Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/HZK1nXmWN-rO-mSEBWdam8_Ekw8.roa
File: HZK1nXmWN-rO-mSEBWdam8_Ekw8.roa (raw, json)
Hash identifier: 7EEOHKjjtUzUNB//SlEOoxLrukB2bXMqrOoSHuBhLss=
Subject key identifier: 1D:92:B5:9D:79:96:37:EA:CE:FA:64:84:05:67:5A:9B:CF:C4:93:0F
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 0198894654AEE2B4BA1616AB9E26FD5923A8
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/HZK1nXmWN-rO-mSEBWdam8_Ekw8.roa
Signing time: Fri 08 Aug 2025 10:42:24 +0000
ROA not before: Fri 08 Aug 2025 10:42:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41960
IP address blocks: 2.56.216.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
37.148.184.0/21 maxlen: 24
45.10.124.0/22 maxlen: 24
45.95.252.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
45.151.116.0/22 maxlen: 24
77.73.224.0/21 maxlen: 24
85.184.8.0/21 maxlen: 24
91.211.160.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
171.22.176.0/22 maxlen: 24
185.116.12.0/22 maxlen: 24
185.234.152.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.168.0/23 maxlen: 24
185.239.170.0/24 maxlen: 24
185.249.136.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
185.253.48.0/22 maxlen: 24
193.105.183.0/24 maxlen: 24
194.61.84.0/24 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
195.238.86.0/23 maxlen: 24
212.19.192.0/19 maxlen: 24
212.26.192.0/19 maxlen: 24
212.57.48.0/20 maxlen: 24
213.156.0.0/20 maxlen: 24
213.173.56.0/22 maxlen: 24
217.8.96.0/20 maxlen: 24
2001:6e0::/29 maxlen: 48
2a02:690::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:46:54:ae:e2:b4:ba:16:16:ab:9e:26:fd:59:23:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Aug 8 10:42:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d92b59d799637eacefa648405675a9bcfc4930f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:02:36:aa:d9:99:fc:3f:62:65:84:2d:c9:ad:
04:10:51:1c:e1:e7:2a:d0:f5:3a:7f:34:f9:3e:4d:
8a:c8:f1:c9:21:14:fb:94:95:f9:10:65:55:93:a4:
d3:a0:9d:e3:28:34:30:81:cf:60:74:d5:60:1e:c9:
3c:07:25:85:37:be:8f:ae:0a:c0:c8:a2:a2:47:c8:
b4:5b:cd:54:5f:86:f1:c7:b2:e0:78:c1:a6:d3:08:
32:bf:c6:3c:cf:43:58:c6:74:f7:d6:27:21:07:15:
86:09:a7:2d:de:12:18:b5:a0:52:43:b7:8d:82:02:
50:a7:37:c3:ad:48:96:1f:19:79:48:84:94:83:df:
fe:a1:bf:42:3e:67:06:bb:f5:11:da:14:be:15:f0:
55:64:b6:6b:fd:39:29:5c:f2:94:02:02:d6:5e:87:
40:7d:8c:ce:0f:1c:7c:b6:42:03:c8:f5:39:89:94:
c9:f6:4a:da:dc:0d:e4:37:1e:f4:0b:fa:fe:7e:f0:
04:32:28:bb:b7:ac:c5:0b:6f:fa:ff:08:bc:ab:7d:
46:db:2b:a5:a3:66:52:53:80:e1:78:30:6f:68:8f:
99:86:95:0b:47:98:10:d1:c4:e8:19:0b:ce:5b:db:
2c:23:82:e6:1a:69:a9:5d:f1:76:73:b6:3f:9d:be:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:92:B5:9D:79:96:37:EA:CE:FA:64:84:05:67:5A:9B:CF:C4:93:0F
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/HZK1nXmWN-rO-mSEBWdam8_Ekw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
93.188.64.0/22
171.22.176.0/22
185.116.12.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
193.105.183.0/24
194.61.84.0/24
194.61.86.0/24
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/29
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
64:de:aa:e1:73:c2:cf:ef:80:d9:18:dd:1e:c5:82:ee:47:78:
73:e8:20:04:55:b9:6a:07:03:10:8d:b4:12:f1:14:52:93:74:
d0:c9:90:33:ac:10:cb:64:fc:62:f8:cc:d5:70:34:30:42:7c:
9e:6c:4e:44:3e:10:c6:8a:88:88:8b:6c:5d:7b:8d:ac:f2:08:
31:d0:82:2b:7b:79:61:90:7f:e9:a6:04:ef:20:54:27:67:00:
d7:f4:6b:7d:34:d4:7d:22:00:09:a0:1a:2a:a1:c8:4d:66:b3:
01:8e:c3:78:c0:80:c5:eb:48:b3:3f:1a:47:e7:26:ce:e9:10:
5e:eb:32:63:41:1d:28:6d:08:57:7d:99:f0:5e:46:c1:1c:0e:
72:0d:4e:df:37:3f:b6:d1:91:65:d4:2b:11:0b:62:4c:d2:33:
6c:4c:c5:81:b5:10:a2:d3:67:14:c5:47:58:b7:a3:6b:d5:0c:
45:33:6a:c5:0f:5c:e9:35:32:f3:f9:11:bc:84:fa:fe:f8:29:
1a:a5:5c:3d:fc:09:d4:2c:64:58:6d:31:b4:6e:22:2b:ea:ca:
de:f6:16:56:a4:76:4a:7f:cb:c9:a1:8f:e9:c3:a9:78:80:ba:
c8:d8:cb:a5:01:be:00:36:95:0a:33:90:c6:5b:68:3d:e5:da:
b4:fc:64:78
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZiJRlSu4rS6Fharnib9WSOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjUwODA4MTA0MjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkyYjU5ZDc5OTYzN2VhY2VmYTY0ODQwNTY3NWE5YmNmYzQ5MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQI2qtmZ/D9iZYQtya0EEFEc4ecq
0PU6fzT5Pk2KyPHJIRT7lJX5EGVVk6TToJ3jKDQwgc9gdNVgHsk8ByWFN76PrgrA
yKKiR8i0W81UX4bxx7LgeMGm0wgyv8Y8z0NYxnT31ichBxWGCact3hIYtaBSQ7eN
ggJQpzfDrUiWHxl5SISUg9/+ob9CPmcGu/UR2hS+FfBVZLZr/TkpXPKUAgLWXodA
fYzODxx8tkIDyPU5iZTJ9kra3A3kNx70C/r+fvAEMii7t6zFC2/6/wi8q31G2yul
o2ZSU4DheDBvaI+ZhpULR5gQ0cToGQvOW9ssI4LmGmmpXfF2c7Y/nb6CUwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFB2StZ15ljfqzvpkhAVnWpvPxJMPMB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvSFpLMW5YbVdOLXJPLW1TRUJXZGFtOF9Fa3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBywQCAAEwgcQDBAIC
ONgDBAIFt4QDBAMllLgDBAItCnwDBAItX/wDBAItjJwDBAItl3QDBANNSeADBANV
uAgDBAJb06ADBAJdvEADBAKrFrADBAK5dAwwDAMEA7nqmAMEALnqmjAMAwQDue+o
AwQAue+qAwQCufmIAwQCufuYAwQCuf0wAwQAwWm3AwQAwj1UAwQAwj1WAwQBw7hW
AwQBw7haAwQBw+5WAwQF1BPAAwQF1BrAAwQE1DkwAwQE1ZwAAwQC1a04AwQE2Qhg
MBQEAgACMA4DBQMgAQbgAwUDKgIGkDANBgkqhkiG9w0BAQsFAAOCAQEAZN6q4XPC
z++A2RjdHsWC7kd4c+ggBFW5agcDEI20EvEUUpN00MmQM6wQy2T8YvjM1XA0MEJ8
nmxORD4QxoqIiItsXXuNrPIIMdCCK3t5YZB/6aYE7yBUJ2cA1/RrfTTUfSIACaAa
KqHITWazAY7DeMCAxetIsz8aR+cmzukQXusyY0EdKG0IV32Z8F5GwRwOcg1O3zc/
ttGRZdQrEQtiTNIzbEzFgbUQotNnFMVHWLeja9UMRTNqxQ9c6TUy8/kRvIT6/vgp
GqVcPfwJ1CxkWG0xtG4iK+rK3vYWVqR2Sn/LyaGP6cOpeIC6yNjLpQG+ADaVCjOQ
xltoPeXatPxkeA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:00:19 2025 by rpki-client