Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/hkqOX4mECokeZ3ChLO-NkzoKVG0.roa
File: hkqOX4mECokeZ3ChLO-NkzoKVG0.roa (raw, json)
Hash identifier: jDSI0Vi3uJHnivxkTcLJyUGbXo6jl9OF+5YD1t9wHog=
Subject key identifier: 86:4A:8E:5F:89:84:0A:89:1E:67:70:A1:2C:EF:8D:93:3A:0A:54:6D
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 0196F7CA07F681103A5D1639D9977FEDF617
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/hkqOX4mECokeZ3ChLO-NkzoKVG0.roa
Signing time: Thu 22 May 2025 11:38:54 +0000
ROA not before: Thu 22 May 2025 11:38:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199912
IP address blocks: 88.214.24.0/24 maxlen: 24
91.238.180.0/24 maxlen: 24
91.239.208.0/24 maxlen: 24
185.55.240.0/24 maxlen: 24
194.24.161.0/24 maxlen: 24
2a12:5e40::/32 maxlen: 32
2a12:5e41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:ca:07:f6:81:10:3a:5d:16:39:d9:97:7f:ed:f6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: May 22 11:38:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=864a8e5f89840a891e6770a12cef8d933a0a546d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:fb:b2:05:9a:2a:5c:3c:59:26:8e:1f:57:
8f:0b:f4:db:03:de:e4:0a:38:e9:2a:b1:17:b3:9d:
0a:f4:19:5e:c2:fe:40:ec:17:44:fb:5f:b7:0e:56:
a4:27:bc:80:bf:dd:23:0c:53:88:84:16:b3:53:70:
8c:4b:e3:03:be:b5:2c:d5:79:09:af:2c:b4:fc:10:
f8:ab:bd:47:3f:03:d4:8d:2c:5d:6f:58:0c:6b:af:
a1:e0:4f:7c:89:0a:7c:70:a4:8a:55:9c:71:8e:23:
35:c8:b3:84:d6:b8:c7:18:fd:3c:47:2f:b8:26:77:
ef:ab:6d:1a:ef:b2:d8:4f:46:a5:91:f9:65:34:84:
8a:33:63:4e:51:91:3e:da:9f:94:4e:5e:15:1e:ac:
0b:9b:5e:63:ba:51:16:cb:59:7b:c5:a7:d3:78:9b:
68:4d:2f:b3:04:14:bb:7c:77:66:56:61:dc:bc:8b:
0a:3b:c1:d5:7a:31:9f:ae:d8:1b:ed:83:ba:7f:28:
db:2e:b6:3a:ea:37:73:8d:d1:83:92:a5:94:c1:8e:
b6:fc:d3:9c:8b:fa:8e:f9:10:c8:c8:dd:7d:6b:ec:
0d:01:57:a2:ef:35:c1:a4:1b:72:90:de:e0:6c:f9:
6a:31:d2:b3:dd:c3:e8:08:1e:2a:a9:3c:52:c0:3f:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4A:8E:5F:89:84:0A:89:1E:67:70:A1:2C:EF:8D:93:3A:0A:54:6D
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/hkqOX4mECokeZ3ChLO-NkzoKVG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.24.0/24
91.238.180.0/24
91.239.208.0/24
185.55.240.0/24
194.24.161.0/24
IPv6:
2a12:5e40::/31
Signature Algorithm: sha256WithRSAEncryption
8b:b2:10:ca:e6:21:3d:ab:c0:b6:06:03:2e:aa:63:fd:2b:ae:
3d:5e:f6:6d:2c:8b:47:48:4e:e5:fe:0f:31:3a:39:21:39:e5:
7a:f0:ef:c7:00:4c:02:1c:9e:08:f7:55:07:85:00:03:b8:e4:
29:07:4f:c9:c2:40:49:ec:7c:b1:86:6d:4e:b8:5d:74:ad:9b:
12:ac:57:d1:c6:2d:c7:19:f1:84:3f:44:44:68:54:e0:f9:3c:
07:99:bd:af:79:5f:ec:1e:13:c6:d7:b5:ca:54:f4:62:33:6c:
28:12:9f:0d:50:4a:26:a4:19:9f:64:8d:e1:70:17:e0:3e:92:
73:a3:ca:07:96:fc:9b:96:05:ab:79:1f:d7:bf:74:33:5f:b5:
52:48:f7:c0:c7:ea:27:0b:48:65:da:80:a8:86:65:d6:13:87:
e6:b9:d3:a0:14:3e:0b:04:d9:44:f2:66:7b:a0:5b:0d:6b:8d:
89:8d:02:85:4d:45:3b:d9:4e:be:28:fc:72:d5:28:bc:1c:7e:
0c:bd:89:9c:27:ff:f0:35:c2:50:2d:87:78:84:44:8d:0d:39:
5c:9a:70:53:dc:b4:e8:55:63:7f:3e:9b:64:81:3b:4f:ba:a2:
98:b5:a6:bc:8f:9c:67:b8:d2:3e:de:29:47:27:18:b9:8b:d3:
07:d5:80:10
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZb3ygf2gRA6XRY52Zd/7fYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwNTIyMTEzODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRhOGU1Zjg5ODQwYTg5MWU2NzcwYTEyY2VmOGQ5MzNhMGE1NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZr7sgWaKlw8WSaOH1ePC/TbA97k
CjjpKrEXs50K9Blewv5A7BdE+1+3DlakJ7yAv90jDFOIhBazU3CMS+MDvrUs1XkJ
ryy0/BD4q71HPwPUjSxdb1gMa6+h4E98iQp8cKSKVZxxjiM1yLOE1rjHGP08Ry+4
Jnfvq20a77LYT0alkfllNISKM2NOUZE+2p+UTl4VHqwLm15julEWy1l7xafTeJto
TS+zBBS7fHdmVmHcvIsKO8HVejGfrtgb7YO6fyjbLrY66jdzjdGDkqWUwY62/NOc
i/qO+RDIyN19a+wNAVei7zXBpBtykN7gbPlqMdKz3cPoCB4qqTxSwD/JMwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIZKjl+JhAqJHmdwoSzvjZM6ClRtMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvaGtxT1g0bUVDb2tlWjNDaExPLU5rem9LVkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWNYYAwQA
W+60AwQAW+/QAwQAuTfwAwQAwhihMA0EAgACMAcDBQEqEl5AMA0GCSqGSIb3DQEB
CwUAA4IBAQCLshDK5iE9q8C2BgMuqmP9K649XvZtLItHSE7l/g8xOjkhOeV68O/H
AEwCHJ4I91UHhQADuOQpB0/JwkBJ7Hyxhm1OuF10rZsSrFfRxi3HGfGEP0REaFTg
+TwHmb2veV/sHhPG17XKVPRiM2woEp8NUEompBmfZI3hcBfgPpJzo8oHlvyblgWr
eR/Xv3QzX7VSSPfAx+onC0hl2oCohmXWE4fmudOgFD4LBNlE8mZ7oFsNa42JjQKF
TUU72U6+KPxy1Si8HH4MvYmcJ//wNcJQLYd4hESNDTlcmnBT3LToVWN/PptkgTtP
uqKYtaa8j5xnuNI+3ilHJxi5i9MH1YAQ
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:09:56 2025 by rpki-client