Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/HbZqbcd_SA0fqZKKhKTDPHn7QrA.roa
File: HbZqbcd_SA0fqZKKhKTDPHn7QrA.roa (raw, json)
Hash identifier: lHsLnFXi4sJiW73WhLYcB2LoJaZPYnZoNATOCOJJhZ4=
Subject key identifier: 1D:B6:6A:6D:C7:7F:48:0D:1F:A9:92:8A:84:A4:C3:3C:79:FB:42:B0
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 019E8CD76579854B4F69F83B8C01F4B534B2
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/HbZqbcd_SA0fqZKKhKTDPHn7QrA.roa
Signing time: Wed 03 Jun 2026 09:36:26 +0000
ROA not before: Wed 03 Jun 2026 09:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.18.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.22.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
159.117.224.0/24 maxlen: 24
159.117.225.0/24 maxlen: 24
159.117.226.0/24 maxlen: 24
159.117.227.0/24 maxlen: 24
159.117.228.0/24 maxlen: 24
159.117.229.0/24 maxlen: 24
159.117.230.0/24 maxlen: 24
159.117.231.0/24 maxlen: 24
159.117.232.0/24 maxlen: 24
159.117.233.0/24 maxlen: 24
159.117.234.0/24 maxlen: 24
159.117.235.0/24 maxlen: 24
159.117.236.0/24 maxlen: 24
159.117.237.0/24 maxlen: 24
159.117.238.0/24 maxlen: 24
159.117.239.0/24 maxlen: 24
159.117.240.0/24 maxlen: 24
159.117.241.0/24 maxlen: 24
159.117.242.0/24 maxlen: 24
159.117.243.0/24 maxlen: 24
159.117.244.0/24 maxlen: 24
159.117.245.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.176.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.181.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.184.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
216.252.186.0/24 maxlen: 24
216.252.187.0/24 maxlen: 24
216.252.188.0/24 maxlen: 24
216.252.189.0/24 maxlen: 24
216.252.190.0/24 maxlen: 24
216.252.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:d7:65:79:85:4b:4f:69:f8:3b:8c:01:f4:b5:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jun 3 09:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1db66a6dc77f480d1fa9928a84a4c33c79fb42b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0a:91:14:a7:e5:f7:ac:74:68:ed:27:69:2e:
22:25:05:1b:91:02:60:3d:8a:84:40:a3:84:b2:c5:
23:90:f8:4a:31:fd:3f:2a:3b:00:02:32:75:bd:a7:
bc:29:81:d0:b0:62:08:5f:a5:f8:7c:09:de:83:ef:
d1:6c:f5:79:b0:fe:b5:bf:c6:44:e6:6a:e2:d7:8b:
e4:c2:c8:4c:80:2e:a7:5f:0d:eb:e6:ed:d8:ff:b3:
94:f9:87:af:94:49:02:a8:23:bd:0a:4b:bc:3b:80:
45:d6:14:c2:47:bc:79:b6:fe:0b:12:6f:96:1e:eb:
6b:e5:31:09:19:5a:4a:f0:f4:c2:20:1f:e7:9b:63:
77:a7:e7:55:1b:b9:80:86:29:23:62:b1:0d:41:ce:
3c:12:26:77:9a:78:22:97:a0:a4:17:6d:83:d3:50:
28:f6:9c:b0:e1:a2:0a:1f:ce:2d:9a:fb:67:c2:e8:
a4:b5:ec:32:d9:c5:e6:ce:71:4b:38:e2:fc:d4:69:
ac:dc:57:68:5c:8f:fc:24:9d:20:e5:ca:56:4d:f0:
ef:0d:e5:d7:e9:06:c1:de:55:12:7f:17:15:98:8e:
64:3a:a5:cf:08:45:b1:69:57:c6:f5:3d:13:7a:71:
a0:15:0c:ce:09:84:bd:5f:3b:76:f1:37:d0:4b:36:
9e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B6:6A:6D:C7:7F:48:0D:1F:A9:92:8A:84:A4:C3:3C:79:FB:42:B0
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/HbZqbcd_SA0fqZKKhKTDPHn7QrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/20
159.117.224.0-159.117.245.255
185.114.120.0/22
209.206.0.0/19
216.252.176.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:fe:08:9b:7d:92:8c:15:ba:11:0b:09:1e:4f:6a:d4:ec:b5:
97:2d:5a:5d:ba:f9:a6:fc:29:86:b1:23:9d:b5:5e:06:a2:21:
52:2c:b1:6c:1e:71:99:e6:e7:e3:78:98:0d:b5:21:16:84:e3:
4a:b3:2d:b9:da:9f:d1:76:f9:92:95:6f:9a:fe:58:2d:2a:11:
f3:07:6e:1b:5c:07:0a:d2:1e:81:65:bd:a2:b3:9d:20:6a:91:
84:a0:21:93:87:ee:a5:c2:49:1b:45:f6:53:1e:95:76:6e:7b:
76:b0:48:24:3d:58:88:4a:11:29:20:f7:74:dd:fc:69:1b:5d:
a5:db:9b:79:22:31:cd:1f:8e:90:65:05:72:38:2f:da:ff:09:
93:39:61:50:3c:e6:d6:81:c8:3a:3a:25:49:ef:11:65:8d:cc:
d3:af:12:5f:5b:2a:bb:11:04:a5:60:c5:a1:6d:c6:00:92:38:
a2:78:d2:cf:7d:b2:3c:c5:cb:62:6b:63:47:44:f7:a8:28:d9:
7f:dd:68:7b:b5:c9:ce:93:06:08:f9:e4:c0:ac:51:f1:b5:82:
1b:cb:97:f0:47:df:7e:ff:d0:54:b3:bb:fa:82:50:e5:2d:93:
76:f4:d6:46:89:a7:90:48:ad:1d:48:c6:fe:3c:3c:8f:ca:79:
e4:b6:ca:15
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ6M12V5hUtPafg7jAH0tTSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjYwNjAzMDkzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI2NmE2ZGM3N2Y0ODBkMWZhOTkyOGE4NGE0YzMzYzc5ZmI0MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gqRFKfl96x0aO0naS4iJQUbkQJg
PYqEQKOEssUjkPhKMf0/KjsAAjJ1vae8KYHQsGIIX6X4fAneg+/RbPV5sP61v8ZE
5mri14vkwshMgC6nXw3r5u3Y/7OU+YevlEkCqCO9Cku8O4BF1hTCR7x5tv4LEm+W
Hutr5TEJGVpK8PTCIB/nm2N3p+dVG7mAhikjYrENQc48EiZ3mngil6CkF22D01Ao
9pyw4aIKH84tmvtnwuiktewy2cXmznFLOOL81Gms3FdoXI/8JJ0g5cpWTfDvDeXX
6QbB3lUSfxcVmI5kOqXPCEWxaVfG9T0TenGgFQzOCYS9Xzt28TfQSzae6QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB22am3Hf0gNH6mSioSkwzx5+0KwMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvSGJacWJjZF9TQTBmcVpLS2hLVERQSG43UXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEVf8QMAwD
BAWfdeADBAGfdfQDBAK5cngDBAXRzgADBATY/LAwDQYJKoZIhvcNAQELBQADggEB
AFz+CJt9kowVuhELCR5PatTstZctWl26+ab8KYaxI521XgaiIVIssWwecZnm5+N4
mA21IRaE40qzLbnan9F2+ZKVb5r+WC0qEfMHbhtcBwrSHoFlvaKznSBqkYSgIZOH
7qXCSRtF9lMelXZue3awSCQ9WIhKESkg93Td/GkbXaXbm3kiMc0fjpBlBXI4L9r/
CZM5YVA85taByDo6JUnvEWWNzNOvEl9bKrsRBKVgxaFtxgCSOKJ40s99sjzFy2Jr
Y0dE96go2X/daHu1yc6TBgj55MCsUfG1ghvLl/BH337/0FSzu/qCUOUtk3b01kaJ
p5BIrR1Ixv48PI/KeeS2yhU=
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:09:45 2026 by rpki-client