Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/hSxMBu_igMJgBtfSOfQQ4Pj49pw.roa
File: hSxMBu_igMJgBtfSOfQQ4Pj49pw.roa (raw, json)
Hash identifier: bffcp9BhaMHMTNVqsuxgb/xO/YYHeGPregGtKUrYEWw=
Subject key identifier: 85:2C:4C:06:EF:E2:80:C2:60:06:D7:D2:39:F4:10:E0:F8:F8:F6:9C
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 01963EBFF8BABC13353742C5A8EDCE6D55FE
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/hSxMBu_igMJgBtfSOfQQ4Pj49pw.roa
Signing time: Wed 16 Apr 2025 13:18:10 +0000
ROA not before: Wed 16 Apr 2025 13:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197248
IP address blocks: 62.112.192.0/21 maxlen: 21
62.112.208.0/21 maxlen: 21
77.111.88.0/21 maxlen: 24
93.88.192.0/21 maxlen: 21
93.88.194.0/24 maxlen: 24
109.61.0.0/22 maxlen: 22
109.61.8.0/21 maxlen: 21
109.61.20.0/22 maxlen: 22
109.61.22.0/24 maxlen: 24
109.61.24.0/21 maxlen: 21
109.61.48.0/20 maxlen: 20
109.61.64.0/20 maxlen: 21
109.61.96.0/21 maxlen: 21
109.61.112.0/21 maxlen: 21
185.229.249.0/24 maxlen: 24
2a01:be00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 16:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:bf:f8:ba:bc:13:35:37:42:c5:a8:ed:ce:6d:55:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Apr 16 13:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=852c4c06efe280c26006d7d239f410e0f8f8f69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c0:44:e4:cc:9f:30:e0:5d:0a:b1:66:e2:ef:
5a:9d:c8:ad:e0:28:3f:04:dd:f3:32:8c:97:8b:d3:
d4:f9:52:34:e3:f3:20:09:6f:59:b3:b6:bd:3a:e8:
f8:ab:4b:56:2c:09:6e:8a:21:ac:c4:ff:5f:8f:46:
f5:30:b0:87:8c:e1:08:77:97:0c:57:af:cc:b7:a9:
20:2d:71:d7:0c:09:9c:f3:b9:7a:cd:27:27:dd:4c:
eb:64:ad:f3:8e:a2:1a:eb:e4:a2:3e:11:f1:cb:ea:
1d:22:e3:3e:0e:3b:d2:2b:56:a0:77:5c:1b:c4:36:
24:ed:88:92:ad:6d:64:9f:58:4d:a6:c3:bb:4b:63:
a1:3d:23:46:ce:c2:a4:1b:70:5a:93:0c:0e:4e:a1:
78:9e:ae:c9:2a:44:e3:1d:81:12:87:70:95:87:27:
6b:d2:f4:67:3a:13:85:c4:d2:35:c7:8a:e4:11:7d:
88:0f:c8:38:a3:8f:4a:35:3a:4c:f3:ba:2e:a4:59:
c0:cc:f6:85:14:81:e6:0e:5c:83:d6:9a:c2:7c:bb:
f5:d9:50:9f:00:fb:a8:b6:94:a9:ec:f3:ea:90:b2:
80:83:dd:12:fb:5b:3f:63:e6:49:14:f4:d3:2b:ee:
b8:53:39:3c:f3:28:d0:70:2f:1d:11:e3:fc:eb:25:
3a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2C:4C:06:EF:E2:80:C2:60:06:D7:D2:39:F4:10:E0:F8:F8:F6:9C
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/hSxMBu_igMJgBtfSOfQQ4Pj49pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/21
62.112.208.0/21
77.111.88.0/21
93.88.192.0/21
109.61.0.0/22
109.61.8.0/21
109.61.20.0-109.61.31.255
109.61.48.0-109.61.79.255
109.61.96.0/21
109.61.112.0/21
185.229.249.0/24
IPv6:
2a01:be00::/29
Signature Algorithm: sha256WithRSAEncryption
75:8c:c7:4e:5b:fd:c3:43:5e:5f:18:02:4c:bf:7b:f4:03:80:
3d:40:74:d1:e0:c1:53:2e:9b:65:ac:0c:1d:eb:e0:83:8c:81:
a1:32:f3:ba:4f:46:b1:d1:4b:ac:b7:5f:7c:55:8e:26:3a:7a:
af:7f:3b:79:00:71:2a:2b:0b:b9:f3:1b:f2:cb:8a:cc:8b:92:
4d:ab:29:be:b6:c0:4d:ef:12:93:a6:f8:88:c4:9a:a1:f4:a6:
6b:a3:ba:50:4c:54:c1:3c:83:49:dd:c9:f2:cf:4a:09:4e:56:
b3:c0:29:3d:7c:84:6d:68:c2:46:99:b5:63:7a:cf:7e:30:8f:
a7:c2:17:9d:49:38:02:2d:9b:d6:93:ac:6c:1a:73:10:cc:7e:
1d:73:d9:22:d5:bb:56:2d:a6:72:2e:fd:27:ab:f4:b2:97:cc:
64:e1:6f:3f:10:8f:05:4a:dd:77:f4:eb:29:a3:ca:ec:bd:ce:
2c:f3:0d:d2:e0:af:ad:66:f2:9e:35:68:17:1b:82:eb:cf:c5:
ef:74:7d:f0:4a:c6:1b:b6:51:8f:e2:6b:04:d2:ba:68:86:fc:
e0:2c:1d:31:01:32:2f:89:cf:01:da:ca:19:c7:36:cf:db:78:
5e:a8:dd:58:24:a9:40:c2:75:3b:d8:ef:ce:55:f8:ab:06:79:
12:ac:9a:26
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZY+v/i6vBM1N0LFqO3ObVX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjUwNDE2MTMxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJjNGMwNmVmZTI4MGMyNjAwNmQ3ZDIzOWY0MTBlMGY4ZjhmNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcBE5MyfMOBdCrFm4u9ancit4Cg/
BN3zMoyXi9PU+VI04/MgCW9Zs7a9Ouj4q0tWLAluiiGsxP9fj0b1MLCHjOEId5cM
V6/Mt6kgLXHXDAmc87l6zScn3UzrZK3zjqIa6+SiPhHxy+odIuM+DjvSK1agd1wb
xDYk7YiSrW1kn1hNpsO7S2OhPSNGzsKkG3BakwwOTqF4nq7JKkTjHYESh3CVhydr
0vRnOhOFxNI1x4rkEX2ID8g4o49KNTpM87oupFnAzPaFFIHmDlyD1prCfLv12VCf
APuotpSp7PPqkLKAg90S+1s/Y+ZJFPTTK+64Uzk88yjQcC8dEeP86yU6uQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFIUsTAbv4oDCYAbX0jn0EOD4+PacMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEvaFN4TUJ1X2lnTUpnQnRmU09mUVE0UGo0OXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2EtZDQzMjA3ZDYyZGZl
LzEvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQDPnDAAwQD
PnDQAwQDTW9YAwQDXVjAAwQCbT0AAwQDbT0IMAwDBAJtPRQDBAVtPQAwDAMEBG09
MAMEBG09QAMEA209YAMEA209cAMEALnl+TANBAIAAjAHAwUDKgG+ADANBgkqhkiG
9w0BAQsFAAOCAQEAdYzHTlv9w0NeXxgCTL979AOAPUB00eDBUy6bZawMHevgg4yB
oTLzuk9GsdFLrLdffFWOJjp6r387eQBxKisLufMb8suKzIuSTaspvrbATe8Sk6b4
iMSaofSma6O6UExUwTyDSd3J8s9KCU5Ws8ApPXyEbWjCRpm1Y3rPfjCPp8IXnUk4
Ai2b1pOsbBpzEMx+HXPZItW7Vi2mci79J6v0spfMZOFvPxCPBUrdd/TrKaPK7L3O
LPMN0uCvrWbynjVoFxuC68/F73R98ErGG7ZRj+JrBNK6aIb84CwdMQEyL4nPAdrK
Gcc2z9t4XqjdWCSpQMJ1O9jvzlX4qwZ5EqyaJg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:39:18 2025 by rpki-client