Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/R6G1cXur2zKERbdd7daCrZ1h_hs.roa
File: R6G1cXur2zKERbdd7daCrZ1h_hs.roa (raw, json)
Hash identifier: 5NT8h5q4KtrnouiY1SYAj++irMZW9IEfJcr79qAbGG8=
Subject key identifier: 47:A1:B5:71:7B:AB:DB:32:84:45:B7:5D:ED:D6:82:AD:9D:61:FE:1B
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 019735D14AE7CD44F8D0BCAE7D8354586ABB
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/R6G1cXur2zKERbdd7daCrZ1h_hs.roa
Signing time: Tue 03 Jun 2025 12:43:18 +0000
ROA not before: Tue 03 Jun 2025 12:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2.56.148.0/24 maxlen: 24
2.56.149.0/24 maxlen: 24
2.56.150.0/24 maxlen: 24
5.252.196.0/24 maxlen: 24
5.252.198.0/24 maxlen: 24
5.252.199.0/24 maxlen: 24
45.146.122.0/24 maxlen: 24
45.146.123.0/24 maxlen: 24
92.118.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:d1:4a:e7:cd:44:f8:d0:bc:ae:7d:83:54:58:6a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: Jun 3 12:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47a1b5717babdb328445b75dedd682ad9d61fe1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:e8:bf:b3:0d:1b:46:7f:26:9e:23:09:02:
0c:d9:b8:79:43:ac:d0:bb:2b:b3:f4:82:ca:40:e1:
83:82:41:13:d3:f5:5b:5c:b2:c6:65:54:db:d9:94:
a2:0d:fe:2e:10:2a:47:84:09:9f:37:42:ac:92:3c:
64:51:28:7a:a9:81:4f:fe:ae:20:61:0e:31:6b:76:
28:cc:2c:42:dc:14:f5:42:2c:82:03:14:63:5f:91:
ff:81:93:0a:c3:7d:48:f9:d7:02:c4:13:25:69:34:
63:ff:56:08:35:69:2c:cb:7d:82:4c:cc:42:95:b9:
f6:2c:28:cb:7c:f3:0c:b5:54:a4:42:f8:31:dd:37:
4c:47:6f:42:1c:e1:1f:4f:7f:64:ed:e7:61:bc:e7:
89:4d:e0:43:e5:09:5b:37:1b:4e:8d:7f:1b:e8:7a:
60:c5:27:94:db:46:49:29:da:91:72:79:c8:ef:03:
41:16:6d:53:47:00:5e:f3:6a:88:15:9c:d0:22:9d:
2c:c9:7a:d9:7a:68:f8:5b:0b:e0:cf:ee:4b:05:a9:
aa:58:ef:0a:4f:89:63:68:85:dc:67:6d:c9:4a:7e:
c9:ca:02:6c:1c:f4:97:bb:35:12:24:df:26:0f:4c:
4c:9a:bd:1a:5b:a0:9d:8c:7f:2c:97:77:df:2b:61:
61:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A1:B5:71:7B:AB:DB:32:84:45:B7:5D:ED:D6:82:AD:9D:61:FE:1B
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/R6G1cXur2zKERbdd7daCrZ1h_hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.148.0-2.56.150.255
5.252.196.0/24
5.252.198.0/23
45.146.122.0/23
92.118.46.0/24
Signature Algorithm: sha256WithRSAEncryption
81:42:7f:11:d9:05:27:2e:d0:83:1b:34:b7:65:34:19:aa:e2:
d2:62:8a:1f:35:c9:7a:f4:9a:94:2d:45:bc:2e:90:ae:ca:b8:
25:d3:01:e4:44:d4:ee:d8:11:8f:07:ae:98:91:52:5a:38:b5:
10:cf:d3:36:fb:d4:f6:05:23:00:85:27:a2:2b:2d:63:de:bf:
96:a4:55:22:42:54:ba:82:ab:f0:bb:ec:40:81:10:7d:92:50:
a0:06:9b:af:c9:cc:26:81:08:c1:b4:88:05:96:34:ee:85:c6:
b8:5a:90:aa:bc:0f:35:bd:d9:2f:8a:be:5c:b5:e7:d6:b9:6d:
57:bd:5e:a6:47:fb:3a:78:fd:2e:c0:40:ad:6a:90:d3:4f:95:
26:e1:d6:6f:94:1e:11:52:05:00:27:31:3d:ab:3c:ac:11:37:
34:15:f2:6e:b1:f3:56:6f:1d:4a:fd:a0:23:29:35:6a:f0:49:
e8:92:b4:5f:24:a6:c3:64:b7:5a:51:8c:b2:dd:16:aa:81:be:
2c:46:21:cb:1b:15:d2:99:83:03:a5:28:31:56:ce:b7:f1:67:
91:7a:cb:4c:8b:60:e9:e1:2e:e8:86:f2:1e:a8:37:15:d9:3a:
17:b6:fb:e1:16:4e:ad:68:37:cb:18:bb:60:5a:55:12:49:55:
ac:93:6a:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZc10UrnzUT40LyufYNUWGq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjUwNjAzMTI0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ExYjU3MTdiYWJkYjMyODQ0NWI3NWRlZGQ2ODJhZDlkNjFmZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqULov7MNG0Z/Jp4jCQIM2bh5Q6zQ
uyuz9ILKQOGDgkET0/VbXLLGZVTb2ZSiDf4uECpHhAmfN0KskjxkUSh6qYFP/q4g
YQ4xa3YozCxC3BT1QiyCAxRjX5H/gZMKw31I+dcCxBMlaTRj/1YINWksy32CTMxC
lbn2LCjLfPMMtVSkQvgx3TdMR29CHOEfT39k7edhvOeJTeBD5QlbNxtOjX8b6Hpg
xSeU20ZJKdqRcnnI7wNBFm1TRwBe82qIFZzQIp0syXrZemj4Wwvgz+5LBamqWO8K
T4ljaIXcZ23JSn7JygJsHPSXuzUSJN8mD0xMmr0aW6CdjH8sl3ffK2FhgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEehtXF7q9syhEW3Xe3Wgq2dYf4bMB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvUjZHMWNYdXIyektFUmJkZDdkYUNyWjFoX2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAICOJQD
BAACOJYDBAAF/MQDBAEF/MYDBAEtknoDBABcdi4wDQYJKoZIhvcNAQELBQADggEB
AIFCfxHZBScu0IMbNLdlNBmq4tJiih81yXr0mpQtRbwukK7KuCXTAeRE1O7YEY8H
rpiRUlo4tRDP0zb71PYFIwCFJ6IrLWPev5akVSJCVLqCq/C77ECBEH2SUKAGm6/J
zCaBCMG0iAWWNO6FxrhakKq8DzW92S+Kvly159a5bVe9XqZH+zp4/S7AQK1qkNNP
lSbh1m+UHhFSBQAnMT2rPKwRNzQV8m6x81ZvHUr9oCMpNWrwSeiStF8kpsNkt1pR
jLLdFqqBvixGIcsbFdKZgwOlKDFWzrfxZ5F6y0yLYOnhLuiG8h6oNxXZOhe2++EW
Tq1oN8sYu2BaVRJJVayTahA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:50:07 2025 by rpki-client