Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/HshlQ1_hQoUx34cWtNGYJmAR5X8.roa
File: HshlQ1_hQoUx34cWtNGYJmAR5X8.roa (raw, json)
Hash identifier: CD1pnkIl3YCWldHhhtx8HjRRaHpatz1VABmgxVAMvto=
Subject key identifier: 1E:C8:65:43:5F:E1:42:85:31:DF:87:16:B4:D1:98:26:60:11:E5:7F
Certificate issuer: /CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Certificate serial: 01985016C12EDF532743ABF61B8AEC6D7E6C
Authority key identifier: 24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/HshlQ1_hQoUx34cWtNGYJmAR5X8.roa
Signing time: Mon 28 Jul 2025 08:12:04 +0000
ROA not before: Mon 28 Jul 2025 08:12:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48065
IP address blocks: 46.57.128.0/21 maxlen: 21
46.57.136.0/21 maxlen: 21
46.57.144.0/21 maxlen: 21
46.57.152.0/21 maxlen: 21
46.57.160.0/21 maxlen: 21
46.57.168.0/21 maxlen: 21
46.57.176.0/21 maxlen: 21
46.57.184.0/21 maxlen: 21
46.57.192.0/21 maxlen: 21
46.57.200.0/21 maxlen: 21
46.57.208.0/21 maxlen: 21
46.57.216.0/21 maxlen: 21
46.57.224.0/21 maxlen: 21
46.57.232.0/21 maxlen: 21
46.57.240.0/21 maxlen: 21
46.57.248.0/21 maxlen: 21
46.213.0.0/21 maxlen: 21
46.213.8.0/21 maxlen: 21
46.213.16.0/21 maxlen: 21
46.213.24.0/21 maxlen: 21
46.213.32.0/21 maxlen: 21
46.213.40.0/21 maxlen: 21
46.213.48.0/21 maxlen: 21
46.213.56.0/21 maxlen: 21
46.213.64.0/21 maxlen: 21
46.213.72.0/21 maxlen: 21
46.213.80.0/21 maxlen: 21
46.213.88.0/21 maxlen: 21
46.213.96.0/21 maxlen: 21
46.213.104.0/21 maxlen: 21
46.213.112.0/21 maxlen: 21
46.213.120.0/21 maxlen: 21
46.213.128.0/21 maxlen: 21
46.213.136.0/21 maxlen: 21
46.213.144.0/21 maxlen: 21
46.213.152.0/21 maxlen: 21
46.213.160.0/21 maxlen: 21
46.213.168.0/21 maxlen: 21
46.213.176.0/21 maxlen: 21
46.213.184.0/21 maxlen: 21
46.213.192.0/21 maxlen: 21
46.213.200.0/21 maxlen: 21
46.213.208.0/21 maxlen: 21
46.213.216.0/21 maxlen: 21
46.213.224.0/21 maxlen: 21
46.213.232.0/21 maxlen: 21
46.213.240.0/21 maxlen: 21
46.213.248.0/21 maxlen: 21
94.252.132.0/22 maxlen: 22
94.252.136.0/21 maxlen: 21
94.252.144.0/21 maxlen: 21
94.252.152.0/21 maxlen: 21
94.252.192.0/21 maxlen: 21
94.252.200.0/21 maxlen: 21
94.252.208.0/21 maxlen: 21
94.252.216.0/21 maxlen: 21
178.52.0.0/21 maxlen: 21
178.52.8.0/21 maxlen: 21
178.52.16.0/21 maxlen: 21
178.52.24.0/21 maxlen: 21
178.52.32.0/21 maxlen: 21
178.52.40.0/21 maxlen: 21
178.52.48.0/21 maxlen: 21
178.52.56.0/21 maxlen: 21
178.52.64.0/21 maxlen: 21
178.52.72.0/21 maxlen: 21
178.52.80.0/21 maxlen: 21
178.52.88.0/21 maxlen: 21
178.52.96.0/21 maxlen: 21
178.52.104.0/21 maxlen: 21
178.52.112.0/21 maxlen: 21
178.52.120.0/21 maxlen: 21
178.52.128.0/21 maxlen: 21
178.52.136.0/21 maxlen: 21
178.52.144.0/21 maxlen: 21
178.52.152.0/21 maxlen: 21
178.52.160.0/21 maxlen: 21
178.52.168.0/21 maxlen: 21
178.52.176.0/21 maxlen: 21
178.52.184.0/21 maxlen: 21
178.52.192.0/21 maxlen: 21
178.52.200.0/21 maxlen: 21
178.52.208.0/21 maxlen: 21
178.52.216.0/21 maxlen: 21
178.52.224.0/21 maxlen: 21
178.52.232.0/21 maxlen: 21
178.52.240.0/21 maxlen: 21
178.52.248.0/21 maxlen: 21
188.139.128.0/21 maxlen: 21
188.139.136.0/21 maxlen: 21
188.139.144.0/21 maxlen: 21
188.139.152.0/21 maxlen: 21
188.139.160.0/21 maxlen: 21
188.139.168.0/21 maxlen: 21
188.139.176.0/21 maxlen: 21
188.139.184.0/21 maxlen: 21
188.139.192.0/21 maxlen: 21
188.139.200.0/21 maxlen: 21
188.139.208.0/21 maxlen: 21
188.139.216.0/21 maxlen: 21
188.139.224.0/21 maxlen: 21
188.139.232.0/21 maxlen: 21
188.139.240.0/21 maxlen: 21
188.139.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:16:c1:2e:df:53:27:43:ab:f6:1b:8a:ec:6d:7e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Validity
Not Before: Jul 28 08:12:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ec865435fe1428531df8716b4d198266011e57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:90:58:8b:cc:34:42:6e:75:62:fa:e6:7c:
3f:17:58:24:4c:b8:8e:25:5e:bf:ab:eb:af:ec:98:
b8:72:ed:3c:00:be:81:49:db:f9:c5:00:a5:d3:41:
45:7e:69:33:5b:a5:92:9e:09:b9:84:1d:a1:9b:88:
fc:58:4e:53:26:c7:1e:f7:36:cf:9a:f6:4f:79:89:
04:24:a3:1e:fe:58:f6:66:30:61:94:ff:a9:86:85:
b2:04:7a:af:3b:38:10:e4:70:28:7e:70:8f:9f:74:
c9:0f:d4:74:a5:ac:96:6c:c8:24:5c:9b:80:29:f2:
59:7e:c0:aa:c7:88:43:c4:1b:8d:96:fc:cf:c0:21:
1c:80:15:76:8b:e1:7d:0a:b2:ef:fc:d1:75:f1:33:
92:01:ea:4a:c3:f1:e3:d2:6a:32:9c:0d:db:92:46:
4e:50:4f:b5:c8:e5:3e:1d:4b:e5:32:47:8d:38:0f:
3d:08:0f:07:38:ce:0d:44:26:e8:cf:b9:80:d3:b3:
a3:d8:b1:74:97:b3:42:e0:0a:9b:40:b0:ec:e3:98:
7a:4b:3f:e2:c1:ce:7e:e2:e1:6f:e0:1c:da:50:df:
9c:bf:03:55:6f:77:5e:e0:a5:45:12:1f:81:73:37:
66:f9:f8:1b:82:18:9b:4e:d8:cb:f3:46:25:63:41:
9a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C8:65:43:5F:E1:42:85:31:DF:87:16:B4:D1:98:26:60:11:E5:7F
X509v3 Authority Key Identifier:
keyid:24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/HshlQ1_hQoUx34cWtNGYJmAR5X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.128.0/17
46.213.0.0/16
94.252.132.0-94.252.159.255
94.252.192.0/19
178.52.0.0/16
188.139.128.0/17
Signature Algorithm: sha256WithRSAEncryption
55:32:a3:d3:1f:04:40:fc:1b:a6:17:7e:8e:3d:eb:f5:c8:97:
79:38:f1:ce:29:98:73:aa:0e:ee:e3:aa:58:d2:5c:2b:31:8a:
d7:a1:40:5d:46:3f:71:c6:73:2d:d0:23:40:9b:ad:77:26:ca:
7c:4f:48:36:f8:64:bd:37:22:83:ed:91:47:4c:69:9f:7f:09:
f0:bd:fd:66:60:49:2b:21:38:59:2d:74:55:9d:b9:51:cc:aa:
69:40:8b:6d:9a:37:9f:98:55:9f:fa:d7:ff:31:8b:32:b3:d0:
84:17:33:b0:14:7f:87:46:ed:9f:2f:b5:4d:f1:e2:99:d3:d7:
0a:4b:b7:bc:04:28:05:98:cd:7e:81:1d:78:e1:43:86:a4:15:
61:25:34:37:e3:82:4c:ae:c6:cc:a3:9d:0b:47:85:69:f1:fc:
b8:eb:9c:fc:fb:ab:c7:ae:22:ac:c9:99:1c:23:ba:54:89:8a:
a0:7d:42:b0:b8:8d:61:e5:99:ff:d8:ee:5e:63:2f:46:2b:e8:
6f:58:da:70:7d:57:14:4e:b5:c1:ac:71:76:34:9f:76:f8:c4:
71:f8:28:47:10:c4:6a:ab:43:d0:28:d0:2f:35:5c:be:00:48:
fe:58:d4:bf:94:12:c6:3e:15:49:b7:2c:78:df:ac:fd:14:c1:
e7:68:b6:ba
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhQFsEu31MnQ6v2G4rsbX5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDlkYTRmZmIxYmI2ZDI3M2RlMWJhZDVkYmJmMGQxZmY0
N2YwY2YwHhcNMjUwNzI4MDgxMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM4NjU0MzVmZTE0Mjg1MzFkZjg3MTZiNGQxOTgyNjYwMTFlNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTGQWIvMNEJudWL65nw/F1gkTLiO
JV6/q+uv7Ji4cu08AL6BSdv5xQCl00FFfmkzW6WSngm5hB2hm4j8WE5TJsce9zbP
mvZPeYkEJKMe/lj2ZjBhlP+phoWyBHqvOzgQ5HAofnCPn3TJD9R0payWbMgkXJuA
KfJZfsCqx4hDxBuNlvzPwCEcgBV2i+F9CrLv/NF18TOSAepKw/Hj0moynA3bkkZO
UE+1yOU+HUvlMkeNOA89CA8HOM4NRCboz7mA07Oj2LF0l7NC4AqbQLDs45h6Sz/i
wc5+4uFv4BzaUN+cvwNVb3de4KVFEh+Bczdm+fgbghibTtjL80YlY0GaNwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB7IZUNf4UKFMd+HFrTRmCZgEeV/MB8GA1UdIwQY
MBaAFCTZ2k/7G7bSc94brV278NH/R/DPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2Yt
OGEwM2E3YzFmZTliLzEvSHNobFExX2hRb1V4MzRjV3ROR1lKbUFSNVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2YtOGEwM2E3YzFmZTli
LzEvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQHLjmAAwMA
LtUwDAMEAl78hAMEBV78gAMEBV78wAMDALI0AwQHvIuAMA0GCSqGSIb3DQEBCwUA
A4IBAQBVMqPTHwRA/BumF36OPev1yJd5OPHOKZhzqg7u46pY0lwrMYrXoUBdRj9x
xnMt0CNAm613Jsp8T0g2+GS9NyKD7ZFHTGmffwnwvf1mYEkrIThZLXRVnblRzKpp
QIttmjefmFWf+tf/MYsys9CEFzOwFH+HRu2fL7VN8eKZ09cKS7e8BCgFmM1+gR14
4UOGpBVhJTQ344JMrsbMo50LR4Vp8fy465z8+6vHriKsyZkcI7pUiYqgfUKwuI1h
5Zn/2O5eYy9GK+hvWNpwfVcUTrXBrHF2NJ92+MRx+ChHEMRqq0PQKNAvNVy+AEj+
WNS/lBLGPhVJtyx436z9FMHnaLa6
-----END CERTIFICATE-----
Generated at Sun Aug 10 20:59:27 2025 by rpki-client