Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/HDMlPqzgtZrs5BaUVuoFr5HECpI.roa
File: HDMlPqzgtZrs5BaUVuoFr5HECpI.roa (raw, json)
Hash identifier: 9BBjLS8Yikm9FGwjGKZk9OGf+SsmyUdyuY7eW3ej8mg=
Subject key identifier: 1C:33:25:3E:AC:E0:B5:9A:EC:E4:16:94:56:EA:05:AF:91:C4:0A:92
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01997E1A67383B7CA8CF105609B4FD68F0B5
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/HDMlPqzgtZrs5BaUVuoFr5HECpI.roa
Signing time: Wed 24 Sep 2025 23:41:23 +0000
ROA not before: Wed 24 Sep 2025 23:41:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/22 maxlen: 22
5.178.4.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/22 maxlen: 22
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/20 maxlen: 20
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.133.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/20 maxlen: 20
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
109.205.215.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
188.64.12.0/22 maxlen: 22
188.64.12.0/24 maxlen: 24
188.64.13.0/24 maxlen: 24
188.64.14.0/24 maxlen: 24
188.64.15.0/24 maxlen: 24
2a00:48c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7e:1a:67:38:3b:7c:a8:cf:10:56:09:b4:fd:68:f0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 24 23:41:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c33253eace0b59aece4169456ea05af91c40a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:ef:73:b0:a2:08:c3:c4:77:82:c8:d5:fa:
f6:a1:a4:54:55:0e:03:71:aa:24:61:30:70:df:5e:
55:4a:69:f9:89:64:80:eb:87:79:b7:50:c1:0c:e0:
28:04:6b:d4:b3:cf:37:11:3f:f8:2b:9f:3c:e5:8a:
49:5f:14:50:69:87:bb:58:25:92:9b:67:e9:e5:6f:
25:59:0e:e9:2a:17:7e:ec:33:1e:ac:59:3c:df:1a:
6a:35:73:b8:39:0b:e5:59:69:8c:51:90:74:d6:de:
5d:72:b7:0f:b7:32:a9:fc:d6:a0:ff:49:6f:90:7a:
09:d5:49:d5:7c:c9:e1:2d:82:e4:64:c6:eb:9e:aa:
a8:e4:db:6f:15:77:d6:cf:3b:65:33:2c:90:76:f2:
ea:58:bf:4f:ef:03:a5:1f:ce:be:c7:da:9e:2a:a7:
ed:6f:d2:72:cc:a6:bb:3b:2b:c6:d9:c4:df:31:fb:
d8:ce:dd:d6:9c:b8:1f:c5:b0:df:25:f1:f0:1f:6d:
f7:32:1c:da:6f:e5:b0:ab:16:73:2c:f5:c3:54:46:
b6:ac:a5:b5:05:cd:14:3b:a0:d5:b3:07:b9:97:4e:
81:6d:ec:2d:3f:14:7b:80:4b:f0:d1:fa:b1:37:b7:
f5:fc:18:c2:4e:7c:f7:cc:35:c7:45:35:ed:de:b0:
2a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:33:25:3E:AC:E0:B5:9A:EC:E4:16:94:56:EA:05:AF:91:C4:0A:92
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/HDMlPqzgtZrs5BaUVuoFr5HECpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
109.205.215.0/24
185.81.216.0/23
185.81.219.0/24
188.64.8.0/21
IPv6:
2a00:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
44:37:cd:a3:4d:e7:ca:87:46:b3:7b:f6:09:c8:78:46:ad:19:
b2:36:bd:bc:28:df:b3:7d:db:32:f7:f2:a1:59:51:7c:df:56:
2c:6a:07:6b:53:ed:98:40:98:13:c7:36:79:95:9e:a7:e8:ac:
9b:ba:50:d3:13:18:da:d1:31:82:b1:9b:4d:b9:dc:f3:1e:5e:
58:96:7c:88:33:21:37:72:5b:c5:e1:09:5f:49:35:1b:39:c4:
86:9f:69:48:d2:1f:2d:64:c8:e0:e6:04:8c:60:3a:88:40:e2:
dd:2c:fe:b3:58:13:99:f8:31:2f:bf:df:39:bb:05:5d:d7:02:
55:13:8f:a7:10:da:76:d9:04:b6:ee:9a:d0:55:e7:16:a5:aa:
22:7a:9b:41:c4:c5:e5:b1:aa:e8:0c:43:e2:91:4f:6b:3b:df:
c4:7f:7f:82:04:ae:38:2f:af:41:fe:73:b2:99:59:a0:14:8a:
dc:62:ea:f5:40:1d:76:90:f9:c3:e6:46:42:18:3c:0b:ce:3e:
ce:45:f2:a8:df:5e:e1:a1:ae:1a:b9:d8:71:a9:a2:17:aa:99:
fd:df:58:56:d7:3d:93:61:44:ce:1e:41:3c:03:b6:da:21:9d:
05:9a:b8:fb:e4:4b:64:b3:c5:63:46:e3:95:4d:bd:40:b8:23:
41:0a:85:be
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZl+Gmc4O3yozxBWCbT9aPC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwOTI0MjM0MTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMzMjUzZWFjZTBiNTlhZWNlNDE2OTQ1NmVhMDVhZjkxYzQwYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMfvc7CiCMPEd4LI1fr2oaRUVQ4D
caokYTBw315VSmn5iWSA64d5t1DBDOAoBGvUs883ET/4K5885YpJXxRQaYe7WCWS
m2fp5W8lWQ7pKhd+7DMerFk83xpqNXO4OQvlWWmMUZB01t5dcrcPtzKp/Nag/0lv
kHoJ1UnVfMnhLYLkZMbrnqqo5NtvFXfWzztlMyyQdvLqWL9P7wOlH86+x9qeKqft
b9JyzKa7OyvG2cTfMfvYzt3WnLgfxbDfJfHwH233Mhzab+WwqxZzLPXDVEa2rKW1
Bc0UO6DVswe5l06BbewtPxR7gEvw0fqxN7f1/BjCTnz3zDXHRTXt3rAqtQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFBwzJT6s4LWa7OQWlFbqBa+RxAqSMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvSERNbFBxemd0WnJzNUJhVVZ1b0ZyNUhFQ3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBABtzdcDBAG5UdgD
BAC5UdsDBAO8QAgwDQQCAAIwBwMFACoASMAwDQYJKoZIhvcNAQELBQADggEBAEQ3
zaNN58qHRrN79gnIeEatGbI2vbwo37N92zL38qFZUXzfVixqB2tT7ZhAmBPHNnmV
nqforJu6UNMTGNrRMYKxm0253PMeXliWfIgzITdyW8XhCV9JNRs5xIafaUjSHy1k
yODmBIxgOohA4t0s/rNYE5n4MS+/3zm7BV3XAlUTj6cQ2nbZBLbumtBV5xalqiJ6
m0HExeWxqugMQ+KRT2s738R/f4IErjgvr0H+c7KZWaAUitxi6vVAHXaQ+cPmRkIY
PAvOPs5F8qjfXuGhrhq52HGpoheqmf3fWFbXPZNhRM4eQTwDttohnQWauPvkS2Sz
xWNG45VNvUC4I0EKhb4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:19:55 2025 by rpki-client