Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hEZZKQJ28Km_5UhH3cpxvYkLLZU.roa
File: hEZZKQJ28Km_5UhH3cpxvYkLLZU.roa (raw, json)
Hash identifier: +vaYxbzQEi6M9mf3DyKNxFAOI6eLzddsZf7cVFe2WCE=
Subject key identifier: 84:46:59:29:02:76:F0:A9:BF:E5:48:47:DD:CA:71:BD:89:0B:2D:95
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0197D139E7E0ECEF10203628C3C0FBF76BA1
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hEZZKQJ28Km_5UhH3cpxvYkLLZU.roa
Signing time: Thu 03 Jul 2025 16:58:42 +0000
ROA not before: Thu 03 Jul 2025 16:58:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212192
IP address blocks: 5.157.164.0/22 maxlen: 24
5.157.240.0/21 maxlen: 21
37.35.32.0/22 maxlen: 22
37.35.38.0/24 maxlen: 24
146.66.211.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
146.66.219.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.74.153.0/24 maxlen: 24
188.74.154.0/24 maxlen: 24
188.74.156.0/22 maxlen: 22
188.74.191.0/24 maxlen: 24
188.74.244.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
188.119.164.0/24 maxlen: 24
188.119.167.0/24 maxlen: 24
188.119.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d1:39:e7:e0:ec:ef:10:20:36:28:c3:c0:fb:f7:6b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jul 3 16:58:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=844659290276f0a9bfe54847ddca71bd890b2d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:20:84:da:e7:fd:da:f4:39:60:c3:0a:4a:
e2:d5:77:72:f9:7d:d2:81:8e:15:c5:8b:e3:46:a8:
af:93:ac:8c:f2:e3:4b:d4:6a:60:b0:ee:e2:a6:ca:
1c:b7:bc:b0:0c:14:c2:6c:6a:4c:cc:6a:62:ee:e1:
f7:28:c1:31:25:e3:a8:ec:47:6f:93:d8:d0:72:45:
d5:0b:0a:8d:d0:da:62:71:4a:2c:37:de:13:28:47:
a8:36:5c:f0:1a:df:ea:01:f8:51:fd:5b:87:bd:02:
a8:27:ac:e5:f6:28:da:68:fe:de:1a:6b:6d:fd:9a:
71:26:0c:47:f9:ac:88:91:72:0a:73:b8:f3:3e:ac:
9c:c0:b3:68:8c:21:17:ae:9b:ef:2d:79:b7:2d:fd:
36:5f:87:7a:e4:e3:4f:46:eb:c0:68:ab:d5:dd:ab:
2d:35:8d:dc:6d:fb:92:02:65:16:5a:07:fb:80:b9:
24:27:f5:b4:20:27:05:f7:e7:d9:3e:51:40:f6:7a:
92:7c:53:33:4a:32:24:f6:c5:4a:c5:e7:99:fa:c5:
9f:64:62:e7:51:f5:bc:74:56:fe:73:83:87:27:9e:
78:a7:98:30:73:86:44:4f:5b:41:38:52:88:cb:66:
a1:91:5f:84:e4:e2:e7:9d:1e:bf:4e:04:ea:ca:c0:
ef:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:46:59:29:02:76:F0:A9:BF:E5:48:47:DD:CA:71:BD:89:0B:2D:95
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hEZZKQJ28Km_5UhH3cpxvYkLLZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.164.0/22
5.157.240.0/21
37.35.32.0/22
37.35.38.0/24
146.66.211.0/24
146.66.218.0/23
178.157.125.0/24
188.74.153.0-188.74.154.255
188.74.156.0/22
188.74.191.0/24
188.74.244.0/24
188.119.144.0/22
188.119.164.0/24
188.119.167.0/24
188.119.189.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:8b:b6:ed:e3:af:b3:d2:70:d4:8a:09:d6:ec:ba:aa:40:f6:
0a:56:60:d7:1b:21:99:ce:3a:0f:dd:ac:f5:7f:12:d6:f7:7f:
23:c0:78:ec:5d:54:41:6c:4e:1c:25:76:8b:0c:4e:d7:c0:8b:
6b:1f:c2:e2:a4:e9:1a:fd:22:1e:c4:12:f1:23:bf:90:2d:55:
c9:58:be:ac:0e:60:f7:b8:90:21:76:85:c8:c4:13:fd:f5:81:
86:45:95:7f:0d:7e:95:c5:61:56:27:17:e1:97:9f:50:9c:2d:
bc:94:fc:ee:b7:70:27:1c:cd:2e:a2:64:f5:30:67:0e:7a:b8:
a5:78:b5:fe:38:6b:98:17:c1:a5:87:9e:7f:47:d8:d7:f8:c3:
94:9a:aa:9b:66:18:80:90:c9:20:da:f6:95:e3:61:b9:6f:5a:
8e:12:88:15:9b:18:29:ed:11:58:09:6c:ec:99:de:6d:8a:7f:
a6:eb:54:59:a4:77:4d:73:0d:b9:c7:30:e3:d8:6a:f4:a3:2d:
b9:f0:13:1e:11:8c:79:97:f4:51:18:c4:a6:89:6c:f7:7b:73:
30:d5:cd:93:23:54:55:6b:49:ed:2d:2a:13:9f:e8:0b:f6:9c:
a0:a0:67:c7:8f:61:f4:01:60:0b:28:90:9a:9e:3d:ba:86:c2:
a9:72:b4:57
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZfROefg7O8QIDYow8D792uhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNzAzMTY1ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ2NTkyOTAyNzZmMGE5YmZlNTQ4NDdkZGNhNzFiZDg5MGIyZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXwghNrn/dr0OWDDCkri1Xdy+X3S
gY4VxYvjRqivk6yM8uNL1GpgsO7ipsoct7ywDBTCbGpMzGpi7uH3KMExJeOo7Edv
k9jQckXVCwqN0NpicUosN94TKEeoNlzwGt/qAfhR/VuHvQKoJ6zl9ijaaP7eGmtt
/ZpxJgxH+ayIkXIKc7jzPqycwLNojCEXrpvvLXm3Lf02X4d65ONPRuvAaKvV3ast
NY3cbfuSAmUWWgf7gLkkJ/W0ICcF9+fZPlFA9nqSfFMzSjIk9sVKxeeZ+sWfZGLn
UfW8dFb+c4OHJ554p5gwc4ZET1tBOFKIy2ahkV+E5OLnnR6/TgTqysDvowIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFIRGWSkCdvCpv+VIR93Kcb2JCy2VMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvaEVaWktRSjI4S21fNVVoSDNjcHh2WWtMTFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCBZ2kAwQD
BZ3wAwQCJSMgAwQAJSMmAwQAkkLTAwQBkkLaAwQAsp19MAwDBAC8SpkDBAC8SpoD
BAK8SpwDBAC8Sr8DBAC8SvQDBAK8d5ADBAC8d6QDBAC8d6cDBAC8d70wDQYJKoZI
hvcNAQELBQADggEBAE2Ltu3jr7PScNSKCdbsuqpA9gpWYNcbIZnOOg/drPV/Etb3
fyPAeOxdVEFsThwldosMTtfAi2sfwuKk6Rr9Ih7EEvEjv5AtVclYvqwOYPe4kCF2
hcjEE/31gYZFlX8NfpXFYVYnF+GXn1CcLbyU/O63cCcczS6iZPUwZw56uKV4tf44
a5gXwaWHnn9H2Nf4w5SaqptmGICQySDa9pXjYblvWo4SiBWbGCntEVgJbOyZ3m2K
f6brVFmkd01zDbnHMOPYavSjLbnwEx4RjHmX9FEYxKaJbPd7czDVzZMjVFVrSe0t
KhOf6Av2nKCgZ8ePYfQBYAsokJqePbqGwqlytFc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:30:30 2025 by rpki-client