlen: 48
2a01:8840:e9::/48 maxlen: 48
2a01:8840:ed::/48 maxlen: 48
2a01:8840:f1::/48 maxlen: 48
2a01:8840:f5::/48 maxlen: 48
2a01:8840:f7::/48 maxlen: 48
2a01:8840:f9::/48 maxlen: 48
2a01:8840:fb::/48 maxlen: 48
2a01:8840:107::/48 maxlen: 48
2a01:8840:109::/48 maxlen: 48
2a01:8840:10d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:9f:64:37:59:9a:bd:98:bc:cd:6f:87:6d:e1:e8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d588212bf5dace1080dc45e2c55b92ff85c6c192
Validity
Not Before: Apr 18 06:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4f1e66cc8a4541002380fb18f40ba74d0d96293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:da:2e:b2:fb:c3:01:59:6b:d5:51:95:f2:30:
4b:f8:42:6a:40:05:95:ef:ab:36:ab:fc:8e:9c:18:
6f:cc:a8:c2:c6:1f:19:09:32:7d:83:8c:85:df:74:
b7:bd:86:1c:21:02:51:7e:2a:a6:a5:fb:b7:07:02:
7c:b0:75:bc:57:d6:46:12:c0:2e:7f:49:ef:73:c0:
d5:74:a8:48:75:81:70:f5:29:df:ee:f3:99:d0:32:
45:f1:05:0c:ef:a6:30:89:ec:6b:57:45:1c:dd:f4:
2b:69:a6:1c:95:5d:5b:ce:f7:44:d0:d8:8d:c2:23:
5e:04:80:13:56:52:e1:c9:3c:99:64:70:22:43:9c:
42:eb:d3:01:92:54:5a:53:70:e7:23:58:37:c9:a4:
eb:f0:82:a2:9b:06:74:f0:d5:75:34:5a:07:69:59:
15:ad:63:6b:bd:66:74:df:1c:bc:53:1f:97:e6:bb:
51:e9:6c:b9:4c:bf:18:3b:e8:ca:cf:df:ab:a9:2b:
89:b7:35:a2:5e:17:62:eb:f5:40:ee:f6:55:37:e2:
ca:3d:1d:98:92:10:e2:01:6b:e9:4c:40:a6:1d:e8:
b7:f4:5f:3c:58:8d:d2:c2:9f:40:52:8d:09:3d:58:
c6:a3:13:bd:68:24:85:45:09:ec:29:3c:ab:c3:16:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:E6:6C:C8:A4:54:10:02:38:0F:B1:8F:40:BA:74:D0:D9:62:93
X509v3 Authority Key Identifier:
keyid:D5:88:21:2B:F5:DA:CE:10:80:DC:45:E2:C5:5B:92:FF:85:C6:C1:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/pPHmbMikVBACOA-xj0C6dNDZYpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8840:4::/47
2a01:8840:15::/48
2a01:8840:19::/48
2a01:8840:1d::/48
2a01:8840:21::/48
2a01:8840:25::/48
2a01:8840:29::/48
2a01:8840:2d::/48
2a01:8840:31::/48
2a01:8840:35::/48
2a01:8840:39::/48
2a01:8840:3d::/48
2a01:8840:41::/48
2a01:8840:45::/48
2a01:8840:4d::/48
2a01:8840:51::/48
2a01:8840:55::/48
2a01:8840:59::/48
2a01:8840:5d::/48
2a01:8840:61::/48
2a01:8840:65::/48
2a01:8840:69::/48
2a01:8840:6d::/48
2a01:8840:71::/48
2a01:8840:75::/48
2a01:8840:79::/48
2a01:8840:7d::/48
2a01:8840:81::/48
2a01:8840:85::/48
2a01:8840:89::/48
2a01:8840:8d::/48
2a01:8840:91::/48
2a01:8840:95::/48
2a01:8840:99::/48
2a01:8840:9d::/48
2a01:8840:a1::/48
2a01:8840:a5::/48
2a01:8840:a9::/48
2a01:8840:ad::/48
2a01:8840:b1::/48
2a01:8840:b5::/48
2a01:8840:b9::/48
2a01:8840:bd::/48
2a01:8840:c1::/48
2a01:8840:c5::/48
2a01:8840:c9::/48
2a01:8840:cd::/48
2a01:8840:d1::/48
2a01:8840:d5::/48
2a01:8840:d9::/48
2a01:8840:dd::/48
2a01:8840:e1::/48
2a01:8840:e5::/48
2a01:8840:e9::/48
2a01:8840:ed::/48
2a01:8840:f1::/48
2a01:8840:f5::/48
2a01:8840:f7::/48
2a01:8840:f9::/48
2a01:8840:fb::/48
2a01:8840:107::/48
2a01:8840:109::/48
2a01:8840:10d::/48
Signature Algorithm: sha256WithRSAEncryption
2a:13:62:93:f4:9f:af:7e:85:65:33:dd:4d:45:66:3a:60:dc:
01:2f:3e:79:86:34:01:ab:35:28:af:6f:fa:00:f7:68:84:2a:
d4:fa:2e:a7:29:9a:b8:82:40:5b:b8:47:38:68:46:35:c2:46:
e8:0a:3b:e8:ff:08:47:34:36:d0:4c:94:9e:4a:98:b6:2e:18:
9f:f2:33:8b:45:40:56:5a:1e:0a:33:06:08:1a:fc:8c:c1:7e:
6c:2c:ee:62:aa:17:ca:3b:cc:f1:42:96:68:07:2a:7f:d8:f0:
2f:46:b8:20:c5:57:6d:e9:f6:d4:a3:d7:47:fb:96:2f:d7:7f:
6a:9d:c9:cf:ad:e3:04:57:45:d4:3f:58:8d:2b:84:59:63:0e:
1a:22:7e:9a:35:ea:5f:5d:21:17:25:1e:e7:33:be:16:4e:51:
60:b5:9b:f2:33:99:66:67:50:ee:24:27:35:4c:bb:d8:39:e3:
37:93:08:21:19:31:0c:70:78:e6:fc:10:6b:bd:65:a4:8d:f3:
0e:77:0c:2a:cb:2e:50:ad:9f:79:0d:a1:d3:d7:70:09:dc:10:
5f:99:e7:11:ca:ac:65:d8:8f:db:7f:7e:b9:3d:6b:9d:a8:01:
e4:e7:44:8a:40:b4:a8:bf:cb:4e:9b:7e:fa:de:fa:f0:68:a3:
b4:3e:90:a9
-----BEGIN CERTIFICATE-----
MIIHODCCBiCgAwIBAgISAZZHn2Q3WZq9mLzNb4dt4ejWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODgyMTJiZjVkYWNlMTA4MGRjNDVlMmM1NWI5MmZmODVj
NmMxOTIwHhcNMjUwNDE4MDYzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYxZTY2Y2M4YTQ1NDEwMDIzODBmYjE4ZjQwYmE3NGQwZDk2MjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptousvvDAVlr1VGV8jBL+EJqQAWV
76s2q/yOnBhvzKjCxh8ZCTJ9g4yF33S3vYYcIQJRfiqmpfu3BwJ8sHW8V9ZGEsAu
f0nvc8DVdKhIdYFw9Snf7vOZ0DJF8QUM76YwiexrV0Uc3fQraaYclV1bzvdE0NiN
wiNeBIATVlLhyTyZZHAiQ5xC69MBklRaU3DnI1g3yaTr8IKimwZ08NV1NFoHaVkV
rWNrvWZ03xy8Ux+X5rtR6Wy5TL8YO+jKz9+rqSuJtzWiXhdi6/VA7vZVN+LKPR2Y
khDiAWvpTECmHei39F88WI3Swp9AUo0JPVjGoxO9aCSFRQnsKTyrwxZXXQIDAQAB
o4IERDCCBEAwHQYDVR0OBBYEFKTx5mzIpFQQAjgPsY9AunTQ2WKTMB8GA1UdIwQY
MBaAFNWIISv12s4QgNxF4sVbkv+FxsGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlnaEtfWGF6aENBM0VYaXhWdVNfNFhHd1pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8yMTEzNTQtZWJlNC00Nzk3LTk4ZjMt
MWIyYWMzNWMwOWFhLzEvcFBIbWJNaWtWQkFDT0EteGowQzZkTkRaWXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8yMTEzNTQtZWJlNC00Nzk3LTk4ZjMtMWIyYWMzNWMwOWFh
LzEvMVlnaEtfWGF6aENBM0VYaXhWdVNfNFhHd1pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICWAYIKwYBBQUHAQcBAf8EggJHMIICQzCCAj8EAgACMIIC
NwMHASoBiEAABAMHACoBiEAAFQMHACoBiEAAGQMHACoBiEAAHQMHACoBiEAAIQMH
ACoBiEAAJQMHACoBiEAAKQMHACoBiEAALQMHACoBiEAAMQMHACoBiEAANQMHACoB
iEAAOQMHACoBiEAAPQMHACoBiEAAQQMHACoBiEAARQMHACoBiEAATQMHACoBiEAA
UQMHACoBiEAAVQMHACoBiEAAWQMHACoBiEAAXQMHACoBiEAAYQMHACoBiEAAZQMH
ACoBiEAAaQMHACoBiEAAbQMHACoBiEAAcQMHACoBiEAAdQMHACoBiEAAeQMHACoB
iEAAfQMHACoBiEAAgQMHACoBiEAAhQMHACoBiEAAiQMHACoBiEAAjQMHACoBiEAA
kQMHACoBiEAAlQMHACoBiEAAmQMHACoBiEAAnQMHACoBiEAAoQMHACoBiEAApQMH
ACoBiEAAqQMHACoBiEAArQMHACoBiEAAsQMHACoBiEAAtQMHACoBiEAAuQMHACoB
iEAAvQMHACoBiEAAwQMHACoBiEAAxQMHACoBiEAAyQMHACoBiEAAzQMHACoBiEAA
0QMHACoBiEAA1QMHACoBiEAA2QMHACoBiEAA3QMHACoBiEAA4QMHACoBiEAA5QMH
ACoBiEAA6QMHACoBiEAA7QMHACoBiEAA8QMHACoBiEAA9QMHACoBiEAA9wMHACoB
iEAA+QMHACoBiEAA+wMHACoBiEABBwMHACoBiEABCQMHACoBiEABDTANBgkqhkiG
9w0BAQsFAAOCAQEAKhNik/Sfr36FZTPdTUVmOmDcAS8+eYY0Aas1KK9v+gD3aIQq
1PoupymauIJAW7hHOGhGNcJG6Ao76P8IRzQ20EyUnkqYti4Yn/Izi0VAVloeCjMG
CBr8jMF+bCzuYqoXyjvM8UKWaAcqf9jwL0a4IMVXben21KPXR/uWL9d/ap3Jz63j
BFdF1D9YjSuEWWMOGiJ+mjXqX10hFyUe5zO+Fk5RYLWb8jOZZmdQ7iQnNUy72Dnj
N5MIIRkxDHB45vwQa71lpI3zDncMKssuUK2feQ2h09dwCdwQX5nnEcqsZdiP239+
uT1rnagB5OdEikC0qL/LTpt++t768GijtD6QqQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:06 2025 by rpki-client