Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/1mHdyxjRLIShTDxtdxOO2Kvk16s.roa
File: 1mHdyxjRLIShTDxtdxOO2Kvk16s.roa (raw, json)
Hash identifier: A6WvC4ihWnFIsAqlmFqprf5SnAovcDs7y/7FRdNG3W8=
Subject key identifier: D6:61:DD:CB:18:D1:2C:84:A1:4C:3C:6D:77:13:8E:D8:AB:E4:D7:AB
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 019878B7834273D46B1FE682522AD08C94FB
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/1mHdyxjRLIShTDxtdxOO2Kvk16s.roa
Signing time: Tue 05 Aug 2025 05:32:29 +0000
ROA not before: Tue 05 Aug 2025 05:32:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208909
IP address blocks: 2.57.128.0/22 maxlen: 22
5.183.220.0/22 maxlen: 22
45.15.136.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
162.213.64.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.67.0/24 maxlen: 24
185.38.128.0/22 maxlen: 22
185.41.96.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.87.188.0/22 maxlen: 22
185.132.90.0/24 maxlen: 24
185.219.136.0/22 maxlen: 22
195.211.168.0/22 maxlen: 22
2a00:fde0::/32 maxlen: 32
2a01:57a0::/32 maxlen: 32
2a09:d940::/29 maxlen: 29
2a0e:3c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:78:b7:83:42:73:d4:6b:1f:e6:82:52:2a:d0:8c:94:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Aug 5 05:32:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d661ddcb18d12c84a14c3c6d77138ed8abe4d7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:01:48:4f:79:ce:3c:18:a2:92:88:e9:cf:
d1:f4:c2:a8:c5:46:18:07:a0:96:6f:48:7b:7f:5c:
24:75:c0:02:f2:0f:b6:49:02:e7:e4:27:f7:c1:70:
31:b0:a6:02:56:1e:6e:92:04:7c:1e:25:de:62:67:
da:b4:ea:50:23:52:bd:bb:d5:8c:45:b4:ce:f6:72:
c0:83:37:94:75:da:da:a7:f2:4b:46:01:ff:9d:6e:
7e:b5:9d:1c:3d:48:74:7a:c6:54:96:0b:28:e3:14:
d9:6c:aa:00:2d:f7:4f:73:13:16:3f:39:53:b6:51:
82:0b:ae:08:97:a3:2b:14:ab:37:bf:58:f9:8b:f2:
02:78:68:88:f4:57:35:fd:14:39:f7:a2:86:3c:d2:
83:c6:bc:84:ab:f3:88:7c:5f:b7:a1:e8:f5:e2:2d:
4a:7e:e3:b2:d3:09:57:52:23:d5:7b:61:95:af:e2:
d9:0e:11:2b:dc:5c:4a:e8:6d:c6:5d:fa:ec:1d:2f:
14:af:4a:66:3d:fe:38:d0:5d:b5:0b:75:c4:db:f7:
d4:2e:88:89:1b:a6:c1:23:46:93:9e:ec:90:26:86:
4a:ae:b2:bf:77:3d:f9:75:8a:94:46:c7:64:44:18:
21:5c:a2:0a:d9:bd:24:ae:ad:19:8b:d0:4d:65:64:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:61:DD:CB:18:D1:2C:84:A1:4C:3C:6D:77:13:8E:D8:AB:E4:D7:AB
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/1mHdyxjRLIShTDxtdxOO2Kvk16s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.128.0/22
5.183.220.0/22
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.38.128.0/22
185.41.96.0/22
185.87.188.0/22
185.132.90.0/24
185.219.136.0/22
195.211.168.0/22
IPv6:
2a00:fde0::/32
2a01:57a0::/32
2a09:d940::/29
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
ae:db:0c:94:f0:63:c7:43:67:b1:8a:76:8a:e3:8a:0f:41:d6:
cc:0e:d5:8b:b5:c4:64:f5:00:cd:90:0a:44:73:3c:d9:81:13:
98:fa:b4:78:a9:9f:e0:59:04:44:8f:6b:75:11:17:ea:c4:b6:
cc:2f:b3:26:c4:ae:88:b4:24:d5:45:94:fa:f1:0a:65:75:0e:
d2:4e:8c:e8:b7:6f:01:18:69:e7:18:c2:7a:c9:77:9a:dd:43:
13:ce:6b:e6:73:f5:c0:a8:1c:73:93:b5:60:60:eb:ec:58:42:
a2:f9:f8:cf:4f:91:74:f6:db:44:b5:e9:bc:89:4f:db:90:74:
65:b9:da:eb:68:63:c7:48:3a:79:cf:b7:96:0c:07:6a:5f:9a:
9e:e0:5b:7d:dc:f6:78:7e:3d:fc:3f:a2:ed:ad:3c:83:a7:15:
da:da:7c:73:c8:01:6b:12:1a:99:c5:45:81:66:3c:cd:b4:ec:
e9:62:99:87:e6:dd:2a:74:49:ae:1b:55:49:89:d4:95:57:a5:
ef:11:6d:95:f9:f7:e4:f9:81:0a:a6:34:2d:01:e4:27:b9:1c:
5d:31:cc:c9:87:46:a6:de:fc:5c:fb:85:8e:c6:1c:13:4f:c6:
87:3f:85:98:0c:70:09:b2:64:7a:1c:dc:7f:66:cd:b3:c1:de:
3e:fd:c1:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZh4t4NCc9RrH+aCUirQjJT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjUwODA1MDUzMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjYxZGRjYjE4ZDEyYzg0YTE0YzNjNmQ3NzEzOGVkOGFiZTRkN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6sBSE95zjwYopKI6c/R9MKoxUYY
B6CWb0h7f1wkdcAC8g+2SQLn5Cf3wXAxsKYCVh5ukgR8HiXeYmfatOpQI1K9u9WM
RbTO9nLAgzeUddrap/JLRgH/nW5+tZ0cPUh0esZUlgso4xTZbKoALfdPcxMWPzlT
tlGCC64Il6MrFKs3v1j5i/ICeGiI9Fc1/RQ596KGPNKDxryEq/OIfF+3oej14i1K
fuOy0wlXUiPVe2GVr+LZDhEr3FxK6G3GXfrsHS8Ur0pmPf440F21C3XE2/fULoiJ
G6bBI0aTnuyQJoZKrrK/dz35dYqURsdkRBghXKIK2b0krq0Zi9BNZWSNQwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFNZh3csY0SyEoUw8bXcTjtir5NerMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvMW1IZHl4alJMSVNoVER4dGR4T08yS3ZrMTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBIBAIAATBCAwQCAjmAAwQC
BbfcAwQCLQ+IAwQCW8x8AwQCotVAAwQCuSaAAwQCuSlgAwQCuVe8AwQAuYRaAwQC
uduIAwQCw9OoMCIEAgACMBwDBQAqAP3gAwUAKgFXoAMFAyoJ2UADBQMqDjyAMA0G
CSqGSIb3DQEBCwUAA4IBAQCu2wyU8GPHQ2exinaK44oPQdbMDtWLtcRk9QDNkApE
czzZgROY+rR4qZ/gWQREj2t1ERfqxLbML7MmxK6ItCTVRZT68QpldQ7STozot28B
GGnnGMJ6yXea3UMTzmvmc/XAqBxzk7VgYOvsWEKi+fjPT5F09ttEtem8iU/bkHRl
udrraGPHSDp5z7eWDAdqX5qe4Ft93PZ4fj38P6LtrTyDpxXa2nxzyAFrEhqZxUWB
ZjzNtOzpYpmH5t0qdEmuG1VJidSVV6XvEW2V+ffk+YEKpjQtAeQnuRxdMczJh0am
3vxc+4WOxhwTT8aHP4WYDHAJsmR6HNx/Zs2zwd4+/cE4
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:40:25 2025 by rpki-client