Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/hm1hnmLqRJSfCnblBglQ9G9cJ5g.roa
File: hm1hnmLqRJSfCnblBglQ9G9cJ5g.roa (raw, json)
Hash identifier: OUoiUUvLJ3F3/8+NwaVnz5Bp6R2hHKUkPzZNLdBZ/Gg=
Subject key identifier: 86:6D:61:9E:62:EA:44:94:9F:0A:76:E5:06:09:50:F4:6F:5C:27:98
Certificate issuer: /CN=c605871889b9dcafe7ec3136aed1ddfee2dfbc7d
Certificate serial: 0196D41110FAE300620629257CB8D8C23476
Authority key identifier: C6:05:87:18:89:B9:DC:AF:E7:EC:31:36:AE:D1:DD:FE:E2:DF:BC:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/hm1hnmLqRJSfCnblBglQ9G9cJ5g.roa
Signing time: Thu 15 May 2025 13:10:10 +0000
ROA not before: Thu 15 May 2025 13:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31019
IP address blocks: 91.228.151.0/24 maxlen: 24
185.82.184.0/23 maxlen: 23
2a05:9280::/29 maxlen: 29
2a05:9280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:11:10:fa:e3:00:62:06:29:25:7c:b8:d8:c2:34:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c605871889b9dcafe7ec3136aed1ddfee2dfbc7d
Validity
Not Before: May 15 13:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=866d619e62ea44949f0a76e5060950f46f5c2798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:ee:bf:21:aa:ea:d6:bb:ab:d8:d8:a3:a2:
7a:d8:23:cf:2c:15:c8:df:fe:af:7a:c0:e1:aa:6d:
76:0f:f3:c0:44:eb:40:12:af:6b:6f:55:11:47:af:
65:f4:99:a9:fd:26:10:91:4b:8b:3f:90:a7:36:e5:
ee:f8:08:32:09:d4:79:c0:6f:03:23:4c:97:c8:e2:
c4:82:ff:49:aa:84:e8:88:0f:20:c5:e4:0b:de:5e:
a1:4f:e1:9c:8e:b6:27:eb:90:78:f4:27:e2:50:cd:
db:07:05:5f:b9:a2:ec:f7:cd:09:11:de:8a:3d:98:
67:fe:d0:83:1e:75:f4:9b:2c:44:a4:31:91:15:be:
9f:86:4e:84:20:46:b2:f2:c4:31:e7:cd:69:f1:77:
e0:ca:98:c8:7e:9d:60:ef:55:5f:f1:3a:7c:4e:21:
10:2b:5d:a0:1a:ac:62:17:da:67:15:90:3c:3d:28:
8d:7d:dc:40:c5:d9:5c:f5:4c:a5:ec:75:1e:f5:b5:
9d:26:22:66:32:d2:7a:f5:9e:14:2f:e2:78:ce:75:
f0:43:78:7b:36:ef:d4:f3:18:c7:6f:11:ad:bb:8c:
8a:b3:56:52:7c:52:23:3c:18:54:a1:2b:91:86:3d:
fe:8d:b5:6e:f1:07:77:f0:58:d3:8a:dd:96:57:4b:
27:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6D:61:9E:62:EA:44:94:9F:0A:76:E5:06:09:50:F4:6F:5C:27:98
X509v3 Authority Key Identifier:
keyid:C6:05:87:18:89:B9:DC:AF:E7:EC:31:36:AE:D1:DD:FE:E2:DF:BC:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/hm1hnmLqRJSfCnblBglQ9G9cJ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.151.0/24
185.82.184.0/23
IPv6:
2a05:9280::/29
Signature Algorithm: sha256WithRSAEncryption
72:5c:64:7a:38:72:e4:63:01:fe:d0:b8:b5:8a:6f:93:f8:01:
af:cc:eb:03:f9:f5:0f:90:11:c5:71:3f:cd:00:05:46:a0:39:
81:29:4d:a5:85:2a:16:24:a8:4b:83:7a:a3:86:4d:eb:22:51:
a2:cd:15:7d:e4:c2:cf:6c:92:d6:78:e7:60:dd:2a:06:dc:af:
63:7c:57:62:a1:de:45:12:69:5e:2d:4e:5d:d5:b4:47:38:e8:
a8:39:97:8a:5e:aa:96:e9:68:23:38:d5:ad:07:db:96:34:ce:
83:f3:a4:8c:eb:d4:83:73:33:22:65:35:83:cb:d9:28:eb:1f:
9a:cb:58:84:8b:42:d1:14:4b:6d:15:e7:cd:05:ed:8c:91:44:
3d:cb:b8:19:08:94:05:63:20:df:d8:52:cd:ef:24:47:4a:32:
5e:d4:a6:f9:d9:5e:2b:a9:ad:90:b0:70:b3:c2:09:dd:6e:90:
8a:ba:16:f9:ef:8a:0b:35:fa:0a:82:34:95:3a:47:f9:a4:f0:
26:d0:8c:38:a2:48:6b:24:3b:65:ac:49:9c:2e:69:fa:db:ed:
56:3a:86:66:62:7d:ef:99:8c:3f:34:88:8f:c8:14:c6:27:19:
a1:3a:9f:f5:44:43:3d:88:e5:e4:e5:90:01:d1:91:e3:87:4e:
3b:e3:11:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbUERD64wBiBiklfLjYwjR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MDU4NzE4ODliOWRjYWZlN2VjMzEzNmFlZDFkZGZlZTJk
ZmJjN2QwHhcNMjUwNTE1MTMxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZkNjE5ZTYyZWE0NDk0OWYwYTc2ZTUwNjA5NTBmNDZmNWMyNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsnuvyGq6ta7q9jYo6J62CPPLBXI
3/6vesDhqm12D/PAROtAEq9rb1URR69l9Jmp/SYQkUuLP5CnNuXu+AgyCdR5wG8D
I0yXyOLEgv9JqoToiA8gxeQL3l6hT+GcjrYn65B49CfiUM3bBwVfuaLs980JEd6K
PZhn/tCDHnX0myxEpDGRFb6fhk6EIEay8sQx581p8XfgypjIfp1g71Vf8Tp8TiEQ
K12gGqxiF9pnFZA8PSiNfdxAxdlc9Uyl7HUe9bWdJiJmMtJ69Z4UL+J4znXwQ3h7
Nu/U8xjHbxGtu4yKs1ZSfFIjPBhUoSuRhj3+jbVu8Qd38FjTit2WV0sndQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIZtYZ5i6kSUnwp25QYJUPRvXCeYMB8GA1UdIwQY
MBaAFMYFhxiJudyv5+wxNq7R3f7i37x9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGdXSEdJbTUzS19uN0RFMnJ0SGRfdUxmdkgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MDQ2YTYtZGVjYi00OWEzLWEzYjQt
MzA4N2Y4NmE2M2FiLzEvaG0xaG5tTHFSSlNmQ25ibEJnbFE5RzljSjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MDQ2YTYtZGVjYi00OWEzLWEzYjQtMzA4N2Y4NmE2M2Fi
LzEveGdXSEdJbTUzS19uN0RFMnJ0SGRfdUxmdkgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+SXAwQB
uVK4MA0EAgACMAcDBQMqBZKAMA0GCSqGSIb3DQEBCwUAA4IBAQByXGR6OHLkYwH+
0Li1im+T+AGvzOsD+fUPkBHFcT/NAAVGoDmBKU2lhSoWJKhLg3qjhk3rIlGizRV9
5MLPbJLWeOdg3SoG3K9jfFdiod5FEmleLU5d1bRHOOioOZeKXqqW6WgjONWtB9uW
NM6D86SM69SDczMiZTWDy9ko6x+ay1iEi0LRFEttFefNBe2MkUQ9y7gZCJQFYyDf
2FLN7yRHSjJe1Kb52V4rqa2QsHCzwgndbpCKuhb574oLNfoKgjSVOkf5pPAm0Iw4
okhrJDtlrEmcLmn62+1WOoZmYn3vmYw/NIiPyBTGJxmhOp/1REM9iOXk5ZAB0ZHj
h0474xHC
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:32:38 2025 by rpki-client