Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ehwXgXPwYRSKCMYT8sUUr31k3gI.roa
File: ehwXgXPwYRSKCMYT8sUUr31k3gI.roa (raw, json)
Hash identifier: uoJQ8VYmezz8cky2bl+dYsm4kJLPjloUfodEHS0u2og=
Subject key identifier: 7A:1C:17:81:73:F0:61:14:8A:08:C6:13:F2:C5:14:AF:7D:64:DE:02
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196863B89E6992D538B5147A01F983E35F0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ehwXgXPwYRSKCMYT8sUUr31k3gI.roa
Signing time: Wed 30 Apr 2025 10:26:10 +0000
ROA not before: Wed 30 Apr 2025 10:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213006
IP address blocks: 45.137.160.0/23 maxlen: 24
91.212.195.0/24 maxlen: 24
185.109.162.0/24 maxlen: 24
185.212.84.0/22 maxlen: 24
185.214.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:3b:89:e6:99:2d:53:8b:51:47:a0:1f:98:3e:35:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 30 10:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a1c178173f061148a08c613f2c514af7d64de02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:aa:ac:73:4a:1f:c1:1d:5b:d7:22:ce:df:33:
34:9e:a6:8c:3c:d5:a6:31:2d:8d:03:95:b3:9f:6c:
41:b1:44:88:cf:43:be:67:75:67:0d:f6:31:4d:0b:
17:fa:4d:56:1c:89:73:ba:6c:0d:1a:ad:60:70:d9:
f7:1e:c8:d3:4c:f6:03:da:67:5e:6e:01:92:93:86:
72:c9:c2:d9:5d:2c:70:2a:5d:c9:8a:a8:57:e9:54:
de:18:d7:bc:53:cd:96:56:c8:7b:02:11:de:dd:89:
c9:c1:56:85:a2:35:91:89:46:5d:87:6f:4a:ed:ee:
da:bc:95:8f:b6:86:03:04:5f:9f:85:29:b9:5c:5a:
5e:cd:5e:fd:84:ae:ea:b2:56:a6:a7:50:0f:0b:d5:
6d:60:a5:18:04:48:bd:75:19:48:91:9e:f1:f9:c3:
5b:cb:b3:09:64:e0:f5:a1:9f:34:e8:d0:f9:5b:48:
24:27:c6:72:71:75:22:73:e1:3f:3d:3a:29:fb:0c:
68:9c:30:d6:45:32:46:d9:e4:53:8b:ad:41:0b:8a:
41:87:05:9b:50:be:55:09:3e:24:72:ab:f3:90:0d:
e7:15:78:43:24:6a:1b:73:93:1b:b6:10:31:ef:ff:
6b:f3:e4:0d:93:21:fc:7d:70:e7:a6:7d:13:0f:d2:
84:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:1C:17:81:73:F0:61:14:8A:08:C6:13:F2:C5:14:AF:7D:64:DE:02
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ehwXgXPwYRSKCMYT8sUUr31k3gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.160.0/23
91.212.195.0/24
185.109.162.0/24
185.212.84.0/22
185.214.84.0/24
Signature Algorithm: sha256WithRSAEncryption
34:53:e1:85:c4:7f:3c:60:01:b8:9b:bb:a2:c8:11:88:ef:1b:
36:cc:fc:76:dc:1f:bb:11:27:1b:a8:f0:60:fe:48:f0:ae:c4:
cb:60:4e:9f:eb:5e:0e:a9:87:d6:4a:ca:33:f3:64:d5:04:87:
73:52:4d:30:ee:d0:f6:24:ff:2c:f4:5a:cd:d5:8e:f7:cd:94:
e2:66:1d:38:7e:71:45:28:4f:e0:33:96:6b:27:d9:36:af:48:
32:a7:03:04:9a:f2:ce:d3:54:60:cc:f7:10:e4:34:15:9d:98:
5c:0f:dc:f6:dd:34:57:9e:d9:a8:f4:5e:21:72:3d:c7:98:07:
5f:91:80:60:33:02:4d:e3:59:d0:a9:83:0e:b5:74:f5:02:25:
f2:f5:20:f0:1a:35:3d:d4:bc:8b:3d:1f:39:e5:1b:ea:84:9f:
8e:3b:82:18:c3:d4:5e:0c:7e:ce:65:76:f7:43:fe:50:ba:76:
cf:26:0f:46:54:b7:54:c2:7f:c6:9c:7e:1a:63:92:ae:78:a7:
53:10:94:19:32:25:0a:5d:0c:48:41:7d:63:db:cf:6c:37:67:
80:33:ee:b7:4e:32:2f:de:fc:8f:30:3b:ed:2f:35:ff:8f:02:
f3:59:96:cd:a0:74:80:c8:2b:64:67:f8:ab:30:b1:7b:da:66:
42:89:fe:68
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaGO4nmmS1Ti1FHoB+YPjXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDMwMTAyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFjMTc4MTczZjA2MTE0OGEwOGM2MTNmMmM1MTRhZjdkNjRkZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKqsc0ofwR1b1yLO3zM0nqaMPNWm
MS2NA5Wzn2xBsUSIz0O+Z3VnDfYxTQsX+k1WHIlzumwNGq1gcNn3HsjTTPYD2mde
bgGSk4ZyycLZXSxwKl3JiqhX6VTeGNe8U82WVsh7AhHe3YnJwVaFojWRiUZdh29K
7e7avJWPtoYDBF+fhSm5XFpezV79hK7qslamp1APC9VtYKUYBEi9dRlIkZ7x+cNb
y7MJZOD1oZ806ND5W0gkJ8ZycXUic+E/PTop+wxonDDWRTJG2eRTi61BC4pBhwWb
UL5VCT4kcqvzkA3nFXhDJGobc5MbthAx7/9r8+QNkyH8fXDnpn0TD9KEjQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHocF4Fz8GEUigjGE/LFFK99ZN4CMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZWh3WGdYUHdZUlNLQ01ZVDhzVVVyMzFrM2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYmgAwQA
W9TDAwQAuW2iAwQCudRUAwQAudZUMA0GCSqGSIb3DQEBCwUAA4IBAQA0U+GFxH88
YAG4m7uiyBGI7xs2zPx23B+7EScbqPBg/kjwrsTLYE6f614OqYfWSsoz82TVBIdz
Uk0w7tD2JP8s9FrN1Y73zZTiZh04fnFFKE/gM5ZrJ9k2r0gypwMEmvLO01RgzPcQ
5DQVnZhcD9z23TRXntmo9F4hcj3HmAdfkYBgMwJN41nQqYMOtXT1AiXy9SDwGjU9
1LyLPR855RvqhJ+OO4IYw9ReDH7OZXb3Q/5QunbPJg9GVLdUwn/GnH4aY5KueKdT
EJQZMiUKXQxIQX1j289sN2eAM+63TjIv3vyPMDvtLzX/jwLzWZbNoHSAyCtkZ/ir
MLF72mZCif5o
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:15:42 2025 by rpki-client