Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/H0P6Uhc2PQuAj9mI5JuLmXDsE-E.roa
File: H0P6Uhc2PQuAj9mI5JuLmXDsE-E.roa (raw, json)
Hash identifier: lFsz70YXVH8oaNr7AK6yGfw7Y8IvCmN3m4Wget06GNk=
Subject key identifier: 1F:43:FA:52:17:36:3D:0B:80:8F:D9:88:E4:9B:8B:99:70:EC:13:E1
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 01980D43432974CF74CBE1EE22DE1FE28795
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/H0P6Uhc2PQuAj9mI5JuLmXDsE-E.roa
Signing time: Tue 15 Jul 2025 08:46:08 +0000
ROA not before: Tue 15 Jul 2025 08:46:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 45.132.248.0/22 maxlen: 24
46.247.244.0/23 maxlen: 24
46.247.246.0/23 maxlen: 24
79.132.144.0/23 maxlen: 24
79.132.150.0/23 maxlen: 24
79.132.152.0/23 maxlen: 24
79.132.154.0/23 maxlen: 24
85.112.210.0/23 maxlen: 24
86.105.90.0/23 maxlen: 24
86.107.248.0/21 maxlen: 24
86.107.254.0/23 maxlen: 24
89.43.156.0/22 maxlen: 24
185.183.63.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:43:43:29:74:cf:74:cb:e1:ee:22:de:1f:e2:87:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jul 15 08:46:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f43fa5217363d0b808fd988e49b8b9970ec13e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:36:20:31:c4:76:db:e9:36:c5:85:6c:30:
d7:9e:e5:9c:08:68:43:3e:23:7f:6b:22:06:85:23:
4c:ee:dd:da:e5:e6:36:e7:3b:23:d5:87:0d:cc:c6:
3c:7e:ad:52:e1:e3:68:e9:eb:12:1c:19:f9:0f:28:
f1:b4:77:88:9e:51:a9:6e:26:52:90:0e:f1:94:ec:
dc:18:6d:33:62:68:42:00:39:e1:d4:1c:02:94:a7:
62:b5:87:68:b5:c8:ef:6a:f5:03:ff:6f:89:fe:8c:
45:a8:a0:53:6b:58:24:75:6a:a7:b3:65:77:d5:5c:
4d:1d:fb:a2:a2:bc:99:1b:48:8e:30:0e:2a:18:d9:
41:bb:42:80:f3:42:87:b2:24:42:58:26:08:80:5f:
39:3f:45:36:dd:d7:26:07:0c:65:fd:78:4f:00:b9:
b0:a2:23:e7:92:79:62:21:49:00:50:bc:8b:ea:2d:
53:c6:73:9a:94:92:80:1a:30:34:67:48:d2:8f:e2:
1d:ef:a5:fa:79:b6:af:4b:4b:2d:45:9a:81:88:79:
0f:77:26:a4:2c:c9:ae:1a:aa:2d:44:a5:c7:cb:9c:
8b:7e:37:44:ed:f4:a3:47:26:38:c1:9a:6c:32:50:
87:fe:97:eb:30:6e:8e:4e:54:eb:90:c1:0b:47:99:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:43:FA:52:17:36:3D:0B:80:8F:D9:88:E4:9B:8B:99:70:EC:13:E1
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/H0P6Uhc2PQuAj9mI5JuLmXDsE-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.248.0/22
46.247.244.0/22
79.132.144.0/23
79.132.150.0-79.132.155.255
85.112.210.0/23
86.105.90.0/23
86.107.248.0/21
89.43.156.0/22
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:fe:b0:d0:97:55:c3:3d:20:2f:25:38:cd:3d:ce:3f:c5:58:
b1:ca:38:16:8f:24:5d:18:15:b1:d3:e9:88:c7:54:d3:78:54:
15:08:a4:e8:45:3e:6b:a2:db:4b:1b:7e:81:d0:60:3f:fd:f4:
b8:36:73:6e:f4:59:69:34:1f:3b:df:5b:53:b1:fd:75:4f:43:
71:78:e0:e0:6f:a6:cf:40:4e:c9:3a:a6:20:93:78:cb:ea:76:
5f:86:92:0a:fb:5a:f9:06:89:be:75:96:41:23:4d:df:d9:9b:
84:6a:43:e6:af:29:02:09:d7:de:92:65:ec:07:0e:9b:53:10:
d3:68:54:78:6d:af:f1:1f:b5:f6:e5:7b:50:79:fe:39:d9:10:
f3:92:5d:90:66:4c:a8:fe:60:33:da:f6:45:c3:bf:9a:56:96:
c1:1a:96:f2:64:49:51:2b:8a:ba:32:cb:3f:d4:e9:36:07:75:
ba:77:a3:38:f9:71:50:a9:62:ff:33:56:a9:dc:1c:1e:9d:13:
53:54:30:38:c2:a7:b1:bc:ce:33:c8:b1:c7:e2:63:d2:75:05:
43:e8:e6:93:55:64:63:c2:36:c4:57:09:14:73:5f:ef:b4:cb:
75:ac:8a:62:2f:16:b0:e6:45:2f:e1:db:d5:eb:17:e1:c7:60:
4c:5e:7f:76
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZgNQ0MpdM90y+HuIt4f4oeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjUwNzE1MDg0NjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQzZmE1MjE3MzYzZDBiODA4ZmQ5ODhlNDliOGI5OTcwZWMxM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkA2IDHEdtvpNsWFbDDXnuWcCGhD
PiN/ayIGhSNM7t3a5eY25zsj1YcNzMY8fq1S4eNo6esSHBn5DyjxtHeInlGpbiZS
kA7xlOzcGG0zYmhCADnh1BwClKditYdotcjvavUD/2+J/oxFqKBTa1gkdWqns2V3
1VxNHfuioryZG0iOMA4qGNlBu0KA80KHsiRCWCYIgF85P0U23dcmBwxl/XhPALmw
oiPnknliIUkAULyL6i1TxnOalJKAGjA0Z0jSj+Id76X6ebavS0stRZqBiHkPdyak
LMmuGqotRKXHy5yLfjdE7fSjRyY4wZpsMlCH/pfrMG6OTlTrkMELR5kMsQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFB9D+lIXNj0LgI/ZiOSbi5lw7BPhMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvSDBQNlVoYzJQUXVBajltSTVKdUxtWERzRS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLYT4AwQC
Lvf0AwQBT4SQMAwDBAFPhJYDBAJPhJgDBAFVcNIDBAFWaVoDBANWa/gDBAJZK5wD
BAC5tz8DBAC535QwDQYJKoZIhvcNAQELBQADggEBAC3+sNCXVcM9IC8lOM09zj/F
WLHKOBaPJF0YFbHT6YjHVNN4VBUIpOhFPmui20sbfoHQYD/99Lg2c270WWk0Hzvf
W1Ox/XVPQ3F44OBvps9ATsk6piCTeMvqdl+Gkgr7WvkGib51lkEjTd/Zm4RqQ+av
KQIJ196SZewHDptTENNoVHhtr/Eftfble1B5/jnZEPOSXZBmTKj+YDPa9kXDv5pW
lsEalvJkSVEriroyyz/U6TYHdbp3ozj5cVCpYv8zVqncHB6dE1NUMDjCp7G8zjPI
scfiY9J1BUPo5pNVZGPCNsRXCRRzX++0y3WsimIvFrDmRS/h29XrF+HHYExef3Y=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:21:33 2025 by rpki-client