Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3HemvcGpa10fkEZgb6Z-o4k7Y3I.roa
File: 3HemvcGpa10fkEZgb6Z-o4k7Y3I.roa (raw, json)
Hash identifier: a1XCZrNTfqU9TQWTJM+VI0BWa7g1babTnrZlikC2mRA=
Subject key identifier: DC:77:A6:BD:C1:A9:6B:5D:1F:90:46:60:6F:A6:7E:A3:89:3B:63:72
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0198081A28D94107E461DA313911CAA3954B
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3HemvcGpa10fkEZgb6Z-o4k7Y3I.roa
Signing time: Mon 14 Jul 2025 08:43:08 +0000
ROA not before: Mon 14 Jul 2025 08:43:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203346
IP address blocks: 37.156.64.0/24 maxlen: 24
37.156.65.0/24 maxlen: 24
46.102.182.0/24 maxlen: 24
46.102.183.0/24 maxlen: 24
77.81.84.0/23 maxlen: 23
77.81.86.0/24 maxlen: 24
77.81.89.0/24 maxlen: 24
86.104.222.0/23 maxlen: 23
86.104.224.0/23 maxlen: 23
86.105.2.0/24 maxlen: 24
86.105.6.0/24 maxlen: 24
86.105.176.0/24 maxlen: 24
86.105.178.0/24 maxlen: 24
86.105.185.0/24 maxlen: 24
86.105.229.0/24 maxlen: 24
86.105.230.0/24 maxlen: 24
86.105.242.0/24 maxlen: 24
86.106.10.0/24 maxlen: 24
86.106.13.0/24 maxlen: 24
86.106.14.0/23 maxlen: 23
86.106.94.0/24 maxlen: 24
86.106.95.0/24 maxlen: 24
86.106.106.0/23 maxlen: 23
86.106.110.0/23 maxlen: 23
86.106.140.0/23 maxlen: 23
86.106.174.0/24 maxlen: 24
86.106.175.0/24 maxlen: 24
86.107.193.0/24 maxlen: 24
86.107.194.0/23 maxlen: 23
89.32.43.0/24 maxlen: 24
89.32.170.0/24 maxlen: 24
89.33.46.0/24 maxlen: 24
89.33.47.0/24 maxlen: 24
89.33.134.0/24 maxlen: 24
89.33.206.0/24 maxlen: 24
89.33.250.0/24 maxlen: 24
89.33.251.0/24 maxlen: 24
89.33.254.0/24 maxlen: 24
89.33.255.0/24 maxlen: 24
89.34.102.0/24 maxlen: 24
89.34.104.0/24 maxlen: 24
89.34.105.0/24 maxlen: 24
89.35.89.0/24 maxlen: 24
89.35.90.0/24 maxlen: 24
89.36.39.0/24 maxlen: 24
89.36.136.0/24 maxlen: 24
89.36.138.0/24 maxlen: 24
89.36.141.0/24 maxlen: 24
89.37.92.0/24 maxlen: 24
89.37.96.0/24 maxlen: 24
89.38.240.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
89.39.215.0/24 maxlen: 24
89.40.141.0/24 maxlen: 24
89.40.207.0/24 maxlen: 24
89.40.209.0/24 maxlen: 24
89.41.50.0/23 maxlen: 23
89.45.82.0/24 maxlen: 24
89.46.47.0/24 maxlen: 24
91.218.236.0/23 maxlen: 23
91.218.238.0/23 maxlen: 23
91.235.130.0/24 maxlen: 24
91.235.131.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
93.114.52.0/23 maxlen: 23
93.114.58.0/24 maxlen: 24
93.114.59.0/24 maxlen: 24
93.115.59.0/24 maxlen: 24
93.119.118.0/23 maxlen: 23
93.119.120.0/23 maxlen: 23
93.119.124.0/24 maxlen: 24
94.177.126.0/24 maxlen: 24
176.126.192.0/23 maxlen: 23
176.126.194.0/24 maxlen: 24
176.223.116.0/23 maxlen: 23
176.223.118.0/24 maxlen: 24
176.223.161.0/24 maxlen: 24
188.208.48.0/22 maxlen: 22
188.208.52.0/22 maxlen: 22
188.208.222.0/23 maxlen: 23
188.209.120.0/22 maxlen: 22
188.209.124.0/22 maxlen: 22
188.213.206.0/24 maxlen: 24
188.213.207.0/24 maxlen: 24
188.213.214.0/24 maxlen: 24
188.213.215.0/24 maxlen: 24
188.213.248.0/22 maxlen: 22
188.213.252.0/22 maxlen: 22
193.30.254.0/24 maxlen: 24
193.32.66.0/24 maxlen: 24
193.32.67.0/24 maxlen: 24
193.254.48.0/22 maxlen: 22
193.254.54.0/23 maxlen: 23
193.254.56.0/23 maxlen: 23
193.254.60.0/22 maxlen: 22
194.41.60.0/24 maxlen: 24
194.41.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:1a:28:d9:41:07:e4:61:da:31:39:11:ca:a3:95:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jul 14 08:43:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc77a6bdc1a96b5d1f9046606fa67ea3893b6372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:da:d9:cc:45:98:9a:9b:2d:55:bb:dd:5c:
d1:06:ca:7e:28:fe:17:8b:b6:35:6b:a1:25:be:c3:
d0:d6:75:cc:1c:ee:9c:0f:0a:80:c5:94:61:fb:b5:
29:8a:47:91:fb:8f:3d:b4:27:31:6c:f2:f0:a8:7a:
17:1f:7c:17:91:2f:bd:e1:6a:b7:c4:78:fa:ab:36:
7a:ed:46:ec:12:fb:5c:0e:ca:76:89:bb:77:64:90:
56:0e:7d:f2:f8:38:01:19:32:2a:d5:db:bf:a3:08:
d4:02:1b:8f:1a:fd:a6:42:26:38:91:15:8a:c9:c9:
0c:57:0f:40:64:df:67:57:38:5c:e7:42:dd:ab:12:
1a:19:60:ed:19:25:30:20:a3:2c:88:d5:b1:ca:28:
62:19:cb:da:c0:cd:cd:81:c8:fd:90:5a:0f:81:9e:
42:e2:2a:3f:6d:1a:60:b2:98:88:08:45:f2:84:cb:
e6:9a:61:3b:5e:28:8f:fe:de:44:66:7d:00:aa:25:
eb:74:96:77:b7:86:57:69:0b:6d:c5:63:96:25:fa:
c8:67:3d:6f:6f:84:af:1a:78:2c:c5:81:4d:52:19:
1c:6a:23:fd:40:be:58:37:1b:89:35:7c:d1:de:ed:
19:ab:0f:59:7d:28:05:4c:c1:af:a1:f4:50:71:28:
4f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:77:A6:BD:C1:A9:6B:5D:1F:90:46:60:6F:A6:7E:A3:89:3B:63:72
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3HemvcGpa10fkEZgb6Z-o4k7Y3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.64.0/23
46.102.182.0/23
77.81.84.0-77.81.86.255
77.81.89.0/24
86.104.222.0-86.104.225.255
86.105.2.0/24
86.105.6.0/24
86.105.176.0/24
86.105.178.0/24
86.105.185.0/24
86.105.229.0-86.105.230.255
86.105.242.0/24
86.106.10.0/24
86.106.13.0-86.106.15.255
86.106.94.0/23
86.106.106.0/23
86.106.110.0/23
86.106.140.0/23
86.106.174.0/23
86.107.193.0-86.107.195.255
89.32.43.0/24
89.32.170.0/24
89.33.46.0/23
89.33.134.0/24
89.33.206.0/24
89.33.250.0/23
89.33.254.0/23
89.34.102.0/24
89.34.104.0/23
89.35.89.0-89.35.90.255
89.36.39.0/24
89.36.136.0/24
89.36.138.0/24
89.36.141.0/24
89.37.92.0/24
89.37.96.0/24
89.38.240.0/24
89.39.69.0/24
89.39.215.0/24
89.40.141.0/24
89.40.207.0/24
89.40.209.0/24
89.41.50.0/23
89.45.82.0/24
89.46.47.0/24
91.218.236.0/22
91.235.130.0/23
93.114.51.0-93.114.53.255
93.114.58.0/23
93.115.59.0/24
93.119.118.0-93.119.121.255
93.119.124.0/24
94.177.126.0/24
176.126.192.0-176.126.194.255
176.223.116.0-176.223.118.255
176.223.161.0/24
188.208.48.0/21
188.208.222.0/23
188.209.120.0/21
188.213.206.0/23
188.213.214.0/23
188.213.248.0/21
193.30.254.0/24
193.32.66.0/23
193.254.48.0/22
193.254.54.0-193.254.57.255
193.254.60.0/22
194.41.60.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:ed:3e:7c:19:6e:3c:3f:19:a6:7c:05:92:bf:b8:fd:b6:0d:
26:28:21:4a:fa:f8:0b:1f:11:1d:dc:72:c4:3a:7b:e7:03:21:
a2:62:b8:51:a2:39:a7:e5:1e:e6:cf:dc:5b:e4:84:e5:59:45:
09:96:31:64:05:de:cf:19:69:75:1a:47:54:e5:2c:a9:6e:35:
b1:68:ba:8e:7f:ed:7d:aa:91:b0:23:cf:35:0f:cd:6c:5f:2c:
ae:4c:32:ba:18:67:d0:bd:53:1b:69:58:be:d2:b2:0f:48:d9:
1f:24:86:57:d3:04:55:db:b2:c5:7e:9f:a2:43:66:96:15:64:
48:be:b9:6e:c3:de:a5:bc:ed:8c:75:3c:4f:b5:a7:42:de:43:
38:cf:87:92:2d:08:ea:ee:2c:3a:84:39:fb:ee:eb:25:21:a9:
db:fa:fa:9b:e7:43:6b:5e:2e:54:08:2e:6f:bb:13:11:10:55:
84:be:68:b3:3d:45:f4:8d:c9:61:86:31:e1:1a:e7:e3:2c:31:
92:21:93:e5:b9:81:2e:9f:02:4d:f5:1f:87:49:51:7d:9c:ca:
4f:d8:1a:79:af:e6:7c:2d:30:89:f3:55:a4:1c:de:c2:67:1e:
ba:1a:e2:ab:30:43:3e:46:f0:1b:1f:a7:a0:03:2c:8e:74:d8:
79:43:3f:b0
-----BEGIN CERTIFICATE-----
MIIG8TCCBdmgAwIBAgISAZgIGijZQQfkYdoxORHKo5VLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjUwNzE0MDg0MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc3YTZiZGMxYTk2YjVkMWY5MDQ2NjA2ZmE2N2VhMzg5M2I2MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnXa2cxFmJqbLVW73VzRBsp+KP4X
i7Y1a6ElvsPQ1nXMHO6cDwqAxZRh+7UpikeR+489tCcxbPLwqHoXH3wXkS+94Wq3
xHj6qzZ67UbsEvtcDsp2ibt3ZJBWDn3y+DgBGTIq1du/owjUAhuPGv2mQiY4kRWK
yckMVw9AZN9nVzhc50LdqxIaGWDtGSUwIKMsiNWxyihiGcvawM3Ngcj9kFoPgZ5C
4io/bRpgspiICEXyhMvmmmE7XiiP/t5EZn0AqiXrdJZ3t4ZXaQttxWOWJfrIZz1v
b4SvGngsxYFNUhkcaiP9QL5YNxuJNXzR3u0Zqw9ZfSgFTMGvofRQcShP5QIDAQAB
o4ID/TCCA/kwHQYDVR0OBBYEFNx3pr3BqWtdH5BGYG+mfqOJO2NyMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvM0hlbXZjR3BhMTBma0VaZ2I2Wi1vNGs3WTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICEQYIKwYBBQUHAQcBAf8EggIAMIIB/DCCAfgEAgABMIIB
8AMEASWcQAMEAS5mtjAMAwQCTVFUAwQATVFWAwQATVFZMAwDBAFWaN4DBAFWaOAD
BABWaQIDBABWaQYDBABWabADBABWabIDBABWabkwDAMEAFZp5QMEAFZp5gMEAFZp
8gMEAFZqCjAMAwQAVmoNAwQEVmoAAwQBVmpeAwQBVmpqAwQBVmpuAwQBVmqMAwQB
VmquMAwDBABWa8EDBAJWa8ADBABZICsDBABZIKoDBAFZIS4DBABZIYYDBABZIc4D
BAFZIfoDBAFZIf4DBABZImYDBAFZImgwDAMEAFkjWQMEAFkjWgMEAFkkJwMEAFkk
iAMEAFkkigMEAFkkjQMEAFklXAMEAFklYAMEAFkm8AMEAFknRQMEAFkn1wMEAFko
jQMEAFkozwMEAFko0QMEAVkpMgMEAFktUgMEAFkuLwMEAlva7AMEAVvrgjAMAwQA
XXIzAwQBXXI0AwQBXXI6AwQAXXM7MAwDBAFdd3YDBAFdd3gDBABdd3wDBABesX4w
DAMEBrB+wAMEALB+wjAMAwQCsN90AwQAsN92AwQAsN+hAwQDvNAwAwQBvNDeAwQD
vNF4AwQBvNXOAwQBvNXWAwQDvNX4AwQAwR7+AwQBwSBCAwQCwf4wMAwDBAHB/jYD
BAHB/jgDBALB/jwDBAHCKTwwDQYJKoZIhvcNAQELBQADggEBACztPnwZbjw/GaZ8
BZK/uP22DSYoIUr6+AsfER3ccsQ6e+cDIaJiuFGiOaflHubP3FvkhOVZRQmWMWQF
3s8ZaXUaR1TlLKluNbFouo5/7X2qkbAjzzUPzWxfLK5MMroYZ9C9UxtpWL7Ssg9I
2R8khlfTBFXbssV+n6JDZpYVZEi+uW7D3qW87Yx1PE+1p0LeQzjPh5ItCOruLDqE
Ofvu6yUhqdv6+pvnQ2teLlQILm+7ExEQVYS+aLM9RfSNyWGGMeEa5+MsMZIhk+W5
gS6fAk31H4dJUX2cyk/YGnmv5nwtMInzVaQc3sJnHroa4qswQz5G8Bsfp6ADLI50
2HlDP7A=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:34:44 2025 by rpki-client