Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HjuXXXUSfXncfn8MXn1opXEusBA.roa
File: HjuXXXUSfXncfn8MXn1opXEusBA.roa (raw, json)
Hash identifier: de3QC+08N81qaw/xj5AtjMnXwbIYVfRII0xnXRjd9Y0=
Subject key identifier: 1E:3B:97:5D:75:12:7D:79:DC:7E:7F:0C:5E:7D:68:A5:71:2E:B0:10
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019791DCEB135A89C2BBD84DF26D6AF8D6FB
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HjuXXXUSfXncfn8MXn1opXEusBA.roa
Signing time: Sat 21 Jun 2025 09:41:03 +0000
ROA not before: Sat 21 Jun 2025 09:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 45.93.213.0/24 maxlen: 24
45.93.214.0/24 maxlen: 24
45.151.234.0/24 maxlen: 24
45.151.235.0/24 maxlen: 24
77.83.245.0/24 maxlen: 24
77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.68.186.0/24 maxlen: 24
185.68.187.0/24 maxlen: 24
185.71.214.0/24 maxlen: 24
185.71.215.0/24 maxlen: 24
185.73.180.0/24 maxlen: 24
185.73.181.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.75.135.0/24 maxlen: 24
185.76.243.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.88.98.0/24 maxlen: 24
185.88.99.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.100.159.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
185.168.208.0/24 maxlen: 24
185.177.238.0/24 maxlen: 24
185.182.130.0/24 maxlen: 24
185.182.131.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:91:dc:eb:13:5a:89:c2:bb:d8:4d:f2:6d:6a:f8:d6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jun 21 09:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e3b975d75127d79dc7e7f0c5e7d68a5712eb010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:21:7b:e2:38:e9:e9:2a:a0:6e:ba:39:ed:32:
67:52:c2:2c:69:e5:94:27:b9:ab:04:8f:ae:26:5d:
ac:05:fe:3b:1c:a9:68:04:20:d1:48:76:a5:64:10:
46:23:90:4d:27:66:44:f9:a7:5d:0d:dd:0b:d8:73:
9a:41:e5:4d:fe:4b:7d:08:5a:df:c6:2e:07:18:e6:
04:5f:f2:15:58:1c:e2:75:c1:ee:2c:a0:25:0e:23:
c8:57:60:ad:f4:77:4d:fa:fb:0b:cd:d6:f6:c4:eb:
ce:f8:d5:41:cc:86:54:87:42:b3:71:78:62:49:59:
77:c7:93:f0:3b:c8:3f:4a:e9:a0:f8:c3:e2:3f:4d:
92:6a:c9:ab:a6:9d:87:94:b1:86:95:b7:64:a6:3f:
c0:0f:0a:8f:df:b9:05:cf:aa:dc:eb:12:94:51:e0:
79:88:d0:a4:6b:cb:a0:37:d3:a9:44:43:0f:ea:b9:
d9:39:7b:6b:fa:43:d7:c4:2a:1c:ec:fd:39:59:fa:
25:96:80:c9:3d:72:49:90:d2:3f:c7:7e:c4:76:c4:
d6:22:d4:c5:37:64:a7:97:18:44:47:e1:22:42:a4:
f5:d1:fc:9e:18:a8:4a:07:91:0d:bf:9e:b5:5d:64:
78:e6:06:9c:72:b1:3c:90:6f:a1:a6:6d:b8:e1:a7:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3B:97:5D:75:12:7D:79:DC:7E:7F:0C:5E:7D:68:A5:71:2E:B0:10
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HjuXXXUSfXncfn8MXn1opXEusBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.213.0-45.93.214.255
45.151.234.0/23
77.83.245.0-77.83.246.255
160.20.156.0/23
185.68.186.0/23
185.71.214.0/23
185.73.180.0/23
185.75.132.0/24
185.75.135.0/24
185.76.243.0/24
185.77.138.0/23
185.79.132.0/23
185.88.98.0/23
185.95.228.0/24
185.100.156.0/24
185.100.159.0/24
185.102.114.0/24
185.111.24.0/24
185.168.208.0/24
185.177.238.0/24
185.182.130.0/23
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
83:fb:c9:b9:e9:f8:8c:ca:2b:86:e2:0f:77:8c:78:f9:3a:ef:
7d:44:6f:6e:3c:39:fb:54:ea:c1:d7:19:9e:78:8c:0d:96:b7:
d5:5a:1d:42:32:f5:ae:90:06:ef:c7:f4:86:e8:b8:f1:b9:b7:
93:76:f8:a5:50:2f:61:47:70:49:bb:8b:b0:65:be:dc:65:c5:
6f:c5:90:71:7a:79:a1:94:7c:d4:43:d3:39:f5:c3:2b:88:19:
16:e5:9e:6c:60:46:b5:26:cb:fe:e9:50:bb:25:8f:8a:cd:68:
af:99:8f:8a:d8:2e:24:3d:c5:ca:84:df:1b:4b:20:6a:d5:eb:
53:a6:a6:25:a7:e5:65:8e:8f:84:69:5a:f0:b4:ce:3a:54:f7:
5b:b5:34:bb:14:6d:51:68:4a:e9:f7:dc:7f:52:a2:c9:ab:27:
15:32:87:74:b9:2f:fc:f8:e6:17:ac:7e:02:71:4f:23:31:9e:
54:cb:85:74:95:c0:8d:36:df:89:53:49:a3:25:36:33:ec:e9:
b6:cc:7e:20:62:06:56:69:6c:57:95:5a:fa:4e:f5:b0:97:a6:
e6:42:c6:90:d9:24:02:22:d5:e1:4f:6a:be:c1:7a:d1:73:05:
2a:47:00:06:dc:99:57:d4:10:ee:a2:ef:b2:15:e0:af:1c:4b:
8c:96:b2:22
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZeR3OsTWonCu9hN8m1q+Nb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNjIxMDk0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNiOTc1ZDc1MTI3ZDc5ZGM3ZTdmMGM1ZTdkNjhhNTcxMmViMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyF74jjp6Sqgbro57TJnUsIsaeWU
J7mrBI+uJl2sBf47HKloBCDRSHalZBBGI5BNJ2ZE+addDd0L2HOaQeVN/kt9CFrf
xi4HGOYEX/IVWBzidcHuLKAlDiPIV2Ct9HdN+vsLzdb2xOvO+NVBzIZUh0KzcXhi
SVl3x5PwO8g/Sumg+MPiP02Sasmrpp2HlLGGlbdkpj/ADwqP37kFz6rc6xKUUeB5
iNCka8ugN9OpREMP6rnZOXtr+kPXxCoc7P05WfolloDJPXJJkNI/x37EdsTWItTF
N2SnlxhER+EiQqT10fyeGKhKB5ENv561XWR45gaccrE8kG+hpm244ac0nQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFB47l111En153H5/DF59aKVxLrAQMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSGp1WFhYVVNmWG5jZm44TVhuMW9wWEV1c0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQwDAME
AC1d1QMEAC1d1gMEAS2X6jAMAwQATVP1AwQATVP2AwQBoBScAwQBuUS6AwQBuUfW
AwQBuUm0AwQAuUuEAwQAuUuHAwQAuUzzAwQBuU2KAwQBuU+EAwQBuVhiAwQAuV/k
AwQAuWScAwQAuWSfAwQAuWZyAwQAuW8YAwQAuajQAwQAubHuAwQBubaCAwQCwSbk
MA0GCSqGSIb3DQEBCwUAA4IBAQCD+8m56fiMyiuG4g93jHj5Ou99RG9uPDn7VOrB
1xmeeIwNlrfVWh1CMvWukAbvx/SG6LjxubeTdvilUC9hR3BJu4uwZb7cZcVvxZBx
enmhlHzUQ9M59cMriBkW5Z5sYEa1Jsv+6VC7JY+KzWivmY+K2C4kPcXKhN8bSyBq
1etTpqYlp+Vljo+EaVrwtM46VPdbtTS7FG1RaErp99x/UqLJqycVMod0uS/8+OYX
rH4CcU8jMZ5Uy4V0lcCNNt+JU0mjJTYz7Om2zH4gYgZWaWxXlVr6TvWwl6bmQsaQ
2SQCItXhT2q+wXrRcwUqRwAG3JlX1BDuou+yFeCvHEuMlrIi
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:13:52 2025 by rpki-client