Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hhy_H3R0WF-dr485QZRdqYkj6Sk.roa
File: hhy_H3R0WF-dr485QZRdqYkj6Sk.roa (raw, json)
Hash identifier: ILkgpOgTRFsVyKk6aD2w0cSKSsWTAQh6L+29UxCjaY4=
Subject key identifier: 86:1C:BF:1F:74:74:58:5F:9D:AF:8F:39:41:94:5D:A9:89:23:E9:29
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019791DCEA86F82501FD8A9E119DA796DE6A
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hhy_H3R0WF-dr485QZRdqYkj6Sk.roa
Signing time: Sat 21 Jun 2025 09:41:03 +0000
ROA not before: Sat 21 Jun 2025 09:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212496
IP address blocks: 185.24.109.0/24 maxlen: 24
185.58.114.0/24 maxlen: 24
185.73.183.0/24 maxlen: 24
185.76.240.0/24 maxlen: 24
185.76.241.0/24 maxlen: 24
185.76.242.0/24 maxlen: 24
185.95.230.0/24 maxlen: 24
185.97.79.0/24 maxlen: 24
185.104.148.0/24 maxlen: 24
185.105.47.0/24 maxlen: 24
185.111.25.0/24 maxlen: 24
185.112.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:91:dc:ea:86:f8:25:01:fd:8a:9e:11:9d:a7:96:de:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jun 21 09:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=861cbf1f7474585f9daf8f3941945da98923e929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1a:18:3f:ae:1b:06:9a:8e:32:3e:05:c9:31:
01:b2:8e:be:52:b2:90:68:e8:f9:e4:a8:4e:30:43:
96:99:02:0e:05:91:b0:db:44:2e:84:b1:4b:22:53:
17:58:d8:d8:73:ba:da:0b:39:47:43:fb:28:7d:f8:
46:79:e3:c3:03:f7:f9:e1:a7:32:ec:37:0c:6a:55:
a9:92:60:96:e6:75:59:6e:1e:a2:d4:df:0e:82:92:
24:58:9e:21:2c:2c:ec:ac:67:8a:e5:59:4e:0b:ef:
8b:3a:3c:bf:b5:24:59:e9:3a:06:82:3b:35:93:ca:
2c:45:d8:53:b1:05:09:8d:50:93:79:c3:4c:1f:cd:
32:c7:43:35:1f:ed:3a:ef:51:ea:5b:5c:14:ea:c1:
bc:0f:c1:ab:56:f9:b7:7f:11:e0:e3:50:8d:cb:4c:
ce:8f:62:ed:f2:3f:db:a4:2f:56:92:79:c3:04:0a:
89:04:62:78:e9:04:06:9e:40:2d:0d:f1:87:16:ec:
8e:36:4f:b3:62:d8:ad:54:20:cb:fd:d0:43:6b:08:
06:e8:5e:e0:d1:ba:e0:60:f6:fa:17:ae:ab:1e:56:
dc:e9:3d:0a:5d:6f:13:66:75:0e:52:26:90:a9:49:
11:f5:f0:27:a5:43:b1:fc:34:35:0d:4d:b2:5c:42:
eb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1C:BF:1F:74:74:58:5F:9D:AF:8F:39:41:94:5D:A9:89:23:E9:29
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hhy_H3R0WF-dr485QZRdqYkj6Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.109.0/24
185.58.114.0/24
185.73.183.0/24
185.76.240.0-185.76.242.255
185.95.230.0/24
185.97.79.0/24
185.104.148.0/24
185.105.47.0/24
185.111.25.0/24
185.112.59.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f0:11:ab:b9:a2:5e:aa:c6:69:2b:51:c6:1b:90:a1:de:73:
b7:ac:4c:47:b8:79:7f:64:72:28:dc:50:3e:1a:b8:57:a8:dc:
75:58:7f:21:c2:f8:b2:e4:50:91:a1:d5:9d:ef:fd:82:2b:ec:
cf:24:3f:ee:47:74:54:b0:7d:80:d3:ab:44:de:10:10:00:d5:
a3:61:99:5c:04:7f:1b:d8:57:28:bd:c2:42:66:14:1f:7a:69:
35:4c:ff:0f:99:ad:33:c5:66:15:e6:03:6e:21:ae:2d:2a:6e:
67:5c:fe:18:12:26:06:ad:1e:f4:6f:55:37:df:47:89:34:cc:
15:14:4c:f3:90:4d:04:dd:c7:34:87:11:e6:a6:2e:47:01:3d:
2f:ff:f5:5c:e5:08:66:a8:28:a4:4f:99:ee:67:f2:18:02:a6:
aa:9d:19:7a:dc:34:63:8c:e6:97:00:d3:3e:9b:b4:a4:95:e4:
e3:73:f7:80:fd:10:29:75:71:f2:65:2a:64:7c:bb:ca:c8:2f:
28:74:2e:92:ce:ac:12:91:88:5c:fd:42:35:ce:49:92:fb:9a:
ce:02:d0:db:63:48:47:6c:cb:41:cd:b9:02:c0:29:12:4c:d3:
6c:f2:3b:5a:ef:c8:9b:88:27:41:fe:23:2f:0d:85:11:3d:a9:
21:51:5c:6d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZeR3OqG+CUB/YqeEZ2nlt5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNjIxMDk0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFjYmYxZjc0NzQ1ODVmOWRhZjhmMzk0MTk0NWRhOTg5MjNlOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRoYP64bBpqOMj4FyTEBso6+UrKQ
aOj55KhOMEOWmQIOBZGw20QuhLFLIlMXWNjYc7raCzlHQ/soffhGeePDA/f54acy
7DcMalWpkmCW5nVZbh6i1N8OgpIkWJ4hLCzsrGeK5VlOC++LOjy/tSRZ6ToGgjs1
k8osRdhTsQUJjVCTecNMH80yx0M1H+0671HqW1wU6sG8D8GrVvm3fxHg41CNy0zO
j2Lt8j/bpC9WknnDBAqJBGJ46QQGnkAtDfGHFuyONk+zYtitVCDL/dBDawgG6F7g
0brgYPb6F66rHlbc6T0KXW8TZnUOUiaQqUkR9fAnpUOx/DQ1DU2yXELrhwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFIYcvx90dFhfna+POUGUXamJI+kpMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvaGh5X0gzUjBXRi1kcjQ4NVFaUmRxWWtqNlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAuRhtAwQA
uTpyAwQAuUm3MAwDBAS5TPADBAC5TPIDBAC5X+YDBAC5YU8DBAC5aJQDBAC5aS8D
BAC5bxkDBAC5cDswDQYJKoZIhvcNAQELBQADggEBABfwEau5ol6qxmkrUcYbkKHe
c7esTEe4eX9kcijcUD4auFeo3HVYfyHC+LLkUJGh1Z3v/YIr7M8kP+5HdFSwfYDT
q0TeEBAA1aNhmVwEfxvYVyi9wkJmFB96aTVM/w+ZrTPFZhXmA24hri0qbmdc/hgS
JgatHvRvVTffR4k0zBUUTPOQTQTdxzSHEeamLkcBPS//9VzlCGaoKKRPme5n8hgC
pqqdGXrcNGOM5pcA0z6btKSV5ONz94D9ECl1cfJlKmR8u8rILyh0LpLOrBKRiFz9
QjXOSZL7ms4C0NtjSEdsy0HNuQLAKRJM02zyO1rvyJuIJ0H+Iy8NhRE9qSFRXG0=
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:00:02 2025 by rpki-client