Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/HQJYUTBx5y9e1HZUaS7Vda7KAkM.roa
File: HQJYUTBx5y9e1HZUaS7Vda7KAkM.roa (raw, json)
Hash identifier: ZjTNmixkk1ik6R2FnzYjVLi/UH819iTlo6cKdm19DZo=
Subject key identifier: 1D:02:58:51:30:71:E7:2F:5E:D4:76:54:69:2E:D5:75:AE:CA:02:43
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 019661A3DB69B5374CD3D0C84F6285A1F6FD
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/HQJYUTBx5y9e1HZUaS7Vda7KAkM.roa
Signing time: Wed 23 Apr 2025 07:54:10 +0000
ROA not before: Wed 23 Apr 2025 07:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 31.193.188.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
45.86.144.0/22 maxlen: 22
77.81.103.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
89.39.201.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
89.40.227.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
89.43.52.0/24 maxlen: 24
89.44.237.0/24 maxlen: 24
91.212.52.0/24 maxlen: 24
91.229.186.0/24 maxlen: 24
92.114.86.0/24 maxlen: 24
92.114.87.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.145.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.148.0/22 maxlen: 22
93.113.148.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
93.115.56.0/24 maxlen: 24
93.115.57.0/24 maxlen: 24
94.176.108.0/24 maxlen: 24
94.176.164.0/24 maxlen: 24
94.176.165.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
94.177.10.0/24 maxlen: 24
94.177.11.0/24 maxlen: 24
94.177.21.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
94.177.96.0/24 maxlen: 24
94.177.97.0/24 maxlen: 24
94.177.98.0/24 maxlen: 24
94.177.99.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
185.198.244.0/24 maxlen: 24
185.198.245.0/24 maxlen: 24
185.198.246.0/24 maxlen: 24
185.198.247.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
188.214.199.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.68.0/24 maxlen: 24
188.215.69.0/24 maxlen: 24
188.215.94.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.241.66.0/24 maxlen: 24
188.241.67.0/24 maxlen: 24
188.241.126.0/24 maxlen: 24
188.241.138.0/24 maxlen: 24
188.241.139.0/24 maxlen: 24
188.241.143.0/24 maxlen: 24
188.241.213.0/24 maxlen: 24
193.239.140.0/23 maxlen: 23
217.198.177.0/24 maxlen: 24
2a04:68c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:61:a3:db:69:b5:37:4c:d3:d0:c8:4f:62:85:a1:f6:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Apr 23 07:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d0258513071e72f5ed47654692ed575aeca0243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:72:a2:ae:f8:71:1e:74:c2:c6:cc:49:5f:
4d:fd:bd:e9:2d:b6:b7:bc:c2:9d:9c:3b:cc:5a:2e:
52:1b:5f:9d:8f:5f:a3:51:db:0e:0f:9b:6a:da:e4:
06:38:83:fa:ab:ce:e1:c0:77:25:d2:19:24:ec:ce:
99:4a:b7:5f:28:3a:4b:8a:7e:76:f3:de:86:c7:b3:
2a:21:99:ac:7e:1c:6c:60:ec:b8:7d:ac:c6:b3:f5:
34:13:a8:5d:84:b0:70:7f:68:7f:7b:05:c5:49:1d:
20:e3:91:b3:75:9d:fa:3a:c7:a3:7f:e2:f9:70:6a:
cf:07:fc:db:18:4b:7d:15:ee:80:e3:a8:bf:52:fd:
0d:f7:dd:30:7a:20:91:e9:f0:bd:91:b4:84:c4:89:
8f:5e:2d:90:c2:62:c2:b5:db:e8:a5:6c:f4:8e:d5:
01:f6:26:89:53:74:b2:aa:8c:95:6a:f7:a9:22:48:
4c:01:93:93:f4:a5:47:63:54:2c:8c:fd:4c:81:c5:
14:9f:27:b2:32:d1:a1:05:db:a5:cf:88:e4:5f:1d:
94:63:20:c4:eb:b9:7c:ca:87:1f:01:27:e0:71:db:
d3:1e:e7:d3:0b:72:e6:16:86:c7:69:f7:79:ef:25:
00:6b:b2:ab:93:6a:b5:6e:00:15:09:e3:ee:db:e2:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:02:58:51:30:71:E7:2F:5E:D4:76:54:69:2E:D5:75:AE:CA:02:43
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/HQJYUTBx5y9e1HZUaS7Vda7KAkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.188.0/24
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.201.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.34.0/23
89.43.52.0/24
89.44.237.0/24
91.212.52.0/24
91.229.186.0/24
92.114.86.0/23
93.113.144.0/21
93.115.56.0/23
94.176.108.0/24
94.176.164.0/23
94.176.212.0/24
94.177.10.0/23
94.177.21.0/24
94.177.48.0/23
94.177.96.0/22
185.184.240.0/22
185.198.244.0/22
188.208.16.0/23
188.211.248.0/24
188.214.199.0/24
188.215.6.0/23
188.215.68.0/23
188.215.94.0/24
188.240.228.0/23
188.241.66.0/23
188.241.126.0/24
188.241.138.0/23
188.241.143.0/24
188.241.213.0/24
193.239.140.0/23
217.198.177.0/24
IPv6:
2a04:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:89:04:b0:ea:4d:f9:19:d8:25:31:c3:aa:d2:dd:4a:59:7e:
1a:8b:46:4a:60:73:df:00:2c:5b:38:18:f8:55:13:bb:8b:66:
df:93:24:6f:de:bc:54:11:83:46:09:ea:d2:ee:05:62:b0:b0:
44:ae:28:47:6c:07:b5:f5:7c:19:34:f4:ef:9d:9d:72:b9:cc:
46:52:10:b3:da:3f:97:09:5f:c5:36:50:f7:68:9a:91:aa:d0:
20:96:3f:3e:5c:48:d9:89:54:18:08:12:5c:54:a1:80:1c:31:
db:64:e7:0a:da:c1:50:d6:9d:df:02:19:ad:ca:99:36:29:92:
cc:62:9d:ba:77:96:af:5f:e3:2e:f5:ef:74:a6:2f:70:11:ca:
85:e1:cc:55:7d:66:e6:d1:19:05:ff:e1:8f:0c:1c:f7:83:71:
83:00:f8:fa:12:3a:d3:af:22:f4:b4:94:7e:97:c0:3a:24:2f:
3c:55:3a:7e:dd:b8:01:b1:8b:40:01:6d:9c:77:a6:c0:c1:3e:
bd:37:97:79:49:33:18:43:4b:6a:54:ad:cc:71:64:cd:61:d6:
40:91:2b:73:ed:a5:a4:18:a9:ca:26:da:21:83:2e:62:08:0e:
2e:fc:b9:b9:64:9b:b7:ed:2f:b5:13:cb:9d:c0:55:ec:24:c3:
47:c7:b3:67
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZZho9tptTdM09DIT2KFofb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjUwNDIzMDc1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAyNTg1MTMwNzFlNzJmNWVkNDc2NTQ2OTJlZDU3NWFlY2EwMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn71yoq74cR50wsbMSV9N/b3pLba3
vMKdnDvMWi5SG1+dj1+jUdsOD5tq2uQGOIP6q87hwHcl0hkk7M6ZSrdfKDpLin52
896Gx7MqIZmsfhxsYOy4fazGs/U0E6hdhLBwf2h/ewXFSR0g45GzdZ36Osejf+L5
cGrPB/zbGEt9Fe6A46i/Uv0N990weiCR6fC9kbSExImPXi2QwmLCtdvopWz0jtUB
9iaJU3SyqoyVavepIkhMAZOT9KVHY1QsjP1MgcUUnyeyMtGhBdulz4jkXx2UYyDE
67l8yocfASfgcdvTHufTC3LmFobHafd57yUAa7Krk2q1bgAVCePu2+KoiQIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFB0CWFEwcecvXtR2VGku1XWuygJDMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvSFFKWVVUQng1eTllMUhaVWFTN1ZkYTdLQWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTCCARYEAgABMIIB
DgMEAB/BvAMEACWcrgMEAi1TOAMEAi1WkAMEAE1RZwMEAFXM/wMEAFZrbgMEAVki
7AMEAFki7wMEAFknyQMEAFkn/gMEAVkojgMEAFko4wMEAFkqhgMEAVkrIgMEAFkr
NAMEAFks7QMEAFvUNAMEAFvlugMEAVxyVgMEA11xkAMEAV1zOAMEAF6wbAMEAV6w
pAMEAF6w1AMEAV6xCgMEAF6xFQMEAV6xMAMEAl6xYAMEArm48AMEArnG9AMEAbzQ
EAMEALzT+AMEALzWxwMEAbzXBgMEAbzXRAMEALzXXgMEAbzw5AMEAbzxQgMEALzx
fgMEAbzxigMEALzxjwMEALzx1QMEAcHvjAMEANnGsTANBAIAAjAHAwUAKgRowDAN
BgkqhkiG9w0BAQsFAAOCAQEAvYkEsOpN+RnYJTHDqtLdSll+GotGSmBz3wAsWzgY
+FUTu4tm35Mkb968VBGDRgnq0u4FYrCwRK4oR2wHtfV8GTT0752dcrnMRlIQs9o/
lwlfxTZQ92iakarQIJY/PlxI2YlUGAgSXFShgBwx22TnCtrBUNad3wIZrcqZNimS
zGKduneWr1/jLvXvdKYvcBHKheHMVX1m5tEZBf/hjwwc94NxgwD4+hI6068i9LSU
fpfAOiQvPFU6ft24AbGLQAFtnHemwME+vTeXeUkzGENLalStzHFkzWHWQJErc+2l
pBipyibaIYMuYggOLvy5uWSbt+0vtRPLncBV7CTDR8ezZw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:56:19 2025 by rpki-client