Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ha1PymC_B_zTg0OwXLf43i7WRKI.roa
File: ha1PymC_B_zTg0OwXLf43i7WRKI.roa (raw, json)
Hash identifier: z4Cqq5RFMdzMGYB6DSPs12v+LmKU0agJDhruZGZUpmY=
Subject key identifier: 85:AD:4F:CA:60:BF:07:FC:D3:83:43:B0:5C:B7:F8:DE:2E:D6:44:A2
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 019727ED0831124EF31105FF017AAF258342
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ha1PymC_B_zTg0OwXLf43i7WRKI.roa
Signing time: Sat 31 May 2025 19:58:54 +0000
ROA not before: Sat 31 May 2025 19:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210008
IP address blocks: 185.230.181.0/24 maxlen: 24
185.230.182.0/24 maxlen: 24
185.230.183.0/24 maxlen: 24
2a13:d00:a680::/48 maxlen: 48
2a13:d00:c180::/48 maxlen: 48
2a13:d00:cf01::/48 maxlen: 48
2a13:d00:da30::/48 maxlen: 48
2a13:d00:da80::/48 maxlen: 48
2a13:d00:dc80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:27:ed:08:31:12:4e:f3:11:05:ff:01:7a:af:25:83:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: May 31 19:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85ad4fca60bf07fcd38343b05cb7f8de2ed644a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:f9:f9:ad:c3:c3:b9:de:38:ec:6b:4d:23:
3e:c4:9c:f5:16:d8:30:01:57:c2:5e:15:0b:65:0a:
7d:0b:a0:df:ec:01:1b:80:f9:e2:dd:9b:8f:6c:ad:
05:d7:87:90:60:38:d6:0c:75:61:b6:78:2b:b9:06:
ae:13:4c:40:b8:1e:09:90:aa:82:18:af:cc:d7:45:
e2:18:c0:39:a0:6f:53:0b:e4:11:da:5a:b8:36:0b:
7a:ec:94:f5:48:9b:2a:5c:e0:9e:fb:f2:c7:df:d7:
da:78:7d:ce:96:7d:3b:a7:fd:66:b0:52:26:09:99:
54:36:12:c4:51:d2:bc:be:9b:3e:20:20:41:a8:72:
d8:f0:59:ec:98:77:93:77:47:60:fe:21:df:10:3b:
d7:d7:41:84:43:76:66:86:5b:f3:c4:f3:6b:5f:6d:
fa:72:2c:97:73:9c:c3:ef:9a:7f:28:a2:25:70:ec:
e9:93:e4:92:74:54:db:70:45:d5:13:38:55:ec:fb:
65:e5:53:9a:5b:f6:21:0a:af:db:74:1d:39:d0:21:
d2:51:90:b1:78:79:65:3d:7b:b5:dc:1d:e4:4a:03:
a6:5f:81:1c:f9:36:8a:3e:13:2a:cb:36:37:6d:da:
5e:c0:76:88:fd:c7:e3:df:c4:07:a1:80:3d:ff:8e:
70:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AD:4F:CA:60:BF:07:FC:D3:83:43:B0:5C:B7:F8:DE:2E:D6:44:A2
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ha1PymC_B_zTg0OwXLf43i7WRKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.181.0-185.230.183.255
IPv6:
2a13:d00:a680::/48
2a13:d00:c180::/48
2a13:d00:cf01::/48
2a13:d00:da30::/48
2a13:d00:da80::/48
2a13:d00:dc80::/48
Signature Algorithm: sha256WithRSAEncryption
07:9e:24:dd:52:f2:a0:a0:eb:9e:ff:c5:74:64:f0:98:8c:ca:
9c:ef:f2:ce:77:15:18:80:cf:d8:3a:60:7a:d5:f6:20:98:60:
05:40:93:af:a8:b3:8e:5d:9b:42:7e:e6:ad:0a:d3:ea:e3:0b:
13:07:e0:c8:a4:04:18:70:28:fe:ba:88:63:ed:21:e5:0e:1d:
3b:e5:4f:cd:17:5c:23:bd:b9:de:b0:03:2f:7a:1b:e7:7a:6b:
1b:8c:72:b6:14:7b:2d:1d:77:97:af:a6:59:69:87:2b:19:80:
05:4d:6e:1b:4c:b0:a6:ef:21:fc:25:8c:ce:4e:16:f7:2f:b6:
20:3c:b6:00:f6:e9:66:dd:8b:2e:68:e5:88:a8:13:05:b1:54:
05:38:c9:52:8f:e9:73:e0:3b:56:3b:60:18:4c:9d:c1:b3:17:
f1:2e:bf:23:64:64:49:45:e1:62:a8:1c:13:5e:ba:62:b8:89:
d8:d6:7c:dd:82:2f:fd:b9:4e:b3:13:1d:fd:03:f4:97:9b:65:
4c:ca:56:23:c2:16:07:12:8a:f7:24:41:7b:57:52:6e:d5:8a:
f2:29:40:68:f7:3a:21:57:12:70:b2:ce:31:f7:20:93:92:3f:
73:2e:a0:18:5e:6f:c6:03:4f:bc:9e:f5:b9:12:5a:07:18:2f:
0d:89:c1:cd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcn7QgxEk7zEQX/AXqvJYNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjUwNTMxMTk1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFkNGZjYTYwYmYwN2ZjZDM4MzQzYjA1Y2I3ZjhkZTJlZDY0NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cv5+a3Dw7neOOxrTSM+xJz1Ftgw
AVfCXhULZQp9C6Df7AEbgPni3ZuPbK0F14eQYDjWDHVhtngruQauE0xAuB4JkKqC
GK/M10XiGMA5oG9TC+QR2lq4Ngt67JT1SJsqXOCe+/LH39faeH3Oln07p/1msFIm
CZlUNhLEUdK8vps+ICBBqHLY8FnsmHeTd0dg/iHfEDvX10GEQ3ZmhlvzxPNrX236
ciyXc5zD75p/KKIlcOzpk+SSdFTbcEXVEzhV7Ptl5VOaW/YhCq/bdB050CHSUZCx
eHllPXu13B3kSgOmX4Ec+TaKPhMqyzY3bdpewHaI/cfj38QHoYA9/45w3QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIWtT8pgvwf804NDsFy3+N4u1kSiMB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvaGExUHltQ19CX3pUZzBPd1hMZjQzaTdXUktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAUBAIAATAOMAwDBAC55rUD
BAO55rAwPAQCAAIwNgMHACoTDQCmgAMHACoTDQDBgAMHACoTDQDPAQMHACoTDQDa
MAMHACoTDQDagAMHACoTDQDcgDANBgkqhkiG9w0BAQsFAAOCAQEAB54k3VLyoKDr
nv/FdGTwmIzKnO/yzncVGIDP2DpgetX2IJhgBUCTr6izjl2bQn7mrQrT6uMLEwfg
yKQEGHAo/rqIY+0h5Q4dO+VPzRdcI7253rADL3ob53prG4xythR7LR13l6+mWWmH
KxmABU1uG0ywpu8h/CWMzk4W9y+2IDy2APbpZt2LLmjliKgTBbFUBTjJUo/pc+A7
VjtgGEydwbMX8S6/I2RkSUXhYqgcE166YriJ2NZ83YIv/blOsxMd/QP0l5tlTMpW
I8IWBxKK9yRBe1dSbtWK8ilAaPc6IVcScLLOMfcgk5I/cy6gGF5vxgNPvJ71uRJa
BxgvDYnBzQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:55:23 2025 by rpki-client