Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hpwDn8YGTUmpFxnE0VT2lU7HVA0.roa
File: hpwDn8YGTUmpFxnE0VT2lU7HVA0.roa (raw, json)
Hash identifier: tWHBC5BsH2Dh86+jd4z/xUkpeNlarvJmfP1oQFYSFgg=
Subject key identifier: 86:9C:03:9F:C6:06:4D:49:A9:17:19:C4:D1:54:F6:95:4E:C7:54:0D
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01970E07B2479FEE52F7849106E78141DC60
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hpwDn8YGTUmpFxnE0VT2lU7HVA0.roa
Signing time: Mon 26 May 2025 19:17:54 +0000
ROA not before: Mon 26 May 2025 19:17:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60707
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:07:b2:47:9f:ee:52:f7:84:91:06:e7:81:41:dc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: May 26 19:17:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=869c039fc6064d49a91719c4d154f6954ec7540d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7f:09:04:14:72:83:94:05:09:e1:3b:cd:93:
a8:d3:4f:83:aa:02:11:b5:0b:9a:8d:46:d4:4b:8b:
c4:b4:73:82:0e:42:a2:22:0d:46:53:6f:4d:e2:a8:
fc:31:c1:cd:96:39:e9:df:2e:21:99:cd:b1:c8:01:
56:a5:ec:77:28:88:d2:bc:99:c4:f2:93:8e:da:e5:
2f:5a:ea:12:39:29:02:fb:f4:4c:1d:0d:85:2d:d2:
39:0d:cd:5a:16:63:b8:d5:0f:28:aa:92:5f:66:69:
c9:88:04:87:ad:a8:76:d5:33:dc:ad:91:8e:8b:91:
5e:a1:80:22:18:bb:0c:f6:67:96:eb:21:16:4e:49:
7a:d9:07:4b:b6:a9:22:b5:3b:2d:7f:57:5d:62:58:
38:86:47:89:ad:06:2a:c9:78:0f:09:cc:7b:76:44:
c1:61:46:dc:be:1b:7b:c7:83:ca:0f:0b:83:b9:70:
11:69:3e:61:13:4f:01:ad:77:b5:92:5d:70:69:8a:
0b:42:e3:07:ad:cf:1a:9f:48:36:57:f8:0b:bd:f4:
03:79:8c:18:a5:b4:bd:25:94:4b:7e:a9:91:4f:ee:
af:b5:bf:df:30:94:93:fc:ca:f3:b5:5c:1b:22:98:
88:50:d7:9d:c6:e5:9d:d5:89:a1:6d:a2:da:31:fc:
f7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9C:03:9F:C6:06:4D:49:A9:17:19:C4:D1:54:F6:95:4E:C7:54:0D
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hpwDn8YGTUmpFxnE0VT2lU7HVA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/24
Signature Algorithm: sha256WithRSAEncryption
99:bb:3b:d3:0e:6a:a8:eb:19:53:1c:6d:3c:2f:2a:eb:24:83:
4d:50:b4:d9:ed:27:cc:2f:01:b8:3a:da:29:07:a0:a0:b1:77:
c2:b8:31:79:e6:fd:d7:2d:56:b9:07:7e:fa:79:b2:2e:b9:c0:
15:60:a9:94:77:c5:84:c0:e2:c2:ec:99:0d:53:5c:da:cc:fa:
06:60:ac:3b:8f:d9:cf:29:77:42:44:84:af:d1:c9:dc:1b:e6:
d6:7c:e9:1e:21:64:b5:11:b4:7b:bf:85:03:0c:aa:f6:06:31:
fd:83:7c:2d:a9:d1:97:db:9d:32:3b:11:2c:83:48:85:b8:42:
9c:ea:ae:47:03:e6:ef:64:c0:22:4d:72:65:2c:bf:b9:3e:0e:
97:e4:24:78:f9:21:d2:d7:d2:3b:6b:24:32:b4:a2:c5:6a:6e:
a6:6c:c8:a5:56:de:24:d7:9e:3f:1c:3f:91:c1:c4:eb:6c:b4:
f5:a7:14:60:49:0e:83:4c:4e:8b:7b:6f:e5:c4:89:18:78:a1:
ea:e3:44:46:78:ea:e0:2a:7d:b0:2c:69:71:84:ad:5d:9e:7f:
c9:79:82:90:04:38:6f:c4:d1:f4:3b:5a:e3:42:7c:b1:ca:94:
da:4f:38:9d:31:6f:29:b6:94:92:1a:20:7e:bb:13:af:2d:06:
13:ef:0a:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcOB7JHn+5S94SRBueBQdxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjUwNTI2MTkxNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjljMDM5ZmM2MDY0ZDQ5YTkxNzE5YzRkMTU0ZjY5NTRlYzc1NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n8JBBRyg5QFCeE7zZOo00+DqgIR
tQuajUbUS4vEtHOCDkKiIg1GU29N4qj8McHNljnp3y4hmc2xyAFWpex3KIjSvJnE
8pOO2uUvWuoSOSkC+/RMHQ2FLdI5Dc1aFmO41Q8oqpJfZmnJiASHrah21TPcrZGO
i5FeoYAiGLsM9meW6yEWTkl62QdLtqkitTstf1ddYlg4hkeJrQYqyXgPCcx7dkTB
YUbcvht7x4PKDwuDuXARaT5hE08BrXe1kl1waYoLQuMHrc8an0g2V/gLvfQDeYwY
pbS9JZRLfqmRT+6vtb/fMJST/MrztVwbIpiIUNedxuWd1YmhbaLaMfz3wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIacA5/GBk1JqRcZxNFU9pVOx1QNMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaHB3RG44WUdUVW1wRnhuRTBWVDJsVTdIVkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QMAwQA
W+QOMA0GCSqGSIb3DQEBCwUAA4IBAQCZuzvTDmqo6xlTHG08LyrrJINNULTZ7SfM
LwG4OtopB6CgsXfCuDF55v3XLVa5B376ebIuucAVYKmUd8WEwOLC7JkNU1zazPoG
YKw7j9nPKXdCRISv0cncG+bWfOkeIWS1EbR7v4UDDKr2BjH9g3wtqdGX250yOxEs
g0iFuEKc6q5HA+bvZMAiTXJlLL+5Pg6X5CR4+SHS19I7ayQytKLFam6mbMilVt4k
154/HD+RwcTrbLT1pxRgSQ6DTE6Le2/lxIkYeKHq40RGeOrgKn2wLGlxhK1dnn/J
eYKQBDhvxNH0O1rjQnyxypTaTzidMW8ptpSSGiB+uxOvLQYT7wqP
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:54:52 2025 by rpki-client