Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HMxNgNFdF8dk4NZNgQEVD66pjCY.roa
File: HMxNgNFdF8dk4NZNgQEVD66pjCY.roa (raw, json)
Hash identifier: cLGIO41CcdK/y1Cm8zjj3K9e1WKl8lugUBmgrtQHqaI=
Subject key identifier: 1C:CC:4D:80:D1:5D:17:C7:64:E0:D6:4D:81:01:15:0F:AE:A9:8C:26
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019684372D296B6C854BD2519E61D7182B0E
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HMxNgNFdF8dk4NZNgQEVD66pjCY.roa
Signing time: Wed 30 Apr 2025 01:02:10 +0000
ROA not before: Wed 30 Apr 2025 01:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a0c:2500::/29 maxlen: 48
2a0c:2502::/32 maxlen: 48
2a14:6781::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:84:37:2d:29:6b:6c:85:4b:d2:51:9e:61:d7:18:2b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 30 01:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ccc4d80d15d17c764e0d64d8101150faea98c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f4:a7:a1:f0:c2:e3:c7:b1:c3:bd:5f:06:08:
6d:ed:28:d4:ad:b0:0b:a4:db:32:ab:a3:a4:62:dc:
63:d0:e1:14:e3:84:e5:02:e8:fd:5e:39:68:86:7b:
92:ac:38:75:14:b7:a4:ec:a3:b7:4e:c6:d9:a1:35:
f7:ac:0f:d9:d7:39:35:34:d9:2a:7f:70:64:74:d6:
f0:25:82:f2:f8:56:e3:95:f6:87:fa:c2:86:d1:35:
5f:48:dd:66:9a:2f:e7:c2:eb:f7:84:e9:e5:fc:b1:
40:77:18:2d:e1:d2:13:bd:27:82:e5:11:9f:4f:2e:
13:ed:b8:27:91:45:7c:5d:99:07:bf:74:21:89:2e:
3c:d8:e2:ac:61:d0:40:f7:45:56:a3:71:17:e1:31:
b8:a9:3c:c5:4f:1a:c6:60:e4:17:fb:0f:dd:ba:2b:
42:27:d1:a4:07:c4:45:59:33:d1:66:84:05:27:d8:
b4:85:75:df:2b:81:71:de:02:c9:4e:0f:0f:9f:a1:
16:0f:90:58:8e:bc:e1:38:2b:0f:6a:4b:25:ea:81:
ba:0b:ff:cf:19:52:98:1a:6d:19:51:b5:1e:e2:05:
58:3a:da:21:47:bd:fd:ab:6e:c6:2d:bf:1b:bc:90:
4e:5b:7c:f8:c7:e4:ef:56:30:31:b9:cc:4b:42:43:
8b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CC:4D:80:D1:5D:17:C7:64:E0:D6:4D:81:01:15:0F:AE:A9:8C:26
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HMxNgNFdF8dk4NZNgQEVD66pjCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
89.36.35.0/24
185.144.70.0/24
212.232.18.0/24
IPv6:
2a0c:2500::/29
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
01:94:e3:4c:8e:40:31:f7:3c:98:5a:71:fd:68:46:48:a8:19:
4c:25:e7:a8:41:84:cc:b0:03:72:00:38:87:de:86:70:29:d9:
ed:0b:cf:83:db:7e:56:b9:7c:f3:af:75:20:ec:9c:28:40:9e:
06:e4:9c:2c:61:92:24:1a:b8:2d:4a:b7:54:68:62:f9:21:6e:
7e:40:d4:2e:38:70:2b:dc:2a:20:de:ac:2c:a9:76:45:8f:2a:
f2:e3:f8:69:6d:7b:7c:c7:7b:fa:ab:2c:34:0c:ef:e2:c1:1f:
0c:b3:b7:e5:40:f6:cc:fe:3c:9c:02:38:bd:90:f6:49:d8:77:
9e:45:b0:79:83:4a:0d:d2:d1:78:1f:0f:57:87:bf:12:bc:3d:
be:ad:3b:10:72:2a:44:3d:9e:37:31:1b:27:5b:35:2b:03:f1:
ae:e0:7d:d0:eb:ec:59:c3:99:a3:f1:36:82:e6:1a:7b:6d:c8:
22:c7:27:64:95:9e:91:99:49:55:33:5f:f0:3b:89:b2:e6:e9:
f5:ce:f8:40:8f:81:15:8d:9f:a0:12:3f:e7:1e:30:bd:16:96:
a8:47:04:b0:ce:e3:bb:6b:19:36:bb:cb:0f:71:60:7c:e2:a8:
89:9f:56:ea:ff:8c:21:f2:45:e6:a3:ad:17:e7:f4:69:a8:dd:
66:8e:6d:a8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZaENy0pa2yFS9JRnmHXGCsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDMwMDEwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NjNGQ4MGQxNWQxN2M3NjRlMGQ2NGQ4MTAxMTUwZmFlYTk4YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/SnofDC48exw71fBght7SjUrbAL
pNsyq6OkYtxj0OEU44TlAuj9XjlohnuSrDh1FLek7KO3TsbZoTX3rA/Z1zk1NNkq
f3BkdNbwJYLy+FbjlfaH+sKG0TVfSN1mmi/nwuv3hOnl/LFAdxgt4dITvSeC5RGf
Ty4T7bgnkUV8XZkHv3QhiS482OKsYdBA90VWo3EX4TG4qTzFTxrGYOQX+w/duitC
J9GkB8RFWTPRZoQFJ9i0hXXfK4Fx3gLJTg8Pn6EWD5BYjrzhOCsPaksl6oG6C//P
GVKYGm0ZUbUe4gVYOtohR739q27GLb8bvJBOW3z4x+TvVjAxucxLQkOLhwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBzMTYDRXRfHZODWTYEBFQ+uqYwmMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvSE14TmdORmRGOGRrNE5aTmdRRVZENjZwakNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAHxkLAwQA
WSQjAwQAuZBGAwQA1OgSMBQEAgACMA4DBQMqDCUAAwUAKhRngTANBgkqhkiG9w0B
AQsFAAOCAQEAAZTjTI5AMfc8mFpx/WhGSKgZTCXnqEGEzLADcgA4h96GcCnZ7QvP
g9t+Vrl88691IOycKECeBuScLGGSJBq4LUq3VGhi+SFufkDULjhwK9wqIN6sLKl2
RY8q8uP4aW17fMd7+qssNAzv4sEfDLO35UD2zP48nAI4vZD2Sdh3nkWweYNKDdLR
eB8PV4e/Erw9vq07EHIqRD2eNzEbJ1s1KwPxruB90OvsWcOZo/E2guYae23IIscn
ZJWekZlJVTNf8DuJsubp9c74QI+BFY2foBI/5x4wvRaWqEcEsM7ju2sZNrvLD3Fg
fOKoiZ9W6v+MIfJF5qOtF+f0aajdZo5tqA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:34:01 2025 by rpki-client