
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/v6hAmhwF5zdYx8dEgkzg5dcM3po.roa
File: v6hAmhwF5zdYx8dEgkzg5dcM3po.roa (raw, json)
Hash identifier: WVX44j02BF26OexloZBarRA/wYQhTTWNJB3y+NBHmOM=
Subject key identifier: BF:A8:40:9A:1C:05:E7:37:58:C7:C7:44:82:4C:E0:E5:D7:0C:DE:9A
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 0199F1A2236E64ADE1A44995B1CA84D58501
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/v6hAmhwF5zdYx8dEgkzg5dcM3po.roa
Signing time: Fri 17 Oct 2025 10:05:58 +0000
ROA not before: Fri 17 Oct 2025 10:05:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41368
IP address blocks: 5.61.200.0/21 maxlen: 24
5.61.200.0/23 maxlen: 23
5.61.202.0/24 maxlen: 24
5.61.203.0/24 maxlen: 24
5.61.204.0/24 maxlen: 24
5.61.205.0/24 maxlen: 24
5.61.206.0/24 maxlen: 24
5.61.207.0/24 maxlen: 24
171.22.8.0/22 maxlen: 24
171.22.8.0/24 maxlen: 24
171.22.9.0/24 maxlen: 24
171.22.10.0/24 maxlen: 24
171.22.11.0/24 maxlen: 24
185.62.20.0/23 maxlen: 24
185.62.20.0/24 maxlen: 24
185.62.21.0/24 maxlen: 24
185.62.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:a2:23:6e:64:ad:e1:a4:49:95:b1:ca:84:d5:85:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Oct 17 10:05:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfa8409a1c05e73758c7c744824ce0e5d70cde9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:9d:88:14:4d:8c:e0:21:c5:39:f3:b9:7d:
35:0f:4b:28:ea:8e:23:b5:2c:48:3f:d7:17:47:50:
bb:ee:45:ee:c0:db:3c:3c:ac:f4:57:b3:6b:ef:5e:
8a:d2:27:50:e9:8e:76:8e:a2:7e:21:ad:80:fc:97:
9b:63:18:5a:00:cf:a2:af:08:0d:6f:21:c1:97:ff:
10:89:65:4d:52:f1:e4:ec:1e:e4:16:19:b2:91:01:
b2:21:5b:0b:50:0e:e5:20:08:0c:65:07:8e:87:39:
68:0a:01:d1:1d:56:58:66:39:d8:c7:b9:7a:12:4b:
11:54:ff:a5:0e:a2:66:29:76:cb:83:43:12:01:07:
9d:70:6c:25:0f:75:e4:85:87:17:d8:60:0e:56:ac:
03:4a:f2:e6:97:a9:ec:ec:5c:24:6e:bd:c1:03:67:
33:0c:d7:bf:7d:1a:4a:e8:f9:ef:e8:ff:b7:c0:3b:
78:65:db:df:ef:35:76:a5:36:ce:2c:a7:02:81:13:
a8:97:ef:92:0e:1e:03:92:84:fb:c4:0f:65:6a:7c:
aa:df:c6:97:d4:9e:16:64:86:3b:c8:30:aa:ba:3d:
bd:63:53:3c:ff:9e:1d:58:96:45:d8:37:2a:a1:de:
55:c8:ff:7a:86:93:e0:2d:d3:92:3e:d1:7f:cd:c8:
b4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A8:40:9A:1C:05:E7:37:58:C7:C7:44:82:4C:E0:E5:D7:0C:DE:9A
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/v6hAmhwF5zdYx8dEgkzg5dcM3po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.200.0/21
171.22.8.0/22
185.62.20.0/22
Signature Algorithm: sha256WithRSAEncryption
28:ab:64:8b:06:c6:53:0b:70:19:cf:c2:67:43:4f:fb:c9:86:
7d:bb:e4:5a:b6:95:b6:b7:aa:3f:1d:a6:e6:48:15:40:58:47:
9a:c2:a4:9b:9c:8d:d2:05:94:dc:67:df:84:30:18:07:21:d8:
11:37:28:91:b8:16:d8:36:7d:7c:41:01:a3:f9:83:8d:68:c3:
68:c5:42:d7:e3:4f:da:64:ff:e9:ee:dc:28:ec:2b:26:a7:0e:
39:93:83:80:1a:99:21:80:1e:07:9a:86:ce:80:a7:f6:20:25:
01:ec:58:5f:46:4f:ae:91:e3:14:58:55:0b:b5:8d:a9:47:13:
af:f1:45:2d:6c:83:d1:b8:c0:92:a2:a5:ff:2e:5d:30:d1:bd:
2e:89:84:13:34:2b:f7:68:ad:08:8d:4d:14:b0:4d:aa:37:25:
70:a3:e5:46:9b:c4:9e:4c:13:21:b8:d2:95:0c:f7:df:3f:4f:
f7:68:e8:83:84:02:81:94:43:db:bc:12:97:de:ff:be:93:77:
8a:54:0d:85:57:b7:46:20:fe:31:7c:2c:a7:e9:16:75:f4:04:
47:b6:38:2d:b6:31:ba:f9:91:2e:32:2a:08:bd:48:58:19:07:
0c:be:49:23:9b:cc:4c:e1:c8:07:4c:b4:06:ee:a7:58:27:2d:
a7:1a:b3:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnxoiNuZK3hpEmVscqE1YUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjUxMDE3MTAwNTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmE4NDA5YTFjMDVlNzM3NThjN2M3NDQ4MjRjZTBlNWQ3MGNkZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NmdiBRNjOAhxTnzuX01D0so6o4j
tSxIP9cXR1C77kXuwNs8PKz0V7Nr716K0idQ6Y52jqJ+Ia2A/JebYxhaAM+irwgN
byHBl/8QiWVNUvHk7B7kFhmykQGyIVsLUA7lIAgMZQeOhzloCgHRHVZYZjnYx7l6
EksRVP+lDqJmKXbLg0MSAQedcGwlD3XkhYcX2GAOVqwDSvLml6ns7Fwkbr3BA2cz
DNe/fRpK6Pnv6P+3wDt4Zdvf7zV2pTbOLKcCgROol++SDh4DkoT7xA9lanyq38aX
1J4WZIY7yDCquj29Y1M8/54dWJZF2Dcqod5VyP96hpPgLdOSPtF/zci0jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL+oQJocBec3WMfHRIJM4OXXDN6aMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvdjZoQW1od0Y1emRZeDhkRWdremc1ZGNNM3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT3IAwQC
qxYIAwQCuT4UMA0GCSqGSIb3DQEBCwUAA4IBAQAoq2SLBsZTC3AZz8JnQ0/7yYZ9
u+RatpW2t6o/HabmSBVAWEeawqSbnI3SBZTcZ9+EMBgHIdgRNyiRuBbYNn18QQGj
+YONaMNoxULX40/aZP/p7two7Csmpw45k4OAGpkhgB4HmobOgKf2ICUB7FhfRk+u
keMUWFULtY2pRxOv8UUtbIPRuMCSoqX/Ll0w0b0uiYQTNCv3aK0IjU0UsE2qNyVw
o+VGm8SeTBMhuNKVDPffP0/3aOiDhAKBlEPbvBKX3v++k3eKVA2FV7dGIP4xfCyn
6RZ19ARHtjgttjG6+ZEuMioIvUhYGQcMvkkjm8xM4cgHTLQG7qdYJy2nGrMc
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:40 2025 by rpki-client