Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HxTUvzIZX--dLoOPK-dqvxod_uE.roa
File: HxTUvzIZX--dLoOPK-dqvxod_uE.roa (raw, json)
Hash identifier: F4SZQY3yUmuu1pYEHkyQEIUWk1MNkN6XrjWa4nL5+5c=
Subject key identifier: 1F:14:D4:BF:32:19:5F:EF:9D:2E:83:8F:2B:E7:6A:BF:1A:1D:FE:E1
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019A26213ACEBD8DFEDA89EE0248A691E19D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HxTUvzIZX--dLoOPK-dqvxod_uE.roa
Signing time: Mon 27 Oct 2025 14:45:03 +0000
ROA not before: Mon 27 Oct 2025 14:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52116
IP address blocks: 77.105.11.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.61.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.226.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.246.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 14:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:21:3a:ce:bd:8d:fe:da:89:ee:02:48:a6:91:e1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 27 14:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f14d4bf32195fef9d2e838f2be76abf1a1dfee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:fc:0c:bf:ad:d0:3a:c9:02:9f:de:6b:d9:
af:88:7d:22:76:aa:da:e8:36:d3:7a:23:65:ad:c0:
15:1d:8e:50:49:77:f4:36:38:3a:11:d0:d6:ba:d4:
46:77:82:c3:0d:33:3e:0f:ed:e9:80:eb:d4:31:b5:
b5:93:00:c9:32:27:ac:45:0d:60:f5:22:c2:e5:7b:
16:1e:61:46:9e:e1:de:a0:19:3a:36:e0:5f:27:ad:
b9:f8:20:81:7b:d4:f9:63:ae:e7:25:7e:58:9e:5e:
74:17:c5:d7:f0:89:41:6e:e8:75:10:52:77:23:b5:
e4:fb:e4:b7:63:2e:a0:b3:3b:86:02:16:a7:fc:64:
02:f5:23:6b:96:94:97:47:f9:c3:a7:9c:4a:95:2f:
ae:81:88:cb:d2:77:8f:a9:23:24:c3:13:91:92:7e:
65:81:77:44:71:0c:60:1a:3e:39:65:d8:57:37:c7:
cf:bc:f4:8c:60:1d:f0:3d:1a:41:21:ba:37:35:73:
69:89:08:cf:87:5c:26:01:43:01:1e:88:f2:4a:62:
54:b8:ed:f9:12:a2:53:5e:bd:e0:29:e6:96:7b:44:
05:0f:fc:f5:23:54:c7:e8:67:12:76:fc:93:11:80:
4b:0d:9d:7e:32:51:ca:ed:0b:61:2b:e7:13:36:17:
ba:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:14:D4:BF:32:19:5F:EF:9D:2E:83:8F:2B:E7:6A:BF:1A:1D:FE:E1
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HxTUvzIZX--dLoOPK-dqvxod_uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.11.0/24
77.105.31.0/24
79.175.116.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.61.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.253.207.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0/24
185.47.90.0/24
188.255.130.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.226.0/24
188.255.244.0-188.255.246.255
188.255.252.0/24
188.255.254.0/23
212.69.7.0/24
212.69.12.0/24
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
09:7c:17:50:b8:f7:66:03:73:b4:f8:64:f5:36:7a:6b:4c:aa:
11:fd:80:e8:1d:f0:47:1c:91:28:95:4b:42:b0:2f:8c:cb:33:
a5:61:f2:3c:c6:8c:42:c8:72:f0:88:ac:d9:0c:ab:e8:e7:5e:
b5:06:7a:11:cf:24:85:45:62:71:10:dd:b2:ed:e9:f6:1f:6c:
1d:52:82:21:44:20:15:26:0a:09:c8:08:f5:eb:92:88:10:31:
30:cd:ec:dc:0a:45:aa:ed:31:d2:e4:65:46:fa:bf:49:05:fb:
70:15:9d:ae:87:65:76:24:dc:26:65:51:7a:c5:47:f6:c3:9f:
0a:25:44:c7:07:1c:db:51:9e:0f:ba:66:53:be:06:ba:2b:fc:
3d:0c:ea:4b:09:e2:da:c6:ca:5d:44:69:0e:fe:17:43:6a:b3:
ef:cd:d8:04:a5:b2:4b:30:0b:ea:d7:f3:a8:ae:dc:36:02:68:
73:59:66:8a:1f:4c:6d:32:6f:f1:4f:3c:ff:32:95:1b:fa:7d:
6d:26:93:8b:8b:9c:b1:ae:cb:16:1a:43:9b:ba:51:d6:59:65:
83:35:70:35:e1:c1:69:a8:8d:c6:66:fc:dd:fb:cf:71:ed:53:
43:83:f1:4b:a6:33:50:57:aa:58:4b:47:5b:4b:45:13:ea:53:
f4:cd:e0:8e
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZomITrOvY3+2onuAkimkeGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUxMDI3MTQ0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE0ZDRiZjMyMTk1ZmVmOWQyZTgzOGYyYmU3NmFiZjFhMWRmZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFX8DL+t0DrJAp/ea9mviH0idqra
6DbTeiNlrcAVHY5QSXf0Njg6EdDWutRGd4LDDTM+D+3pgOvUMbW1kwDJMiesRQ1g
9SLC5XsWHmFGnuHeoBk6NuBfJ625+CCBe9T5Y67nJX5Ynl50F8XX8IlBbuh1EFJ3
I7Xk++S3Yy6gszuGAhan/GQC9SNrlpSXR/nDp5xKlS+ugYjL0nePqSMkwxORkn5l
gXdEcQxgGj45ZdhXN8fPvPSMYB3wPRpBIbo3NXNpiQjPh1wmAUMBHojySmJUuO35
EqJTXr3gKeaWe0QFD/z1I1TH6GcSdvyTEYBLDZ1+MlHK7QthK+cTNhe6ZwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFB8U1L8yGV/vnS6Djyvnar8aHf7hMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSHhUVXZ6SVpYLS1kTG9PUEstZHF2eG9kX3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBABN
aQsDBABNaR8DBABPr3QwDAMEAFESMQMEAFESMgMEAVESNAMEAFESPQMEAF26QzAM
AwQAXbpHAwQAXbpIAwQAbXk8AwQAsv3PMAwDBACy/dUDBACy/dYDBACy/dsDBACy
/ewDBACy/fADBAC5L1gDBAC5L1oDBAC8/4IDBAC8/74DBAC8/9ADBAC8/9UDBAC8
/9sDBAC8/+IwDAMEArz/9AMEALz/9gMEALz//AMEAbz//gMEANRFBwMEANRFDAME
ANRFEjANBgkqhkiG9w0BAQsFAAOCAQEACXwXULj3ZgNztPhk9TZ6a0yqEf2A6B3w
RxyRKJVLQrAvjMszpWHyPMaMQshy8Iis2Qyr6OdetQZ6Ec8khUVicRDdsu3p9h9s
HVKCIUQgFSYKCcgI9euSiBAxMM3s3ApFqu0x0uRlRvq/SQX7cBWdrodldiTcJmVR
esVH9sOfCiVExwcc21GeD7pmU74Guiv8PQzqSwni2sbKXURpDv4XQ2qz783YBKWy
SzAL6tfzqK7cNgJoc1lmih9MbTJv8U88/zKVG/p9bSaTi4ucsa7LFhpDm7pR1lll
gzVwNeHBaaiNxmb83fvPce1TQ4PxS6YzUFeqWEtHW0tFE+pT9M3gjg==
-----END CERTIFICATE-----
Generated at Sun Nov 2 17:53:26 2025 by rpki-client