Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hy5yLmgRfmZBuK-FEXQEPbGcx6k.roa
File: hy5yLmgRfmZBuK-FEXQEPbGcx6k.roa (raw, json)
Hash identifier: g7/GKcyp7tmlOA96hyy8lITFhSO0sssvTdDGoCX2ZzY=
Subject key identifier: 87:2E:72:2E:68:11:7E:66:41:B8:AF:85:11:74:04:3D:B1:9C:C7:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019D44C81B0F530D361788B28D72614B27F0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hy5yLmgRfmZBuK-FEXQEPbGcx6k.roa
Signing time: Tue 31 Mar 2026 16:44:17 +0000
ROA not before: Tue 31 Mar 2026 16:44:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 62.76.226.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:c8:1b:0f:53:0d:36:17:88:b2:8d:72:61:4b:27:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 31 16:44:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=872e722e68117e6641b8af851174043db19cc7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:eb:b3:dd:d9:61:84:55:20:f8:1e:ba:59:
a7:5a:55:29:c3:1a:47:cd:1a:be:4b:5f:76:9d:be:
58:9a:8f:e9:5d:d6:45:40:1e:5c:c4:2f:88:22:6d:
ce:ac:5f:58:14:24:c9:9b:f5:18:a3:f3:fd:72:c2:
8d:4c:9f:f4:1b:a5:35:e8:b1:0e:17:48:35:f0:f8:
05:ac:07:60:dc:02:03:b1:30:11:b5:81:29:f0:b3:
b0:65:87:ae:2d:e8:98:c9:91:11:dc:a8:b5:fb:24:
64:00:0d:95:97:0c:10:ad:ca:ff:c1:13:3f:19:80:
39:86:68:6e:c6:6c:c3:17:fd:ec:77:ca:c9:fe:f8:
1e:7a:e0:f7:62:64:06:6d:3c:a4:a0:ec:a7:e1:03:
2b:3e:14:76:cd:1d:bb:76:ba:66:ee:ee:32:e4:fb:
d0:97:79:47:f7:08:2d:ba:3d:a4:d0:22:f4:4c:e1:
87:4f:77:6f:77:0f:c9:96:ff:cc:cc:39:cd:14:cf:
b4:e7:bb:98:20:a3:fc:bd:cc:da:a3:35:66:81:ab:
77:07:a9:11:f7:4d:5c:81:46:c4:d6:a2:3c:72:95:
3b:26:ae:f7:47:1c:57:3a:ad:88:6e:5e:f2:9b:7a:
d8:ac:0b:6b:b3:64:17:68:36:0e:4b:70:76:e0:22:
78:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2E:72:2E:68:11:7E:66:41:B8:AF:85:11:74:04:3D:B1:9C:C7:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hy5yLmgRfmZBuK-FEXQEPbGcx6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.183.0/24
192.124.188.0/24
194.87.3.0/24
194.87.7.0/24
194.87.36.0/24
194.87.90.0/24
194.87.165.0-194.87.166.255
195.133.56.0/24
195.133.60.0/23
Signature Algorithm: sha256WithRSAEncryption
71:11:b1:db:6b:d1:ce:08:ab:ad:7c:a8:8a:2c:8e:06:55:f8:
7a:a3:39:b9:ca:e7:ff:96:ac:07:27:62:1d:a4:08:20:45:99:
ea:64:4d:37:24:f6:18:5c:7e:76:d4:c8:62:72:ab:ed:79:9d:
19:f7:ca:e5:ee:00:58:73:df:eb:6e:a1:10:59:33:02:54:72:
00:d9:04:7b:0b:e0:89:97:e3:8c:79:9f:1f:88:00:a5:a5:93:
3a:70:b2:09:83:bf:dc:32:1b:09:95:19:00:c2:bc:8c:b2:55:
f5:47:dc:de:e7:ce:24:2f:e4:4b:c7:47:5c:b7:02:c5:7e:03:
5d:8b:f1:c5:d9:84:52:a6:16:3c:5d:a5:9a:b8:c6:29:23:0e:
74:d6:34:e7:52:03:57:fc:df:d7:9a:a9:32:43:a4:76:94:e2:
39:98:a8:7c:cb:83:2d:59:24:05:b1:82:8a:83:1b:c9:83:d4:
95:16:0f:fc:b5:67:64:93:43:16:61:50:4e:fe:41:67:9a:cc:
42:9c:13:c1:aa:1d:19:fa:09:47:6f:a3:72:82:9e:c4:9e:73:
7d:a9:31:b3:92:13:24:e8:0c:c3:06:a6:74:51:57:37:7e:10:
e0:10:27:59:9c:0d:25:6f:13:1c:7e:ff:de:33:ca:67:d3:67:
7f:25:1d:fd
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ1EyBsPUw02F4iyjXJhSyfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMzMxMTY0NDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJlNzIyZTY4MTE3ZTY2NDFiOGFmODUxMTc0MDQzZGIxOWNjN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruLrs93ZYYRVIPgeulmnWlUpwxpH
zRq+S192nb5Ymo/pXdZFQB5cxC+IIm3OrF9YFCTJm/UYo/P9csKNTJ/0G6U16LEO
F0g18PgFrAdg3AIDsTARtYEp8LOwZYeuLeiYyZER3Ki1+yRkAA2VlwwQrcr/wRM/
GYA5hmhuxmzDF/3sd8rJ/vgeeuD3YmQGbTykoOyn4QMrPhR2zR27drpm7u4y5PvQ
l3lH9wgtuj2k0CL0TOGHT3dvdw/Jlv/MzDnNFM+057uYIKP8vczaozVmgat3B6kR
901cgUbE1qI8cpU7Jq73RxxXOq2Ibl7ym3rYrAtrs2QXaDYOS3B24CJ43QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFIcuci5oEX5mQbivhRF0BD2xnMepMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaHk1eUxtZ1JmbVpCdUstRkVYUUVQYkdjeDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAPkziAwQA
wHy3AwQAwHy8AwQAwlcDAwQAwlcHAwQAwlckAwQAwldaMAwDBADCV6UDBADCV6YD
BADDhTgDBAHDhTwwDQYJKoZIhvcNAQELBQADggEBAHERsdtr0c4Iq618qIosjgZV
+HqjObnK5/+WrAcnYh2kCCBFmepkTTck9hhcfnbUyGJyq+15nRn3yuXuAFhz3+tu
oRBZMwJUcgDZBHsL4ImX44x5nx+IAKWlkzpwsgmDv9wyGwmVGQDCvIyyVfVH3N7n
ziQv5EvHR1y3AsV+A12L8cXZhFKmFjxdpZq4xikjDnTWNOdSA1f839eaqTJDpHaU
4jmYqHzLgy1ZJAWxgoqDG8mD1JUWD/y1Z2STQxZhUE7+QWeazEKcE8GqHRn6CUdv
o3KCnsSec32pMbOSEyToDMMGpnRRVzd+EOAQJ1mcDSVvExx+/94zymfTZ38lHf0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:48:41 2026 by rpki-client