Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cHBAN5b_AfIDbPujyHsSkHc32Vs.roa
File: cHBAN5b_AfIDbPujyHsSkHc32Vs.roa (raw, json)
Hash identifier: kB0iiFfoUEV5VdTxoB3sooXMHpBtuJNeYhAfJLbms9I=
Subject key identifier: 70:70:40:37:96:FF:01:F2:03:6C:FB:A3:C8:7B:12:90:77:37:D9:5B
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019A2F2D831DC33ADFFB380E6DB81D1A5845
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cHBAN5b_AfIDbPujyHsSkHc32Vs.roa
Signing time: Wed 29 Oct 2025 08:55:03 +0000
ROA not before: Wed 29 Oct 2025 08:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213665
IP address blocks: 46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:2d:83:1d:c3:3a:df:fb:38:0e:6d:b8:1d:1a:58:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 29 08:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7070403796ff01f2036cfba3c87b12907737d95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:77:9d:da:2a:35:df:38:a3:2f:92:1d:41:
09:0d:da:d5:da:f8:39:18:aa:33:9a:5e:d1:bf:0b:
fa:99:b6:97:bb:9c:8d:e2:3c:3a:84:ad:89:de:08:
0a:9b:4e:29:b7:d5:2b:79:ca:8c:02:58:bb:50:10:
32:d4:8f:3b:af:a4:50:2b:98:25:80:d8:57:33:25:
ef:05:db:c7:05:c0:e5:ab:d8:77:0f:05:2f:8c:5c:
5b:86:fa:44:80:14:96:ae:96:97:a5:03:eb:72:25:
a7:b2:57:64:1e:f1:98:e5:80:97:72:3b:0f:56:be:
09:3c:10:1e:09:70:94:7f:5a:68:c5:5b:85:79:1e:
2d:17:6c:36:ec:c0:54:9b:6d:a3:09:2b:8e:8d:14:
52:9d:e6:25:17:45:ff:51:70:e3:7f:2d:40:73:0b:
33:39:f2:2c:85:7c:8b:72:ec:f2:6f:b1:29:3f:66:
06:8d:65:6b:68:41:1a:1b:29:2a:c4:66:d1:5a:75:
14:a7:bd:73:7f:1b:67:34:05:8a:a2:3d:bd:00:71:
d0:13:6e:51:23:88:ab:59:e2:1f:dc:2e:b1:af:8b:
63:b6:20:45:a2:ca:ec:77:4e:42:50:be:1d:73:43:
a8:df:48:b7:13:ec:6d:07:0d:d5:c3:b2:a7:3f:1c:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:70:40:37:96:FF:01:F2:03:6C:FB:A3:C8:7B:12:90:77:37:D9:5B
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cHBAN5b_AfIDbPujyHsSkHc32Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0/23
109.94.165.0/24
212.80.24.0/24
Signature Algorithm: sha256WithRSAEncryption
07:29:18:1c:a8:dc:df:9a:c6:32:e5:f9:a0:f3:e6:43:a0:28:
95:61:d1:a5:4c:b0:76:53:c8:b4:7f:f2:a4:09:16:36:ac:60:
5c:98:e5:e8:3f:16:35:d6:2a:0e:53:ad:ca:6a:38:4c:3a:61:
92:c3:85:7c:c9:ee:15:cc:ff:c0:e1:de:b4:47:fd:aa:21:d8:
d2:ce:95:81:8e:e6:b9:14:d4:3a:4a:d0:53:f8:c1:12:c7:07:
89:57:19:a5:8a:f7:1b:a2:b7:2d:38:56:93:53:86:58:a5:22:
29:1e:02:95:8e:fc:d9:28:87:68:03:b3:70:42:34:a6:86:ad:
28:36:70:17:2a:a1:47:6a:7f:30:de:a1:7d:89:6b:08:9f:87:
7b:be:6a:6d:4a:6c:2f:fd:95:c8:08:46:be:b8:f7:6b:63:44:
ab:76:62:cf:1e:65:54:bb:a9:c1:67:d3:dc:c6:7d:89:16:06:
f2:11:b1:b3:c5:1f:d3:32:ce:88:10:cc:b7:77:1f:6f:b3:f7:
84:f0:1c:74:e3:fd:81:ac:56:7e:ea:e3:d8:0f:a5:b5:50:ef:
f9:37:51:01:7b:08:7a:ab:aa:89:ce:69:75:47:79:23:bb:77:
12:70:f3:30:2a:c5:23:9f:7a:bc:00:f5:e6:17:9e:ce:21:39:
ef:53:75:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZovLYMdwzrf+zgObbgdGlhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUxMDI5MDg1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcwNDAzNzk2ZmYwMWYyMDM2Y2ZiYTNjODdiMTI5MDc3MzdkOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqh3ndoqNd84oy+SHUEJDdrV2vg5
GKozml7Rvwv6mbaXu5yN4jw6hK2J3ggKm04pt9UrecqMAli7UBAy1I87r6RQK5gl
gNhXMyXvBdvHBcDlq9h3DwUvjFxbhvpEgBSWrpaXpQPrciWnsldkHvGY5YCXcjsP
Vr4JPBAeCXCUf1poxVuFeR4tF2w27MBUm22jCSuOjRRSneYlF0X/UXDjfy1Acwsz
OfIshXyLcuzyb7EpP2YGjWVraEEaGykqxGbRWnUUp71zfxtnNAWKoj29AHHQE25R
I4irWeIf3C6xr4tjtiBFosrsd05CUL4dc0Oo30i3E+xtBw3Vw7KnPxw3FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHBwQDeW/wHyA2z7o8h7EpB3N9lbMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvY0hCQU41Yl9BZklEYlB1anlIc1NrSGMzMlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLiaIAwQA
bV6lAwQA1FAYMA0GCSqGSIb3DQEBCwUAA4IBAQAHKRgcqNzfmsYy5fmg8+ZDoCiV
YdGlTLB2U8i0f/KkCRY2rGBcmOXoPxY11ioOU63KajhMOmGSw4V8ye4VzP/A4d60
R/2qIdjSzpWBjua5FNQ6StBT+MESxweJVxmlivcborctOFaTU4ZYpSIpHgKVjvzZ
KIdoA7NwQjSmhq0oNnAXKqFHan8w3qF9iWsIn4d7vmptSmwv/ZXICEa+uPdrY0Sr
dmLPHmVUu6nBZ9Pcxn2JFgbyEbGzxR/TMs6IEMy3dx9vs/eE8Bx04/2BrFZ+6uPY
D6W1UO/5N1EBewh6q6qJzml1R3kju3cScPMwKsUjn3q8APXmF57OITnvU3XA
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:04:08 2025 by rpki-client