Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hmfb7aBK_OBWDx0BcqnvkZodXpw.roa
File: hmfb7aBK_OBWDx0BcqnvkZodXpw.roa (raw, json)
Hash identifier: WzLMP+sjxw8ECVY4/VgOUclyWoeI4GvpkT04+AJGikM=
Subject key identifier: 86:67:DB:ED:A0:4A:FC:E0:56:0F:1D:01:72:A9:EF:91:9A:1D:5E:9C
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0197767E9B43A8A6D9CBCEAE3766E7B60888
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hmfb7aBK_OBWDx0BcqnvkZodXpw.roa
Signing time: Mon 16 Jun 2025 02:08:18 +0000
ROA not before: Mon 16 Jun 2025 02:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.101.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.144.103.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:76:7e:9b:43:a8:a6:d9:cb:ce:ae:37:66:e7:b6:08:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 16 02:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8667dbeda04afce0560f1d0172a9ef919a1d5e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:12:11:02:d5:22:7a:82:a8:e5:32:5c:ae:
70:6a:64:ff:6f:fa:0b:54:fc:e2:35:a9:d7:d9:ea:
4a:be:56:99:94:86:e5:01:92:1a:a2:ca:ff:4a:24:
f8:a0:bc:9a:d3:4e:ed:5a:e5:24:47:06:00:22:6e:
1d:a9:9e:36:f3:f6:49:cd:bf:fc:2b:a7:c7:a1:ae:
73:b3:ff:e9:db:f9:ea:10:ed:4f:9c:b7:ee:4f:f7:
45:2c:67:93:72:58:60:d0:68:1d:9c:05:ef:69:f7:
6f:6d:3a:6b:c5:15:da:71:3b:20:73:a0:d4:f3:77:
e1:2c:31:c7:1f:41:aa:5e:19:61:59:57:95:4d:d7:
a0:1c:96:f0:36:e9:70:2a:ea:d2:3d:57:d4:76:00:
dc:dc:f6:1a:36:90:a6:a3:79:56:04:99:3c:25:3a:
02:e0:8d:30:03:34:0a:de:fe:95:42:b6:60:8b:be:
d9:bd:0d:b7:ef:81:03:5c:7e:74:08:d6:4c:63:d7:
1c:f8:f2:b0:b5:5c:ad:9c:a1:b3:32:8c:7b:89:81:
41:23:bb:4e:99:de:d6:ab:2b:78:70:f3:47:5d:18:
7e:d4:c5:e5:40:55:e2:75:ea:1a:59:d9:b3:2b:b7:
3f:3d:25:69:cf:56:95:c2:7b:27:ec:3a:7b:c2:bb:
9a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:67:DB:ED:A0:4A:FC:E0:56:0F:1D:01:72:A9:EF:91:9A:1D:5E:9C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hmfb7aBK_OBWDx0BcqnvkZodXpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.20.0/22
185.144.100.0/22
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/24
194.36.102.0/23
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
30:7b:b6:96:64:59:8d:38:34:4e:d8:7a:d9:14:48:ba:e1:25:
bd:92:2d:2e:22:26:27:ad:31:be:16:31:5e:d9:41:63:8f:6e:
ef:3c:a1:af:b9:1b:78:d5:c2:4d:7c:3e:82:80:81:7b:87:89:
ca:ce:fa:56:f1:6c:df:d3:94:0c:c5:a9:d0:77:e2:91:e9:f9:
47:43:4b:f2:d2:dd:50:56:3a:ef:38:1e:bb:0a:d8:b9:88:a7:
d7:c3:af:9b:a1:00:af:4d:45:ac:ea:09:44:86:94:c4:d9:a3:
c4:91:1a:64:05:d4:ff:80:bf:7f:57:66:df:3e:74:95:20:c4:
85:d7:bf:5f:cf:d0:fb:c0:f5:83:0b:e0:94:ab:a9:a8:8e:60:
d9:b5:e6:12:17:df:57:03:38:2d:62:35:69:b9:d7:1d:d7:30:
ad:61:ad:6f:a8:42:fd:55:73:92:f2:3d:71:b1:12:02:f2:f6:
e4:29:e4:f1:80:ed:ca:6d:67:46:32:64:3a:20:91:99:89:9f:
f1:8c:9d:08:89:e7:84:ee:c7:fe:c9:88:2b:0c:8a:12:dc:4a:
f9:d5:da:b9:e2:d2:d8:5d:c8:56:09:13:78:b2:ef:4e:1d:1f:
67:34:a7:b1:a2:56:e7:3e:d4:7f:f4:74:02:e2:1a:6e:cf:28:
d8:6b:46:c7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZd2fptDqKbZy86uN2bntgiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNjE2MDIwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY3ZGJlZGEwNGFmY2UwNTYwZjFkMDE3MmE5ZWY5MTlhMWQ1ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJUSEQLVInqCqOUyXK5wamT/b/oL
VPziNanX2epKvlaZlIblAZIaosr/SiT4oLya007tWuUkRwYAIm4dqZ428/ZJzb/8
K6fHoa5zs//p2/nqEO1PnLfuT/dFLGeTclhg0GgdnAXvafdvbTprxRXacTsgc6DU
83fhLDHHH0GqXhlhWVeVTdegHJbwNulwKurSPVfUdgDc3PYaNpCmo3lWBJk8JToC
4I0wAzQK3v6VQrZgi77ZvQ2374EDXH50CNZMY9cc+PKwtVytnKGzMox7iYFBI7tO
md7Wqyt4cPNHXRh+1MXlQFXideoaWdmzK7c/PSVpz1aVwnsn7Dp7wruasQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFIZn2+2gSvzgVg8dAXKp75GaHV6cMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaG1mYjdhQktfT0JXRHgwQmNxbnZrWm9kWHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQALYgAAwQB
LYgCAwQAgAB3AwQCuXUUAwQCuZBkMAwDBAS50zADBAC50zIDBAK54/ADBALBydAD
BADCJGQDBAHCJGYDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0BAQsFAAOC
AQEAMHu2lmRZjTg0Tth62RRIuuElvZItLiImJ60xvhYxXtlBY49u7zyhr7kbeNXC
TXw+goCBe4eJys76VvFs39OUDMWp0Hfiken5R0NL8tLdUFY67zgeuwrYuYin18Ov
m6EAr01FrOoJRIaUxNmjxJEaZAXU/4C/f1dm3z50lSDEhde/X8/Q+8D1gwvglKup
qI5g2bXmEhffVwM4LWI1abnXHdcwrWGtb6hC/VVzkvI9cbESAvL25Cnk8YDtym1n
RjJkOiCRmYmf8YydCInnhO7H/smIKwyKEtxK+dXaueLS2F3IVgkTeLLvTh0fZzSn
saJW5z7Uf/R0AuIabs8o2GtGxw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:57:57 2025 by rpki-client