Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/Ht6Wd5Bw2md9CUATtRL2VX-XFlc.roa
File: Ht6Wd5Bw2md9CUATtRL2VX-XFlc.roa (raw, json)
Hash identifier: 6oTLBNPocrrlaUNBq/IOSo88GlYRhWvOfw5kea2nyRc=
Subject key identifier: 1E:DE:96:77:90:70:DA:67:7D:09:40:13:B5:12:F6:55:7F:97:16:57
Certificate issuer: /CN=a561ccb03741056715a6be4805321662d88e7e7c
Certificate serial: 0196F1C0DC7C8E9628AA12B13EEEC5700E34
Authority key identifier: A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/Ht6Wd5Bw2md9CUATtRL2VX-XFlc.roa
Signing time: Wed 21 May 2025 07:31:10 +0000
ROA not before: Wed 21 May 2025 07:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35280
IP address blocks: 185.142.148.0/23 maxlen: 23
185.142.148.0/24 maxlen: 24
185.142.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/pWHMsDdBBWcVpr5IBTIWYtiOfnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/pWHMsDdBBWcVpr5IBTIWYtiOfnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:c0:dc:7c:8e:96:28:aa:12:b1:3e:ee:c5:70:0e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a561ccb03741056715a6be4805321662d88e7e7c
Validity
Not Before: May 21 07:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ede96779070da677d094013b512f6557f971657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a7:9e:53:c0:71:14:71:4a:21:d5:54:aa:36:
3a:da:00:f7:12:87:60:75:13:9e:38:c4:41:03:00:
27:98:53:fc:96:6a:74:2b:fe:c1:33:f7:a5:40:88:
84:65:0f:ff:50:bf:23:a1:fc:62:22:4f:a0:54:a3:
1b:24:65:a0:9c:de:84:b8:a8:15:ef:37:45:75:0e:
b8:2b:1f:23:d0:0b:a9:94:a1:bd:d8:6c:35:0a:fb:
7c:ab:35:da:5c:70:07:7f:de:75:99:b2:65:0e:59:
0e:de:fb:9e:25:4f:04:27:72:0a:25:93:81:f7:95:
30:ac:11:20:ff:03:b0:f9:ff:16:a3:2c:b1:7e:a5:
e3:c0:89:ce:6f:59:fd:fc:0c:64:af:6d:38:ae:0f:
d1:73:d6:6a:e4:3e:37:2d:60:ab:77:87:14:10:82:
5a:f9:2d:e9:ca:f6:07:64:c1:fc:c8:21:a8:6f:ae:
2b:e4:ee:ea:6a:05:66:f2:56:b0:c2:a3:4d:3f:7e:
87:54:32:df:a1:82:5c:90:a3:32:5c:4b:d1:3a:ac:
c0:37:cd:cc:ca:26:a9:54:e3:43:b9:b3:56:2b:c0:
ee:08:29:4c:0e:64:ee:3c:8d:ce:92:25:a0:2e:a1:
be:d4:89:99:2a:39:f2:86:cc:8d:89:3a:76:88:5f:
12:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DE:96:77:90:70:DA:67:7D:09:40:13:B5:12:F6:55:7F:97:16:57
X509v3 Authority Key Identifier:
keyid:A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/Ht6Wd5Bw2md9CUATtRL2VX-XFlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/pWHMsDdBBWcVpr5IBTIWYtiOfnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.148.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:4d:39:be:79:49:21:cd:45:39:6e:f5:be:ee:2b:b0:c7:8e:
36:da:03:57:71:2b:6a:7a:18:07:64:f7:89:14:7a:9b:6d:45:
d7:c4:d9:b9:00:17:85:ca:85:1a:37:2c:8a:40:d2:45:a9:64:
4b:13:23:e6:23:f8:e8:ef:f0:db:d0:99:a5:1e:a8:a0:0a:10:
a6:33:49:e7:c7:c0:30:bd:c8:58:6c:6c:7b:fb:0f:27:42:3e:
ff:f1:5c:32:c6:50:1d:39:e0:89:86:e4:91:48:c9:ef:b8:54:
98:a4:ab:05:19:2c:b1:ce:9b:29:c3:42:4a:a5:1f:ea:62:73:
de:7f:17:47:4b:ff:b9:79:ed:e4:49:fa:0b:34:27:ff:54:26:
09:c4:20:9f:00:73:27:a6:3c:1c:97:19:55:22:df:76:6f:ff:
30:73:64:ed:f1:9e:ec:58:4c:16:33:be:c0:4c:bd:06:5e:2d:
08:6d:76:43:6d:3b:f0:79:18:3f:8e:14:e0:0d:74:df:b6:71:
fc:3e:cc:6d:46:59:50:e2:9e:fb:d0:c3:97:21:f7:82:7f:0a:
32:6c:4e:00:1f:a4:24:b5:ec:a9:3e:0c:e8:8c:64:1a:16:69:
81:c3:be:ab:54:24:d8:7e:32:dc:78:d7:7c:8b:a9:50:52:24:
a8:3e:03:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbxwNx8jpYoqhKxPu7FcA40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjFjY2IwMzc0MTA1NjcxNWE2YmU0ODA1MzIxNjYyZDg4
ZTdlN2MwHhcNMjUwNTIxMDczMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRlOTY3NzkwNzBkYTY3N2QwOTQwMTNiNTEyZjY1NTdmOTcxNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6eeU8BxFHFKIdVUqjY62gD3Eodg
dROeOMRBAwAnmFP8lmp0K/7BM/elQIiEZQ//UL8jofxiIk+gVKMbJGWgnN6EuKgV
7zdFdQ64Kx8j0AuplKG92Gw1Cvt8qzXaXHAHf951mbJlDlkO3vueJU8EJ3IKJZOB
95UwrBEg/wOw+f8WoyyxfqXjwInOb1n9/Axkr204rg/Rc9Zq5D43LWCrd4cUEIJa
+S3pyvYHZMH8yCGob64r5O7qagVm8lawwqNNP36HVDLfoYJckKMyXEvROqzAN83M
yiapVONDubNWK8DuCClMDmTuPI3OkiWgLqG+1ImZKjnyhsyNiTp2iF8SQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7elneQcNpnfQlAE7US9lV/lxZXMB8GA1UdIwQY
MBaAFKVhzLA3QQVnFaa+SAUyFmLYjn58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODkt
YWU0ZTY5ODY2NGYxLzEvSHQ2V2Q1QncybWQ5Q1VBVHRSTDJWWC1YRmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODktYWU0ZTY5ODY2NGYx
LzEvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuY6UMA0G
CSqGSIb3DQEBCwUAA4IBAQBbTTm+eUkhzUU5bvW+7iuwx4422gNXcStqehgHZPeJ
FHqbbUXXxNm5ABeFyoUaNyyKQNJFqWRLEyPmI/jo7/Db0JmlHqigChCmM0nnx8Aw
vchYbGx7+w8nQj7/8VwyxlAdOeCJhuSRSMnvuFSYpKsFGSyxzpspw0JKpR/qYnPe
fxdHS/+5ee3kSfoLNCf/VCYJxCCfAHMnpjwclxlVIt92b/8wc2Tt8Z7sWEwWM77A
TL0GXi0IbXZDbTvweRg/jhTgDXTftnH8PsxtRllQ4p770MOXIfeCfwoybE4AH6Qk
teypPgzojGQaFmmBw76rVCTYfjLceNd8i6lQUiSoPgPq
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:12:04 2025 by rpki-client