Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/HEwByDo5NsJkjq0KP_e43JX1Y-I.roa
File: HEwByDo5NsJkjq0KP_e43JX1Y-I.roa (raw, json)
Hash identifier: KBL6f/ipp4MstSEvkMgxey8LBfXIJhOUyz3ctrFmblM=
Subject key identifier: 1C:4C:01:C8:3A:39:36:C2:64:8E:AD:0A:3F:F7:B8:DC:95:F5:63:E2
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 0195603141A86A86263E0C06BAEBBC3EAF91
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/HEwByDo5NsJkjq0KP_e43JX1Y-I.roa
Signing time: Tue 04 Mar 2025 08:06:35 +0000
ROA not before: Tue 04 Mar 2025 08:06:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.0.0/16 maxlen: 24
147.235.28.0/24 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.59.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.70.0/24 maxlen: 24
147.235.71.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.96.0/23 maxlen: 23
147.235.96.0/24 maxlen: 24
147.235.97.0/24 maxlen: 24
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.194.0/24 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.196.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.200.0/23 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.201.0/24 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.204.0/23 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.205.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.214.0/24 maxlen: 24
147.235.215.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.216.0/22 maxlen: 23
147.235.216.0/24 maxlen: 24
147.235.217.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.220.0/22 maxlen: 22
147.235.220.0/23 maxlen: 23
147.235.220.0/24 maxlen: 24
147.235.221.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.222.0/24 maxlen: 24
147.235.223.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
147.235.242.0/24 maxlen: 24
147.235.244.0/24 maxlen: 24
147.235.250.0/24 maxlen: 24
147.235.251.0/24 maxlen: 24
147.235.253.0/24 maxlen: 24
147.235.254.0/23 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
2a06:c700::/29 maxlen: 48
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700:2000::/36 maxlen: 36
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:31:41:a8:6a:86:26:3e:0c:06:ba:eb:bc:3e:af:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Mar 4 08:06:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c4c01c83a3936c2648ead0a3ff7b8dc95f563e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:42:0d:5e:61:54:2d:79:17:8b:53:e4:77:65:
07:1a:7e:6d:40:9b:c1:c6:5f:c2:65:2d:22:62:cc:
64:76:eb:be:93:a4:34:f6:74:2c:59:cc:b0:bb:e6:
f1:76:42:d1:77:ff:92:5b:fd:d5:2d:60:99:93:94:
af:b6:06:60:4f:26:2d:de:c5:e3:fc:20:c2:d0:84:
eb:0f:d9:cc:55:e6:ae:30:da:46:94:81:bc:23:a8:
c8:8d:2c:7f:2d:c5:4c:bc:e0:94:b2:d2:32:b0:27:
10:96:0a:c6:3b:a3:f5:95:40:52:57:0d:26:70:a0:
fa:78:ad:65:30:74:1d:f4:29:67:1e:79:8e:7b:a5:
ac:86:cb:35:f7:09:08:ef:b6:88:3a:cd:fc:f2:68:
2b:b2:ae:97:ae:b6:a2:67:e7:af:eb:d9:b0:1b:69:
40:fa:18:8f:20:30:11:c9:59:67:10:b4:c7:5e:40:
64:27:ef:ad:ec:44:71:41:0a:da:f3:0a:ef:c7:07:
63:7d:73:f5:9f:3c:c0:c6:db:e6:14:20:ab:b2:1d:
9f:1b:2b:7c:05:e6:22:a8:48:ef:ea:9a:1d:d3:17:
fa:ae:e1:aa:e3:c0:fc:24:d0:7d:70:e2:fc:0d:40:
22:64:20:35:4c:3e:62:b2:91:f1:7e:e1:a1:9b:4e:
0c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4C:01:C8:3A:39:36:C2:64:8E:AD:0A:3F:F7:B8:DC:95:F5:63:E2
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/HEwByDo5NsJkjq0KP_e43JX1Y-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
79:75:fc:c5:29:97:ad:8c:26:db:ab:ae:76:38:e5:14:4e:82:
81:f3:0a:32:28:84:c5:b4:9b:23:20:7e:f2:53:4c:01:50:c5:
bc:27:12:cc:e5:87:37:a3:a9:36:c2:2d:15:fb:c1:24:a4:e0:
dd:27:3e:6f:5a:08:93:e7:65:2a:db:cf:fb:e4:14:6a:43:db:
33:7e:b0:a2:87:c4:70:2c:42:82:73:da:33:38:24:6f:3f:8b:
96:3d:42:e3:94:29:9b:13:4f:ce:bb:f3:b8:f4:7c:e2:38:a1:
d3:ae:8f:fe:8e:20:e6:75:73:ed:8a:74:b7:0f:80:23:b8:89:
62:ba:a9:11:39:ba:d5:4f:1a:06:dd:1e:7c:9c:b4:57:f2:1d:
e5:7a:29:96:eb:37:c0:84:2e:ac:7f:ac:0a:57:e5:00:49:22:
52:9d:46:f3:67:6f:2c:a6:2f:6d:09:c6:6d:33:70:4a:51:4c:
45:dc:f2:ee:a8:18:83:11:50:7f:a0:6d:95:29:95:a6:2b:d6:
6a:b1:32:c5:39:b9:24:bf:29:23:a4:b0:21:a6:12:6e:ba:cd:
ea:f2:6c:8e:17:d4:be:23:0b:01:0f:c0:fe:c9:9c:40:0b:f0:
c7:c2:54:83:7a:e2:63:e9:6d:e0:31:18:2e:62:e6:91:88:45:
76:06:a0:68
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZVgMUGoaoYmPgwGuuu8Pq+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjUwMzA0MDgwNjM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRjMDFjODNhMzkzNmMyNjQ4ZWFkMGEzZmY3YjhkYzk1ZjU2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kINXmFULXkXi1Pkd2UHGn5tQJvB
xl/CZS0iYsxkduu+k6Q09nQsWcywu+bxdkLRd/+SW/3VLWCZk5SvtgZgTyYt3sXj
/CDC0ITrD9nMVeauMNpGlIG8I6jIjSx/LcVMvOCUstIysCcQlgrGO6P1lUBSVw0m
cKD6eK1lMHQd9ClnHnmOe6Wshss19wkI77aIOs388mgrsq6XrraiZ+ev69mwG2lA
+hiPIDARyVlnELTHXkBkJ++t7ERxQQra8wrvxwdjfXP1nzzAxtvmFCCrsh2fGyt8
BeYiqEjv6pod0xf6ruGq48D8JNB9cOL8DUAiZCA1TD5ispHxfuGhm04MYQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBxMAcg6OTbCZI6tCj/3uNyV9WPiMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvSEV3QnlEbzVOc0pranEwS1BfZTQzSlgxWS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBAHl1/MUp
l62MJturrnY45RROgoHzCjIohMW0myMgfvJTTAFQxbwnEszlhzejqTbCLRX7wSSk
4N0nPm9aCJPnZSrbz/vkFGpD2zN+sKKHxHAsQoJz2jM4JG8/i5Y9QuOUKZsTT867
87j0fOI4odOuj/6OIOZ1c+2KdLcPgCO4iWK6qRE5utVPGgbdHnyctFfyHeV6KZbr
N8CELqx/rApX5QBJIlKdRvNnbyymL20Jxm0zcEpRTEXc8u6oGIMRUH+gbZUplaYr
1mqxMsU5uSS/KSOksCGmEm66zerybI4X1L4jCwEPwP7JnEAL8MfCVIN64mPpbeAx
GC5i5pGIRXYGoGg=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:57:36 2025 by rpki-client