Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/HIUAWfHmht9E5OhkIRuHF-jHSN4.roa
File: HIUAWfHmht9E5OhkIRuHF-jHSN4.roa (raw, json)
Hash identifier: um5P+h/tFEtZcatPNxAi+7KQz6kwUH5WTqtCRyY4b+w=
Subject key identifier: 1C:85:00:59:F1:E6:86:DF:44:E4:E8:64:21:1B:87:17:E8:C7:48:DE
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 01981792FC9C3886F90C08A4118C81E40D15
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/HIUAWfHmht9E5OhkIRuHF-jHSN4.roa
Signing time: Thu 17 Jul 2025 08:49:25 +0000
ROA not before: Thu 17 Jul 2025 08:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24940
IP address blocks: 5.9.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
5.161.0.0/16 maxlen: 24
23.88.0.0/17 maxlen: 24
37.27.0.0/16 maxlen: 24
46.4.0.0/16 maxlen: 24
46.62.128.0/17 maxlen: 24
49.12.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
65.21.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
77.42.0.0/17 maxlen: 24
78.46.0.0/15 maxlen: 24
85.10.192.0/18 maxlen: 24
88.99.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
91.98.0.0/16 maxlen: 24
91.99.0.0/16 maxlen: 24
91.107.128.0/17 maxlen: 24
94.130.0.0/16 maxlen: 24
95.216.0.0/16 maxlen: 24
95.217.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
135.181.0.0/16 maxlen: 24
138.199.128.0/17 maxlen: 24
142.132.128.0/17 maxlen: 24
157.90.0.0/16 maxlen: 24
157.180.0.0/17 maxlen: 24
159.69.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
167.233.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
168.119.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
185.12.64.0/22 maxlen: 24
188.34.128.0/17 maxlen: 24
188.40.0.0/16 maxlen: 24
188.245.0.0/16 maxlen: 24
195.201.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
213.239.192.0/18 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4f9::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:92:fc:9c:38:86:f9:0c:08:a4:11:8c:81:e4:0d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jul 17 08:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c850059f1e686df44e4e864211b8717e8c748de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:d4:05:d1:70:13:cc:d0:ff:4b:67:8c:04:
44:8a:37:21:41:99:f4:81:0d:73:89:2c:74:ec:10:
bb:26:39:28:7b:25:65:de:de:80:12:7a:31:ba:21:
fc:71:17:3f:89:b7:0d:ad:38:7f:01:88:85:6d:60:
c9:5e:4c:83:52:22:20:c9:9b:50:d3:57:9f:28:7c:
e4:a0:f5:1f:9e:46:7f:47:bf:a8:f7:95:b9:7c:ee:
43:37:28:49:09:80:ff:ad:45:86:26:4d:23:c9:11:
d0:58:2f:b4:fb:fa:33:8c:bb:9f:e0:c6:a4:4b:6d:
c2:8d:73:fe:7f:1d:6f:44:7d:8a:9a:f5:02:a5:86:
1f:5b:30:0b:d9:76:a5:f3:8a:06:81:06:f5:54:0f:
8e:d8:04:4d:43:ce:d9:88:cf:79:1f:78:a8:31:bb:
47:26:a9:6c:bc:0a:ff:34:fa:e3:a0:a2:a2:20:b2:
4c:91:f3:0e:b1:45:67:83:5b:e5:38:94:34:ed:0b:
aa:ae:6e:22:10:8d:e7:e6:a3:87:40:15:52:03:8d:
6b:1a:4b:60:dd:59:53:91:01:16:b7:e5:4f:f2:fb:
12:90:f2:79:94:d1:60:51:37:f7:8e:88:85:fd:f1:
48:f1:17:4f:38:a3:7a:0a:29:32:9b:c2:c8:b5:b2:
57:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:85:00:59:F1:E6:86:DF:44:E4:E8:64:21:1B:87:17:E8:C7:48:DE
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/HIUAWfHmht9E5OhkIRuHF-jHSN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
37.27.0.0/16
46.4.0.0/16
46.62.128.0/17
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
77.42.0.0/17
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.98.0.0/15
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
138.199.128.0/17
142.132.128.0/17
157.90.0.0/16
157.180.0.0/17
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
188.245.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
45:6d:f3:fe:fc:81:85:e9:0d:08:52:36:28:61:28:dc:55:7a:
0f:4e:0d:5a:a0:ce:58:b0:90:a0:54:3d:a7:2d:13:e2:54:81:
e4:ac:d6:71:58:2c:61:1f:a9:87:56:7f:05:07:13:5d:58:e7:
45:0a:df:93:9d:25:96:48:6d:32:91:6c:f0:49:10:4a:83:bb:
56:b1:33:22:42:5e:66:c2:38:14:dd:95:88:0b:eb:64:75:f7:
35:07:bc:c6:a0:bf:e0:ef:81:20:f7:cd:37:af:13:bb:af:fa:
8f:02:ad:01:19:52:b4:aa:63:04:2d:44:6f:41:cf:6c:54:b6:
51:c5:02:90:9c:15:01:a3:ae:32:e5:c8:bd:24:71:3a:0c:70:
e5:35:62:ce:29:22:6f:7f:3f:11:7e:44:00:f1:2f:67:6a:fa:
f3:fd:de:58:ac:a9:81:ef:ab:6d:27:a6:5a:76:be:7e:85:10:
c7:0c:ab:07:f2:b2:4f:1b:3b:b5:0f:37:9f:54:2c:3b:c2:c5:
43:72:64:40:e3:e1:4a:d7:73:07:db:e2:95:d9:26:da:8b:28:
3a:8f:08:9b:9a:49:76:23:af:e6:69:26:31:2c:7c:3f:53:ce:
ac:63:ee:87:84:f6:9c:da:a4:e3:a5:39:6d:42:9e:71:c8:44:
28:17:d4:80
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZgXkvycOIb5DAikEYyB5A0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjUwNzE3MDg0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg1MDA1OWYxZTY4NmRmNDRlNGU4NjQyMTFiODcxN2U4Yzc0OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+DUBdFwE8zQ/0tnjAREijchQZn0
gQ1ziSx07BC7JjkoeyVl3t6AEnoxuiH8cRc/ibcNrTh/AYiFbWDJXkyDUiIgyZtQ
01efKHzkoPUfnkZ/R7+o95W5fO5DNyhJCYD/rUWGJk0jyRHQWC+0+/ozjLuf4Mak
S23CjXP+fx1vRH2KmvUCpYYfWzAL2Xal84oGgQb1VA+O2ARNQ87ZiM95H3ioMbtH
JqlsvAr/NPrjoKKiILJMkfMOsUVng1vlOJQ07Quqrm4iEI3n5qOHQBVSA41rGktg
3VlTkQEWt+VP8vsSkPJ5lNFgUTf3joiF/fFI8RdPOKN6Cikym8LItbJXqwIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFByFAFnx5obfROToZCEbhxfox0jeMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvSElVQVdmSG1odDlFNU9oa0lSdUhGLWpIU040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8Egfswgfgwgd0EAgABMIHWAwMA
BQkDBAcFS4ADAwAFoQMEBxdYAAMDACUbAwMALgQDBAcuPoADAwExDAMDAEEVAwMB
QWwDBAdNKgADAwFOLgMEBlUKwAMDAFhjAwMAWMYDAwFbYgMEB1trgAMDAF6CAwMB
X9gDAwF0ygMEB4CMAAMDAIe1AwQHiseAAwQHjoSAAwMAnVoDBAedtAADAwCfRQMD
AKI3AwMAp+kDAwCn6wMDAKh3AwMAsAkDAwCyPwMEArkMQAMEB7wigAMDALwoAwMA
vPUDAwDDyQMEBdWFYAMEBtXvwDAWBAIAAjAQAwUBKgEE+AMHACoBBP//ATANBgkq
hkiG9w0BAQsFAAOCAQEARW3z/vyBhekNCFI2KGEo3FV6D04NWqDOWLCQoFQ9py0T
4lSB5KzWcVgsYR+ph1Z/BQcTXVjnRQrfk50llkhtMpFs8EkQSoO7VrEzIkJeZsI4
FN2ViAvrZHX3NQe8xqC/4O+BIPfNN68Tu6/6jwKtARlStKpjBC1Eb0HPbFS2UcUC
kJwVAaOuMuXIvSRxOgxw5TVizikib38/EX5EAPEvZ2r68/3eWKypge+rbSemWna+
foUQxwyrB/KyTxs7tQ83n1QsO8LFQ3JkQOPhStdzB9vildkm2osoOo8Im5pJdiOv
5mkmMSx8P1POrGPuh4T2nNqk46U5bUKecchEKBfUgA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:21:52 2025 by rpki-client