Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/hA-e1ExzRSPNWyW93O3s0XSrAZ4.roa
File: hA-e1ExzRSPNWyW93O3s0XSrAZ4.roa (raw, json)
Hash identifier: wOrCVsUdrc4d/IuOMgZHbZ6waL7T9XC1LvudSdq2sG0=
Subject key identifier: 84:0F:9E:D4:4C:73:45:23:CD:5B:25:BD:DC:ED:EC:D1:74:AB:01:9E
Certificate issuer: /CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Certificate serial: 01977F0BA0CD23A68F54EFFCE91FD712797B
Authority key identifier: E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/hA-e1ExzRSPNWyW93O3s0XSrAZ4.roa
Signing time: Tue 17 Jun 2025 17:59:17 +0000
ROA not before: Tue 17 Jun 2025 17:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34941
IP address blocks: 85.118.200.0/21 maxlen: 21
185.112.136.0/23 maxlen: 23
185.112.138.0/24 maxlen: 24
185.112.139.0/24 maxlen: 24
2a06:6180::/29 maxlen: 29
2a06:6180::/40 maxlen: 40
2a06:6180:4000::/40 maxlen: 40
2a06:6180:8000::/40 maxlen: 40
2a06:6187::/35 maxlen: 35
2a06:6187:4000::/35 maxlen: 35
2a06:6187:8000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:0b:a0:cd:23:a6:8f:54:ef:fc:e9:1f:d7:12:79:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Validity
Not Before: Jun 17 17:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=840f9ed44c734523cd5b25bddcedecd174ab019e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:a4:03:47:49:99:e0:90:89:85:57:9a:74:
d3:0c:5c:b8:28:ef:cc:e1:c0:85:8f:ba:c6:4a:45:
59:6f:4a:f0:6b:f9:d1:9e:39:5c:77:8a:a3:a3:b8:
d4:26:17:90:83:fe:05:9c:e7:02:4e:fa:a2:80:57:
01:f8:ce:aa:0d:67:c6:db:ef:09:a7:19:eb:d3:a0:
4a:fe:26:d2:04:61:03:9f:91:93:d6:fe:d8:99:cb:
0f:6b:d6:5e:04:f3:93:d5:6f:d4:08:fe:f7:ff:f2:
02:af:25:75:47:dd:2b:2e:51:6f:9e:7a:4c:3c:bc:
c5:9b:3d:0a:9c:31:b4:70:5a:d7:cd:a9:44:2e:82:
bd:bb:f8:b1:f7:0c:46:47:53:be:08:8a:af:3f:2c:
ac:d5:b9:02:df:e3:27:2d:cf:f8:82:72:75:10:b8:
db:ba:ef:e7:ef:c4:25:b7:10:ac:70:6c:be:40:e3:
48:a6:04:ab:e0:46:cf:7e:53:9b:f1:2b:17:40:aa:
28:d8:b6:3c:cb:ff:f0:4e:7e:09:d7:41:b9:63:67:
10:6f:75:6e:28:a7:55:d6:90:04:f8:a0:e6:15:b5:
2e:e4:a3:f7:21:3e:c4:ed:1e:80:8f:8c:40:90:a4:
c3:2c:ce:02:52:5c:b7:47:d0:ed:e7:bc:b7:63:d3:
37:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0F:9E:D4:4C:73:45:23:CD:5B:25:BD:DC:ED:EC:D1:74:AB:01:9E
X509v3 Authority Key Identifier:
keyid:E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/hA-e1ExzRSPNWyW93O3s0XSrAZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.200.0/21
185.112.136.0/22
IPv6:
2a06:6180::/29
Signature Algorithm: sha256WithRSAEncryption
69:53:da:77:e1:8e:81:7a:e4:33:73:e2:f7:1d:bd:0f:b0:e3:
93:00:99:3f:54:43:e6:f9:3c:2f:47:3b:65:1b:1a:5b:fa:cd:
e9:f6:ea:df:49:50:04:13:a2:71:fb:b4:cb:92:27:f9:e3:14:
c2:cd:0e:7e:f4:f2:a9:79:bf:d0:b8:2a:d7:7a:02:5d:01:b8:
3c:ce:97:02:37:30:1e:82:5e:e7:8a:82:76:d0:6a:38:84:93:
61:9b:2e:88:95:7c:25:4c:7d:21:de:7a:a5:d6:89:49:9b:86:
72:4e:92:74:55:03:70:88:88:0b:b0:0e:4e:74:1c:c9:93:31:
68:5e:08:dc:75:86:68:47:0e:19:6d:c2:04:f1:3c:a9:fa:30:
f2:34:c3:ac:19:cb:e5:60:a3:9b:ac:6f:ce:85:0b:fd:f6:c5:
8d:f9:f9:9a:41:b3:22:d3:a9:db:40:b3:b9:d9:15:99:7b:65:
ac:4a:ff:44:78:6d:98:3c:5e:4a:0a:44:1b:ad:f8:66:67:61:
7b:00:3a:5f:b3:9f:3c:17:2b:18:51:be:b2:87:f3:09:ac:75:
8e:07:84:20:f3:8e:c6:56:7e:e7:d3:d9:8e:91:38:aa:e7:2d:
f7:d8:5b:98:cb:fa:40:92:ad:64:9b:e0:17:63:ef:8c:a4:a4:
e7:d5:39:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZd/C6DNI6aPVO/86R/XEnl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNzc1MzhkZWMyZWZjZDJmMTFjYzYzNzE5N2QxZDlhNmZk
YWU5ZDkwHhcNMjUwNjE3MTc1OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBmOWVkNDRjNzM0NTIzY2Q1YjI1YmRkY2VkZWNkMTc0YWIwMTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfGkA0dJmeCQiYVXmnTTDFy4KO/M
4cCFj7rGSkVZb0rwa/nRnjlcd4qjo7jUJheQg/4FnOcCTvqigFcB+M6qDWfG2+8J
pxnr06BK/ibSBGEDn5GT1v7YmcsPa9ZeBPOT1W/UCP73//ICryV1R90rLlFvnnpM
PLzFmz0KnDG0cFrXzalELoK9u/ix9wxGR1O+CIqvPyys1bkC3+MnLc/4gnJ1ELjb
uu/n78QltxCscGy+QONIpgSr4EbPflOb8SsXQKoo2LY8y//wTn4J10G5Y2cQb3Vu
KKdV1pAE+KDmFbUu5KP3IT7E7R6Aj4xAkKTDLM4CUly3R9Dt57y3Y9M3sQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIQPntRMc0UjzVslvdzt7NF0qwGeMB8GA1UdIwQY
MBaAFOJ3U43sLvzS8RzGNxl9HZpv2unZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWIt
ODJlZTJkMmI0Mjg5LzEvaEEtZTFFeHpSU1BOV3lXOTNPM3MwWFNyQVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWItODJlZTJkMmI0Mjg5
LzEvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXbIAwQC
uXCIMA0EAgACMAcDBQMqBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQBpU9p34Y6BeuQz
c+L3Hb0PsOOTAJk/VEPm+TwvRztlGxpb+s3p9urfSVAEE6Jx+7TLkif54xTCzQ5+
9PKpeb/QuCrXegJdAbg8zpcCNzAegl7nioJ20Go4hJNhmy6IlXwlTH0h3nql1olJ
m4ZyTpJ0VQNwiIgLsA5OdBzJkzFoXgjcdYZoRw4ZbcIE8Typ+jDyNMOsGcvlYKOb
rG/OhQv99sWN+fmaQbMi06nbQLO52RWZe2WsSv9EeG2YPF5KCkQbrfhmZ2F7ADpf
s588FysYUb6yh/MJrHWOB4Qg847GVn7n09mOkTiq5y332FuYy/pAkq1km+AXY++M
pKTn1Tn5
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:42:52 2025 by rpki-client