Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hm9hWkV8l2RlQbyl-tbyEK2ZAG0.roa
File: hm9hWkV8l2RlQbyl-tbyEK2ZAG0.roa (raw, json)
Hash identifier: HwvnCf2PFF8DbhlmMjZ3kv/q6uApFTesji8CDSf/wr0=
Subject key identifier: 86:6F:61:5A:45:7C:97:64:65:41:BC:A5:FA:D6:F2:10:AD:99:00:6D
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 01971724B1C5B275167D880E186B1C44C122
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hm9hWkV8l2RlQbyl-tbyEK2ZAG0.roa
Signing time: Wed 28 May 2025 13:46:10 +0000
ROA not before: Wed 28 May 2025 13:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 145.4.224.0/20 maxlen: 20
145.15.108.0/22 maxlen: 22
145.15.108.0/24 maxlen: 24
145.15.109.0/24 maxlen: 24
145.15.110.0/24 maxlen: 24
145.15.111.0/24 maxlen: 24
145.15.114.0/24 maxlen: 24
145.15.115.0/24 maxlen: 24
145.15.208.0/21 maxlen: 21
145.78.0.0/16 maxlen: 16
145.78.28.0/24 maxlen: 24
145.119.0.0/18 maxlen: 21
145.119.64.0/18 maxlen: 18
145.119.64.0/19 maxlen: 19
145.119.128.0/18 maxlen: 18
145.119.160.0/19 maxlen: 19
145.119.166.0/24 maxlen: 24
145.119.192.0/18 maxlen: 21
145.119.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:24:b1:c5:b2:75:16:7d:88:0e:18:6b:1c:44:c1:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: May 28 13:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=866f615a457c97646541bca5fad6f210ad99006d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:25:6e:06:84:ee:64:48:5d:28:b8:44:07:7a:
81:bb:3e:6b:89:7d:99:57:74:3b:cb:e6:45:00:1e:
77:d1:c6:c4:d6:9c:06:79:ca:0a:50:5b:30:92:58:
3b:cd:2c:4f:0d:c7:23:b5:e0:df:5f:16:f3:6d:9d:
4a:55:67:6f:11:a6:d5:57:14:7d:7e:aa:d1:a2:ee:
06:03:ae:8e:23:8b:9e:ad:73:7d:78:8e:47:45:26:
db:be:d3:44:48:05:ff:0d:7c:b6:2d:c1:dd:96:b8:
29:7b:52:5d:b7:d1:3b:d7:e4:15:36:45:0d:da:43:
30:98:1b:87:fc:4b:cc:01:27:da:81:69:b3:c4:85:
32:ad:ca:55:04:b2:2a:7e:63:f7:28:7f:d5:d4:17:
3a:bf:48:d8:41:fe:d8:ce:63:18:5d:c6:fa:2a:ac:
7b:50:69:89:90:ea:e7:bc:15:4c:01:43:13:92:a7:
34:9e:8d:a2:83:ca:47:7e:67:24:13:91:c3:f4:0a:
23:b7:dc:66:dd:ba:86:84:31:95:f2:9c:a5:00:ec:
1b:70:5b:06:39:b7:f3:04:ea:8f:2b:11:4a:2e:9f:
5a:2f:e5:32:32:2e:ee:0f:c2:70:eb:df:77:60:44:
6f:c4:20:0f:a7:14:23:63:a3:cb:98:9b:e1:5b:26:
bf:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6F:61:5A:45:7C:97:64:65:41:BC:A5:FA:D6:F2:10:AD:99:00:6D
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hm9hWkV8l2RlQbyl-tbyEK2ZAG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.4.224.0/20
145.15.108.0/22
145.15.114.0/23
145.15.208.0/21
145.78.0.0/16
145.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:d9:0c:ab:35:b1:28:df:b0:99:b1:7b:d3:59:8d:28:11:3f:
12:ad:04:a2:b8:ed:90:c1:73:4b:d6:e5:78:bb:49:b1:01:e4:
9b:c3:b5:33:39:ef:aa:78:b9:31:91:b6:83:53:ba:be:92:c0:
c5:3d:b1:83:13:05:b9:50:7f:f3:c7:90:40:71:be:a5:b6:3e:
46:3b:f0:46:aa:43:d8:fc:27:97:18:6d:1f:c0:0d:0b:85:4e:
1c:d3:79:0b:14:95:bd:12:fc:e3:a0:57:35:e6:66:d9:10:35:
d8:98:8a:7a:d2:df:29:14:f3:66:6a:28:95:33:cd:12:6c:03:
bd:fd:38:dc:50:9d:41:3c:df:3d:f5:12:ff:b0:13:fd:10:51:
32:1c:5d:ae:f2:c6:c8:6e:d5:6e:0c:7a:1c:a0:2d:2e:88:9f:
df:e5:31:b0:f6:cf:d5:24:5f:ca:e1:9c:99:47:f4:27:eb:b4:
63:85:0f:0b:43:36:88:2e:a9:d0:c7:cd:19:45:ab:75:6f:62:
b2:33:c1:b4:7c:ef:8d:76:f8:71:22:a1:8f:08:e0:05:7b:d8:
7a:c1:4e:37:45:27:f2:80:8a:85:2f:b4:5b:71:d3:30:2f:67:
4f:0b:70:e2:25:d6:82:13:c7:12:98:a1:7e:db:29:a4:66:fe:
93:2b:fc:03
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZcXJLHFsnUWfYgOGGscRMEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwNTI4MTM0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZmNjE1YTQ1N2M5NzY0NjU0MWJjYTVmYWQ2ZjIxMGFkOTkwMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCVuBoTuZEhdKLhEB3qBuz5riX2Z
V3Q7y+ZFAB530cbE1pwGecoKUFswklg7zSxPDccjteDfXxbzbZ1KVWdvEabVVxR9
fqrRou4GA66OI4uerXN9eI5HRSbbvtNESAX/DXy2LcHdlrgpe1Jdt9E71+QVNkUN
2kMwmBuH/EvMASfagWmzxIUyrcpVBLIqfmP3KH/V1Bc6v0jYQf7YzmMYXcb6Kqx7
UGmJkOrnvBVMAUMTkqc0no2ig8pHfmckE5HD9Aojt9xm3bqGhDGV8pylAOwbcFsG
ObfzBOqPKxFKLp9aL+UyMi7uD8Jw6993YERvxCAPpxQjY6PLmJvhWya/ewIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIZvYVpFfJdkZUG8pfrW8hCtmQBtMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvaG05aFdrVjhsMlJsUWJ5bC10YnlFSzJaQUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQEkQTgAwQC
kQ9sAwQBkQ9yAwQDkQ/QAwMAkU4DAwCRdzANBgkqhkiG9w0BAQsFAAOCAQEAJdkM
qzWxKN+wmbF701mNKBE/Eq0EorjtkMFzS9bleLtJsQHkm8O1Mznvqni5MZG2g1O6
vpLAxT2xgxMFuVB/88eQQHG+pbY+RjvwRqpD2PwnlxhtH8ANC4VOHNN5CxSVvRL8
46BXNeZm2RA12JiKetLfKRTzZmoolTPNEmwDvf043FCdQTzfPfUS/7AT/RBRMhxd
rvLGyG7Vbgx6HKAtLoif3+UxsPbP1SRfyuGcmUf0J+u0Y4UPC0M2iC6p0MfNGUWr
dW9isjPBtHzvjXb4cSKhjwjgBXvYesFON0Un8oCKhS+0W3HTMC9nTwtw4iXWghPH
EpihftsppGb+kyv8Aw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:44:40 2025 by rpki-client