Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hQhs5l9hDP1_zmNckKA9u_WQ4CU.roa
File: hQhs5l9hDP1_zmNckKA9u_WQ4CU.roa (raw, json)
Hash identifier: C8YDrKff0YMeob1oWr+bor5KU46B8sgXJ3+9ifdCEfI=
Subject key identifier: 85:08:6C:E6:5F:61:0C:FD:7F:CE:63:5C:90:A0:3D:BB:F5:90:E0:25
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0197A7C6EA30EBB30C1982C009400AEF9F63
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hQhs5l9hDP1_zmNckKA9u_WQ4CU.roa
Signing time: Wed 25 Jun 2025 15:48:40 +0000
ROA not before: Wed 25 Jun 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.161.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:c6:ea:30:eb:b3:0c:19:82:c0:09:40:0a:ef:9f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jun 25 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85086ce65f610cfd7fce635c90a03dbbf590e025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:a2:1e:d2:e7:3c:97:ca:20:06:fe:0e:9d:
26:df:c4:cc:be:5b:df:b8:e8:ad:e1:d0:41:d7:91:
a2:07:b4:b5:40:9e:2c:5d:af:75:94:d2:4d:36:ff:
cc:c3:d3:8b:44:cd:5e:5d:b2:c7:1e:e6:8a:f1:f5:
23:b9:ba:75:e3:03:96:e5:c8:a2:7e:59:cc:30:b7:
56:55:60:44:0f:da:8b:25:da:09:82:04:d9:c3:d4:
2a:39:7c:a4:12:70:72:e9:82:cc:6f:b6:5a:4d:71:
b9:17:ee:bd:3a:0e:b2:41:d1:f8:d2:bd:b0:5f:3c:
f2:a5:14:bf:b4:62:ce:47:0b:1d:4e:df:51:d6:14:
56:ce:b7:87:3b:13:41:c2:11:00:a8:f8:76:99:99:
4f:51:96:bf:b7:ac:5e:62:05:30:6f:6a:51:36:32:
5e:2c:19:1e:ff:1b:e8:59:f3:47:bb:44:62:2c:4d:
42:62:ba:27:47:69:62:f3:d8:2e:35:2a:24:bb:39:
37:8e:1e:2b:9e:fb:54:c9:6b:ea:0a:74:35:98:d2:
c6:4b:8c:d6:76:c4:44:7d:aa:a6:c4:66:2a:79:a1:
ce:a3:3d:33:36:bb:ff:16:db:dd:5f:8e:ba:ae:a9:
7b:cb:0f:f2:42:ae:34:59:38:4f:d7:56:17:48:6b:
91:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:08:6C:E6:5F:61:0C:FD:7F:CE:63:5C:90:A0:3D:BB:F5:90:E0:25
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hQhs5l9hDP1_zmNckKA9u_WQ4CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.147.0/24
94.74.152.0/22
109.203.161.0/24
109.203.166.0/24
109.203.168.0/21
109.203.184.0/21
176.46.129.0-176.46.130.255
176.46.133.0/24
176.46.135.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e7:7e:26:c8:bf:10:8a:e5:47:2b:44:9e:d2:c4:5b:5e:c4:
4f:75:ca:37:d2:3c:4d:fe:00:94:3a:86:9d:41:20:2b:00:9f:
26:70:f1:35:71:e2:a2:4a:88:63:cf:37:23:5b:d0:63:a9:5c:
7b:8c:09:bb:ea:aa:64:6d:a7:e5:55:a4:90:3e:5b:7a:1b:39:
99:ec:b4:83:b5:ea:c0:aa:03:58:6a:ef:37:0f:9f:f1:72:d9:
a5:45:fd:de:e8:3d:3b:f1:04:e6:cb:64:dc:ff:14:45:6c:c9:
37:9b:04:a8:00:f2:07:fd:ed:79:c6:23:01:26:91:ae:9b:2f:
c9:7a:e5:f1:af:2a:32:d1:c8:b4:e6:86:e7:ec:e8:67:f5:0c:
ef:1d:c9:b0:bb:e3:37:87:d1:82:9c:8b:04:aa:d3:20:0b:05:
7a:e7:91:7f:63:bc:94:10:88:83:60:87:39:af:3f:73:d1:85:
54:c7:14:d1:6e:96:38:00:64:93:a0:74:bf:5e:f2:4d:a7:20:
b6:d2:f7:1b:1e:e4:c2:00:a6:3a:93:57:14:b4:6e:32:c1:79:
31:0b:f7:ce:9e:ca:c9:b3:0e:be:75:ce:08:2f:20:5d:14:9e:
53:d1:2f:f2:7c:b7:e4:c7:9d:38:f3:40:d1:69:1a:ea:5f:04:
69:5a:92:ce
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZenxuow67MMGYLACUAK759jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNjI1MTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA4NmNlNjVmNjEwY2ZkN2ZjZTYzNWM5MGEwM2RiYmY1OTBlMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtWiHtLnPJfKIAb+Dp0m38TMvlvf
uOit4dBB15GiB7S1QJ4sXa91lNJNNv/Mw9OLRM1eXbLHHuaK8fUjubp14wOW5cii
flnMMLdWVWBED9qLJdoJggTZw9QqOXykEnBy6YLMb7ZaTXG5F+69Og6yQdH40r2w
XzzypRS/tGLORwsdTt9R1hRWzreHOxNBwhEAqPh2mZlPUZa/t6xeYgUwb2pRNjJe
LBke/xvoWfNHu0RiLE1CYronR2li89guNSokuzk3jh4rnvtUyWvqCnQ1mNLGS4zW
dsREfaqmxGYqeaHOoz0zNrv/FtvdX466rql7yw/yQq40WThP11YXSGuRWwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFIUIbOZfYQz9f85jXJCgPbv1kOAlMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaFFoczVsOWhEUDFfem1OY2tLQTl1X1dRNENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAJTGQAwQA
JTGTAwQCXkqYAwQAbcuhAwQAbcumAwQDbcuoAwQDbcu4MAwDBACwLoEDBACwLoID
BACwLoUDBACwLocwDQYJKoZIhvcNAQELBQADggEBAILnfibIvxCK5UcrRJ7SxFte
xE91yjfSPE3+AJQ6hp1BICsAnyZw8TVx4qJKiGPPNyNb0GOpXHuMCbvqqmRtp+VV
pJA+W3obOZnstIO16sCqA1hq7zcPn/Fy2aVF/d7oPTvxBObLZNz/FEVsyTebBKgA
8gf97XnGIwEmka6bL8l65fGvKjLRyLTmhufs6Gf1DO8dybC74zeH0YKciwSq0yAL
BXrnkX9jvJQQiINghzmvP3PRhVTHFNFuljgAZJOgdL9e8k2nILbS9xse5MIApjqT
VxS0bjLBeTEL986eysmzDr51zggvIF0UnlPRL/J8t+THnTjzQNFpGupfBGlaks4=
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:04:57 2025 by rpki-client