Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HiRP-9ZAQ_fA_2hTZWRklzx6obA.roa
File: HiRP-9ZAQ_fA_2hTZWRklzx6obA.roa (raw, json)
Hash identifier: PrZOk3HyNBgvrMG6jOnSZtD1io4oSwPRB1aKUVt++3k=
Subject key identifier: 1E:24:4F:FB:D6:40:43:F7:C0:FF:68:53:65:64:64:97:3C:7A:A1:B0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01990428085E00412F30A673DBDFEC898EA3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HiRP-9ZAQ_fA_2hTZWRklzx6obA.roa
Signing time: Mon 01 Sep 2025 07:22:36 +0000
ROA not before: Mon 01 Sep 2025 07:22:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52116
IP address blocks: 77.105.11.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.55.0/24 maxlen: 24
81.18.61.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.226.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.246.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:28:08:5e:00:41:2f:30:a6:73:db:df:ec:89:8e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Sep 1 07:22:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e244ffbd64043f7c0ff6853656464973c7aa1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:db:cb:d5:73:7f:53:78:a5:03:1f:16:3c:ac:
37:e7:f8:c9:2d:a5:73:1a:09:d1:ef:5c:c6:3d:ed:
34:a4:a8:e7:72:18:f3:da:8e:2c:af:48:bf:ee:67:
19:0a:74:27:48:7b:34:bf:f8:bd:e6:d3:70:5c:7c:
44:36:ec:cf:bb:46:ce:38:a6:cb:64:e8:34:43:92:
3a:a5:3d:09:93:fb:a6:fc:e4:5b:75:cc:3e:f7:f3:
7b:7d:ec:42:1d:d5:19:b9:91:92:22:cf:cc:29:9b:
5d:12:9c:43:2f:bc:20:23:09:84:55:6a:6e:2f:fa:
49:a3:ef:4a:f6:52:7d:1c:41:c6:3e:89:10:cd:b6:
07:eb:c1:b3:b4:b0:f6:93:2b:64:d3:09:66:15:9c:
e4:4a:64:e2:c4:f3:6a:fc:f6:8b:02:75:0b:91:8b:
df:1f:22:9e:81:9a:0c:22:7a:a6:08:a9:3a:4b:e9:
41:e9:b2:24:94:b9:98:b9:82:88:94:fa:c9:5b:df:
16:15:73:54:d7:44:17:e3:3c:29:3f:d5:37:bb:cb:
27:b7:c1:7b:d2:fd:88:05:82:f6:3f:a7:bc:e6:4a:
18:5b:99:ea:22:63:76:6b:2f:fc:c6:66:ef:ba:d4:
bc:0f:91:09:68:22:36:ed:0a:1d:cb:7c:37:2b:fa:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:24:4F:FB:D6:40:43:F7:C0:FF:68:53:65:64:64:97:3C:7A:A1:B0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HiRP-9ZAQ_fA_2hTZWRklzx6obA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.11.0/24
77.105.31.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.253.207.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0/24
185.47.90.0/24
188.255.130.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.226.0/24
188.255.244.0/22
188.255.252.0/24
188.255.254.0/23
212.69.7.0/24
212.69.12.0/24
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:0d:87:9e:66:bc:7f:4c:1d:c2:e1:a6:a0:9e:18:f8:44:15:
40:f3:37:57:fb:59:00:47:5d:88:8e:41:ca:92:ed:8c:b7:ff:
5f:ba:d9:ca:a7:77:0d:d2:f3:61:b9:58:e7:52:ab:94:f2:94:
ca:88:a9:ce:a5:1d:68:62:3d:87:54:e7:70:46:d6:94:28:92:
15:3a:b7:85:18:99:ec:12:6b:e6:13:bb:bf:20:0c:dd:b5:26:
9d:bc:58:f7:8c:22:aa:7d:c9:23:7e:51:a9:a0:06:b0:82:88:
02:3d:13:3a:90:10:73:2c:46:79:f5:09:78:9e:bd:5f:a5:2a:
2b:b8:27:12:d5:d4:44:10:d7:5a:cb:29:61:a1:67:1d:77:b9:
77:9e:9f:59:f8:98:04:1f:28:f8:12:43:78:3b:9f:2d:13:b9:
0e:1f:90:26:34:01:4d:5c:dc:cf:8a:92:81:fb:a7:48:11:ef:
93:0b:f8:d9:1e:98:6a:6b:93:bf:2b:e7:d6:d5:79:85:56:21:
6f:7d:68:1a:85:bf:f6:c9:cd:fe:8c:dd:4a:22:f7:08:a6:c3:
84:93:4b:84:93:cc:ff:58:2a:25:be:84:16:0f:79:b4:30:4e:
6a:0f:df:d6:0d:80:ac:54:4d:bf:4c:b9:a8:43:7d:9a:d1:20:
68:25:80:f6
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZkEKAheAEEvMKZz29/siY6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwOTAxMDcyMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI0NGZmYmQ2NDA0M2Y3YzBmZjY4NTM2NTY0NjQ5NzNjN2FhMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNvL1XN/U3ilAx8WPKw35/jJLaVz
GgnR71zGPe00pKjnchjz2o4sr0i/7mcZCnQnSHs0v/i95tNwXHxENuzPu0bOOKbL
ZOg0Q5I6pT0Jk/um/ORbdcw+9/N7fexCHdUZuZGSIs/MKZtdEpxDL7wgIwmEVWpu
L/pJo+9K9lJ9HEHGPokQzbYH68GztLD2kytk0wlmFZzkSmTixPNq/PaLAnULkYvf
HyKegZoMInqmCKk6S+lB6bIklLmYuYKIlPrJW98WFXNU10QX4zwpP9U3u8snt8F7
0v2IBYL2P6e85koYW5nqImN2ay/8xmbvutS8D5EJaCI27Qody3w3K/ptwwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFB4kT/vWQEP3wP9oU2VkZJc8eqGwMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSGlSUC05WkFRX2ZBXzJoVFpXUmtseng2b2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBABN
aQsDBABNaR8DBABPr2cwDAMEAE+vcwMEAE+vdAMEAFBKrTAMAwQAURIxAwQAURIy
AwQBURI0AwQAURI3AwQAURI9AwQAXbpDMAwDBABdukcDBABdukgDBABteTwDBACy
/c8wDAMEALL91QMEALL91gMEALL92wMEALL97AMEALL98AMEALkvWAMEALkvWgME
ALz/ggMEALz/vgMEALz/0AMEALz/1QMEALz/2wMEALz/4gMEArz/9AMEALz//AME
Abz//gMEANRFBwMEANRFDAMEANRFEjANBgkqhkiG9w0BAQsFAAOCAQEAKw2Hnma8
f0wdwuGmoJ4Y+EQVQPM3V/tZAEddiI5BypLtjLf/X7rZyqd3DdLzYblY51KrlPKU
yoipzqUdaGI9h1TncEbWlCiSFTq3hRiZ7BJr5hO7vyAM3bUmnbxY94wiqn3JI35R
qaAGsIKIAj0TOpAQcyxGefUJeJ69X6UqK7gnEtXURBDXWsspYaFnHXe5d56fWfiY
BB8o+BJDeDufLRO5Dh+QJjQBTVzcz4qSgfunSBHvkwv42R6YamuTvyvn1tV5hVYh
b31oGoW/9snN/ozdSiL3CKbDhJNLhJPM/1gqJb6EFg95tDBOag/f1g2ArFRNv0y5
qEN9mtEgaCWA9g==
-----END CERTIFICATE-----
Generated at Sat Sep 6 10:13:57 2025 by rpki-client