Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/hMP-rfb6VZtQ57oTcmbxOPvP6wE.roa
File: hMP-rfb6VZtQ57oTcmbxOPvP6wE.roa (raw, json)
Hash identifier: B9Fnw4F3Y/xvu12mcTyUUD/PMNPD+xNaPGdmx8+JLic=
Subject key identifier: 84:C3:FE:AD:F6:FA:55:9B:50:E7:BA:13:72:66:F1:38:FB:CF:EB:01
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019716437EF4BC2526A0058918D49B532DF3
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/hMP-rfb6VZtQ57oTcmbxOPvP6wE.roa
Signing time: Wed 28 May 2025 09:40:11 +0000
ROA not before: Wed 28 May 2025 09:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.58.99.0/24 maxlen: 24
91.240.33.0/24 maxlen: 24
109.196.104.0/24 maxlen: 24
109.196.106.0/24 maxlen: 24
109.196.107.0/24 maxlen: 24
109.196.108.0/24 maxlen: 24
109.196.109.0/24 maxlen: 24
109.196.111.0/24 maxlen: 24
176.101.57.0/24 maxlen: 24
176.101.58.0/24 maxlen: 24
176.101.59.0/24 maxlen: 24
176.101.60.0/24 maxlen: 24
176.101.61.0/24 maxlen: 24
176.101.62.0/24 maxlen: 24
176.101.63.0/24 maxlen: 24
213.109.109.0/24 maxlen: 24
213.109.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:43:7e:f4:bc:25:26:a0:05:89:18:d4:9b:53:2d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: May 28 09:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84c3feadf6fa559b50e7ba137266f138fbcfeb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:21:02:92:2a:35:5a:9f:a8:b3:64:c0:e6:
4a:65:c9:6b:2e:29:7f:35:0d:8c:54:7d:0d:01:63:
f5:80:46:01:bc:6f:46:68:ec:87:a7:d7:b3:0e:d4:
ce:d0:50:25:77:ad:9b:44:3a:92:a0:29:6d:b7:91:
da:18:ab:65:d2:b8:d3:1e:4c:23:a5:fa:77:47:6e:
f5:b0:5c:d4:39:1e:94:50:a5:70:86:a3:39:58:6f:
36:24:57:bf:61:8c:12:33:1d:44:7c:33:e5:d5:b3:
7b:af:fc:93:c7:bc:c1:88:8f:07:6b:c5:84:cf:99:
a6:d8:42:51:6b:20:82:23:fc:04:36:96:a3:ac:f2:
31:fb:22:f1:24:00:62:40:64:f0:31:cb:3c:8f:a8:
73:7e:c1:b4:ac:f2:0f:a8:eb:4d:a5:8a:40:8c:41:
f2:53:86:e0:51:a2:d0:c0:cc:15:f6:cc:19:6e:30:
61:03:bb:6d:4e:c4:be:9d:d0:1f:a1:9a:76:ca:10:
4b:ae:c8:08:83:9f:c4:5b:21:09:cc:6e:05:76:aa:
e1:93:d9:74:ab:25:d2:f1:11:d5:15:d1:df:ec:a2:
04:92:21:c4:56:b8:82:a7:81:4c:48:6a:1b:04:ec:
d3:d6:20:da:99:d8:01:d9:ad:b3:10:7a:13:f6:3e:
e0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C3:FE:AD:F6:FA:55:9B:50:E7:BA:13:72:66:F1:38:FB:CF:EB:01
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/hMP-rfb6VZtQ57oTcmbxOPvP6wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.99.0/24
91.240.33.0/24
109.196.104.0/24
109.196.106.0-109.196.109.255
109.196.111.0/24
176.101.57.0-176.101.63.255
213.109.109.0/24
213.109.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:f1:48:52:f0:aa:7f:fb:e0:85:13:c5:91:15:8e:22:1f:aa:
dc:8c:e7:0f:eb:b6:f4:e8:1d:3a:57:8c:82:17:b1:2a:f4:cf:
55:47:84:a0:49:23:78:ff:4f:d3:f4:8a:7a:9e:3b:b9:b4:8c:
15:ca:e5:ac:d0:5d:b9:8c:67:f3:4a:02:24:4f:c5:11:5d:bc:
c5:cc:41:74:a8:d6:7e:55:f8:7a:d3:8d:ea:72:d2:c3:69:30:
cb:b3:0e:02:7b:37:8a:7e:76:eb:75:92:ad:14:fe:66:b4:43:
af:e5:d6:8d:c2:99:cc:43:93:99:d6:81:43:23:a4:a0:b8:80:
fe:92:79:57:70:65:6f:25:ab:92:06:fd:b1:15:2c:a7:98:33:
31:9d:02:b0:0f:90:e8:0a:49:d5:bf:a3:d6:c1:ef:8f:79:f3:
9d:b2:b5:1d:87:3f:5c:93:b6:89:0d:24:7e:6f:3e:43:67:e9:
d2:b5:a9:c1:61:c9:c4:f3:99:79:d3:54:30:e2:a3:04:af:e7:
7d:a5:3f:8a:7f:23:5a:87:87:74:b0:fc:56:6a:1d:55:5f:de:
67:0d:33:bc:6e:e4:ea:b2:01:7f:fb:b7:b6:ac:02:33:8d:af:
ac:ca:33:42:32:25:74:f2:c8:0f:ef:c3:03:39:5d:9e:eb:68:
8c:10:41:50
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZcWQ370vCUmoAWJGNSbUy3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwNTI4MDk0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMzZmVhZGY2ZmE1NTliNTBlN2JhMTM3MjY2ZjEzOGZiY2ZlYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdIhApIqNVqfqLNkwOZKZclrLil/
NQ2MVH0NAWP1gEYBvG9GaOyHp9ezDtTO0FAld62bRDqSoCltt5HaGKtl0rjTHkwj
pfp3R271sFzUOR6UUKVwhqM5WG82JFe/YYwSMx1EfDPl1bN7r/yTx7zBiI8Ha8WE
z5mm2EJRayCCI/wENpajrPIx+yLxJABiQGTwMcs8j6hzfsG0rPIPqOtNpYpAjEHy
U4bgUaLQwMwV9swZbjBhA7ttTsS+ndAfoZp2yhBLrsgIg5/EWyEJzG4Fdqrhk9l0
qyXS8RHVFdHf7KIEkiHEVriCp4FMSGobBOzT1iDamdgB2a2zEHoT9j7g1QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFITD/q32+lWbUOe6E3Jm8Tj7z+sBMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvaE1QLXJmYjZWWnRRNTdvVGNtYnhPUHZQNndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAAjpjAwQA
W/AhAwQAbcRoMAwDBAFtxGoDBAFtxGwDBABtxG8wDAMEALBlOQMEBrBlAAMEANVt
bQMEANVtbzANBgkqhkiG9w0BAQsFAAOCAQEAm/FIUvCqf/vghRPFkRWOIh+q3Izn
D+u29OgdOleMghexKvTPVUeEoEkjeP9P0/SKep47ubSMFcrlrNBduYxn80oCJE/F
EV28xcxBdKjWflX4etON6nLSw2kwy7MOAns3in5263WSrRT+ZrRDr+XWjcKZzEOT
mdaBQyOkoLiA/pJ5V3BlbyWrkgb9sRUsp5gzMZ0CsA+Q6ApJ1b+j1sHvj3nznbK1
HYc/XJO2iQ0kfm8+Q2fp0rWpwWHJxPOZedNUMOKjBK/nfaU/in8jWoeHdLD8Vmod
VV/eZw0zvG7k6rIBf/u3tqwCM42vrMozQjIldPLID+/DAzldnutojBBBUA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:21:15 2025 by rpki-client