Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/HTMh6RJF_q53kTnEGeTtdGIx040.roa
File: HTMh6RJF_q53kTnEGeTtdGIx040.roa (raw, json)
Hash identifier: nzX5ZOpXvf0qMt8FdSECR2favMzFA7ed3+MWJmI8hm4=
Subject key identifier: 1D:33:21:E9:12:45:FE:AE:77:91:39:C4:19:E4:ED:74:62:31:D3:8D
Certificate issuer: /CN=e21df6a8aaa7041d725285d0dd0e180a649bc213
Certificate serial: 0197D09C6FED4BCF3ABC5471BD909A1FDB63
Authority key identifier: E2:1D:F6:A8:AA:A7:04:1D:72:52:85:D0:DD:0E:18:0A:64:9B:C2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/HTMh6RJF_q53kTnEGeTtdGIx040.roa
Signing time: Thu 03 Jul 2025 14:06:42 +0000
ROA not before: Thu 03 Jul 2025 14:06:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39087
IP address blocks: 5.8.36.0/22 maxlen: 32
79.174.191.0/24 maxlen: 32
91.223.28.0/24 maxlen: 32
91.223.70.0/24 maxlen: 32
91.223.75.0/24 maxlen: 32
91.223.89.0/24 maxlen: 32
185.44.167.0/24 maxlen: 32
185.97.200.0/22 maxlen: 32
194.37.1.0/24 maxlen: 32
194.37.254.0/24 maxlen: 32
194.39.99.0/24 maxlen: 32
194.39.101.0/24 maxlen: 32
217.78.230.0/24 maxlen: 32
2a00:1b78::/29 maxlen: 64
2a0f:a3c0::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d0:9c:6f:ed:4b:cf:3a:bc:54:71:bd:90:9a:1f:db:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e21df6a8aaa7041d725285d0dd0e180a649bc213
Validity
Not Before: Jul 3 14:06:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d3321e91245feae779139c419e4ed746231d38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:e1:b8:1e:90:b8:62:d5:b5:90:de:5a:4d:
3a:55:2f:a8:5b:e8:bf:50:49:ca:00:61:f3:20:2d:
c9:68:1e:3c:3d:83:4c:85:1f:0d:7a:0a:2e:9e:cb:
fd:32:1e:6c:c6:05:99:70:44:9f:c4:cd:dc:b5:13:
30:cb:1a:05:3d:a8:fa:94:40:2d:ea:46:1e:9f:14:
0c:ac:80:5a:37:78:d5:73:b1:63:e9:9e:3c:24:c7:
90:c4:96:3f:de:17:4f:cd:e1:ba:13:2c:9a:5e:63:
39:d1:da:d6:dc:c0:a1:49:08:81:d0:a1:e1:a6:75:
da:f0:9e:16:81:f6:37:9c:81:85:8f:38:bf:7c:fc:
6e:b7:5e:6f:71:76:34:f2:ec:be:38:56:db:9a:ec:
f5:a1:14:14:10:1f:9d:17:23:5c:4e:1a:39:5c:f8:
6b:97:90:a7:77:fd:b6:b5:fa:f3:4c:5a:81:ed:23:
0b:18:73:b6:5a:69:15:ee:69:ce:ae:cc:46:f9:14:
56:33:3e:d8:ef:d2:bd:8f:89:0a:85:60:62:02:33:
04:e6:e0:ce:fe:4f:a8:c1:98:f1:d0:68:15:ce:73:
a7:4c:3a:f7:a0:44:08:50:12:14:1f:69:df:d4:6f:
7b:9d:bc:76:26:77:cb:45:8a:89:60:4f:e6:de:61:
83:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:21:E9:12:45:FE:AE:77:91:39:C4:19:E4:ED:74:62:31:D3:8D
X509v3 Authority Key Identifier:
keyid:E2:1D:F6:A8:AA:A7:04:1D:72:52:85:D0:DD:0E:18:0A:64:9B:C2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/HTMh6RJF_q53kTnEGeTtdGIx040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.36.0/22
79.174.191.0/24
91.223.28.0/24
91.223.70.0/24
91.223.75.0/24
91.223.89.0/24
185.44.167.0/24
185.97.200.0/22
194.37.1.0/24
194.37.254.0/24
194.39.99.0/24
194.39.101.0/24
217.78.230.0/24
IPv6:
2a00:1b78::/29
2a0f:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:0c:9d:f6:a7:62:de:c7:05:fd:5e:d6:9f:94:20:5e:38:1f:
47:86:a1:5a:13:53:c1:6e:bb:4c:cd:b2:de:cd:9c:58:e2:6c:
70:7f:15:a2:b7:bd:78:c0:1d:e3:90:51:35:22:ea:48:d3:ea:
0b:ca:35:42:ef:cb:0a:ca:53:a8:1a:84:b9:20:6a:2d:3e:0f:
d1:52:92:b1:9b:75:66:98:4b:50:6c:08:4f:eb:9e:20:cc:48:
bc:2a:ed:6c:26:54:84:8f:a5:3c:10:af:2c:93:c2:24:53:37:
47:11:50:07:3c:17:60:e2:d9:da:b5:48:b3:c8:8b:2a:eb:a6:
09:6f:19:c8:ef:62:73:a4:e1:c6:4d:81:2c:47:7a:33:c0:93:
d5:71:8e:ac:3a:bf:ff:c2:c2:46:c7:ff:d7:09:86:58:f3:0d:
0a:9b:9c:a9:30:1d:cb:e3:5e:7a:c1:0d:97:75:86:75:7e:18:
52:39:9d:f8:c4:50:cd:e0:c6:be:9f:16:c1:b8:9d:6b:06:90:
92:ac:02:c2:cf:5e:ea:e0:56:f9:41:9f:32:b1:c6:a0:d2:61:
32:b5:58:47:63:50:f8:09:37:98:c1:a8:d7:af:b5:da:95:07:
93:7a:c8:02:6e:f8:d8:4d:b6:03:21:aa:b3:65:9b:24:1e:e4:
ea:a6:a3:59
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZfQnG/tS886vFRxvZCaH9tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMWRmNmE4YWFhNzA0MWQ3MjUyODVkMGRkMGUxODBhNjQ5
YmMyMTMwHhcNMjUwNzAzMTQwNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzMjFlOTEyNDVmZWFlNzc5MTM5YzQxOWU0ZWQ3NDYyMzFkMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjPhuB6QuGLVtZDeWk06VS+oW+i/
UEnKAGHzIC3JaB48PYNMhR8Negounsv9Mh5sxgWZcESfxM3ctRMwyxoFPaj6lEAt
6kYenxQMrIBaN3jVc7Fj6Z48JMeQxJY/3hdPzeG6EyyaXmM50drW3MChSQiB0KHh
pnXa8J4WgfY3nIGFjzi/fPxut15vcXY08uy+OFbbmuz1oRQUEB+dFyNcTho5XPhr
l5Cnd/22tfrzTFqB7SMLGHO2WmkV7mnOrsxG+RRWMz7Y79K9j4kKhWBiAjME5uDO
/k+owZjx0GgVznOnTDr3oEQIUBIUH2nf1G97nbx2JnfLRYqJYE/m3mGD/wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB0zIekSRf6ud5E5xBnk7XRiMdONMB8GA1UdIwQY
MBaAFOId9qiqpwQdclKF0N0OGApkm8ITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGgzMnFLcW5CQjF5VW9YUTNRNFlDbVNid2hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82OTk4NGEtMjliZi00ZDc2LTk1NjEt
NjJiYTNhNjg4NGM4LzEvSFRNaDZSSkZfcTUza1RuRUdlVHRkR0l4MDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82OTk4NGEtMjliZi00ZDc2LTk1NjEtNjJiYTNhNjg4NGM4
LzEvNGgzMnFLcW5CQjF5VW9YUTNRNFlDbVNid2hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQCBQgkAwQA
T66/AwQAW98cAwQAW99GAwQAW99LAwQAW99ZAwQAuSynAwQCuWHIAwQAwiUBAwQA
wiX+AwQAwidjAwQAwidlAwQA2U7mMBQEAgACMA4DBQMqABt4AwUDKg+jwDANBgkq
hkiG9w0BAQsFAAOCAQEAVgyd9qdi3scF/V7Wn5QgXjgfR4ahWhNTwW67TM2y3s2c
WOJscH8Vore9eMAd45BRNSLqSNPqC8o1Qu/LCspTqBqEuSBqLT4P0VKSsZt1ZphL
UGwIT+ueIMxIvCrtbCZUhI+lPBCvLJPCJFM3RxFQBzwXYOLZ2rVIs8iLKuumCW8Z
yO9ic6Thxk2BLEd6M8CT1XGOrDq//8LCRsf/1wmGWPMNCpucqTAdy+NeesENl3WG
dX4YUjmd+MRQzeDGvp8WwbidawaQkqwCws9e6uBW+UGfMrHGoNJhMrVYR2NQ+Ak3
mMGo16+12pUHk3rIAm742E22AyGqs2WbJB7k6qajWQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:21:31 2025 by rpki-client