Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/HYrkvDrpfrVGKAcaIbn8RvGgwng.roa
File: HYrkvDrpfrVGKAcaIbn8RvGgwng.roa (raw, json)
Hash identifier: kLdog1pfyl1ivWrdhRaD9T/MX0DUf8jLwgmi9P1eRT8=
Subject key identifier: 1D:8A:E4:BC:3A:E9:7E:B5:46:28:07:1A:21:B9:FC:46:F1:A0:C2:78
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 01993871A4B17B6BAFBBD22363E9BD377BD6
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/HYrkvDrpfrVGKAcaIbn8RvGgwng.roa
Signing time: Thu 11 Sep 2025 11:03:15 +0000
ROA not before: Thu 11 Sep 2025 11:03:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29684
IP address blocks: 46.235.88.0/21 maxlen: 24
46.235.88.0/23 maxlen: 23
46.235.90.0/23 maxlen: 23
46.235.91.0/24 maxlen: 24
46.235.92.0/23 maxlen: 23
46.235.94.0/23 maxlen: 23
46.235.94.0/24 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
79.110.229.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
88.85.224.0/21 maxlen: 21
88.85.224.0/23 maxlen: 23
88.85.226.0/23 maxlen: 23
88.85.228.0/23 maxlen: 23
88.85.228.0/24 maxlen: 24
88.85.230.0/23 maxlen: 23
88.85.231.0/24 maxlen: 24
88.85.232.0/21 maxlen: 21
88.85.232.0/24 maxlen: 24
88.85.235.0/24 maxlen: 24
88.85.236.0/24 maxlen: 24
88.85.237.0/24 maxlen: 24
88.85.238.0/23 maxlen: 23
88.85.238.0/24 maxlen: 24
88.85.239.0/24 maxlen: 24
88.85.240.0/21 maxlen: 21
88.85.240.0/23 maxlen: 23
88.85.242.0/24 maxlen: 24
88.85.244.0/24 maxlen: 24
88.85.245.0/24 maxlen: 24
88.85.246.0/23 maxlen: 23
88.85.247.0/24 maxlen: 24
88.85.248.0/21 maxlen: 21
88.85.248.0/23 maxlen: 23
88.85.250.0/23 maxlen: 23
88.85.250.0/24 maxlen: 24
88.85.252.0/23 maxlen: 23
88.85.254.0/24 maxlen: 24
88.85.255.0/24 maxlen: 24
146.19.71.0/24 maxlen: 24
158.94.222.0/24 maxlen: 24
176.97.216.0/24 maxlen: 24
176.98.32.0/22 maxlen: 22
176.98.32.0/24 maxlen: 24
176.98.33.0/24 maxlen: 24
176.98.34.0/23 maxlen: 23
176.98.34.0/24 maxlen: 24
176.98.35.0/24 maxlen: 24
176.241.184.0/21 maxlen: 24
176.241.184.0/23 maxlen: 23
176.241.186.0/23 maxlen: 23
176.241.188.0/24 maxlen: 24
176.241.189.0/24 maxlen: 24
176.241.190.0/24 maxlen: 24
176.241.191.0/24 maxlen: 24
178.20.144.0/21 maxlen: 24
178.20.144.0/23 maxlen: 23
178.20.146.0/23 maxlen: 23
178.20.148.0/23 maxlen: 23
178.20.150.0/23 maxlen: 23
185.10.112.0/22 maxlen: 24
185.10.112.0/24 maxlen: 24
185.10.113.0/24 maxlen: 24
185.10.114.0/23 maxlen: 23
185.10.114.0/24 maxlen: 24
185.10.115.0/24 maxlen: 24
185.72.102.0/24 maxlen: 24
185.149.193.0/24 maxlen: 24
185.224.252.0/22 maxlen: 24
185.224.252.0/23 maxlen: 23
185.224.252.0/24 maxlen: 24
185.224.253.0/24 maxlen: 24
185.224.254.0/23 maxlen: 23
185.224.254.0/24 maxlen: 24
185.224.255.0/24 maxlen: 24
193.105.25.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/20 maxlen: 20
212.12.160.0/23 maxlen: 23
212.12.160.0/24 maxlen: 24
212.12.161.0/24 maxlen: 24
212.12.162.0/23 maxlen: 23
212.12.162.0/24 maxlen: 24
212.12.163.0/24 maxlen: 24
212.12.164.0/23 maxlen: 23
212.12.164.0/24 maxlen: 24
212.12.166.0/23 maxlen: 23
212.12.166.0/24 maxlen: 24
212.12.167.0/24 maxlen: 24
212.12.168.0/23 maxlen: 23
212.12.168.0/24 maxlen: 24
212.12.169.0/24 maxlen: 24
212.12.170.0/23 maxlen: 23
212.12.170.0/24 maxlen: 24
212.12.171.0/24 maxlen: 24
212.12.172.0/23 maxlen: 23
212.12.174.0/23 maxlen: 23
212.12.175.0/24 maxlen: 24
212.12.176.0/20 maxlen: 20
212.12.176.0/23 maxlen: 23
212.12.178.0/23 maxlen: 23
212.12.180.0/23 maxlen: 23
212.12.182.0/23 maxlen: 23
212.12.182.0/24 maxlen: 24
212.12.183.0/24 maxlen: 24
212.12.184.0/23 maxlen: 23
212.12.185.0/24 maxlen: 24
212.12.186.0/23 maxlen: 23
212.12.187.0/24 maxlen: 24
212.12.188.0/23 maxlen: 23
212.12.189.0/24 maxlen: 24
212.12.190.0/23 maxlen: 23
212.108.85.0/24 maxlen: 24
2a00:1560::/32 maxlen: 32
2a00:1560:4::/47 maxlen: 47
2a00:1560:5::/48 maxlen: 48
2a00:1560:c::/48 maxlen: 48
2a00:1560:10::/48 maxlen: 48
2a00:1560:16::/48 maxlen: 48
2a00:1560:17::/48 maxlen: 48
2a00:1560:18::/48 maxlen: 48
2a00:1560:20::/48 maxlen: 48
2a00:1560:21::/48 maxlen: 48
2a00:1560:24::/48 maxlen: 48
2a00:1560:60::/48 maxlen: 48
2a00:1560:1111::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:71:a4:b1:7b:6b:af:bb:d2:23:63:e9:bd:37:7b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Sep 11 11:03:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d8ae4bc3ae97eb54628071a21b9fc46f1a0c278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:8e:b9:9f:43:9a:a9:a7:fa:2b:5d:84:ec:
81:83:19:04:5b:2d:43:ae:22:47:9b:89:31:7a:07:
b3:c9:b8:8b:2d:75:38:ed:4d:25:d7:62:37:69:e5:
e5:ea:29:9c:9f:5f:2e:c0:6e:3a:7d:88:f4:98:cb:
89:f0:ee:68:8f:72:7d:8d:71:1a:04:3b:26:89:a7:
11:62:2c:6b:e1:b6:14:36:b4:63:9d:87:00:2e:da:
21:6d:35:30:0e:b6:25:6d:63:c0:b9:2d:27:d8:21:
dc:31:20:65:3b:a7:34:7d:1e:31:b6:12:6a:30:f2:
13:08:b3:03:ef:d5:af:2c:be:28:c8:d2:96:9e:ca:
20:e1:24:22:d9:8e:34:f8:e0:78:e7:87:8a:bb:fd:
f4:b9:63:27:08:b4:fb:64:fc:10:7e:8e:1d:65:81:
bf:68:18:46:70:08:5a:14:58:fc:f5:8f:3a:a0:42:
e2:cf:7a:70:34:fb:e5:da:77:39:b3:17:9c:7b:98:
71:30:4c:d9:d2:b1:0c:e9:69:49:ad:31:7f:6f:72:
de:78:c3:96:e0:8a:18:16:34:e2:47:74:a5:23:00:
3c:54:4e:30:74:46:75:e7:4f:5a:c7:a4:22:5c:bd:
e8:51:f2:a3:ba:3a:43:d8:dc:10:d3:73:2d:71:4d:
69:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8A:E4:BC:3A:E9:7E:B5:46:28:07:1A:21:B9:FC:46:F1:A0:C2:78
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/HYrkvDrpfrVGKAcaIbn8RvGgwng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
158.94.222.0/24
176.97.216.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
185.72.102.0/24
185.149.193.0/24
185.224.252.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
212.108.85.0/24
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
4f:22:b7:22:a6:bd:76:ef:b5:c6:8a:b5:db:76:07:8f:a7:ce:
da:9b:44:f1:d5:ed:5e:5b:8b:59:4e:bb:20:d4:73:1f:97:3e:
54:ac:e8:4a:c7:cf:de:f3:f3:65:fa:e8:b6:52:4a:7e:73:6d:
6a:7e:1e:9d:c6:15:ec:42:c4:72:d5:75:eb:58:e9:d2:eb:c7:
f2:ce:05:6a:ba:5e:b7:24:a2:b2:fd:3c:93:dd:4c:41:f8:44:
83:58:73:ca:88:2a:92:9e:4e:24:30:f1:b8:66:76:5f:80:29:
8f:a9:00:c9:39:ec:3c:4d:c7:a1:5f:39:f2:42:a3:e6:d6:09:
54:07:eb:0f:36:13:65:ae:a3:7a:c5:ba:d6:e0:d9:47:22:2d:
f1:11:ba:2e:cb:2d:a6:16:2e:18:59:d3:77:86:6e:cc:15:ff:
f4:cc:46:dd:d9:05:d2:50:9c:46:8a:6a:76:ab:f2:9f:25:9b:
09:4e:34:f1:21:5e:4e:73:43:71:69:df:e3:d0:ac:56:a0:7a:
d1:09:fd:a6:40:36:1d:97:ed:bd:db:8d:3c:05:bb:1c:2d:6d:
53:41:54:4c:a8:d1:44:be:ef:17:39:45:04:32:54:18:fe:48:
f3:59:43:08:1f:5e:c4:aa:8f:2a:fc:c1:ba:78:67:e4:df:fa:
39:c3:74:80
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZk4caSxe2uvu9IjY+m9N3vWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjUwOTExMTEwMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhhZTRiYzNhZTk3ZWI1NDYyODA3MWEyMWI5ZmM0NmYxYTBjMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCyOuZ9Dmqmn+itdhOyBgxkEWy1D
riJHm4kxegezybiLLXU47U0l12I3aeXl6imcn18uwG46fYj0mMuJ8O5oj3J9jXEa
BDsmiacRYixr4bYUNrRjnYcALtohbTUwDrYlbWPAuS0n2CHcMSBlO6c0fR4xthJq
MPITCLMD79WvLL4oyNKWnsog4SQi2Y40+OB454eKu/30uWMnCLT7ZPwQfo4dZYG/
aBhGcAhaFFj89Y86oELiz3pwNPvl2nc5sxece5hxMEzZ0rEM6WlJrTF/b3LeeMOW
4IoYFjTiR3SlIwA8VE4wdEZ1509ax6QiXL3oUfKjujpD2NwQ03MtcU1pLQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFB2K5Lw66X61RigHGiG5/EbxoMJ4MB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvSFlya3ZEcnBmclZHS0FjYUlibjhSdkdnd25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQDLutY
AwQAPswwAwQATUvgAwQAT27lAwQFWFXgAwQAkhNHAwQAnl7eAwQAsGHYAwQCsGIg
AwQDsPG4AwQDshSQAwQCuQpwAwQAuUhmAwQAuZXBAwQCueD8AwQAwWkZAwQAwfJ/
AwQAwmjiAwQF1AygAwQA1GxVMA0EAgACMAcDBQAqABVgMA0GCSqGSIb3DQEBCwUA
A4IBAQBPIrcipr1277XGirXbdgePp87am0Tx1e1eW4tZTrsg1HMflz5UrOhKx8/e
8/Nl+ui2Ukp+c21qfh6dxhXsQsRy1XXrWOnS68fyzgVqul63JKKy/TyT3UxB+ESD
WHPKiCqSnk4kMPG4ZnZfgCmPqQDJOew8TcehXznyQqPm1glUB+sPNhNlrqN6xbrW
4NlHIi3xEbouyy2mFi4YWdN3hm7MFf/0zEbd2QXSUJxGimp2q/KfJZsJTjTxIV5O
c0Nxad/j0KxWoHrRCf2mQDYdl+292408BbscLW1TQVRMqNFEvu8XOUUEMlQY/kjz
WUMIH17Eqo8q/MG6eGfk3/o5w3SA
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:57:33 2025 by rpki-client