Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/HwGE0614r9XuIYTbb7FI9qw3QhA.roa
File: HwGE0614r9XuIYTbb7FI9qw3QhA.roa (raw, json)
Hash identifier: NN98O8b8/m43VOkHIWYXipqgMBc9JvK22oHaFCTLRzA=
Subject key identifier: 1F:01:84:D3:AD:78:AF:D5:EE:21:84:DB:6F:B1:48:F6:AC:37:42:10
Certificate issuer: /CN=65a9066d5b6ac3019c2037f579d11bae1a5eea73
Certificate serial: 01991494EC3AC66D59B47D8CC3EABB6358B3
Authority key identifier: 65:A9:06:6D:5B:6A:C3:01:9C:20:37:F5:79:D1:1B:AE:1A:5E:EA:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/HwGE0614r9XuIYTbb7FI9qw3QhA.roa
Signing time: Thu 04 Sep 2025 11:55:28 +0000
ROA not before: Thu 04 Sep 2025 11:55:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24812
IP address blocks: 91.225.4.0/22 maxlen: 22
178.159.208.0/20 maxlen: 20
178.159.216.0/24 maxlen: 24
178.159.217.0/24 maxlen: 24
178.159.218.0/24 maxlen: 24
178.159.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:94:ec:3a:c6:6d:59:b4:7d:8c:c3:ea:bb:63:58:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a9066d5b6ac3019c2037f579d11bae1a5eea73
Validity
Not Before: Sep 4 11:55:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f0184d3ad78afd5ee2184db6fb148f6ac374210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0a:09:85:be:ae:24:bf:9b:5d:46:e1:f3:08:
77:7e:e7:c2:23:e5:8f:9e:5e:08:2c:67:85:15:f1:
94:e3:cb:b5:39:2e:07:0c:70:b6:29:5e:2f:3f:16:
91:e2:8d:27:4a:39:15:da:1d:88:30:7c:a9:76:6c:
d5:0a:60:5f:26:7e:78:62:4d:6f:8a:93:6e:a8:76:
9b:1d:a5:79:10:f3:c7:a2:4a:17:29:c6:15:5f:32:
60:4a:e1:52:8a:26:e9:72:ee:6e:19:3a:a3:8f:07:
18:66:25:7a:33:f6:e9:cb:ab:25:78:72:3f:b9:c2:
5c:65:94:28:b8:99:7e:3e:aa:a1:fa:3c:6f:c0:2f:
d2:54:78:4b:1d:d3:1f:cb:9c:d5:91:87:2b:84:a4:
cf:01:5a:ef:8d:9c:13:84:09:3b:06:29:0e:b2:e2:
4e:ea:fa:77:e7:3a:1a:47:68:e8:98:f6:3b:73:c6:
8e:76:60:47:48:24:d6:7d:7c:23:2b:6c:8c:35:77:
2c:c4:ee:0f:be:e4:3f:8d:13:ea:29:1a:19:7d:c7:
6f:cd:15:36:52:c0:2b:2b:55:5e:64:ae:2a:a4:5c:
a9:3c:14:29:32:bc:2a:2a:07:18:c9:39:00:78:42:
85:c8:a0:77:3d:c9:6c:2f:e2:f5:00:f1:2a:5b:a1:
b2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:01:84:D3:AD:78:AF:D5:EE:21:84:DB:6F:B1:48:F6:AC:37:42:10
X509v3 Authority Key Identifier:
keyid:65:A9:06:6D:5B:6A:C3:01:9C:20:37:F5:79:D1:1B:AE:1A:5E:EA:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/HwGE0614r9XuIYTbb7FI9qw3QhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.4.0/22
178.159.208.0/20
Signature Algorithm: sha256WithRSAEncryption
9f:86:29:d1:70:c4:41:27:3c:d1:ff:da:6c:25:2c:d0:bd:d1:
e2:aa:9d:9a:ab:ae:a6:76:52:ca:56:a2:6b:a6:17:94:54:83:
7e:35:f6:d0:d6:dc:ad:4e:5c:fa:56:90:ec:ee:fa:55:ec:20:
aa:7b:c5:88:6f:7c:6a:c6:da:db:88:d4:1e:59:86:4a:19:d4:
87:fa:92:af:bf:52:b2:9f:31:b6:10:d6:dd:f5:e4:b1:e4:73:
0f:cb:84:32:7b:75:d0:70:8f:17:a9:08:7f:62:5f:5e:5a:1b:
40:31:9a:a4:d2:db:b5:48:85:43:e8:1d:03:ef:bc:da:1f:a2:
ab:ef:c9:81:72:d2:85:83:5b:7e:75:00:03:f8:fa:da:bc:83:
67:f8:65:7a:4d:b6:38:27:30:63:07:7d:88:30:ca:86:f7:6c:
46:6f:6a:e6:34:c8:c6:6f:89:8c:09:55:5d:99:65:c2:20:a3:
0a:16:c0:d0:7f:01:1b:9b:52:f7:eb:72:4b:29:e5:9b:5a:b1:
11:04:95:67:15:d0:77:1b:74:38:29:43:64:eb:95:3d:7e:83:
15:6d:54:a7:24:65:79:6c:12:ff:29:25:2a:4e:72:c1:a9:80:
af:de:1d:f0:60:bc:86:96:08:9c:54:ab:a4:a5:7e:4c:7e:0d:
56:52:8f:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkUlOw6xm1ZtH2Mw+q7Y1izMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTkwNjZkNWI2YWMzMDE5YzIwMzdmNTc5ZDExYmFlMWE1
ZWVhNzMwHhcNMjUwOTA0MTE1NTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAxODRkM2FkNzhhZmQ1ZWUyMTg0ZGI2ZmIxNDhmNmFjMzc0MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwoJhb6uJL+bXUbh8wh3fufCI+WP
nl4ILGeFFfGU48u1OS4HDHC2KV4vPxaR4o0nSjkV2h2IMHypdmzVCmBfJn54Yk1v
ipNuqHabHaV5EPPHokoXKcYVXzJgSuFSiibpcu5uGTqjjwcYZiV6M/bpy6sleHI/
ucJcZZQouJl+Pqqh+jxvwC/SVHhLHdMfy5zVkYcrhKTPAVrvjZwThAk7BikOsuJO
6vp35zoaR2jomPY7c8aOdmBHSCTWfXwjK2yMNXcsxO4PvuQ/jRPqKRoZfcdvzRU2
UsArK1VeZK4qpFypPBQpMrwqKgcYyTkAeEKFyKB3PclsL+L1APEqW6GyHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8BhNOteK/V7iGE22+xSPasN0IQMB8GA1UdIwQY
MBaAFGWpBm1basMBnCA39XnRG64aXupzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFrR2JWdHF3d0djSURmMWVkRWJyaHBlNm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80ZjlmMjktYTAzZS00YzQ1LTgyY2Qt
MThmMzQzNDg4Mjg2LzEvSHdHRTA2MTRyOVh1SVlUYmI3Rkk5cXczUWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC80ZjlmMjktYTAzZS00YzQ1LTgyY2QtMThmMzQzNDg4Mjg2
LzEvWmFrR2JWdHF3d0djSURmMWVkRWJyaHBlNm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+EEAwQE
sp/QMA0GCSqGSIb3DQEBCwUAA4IBAQCfhinRcMRBJzzR/9psJSzQvdHiqp2aq66m
dlLKVqJrpheUVIN+NfbQ1tytTlz6VpDs7vpV7CCqe8WIb3xqxtrbiNQeWYZKGdSH
+pKvv1KynzG2ENbd9eSx5HMPy4Qye3XQcI8XqQh/Yl9eWhtAMZqk0tu1SIVD6B0D
77zaH6Kr78mBctKFg1t+dQAD+PravINn+GV6TbY4JzBjB32IMMqG92xGb2rmNMjG
b4mMCVVdmWXCIKMKFsDQfwEbm1L363JLKeWbWrERBJVnFdB3G3Q4KUNk65U9foMV
bVSnJGV5bBL/KSUqTnLBqYCv3h3wYLyGlgicVKukpX5Mfg1WUo8J
-----END CERTIFICATE-----
Generated at Fri Sep 19 12:50:12 2025 by rpki-client