Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mtOyHCDFbEN52MPoQC2Q-k_KdmA.roa
File: mtOyHCDFbEN52MPoQC2Q-k_KdmA.roa (raw, json)
Hash identifier: r3EoA0ly4TitVzLXwjhS8X5/zGogMJB24chyqpQhXH8=
Subject key identifier: 9A:D3:B2:1C:20:C5:6C:43:79:D8:C3:E8:40:2D:90:FA:4F:CA:76:60
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0197C2BEF020A3E29B2D587BABCC98767550
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mtOyHCDFbEN52MPoQC2Q-k_KdmA.roa
Signing time: Mon 30 Jun 2025 21:29:42 +0000
ROA not before: Mon 30 Jun 2025 21:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 37.46.20.0/22 maxlen: 24
77.239.108.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:be:f0:20:a3:e2:9b:2d:58:7b:ab:cc:98:76:75:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 30 21:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad3b21c20c56c4379d8c3e8402d90fa4fca7660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a8:55:f0:8c:fc:95:b9:4e:23:31:80:25:3e:
4a:e7:50:af:14:42:dc:3c:98:ee:42:ab:6a:80:c2:
32:32:f9:e0:bd:70:3b:77:69:5a:10:71:7e:c7:f3:
28:08:0e:bf:1f:af:cc:e6:ba:bd:f9:ab:3c:c1:0b:
0c:08:17:f7:dc:00:91:39:25:f8:87:39:1c:6e:3b:
38:a6:b6:56:b3:95:e7:05:e3:76:2d:e7:b6:11:9d:
66:31:e3:c2:dd:95:30:d9:66:d1:f2:12:b5:47:b4:
c2:ed:af:9a:3c:95:a6:80:15:d2:e6:91:6d:d2:86:
59:80:d3:1d:a4:cc:ee:f9:57:76:0e:e6:11:de:e0:
e7:4a:57:da:f3:28:b8:12:c1:53:e2:da:2a:f8:73:
07:9e:cb:46:fe:6e:23:5d:c7:1c:f4:99:55:c3:42:
60:80:18:c0:26:87:13:3c:72:59:42:4d:da:1d:5a:
50:e6:72:84:e9:28:5c:31:58:44:d2:f5:52:7a:1e:
d0:21:6d:79:c6:6e:7e:aa:93:28:26:f6:85:24:1d:
36:aa:e9:e6:46:eb:1e:fe:2a:3b:1c:b1:1f:b8:cd:
15:a4:a9:1b:e0:96:94:25:d0:09:80:bb:47:68:ec:
30:05:ba:77:a9:d4:73:83:d0:b7:3a:24:4c:84:f8:
dc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D3:B2:1C:20:C5:6C:43:79:D8:C3:E8:40:2D:90:FA:4F:CA:76:60
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mtOyHCDFbEN52MPoQC2Q-k_KdmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.20.0/22
77.239.108.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
32:23:f9:b1:a3:83:ac:06:ed:e5:7d:dc:53:98:84:39:aa:18:
a2:d0:fa:76:fc:20:07:3d:08:bd:d0:b7:f1:ef:ee:31:34:a1:
b6:3b:b6:50:23:34:db:e5:a5:f0:19:d4:ca:11:9a:5c:c5:d6:
de:57:9c:83:42:ae:6e:c4:7f:73:ff:c8:c5:de:d3:d6:d8:46:
e2:78:d8:a3:cf:1e:69:ee:67:9a:fa:41:ad:d9:d7:02:bf:36:
83:03:f6:05:aa:a8:6f:1b:40:e0:9f:51:d5:2f:cc:98:aa:fe:
df:3d:4b:88:8a:8d:77:bf:fb:c8:6e:d1:9d:ab:41:4c:e1:db:
5b:ab:e8:17:56:53:5c:85:35:ae:25:02:08:0e:1f:5e:9b:58:
6b:04:34:c2:15:a1:ab:67:58:fa:29:78:ae:0d:28:e1:8b:b5:
a3:40:7b:4b:6c:82:d8:f3:25:a5:f7:5a:a8:ec:a0:34:8d:3c:
54:28:f0:c3:55:c6:3e:40:ca:e8:84:4c:a2:81:1b:26:0e:1d:
24:35:14:bf:3a:31:69:a3:88:b1:a3:73:ee:b6:f1:7b:7b:13:
e2:74:7b:05:61:7d:a0:99:00:06:1a:c5:45:35:42:e9:bb:89:
e2:74:52:8b:fb:b0:ff:fc:b0:ae:66:69:9b:38:6c:b0:c6:13:
b3:98:18:0b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZfCvvAgo+KbLVh7q8yYdnVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNjMwMjEyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQzYjIxYzIwYzU2YzQzNzlkOGMzZTg0MDJkOTBmYTRmY2E3NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qhV8Iz8lblOIzGAJT5K51CvFELc
PJjuQqtqgMIyMvngvXA7d2laEHF+x/MoCA6/H6/M5rq9+as8wQsMCBf33ACROSX4
hzkcbjs4prZWs5XnBeN2Lee2EZ1mMePC3ZUw2WbR8hK1R7TC7a+aPJWmgBXS5pFt
0oZZgNMdpMzu+Vd2DuYR3uDnSlfa8yi4EsFT4toq+HMHnstG/m4jXccc9JlVw0Jg
gBjAJocTPHJZQk3aHVpQ5nKE6ShcMVhE0vVSeh7QIW15xm5+qpMoJvaFJB02qunm
Ruse/io7HLEfuM0VpKkb4JaUJdAJgLtHaOwwBbp3qdRzg9C3OiRMhPjcmwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJrTshwgxWxDedjD6EAtkPpPynZgMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbXRPeUhDREZiRU41Mk1Qb1FDMlEta19LZG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJS4UAwQC
Te9sAwQBlvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQELBQADggEB
ADIj+bGjg6wG7eV93FOYhDmqGKLQ+nb8IAc9CL3Qt/Hv7jE0obY7tlAjNNvlpfAZ
1MoRmlzF1t5XnINCrm7Ef3P/yMXe09bYRuJ42KPPHmnuZ5r6Qa3Z1wK/NoMD9gWq
qG8bQOCfUdUvzJiq/t89S4iKjXe/+8hu0Z2rQUzh21ur6BdWU1yFNa4lAggOH16b
WGsENMIVoatnWPopeK4NKOGLtaNAe0tsgtjzJaX3WqjsoDSNPFQo8MNVxj5AyuiE
TKKBGyYOHSQ1FL86MWmjiLGjc+628Xt7E+J0ewVhfaCZAAYaxUU1Qum7ieJ0Uov7
sP/8sK5maZs4bLDGE7OYGAs=
-----END CERTIFICATE-----
Generated at Wed Jul 2 10:40:08 2025 by rpki-client