Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Hl7hSFZEHZrA1_ugH1WvtUr7hTI.roa
File: Hl7hSFZEHZrA1_ugH1WvtUr7hTI.roa (raw, json)
Hash identifier: uywWwGCKWj+Fn6qNY8dmQ39B3/vU6rK6HYsO/2wacYs=
Subject key identifier: 1E:5E:E1:48:56:44:1D:9A:C0:D7:FB:A0:1F:55:AF:B5:4A:FB:85:32
Certificate issuer: /CN=36cfaffc9c7868708f3c81ee5c0d64c35ac1bef1
Certificate serial: 0196ED9470E655D53DCBC872742672774B96
Authority key identifier: 36:CF:AF:FC:9C:78:68:70:8F:3C:81:EE:5C:0D:64:C3:5A:C1:BE:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Hl7hSFZEHZrA1_ugH1WvtUr7hTI.roa
Signing time: Tue 20 May 2025 12:04:10 +0000
ROA not before: Tue 20 May 2025 12:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206948
IP address blocks: 91.226.78.0/24 maxlen: 24
91.226.160.0/24 maxlen: 24
91.226.184.0/24 maxlen: 24
185.216.182.0/23 maxlen: 23
2a13:8440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:94:70:e6:55:d5:3d:cb:c8:72:74:26:72:77:4b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36cfaffc9c7868708f3c81ee5c0d64c35ac1bef1
Validity
Not Before: May 20 12:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e5ee14856441d9ac0d7fba01f55afb54afb8532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:77:9c:73:2f:4b:a9:e4:21:0d:2e:4e:95:91:
c6:f7:96:87:2f:ab:56:15:e3:d9:f1:f0:35:2f:49:
0f:e3:a6:28:ca:1f:8d:8c:16:ce:b2:99:d0:e2:b7:
c1:de:76:4c:98:08:16:d0:91:81:7e:b6:b2:0e:99:
65:1f:53:50:a1:5b:8a:08:8a:04:92:05:25:33:67:
36:a9:4d:29:33:68:6f:9c:58:13:81:49:71:8e:92:
63:42:0d:86:8b:e4:7c:2a:24:57:6c:e5:77:fd:9d:
e3:1a:6a:db:37:89:c1:b0:72:e9:0e:f8:c3:4c:14:
d3:9f:7b:47:4c:15:8c:f4:44:7e:af:3a:c1:c6:ed:
ac:b6:af:11:5a:5a:3b:9e:fd:50:6d:c6:7f:69:cf:
e6:93:f7:60:61:c5:08:9f:2f:fc:4d:e3:e5:0b:b7:
65:e5:24:af:6b:48:29:fe:9c:15:85:79:20:88:eb:
85:cf:35:c2:23:5c:61:36:aa:79:cd:1e:a0:12:4b:
2a:34:f4:3a:11:3d:31:1a:e7:8c:33:c9:8c:4b:f9:
82:cc:de:76:25:4e:2a:1d:ca:a2:55:6b:32:d7:0f:
b1:90:a6:19:04:08:c5:98:a7:ab:0f:15:06:77:44:
29:2f:cf:d4:5e:ef:65:c5:6b:cb:04:66:7b:eb:07:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5E:E1:48:56:44:1D:9A:C0:D7:FB:A0:1F:55:AF:B5:4A:FB:85:32
X509v3 Authority Key Identifier:
keyid:36:CF:AF:FC:9C:78:68:70:8F:3C:81:EE:5C:0D:64:C3:5A:C1:BE:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Hl7hSFZEHZrA1_ugH1WvtUr7hTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.78.0/24
91.226.160.0/24
91.226.184.0/24
185.216.182.0/23
IPv6:
2a13:8440::/32
Signature Algorithm: sha256WithRSAEncryption
6c:36:6c:e0:28:db:11:5c:8b:b6:27:fe:26:4a:69:a3:60:79:
26:43:b1:45:e0:aa:9c:12:a7:38:8d:4e:50:7f:34:71:94:60:
49:c5:f4:7e:a5:2d:2a:4a:47:11:47:ad:50:d5:c0:3d:f2:19:
d9:b2:57:02:f8:c4:f9:03:36:da:ce:12:c2:c5:36:0d:fd:cc:
11:d2:40:52:90:e1:35:df:ab:7f:41:44:58:23:68:65:61:13:
02:df:fc:24:a5:ee:4e:fa:03:34:23:97:8d:1c:5a:19:a0:ca:
f8:0b:74:70:a3:fc:5a:09:15:df:83:3c:f0:2b:63:b3:6a:19:
e1:39:7d:e1:e1:13:f8:82:4f:61:b9:88:d0:0f:c0:b8:c3:eb:
1d:8a:63:9d:2e:1b:40:b6:ca:3d:fb:95:5a:1a:cc:3a:f2:2c:
5f:a1:bb:33:e3:f4:cf:1d:4f:1d:71:f2:e1:92:b9:01:1b:ee:
d0:58:01:e7:23:ad:94:13:9a:2a:36:94:9a:7d:87:0b:10:2c:
e8:82:99:da:45:9e:ed:9f:96:c9:e4:13:a6:6d:af:f1:d6:98:
f1:38:f1:96:e6:6e:ca:b2:47:91:5c:fd:3f:e3:ec:f4:e2:ad:
94:98:b2:17:94:a0:fd:85:dc:7f:c7:db:aa:fc:f0:c8:ad:3c:
98:b6:ab:49
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZbtlHDmVdU9y8hydCZyd0uWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2ZhZmZjOWM3ODY4NzA4ZjNjODFlZTVjMGQ2NGMzNWFj
MWJlZjEwHhcNMjUwNTIwMTIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVlZTE0ODU2NDQxZDlhYzBkN2ZiYTAxZjU1YWZiNTRhZmI4NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3eccy9LqeQhDS5OlZHG95aHL6tW
FePZ8fA1L0kP46Yoyh+NjBbOspnQ4rfB3nZMmAgW0JGBfrayDpllH1NQoVuKCIoE
kgUlM2c2qU0pM2hvnFgTgUlxjpJjQg2Gi+R8KiRXbOV3/Z3jGmrbN4nBsHLpDvjD
TBTTn3tHTBWM9ER+rzrBxu2stq8RWlo7nv1QbcZ/ac/mk/dgYcUIny/8TePlC7dl
5SSva0gp/pwVhXkgiOuFzzXCI1xhNqp5zR6gEksqNPQ6ET0xGueMM8mMS/mCzN52
JU4qHcqiVWsy1w+xkKYZBAjFmKerDxUGd0QpL8/UXu9lxWvLBGZ76wd/MQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFB5e4UhWRB2awNf7oB9Vr7VK+4UyMB8GA1UdIwQY
MBaAFDbPr/yceGhwjzyB7lwNZMNawb7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnMtdl9KeDRhSENQUElIdVhBMWt3MXJCdnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kMDliNTYtNGZjYi00N2JmLTgwMjUt
OTk4NzhjYzliMTRjLzEvSGw3aFNGWkVIWnJBMV91Z0gxV3Z0VXI3aFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kMDliNTYtNGZjYi00N2JmLTgwMjUtOTk4NzhjYzliMTRj
LzEvTnMtdl9KeDRhSENQUElIdVhBMWt3MXJCdnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+JOAwQA
W+KgAwQAW+K4AwQBudi2MA0EAgACMAcDBQAqE4RAMA0GCSqGSIb3DQEBCwUAA4IB
AQBsNmzgKNsRXIu2J/4mSmmjYHkmQ7FF4KqcEqc4jU5QfzRxlGBJxfR+pS0qSkcR
R61Q1cA98hnZslcC+MT5AzbazhLCxTYN/cwR0kBSkOE136t/QURYI2hlYRMC3/wk
pe5O+gM0I5eNHFoZoMr4C3Rwo/xaCRXfgzzwK2OzahnhOX3h4RP4gk9huYjQD8C4
w+sdimOdLhtAtso9+5VaGsw68ixfobsz4/TPHU8dcfLhkrkBG+7QWAHnI62UE5oq
NpSafYcLECzogpnaRZ7tn5bJ5BOmba/x1pjxOPGW5m7KskeRXP0/4+z04q2UmLIX
lKD9hdx/x9uq/PDIrTyYtqtJ
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:07:08 2025 by rpki-client