Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/HhO3fYlasNlXuWCWma8olPA14I8.roa
File: HhO3fYlasNlXuWCWma8olPA14I8.roa (raw, json)
Hash identifier: an4Zb60vA9s3r5vXjNARMkYhW6HY9Hr3vQtUZ9SJwt4=
Subject key identifier: 1E:13:B7:7D:89:5A:B0:D9:57:B9:60:96:99:AF:28:94:F0:35:E0:8F
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 019C0592281478B539DC633C020782BFF208
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/HhO3fYlasNlXuWCWma8olPA14I8.roa
Signing time: Wed 28 Jan 2026 17:06:30 +0000
ROA not before: Wed 28 Jan 2026 17:06:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8916
IP address blocks: 188.246.192.0/20 maxlen: 20
193.108.199.0/24 maxlen: 24
213.5.88.0/21 maxlen: 21
2001:67c:1b8::/48 maxlen: 48
2a03:9800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:05:92:28:14:78:b5:39:dc:63:3c:02:07:82:bf:f2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jan 28 17:06:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e13b77d895ab0d957b9609699af2894f035e08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:47:01:48:5c:2d:71:aa:93:24:97:48:83:
d0:73:5c:be:ad:75:ee:04:ac:9a:3c:67:a2:83:e7:
64:8a:8a:19:48:35:7e:62:88:ab:85:40:1e:2e:8f:
9f:0a:92:d0:62:2a:36:99:f8:b2:c5:77:48:a6:6f:
17:8b:63:c0:48:19:94:ad:be:80:75:b3:b9:94:d9:
27:22:5f:5d:a5:0b:44:eb:11:60:2f:3b:05:e4:e1:
24:39:a8:68:9e:7f:79:a7:10:4b:e0:50:87:8a:0c:
68:06:b2:a4:b6:6f:37:1b:8d:78:90:02:79:ed:e8:
ac:f1:c8:b7:a6:ee:d1:1e:af:71:1f:8c:08:99:3f:
ae:e5:97:d6:ad:b9:59:91:31:49:39:86:b3:54:0d:
db:4d:4d:65:66:4a:dc:b2:a6:34:5e:de:b1:06:12:
98:58:fa:e6:9c:e8:45:b6:05:85:05:e9:9c:88:32:
d4:20:34:9b:f5:bc:01:c3:96:41:03:fc:fd:6e:b6:
30:30:fc:07:4c:7b:cb:21:97:a7:e1:43:dc:65:05:
f4:27:85:d4:d0:39:fa:66:ad:1f:3e:ec:b9:54:c4:
f4:11:38:0b:1e:3f:6b:c2:e0:f7:bc:85:ba:7a:62:
19:4e:8c:fd:5c:af:26:4d:5d:97:35:76:2c:d0:8d:
ee:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:13:B7:7D:89:5A:B0:D9:57:B9:60:96:99:AF:28:94:F0:35:E0:8F
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/HhO3fYlasNlXuWCWma8olPA14I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.246.192.0/20
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
1f:f2:e3:ec:5e:aa:9f:83:ad:b6:62:7c:58:8f:6a:79:0e:61:
2d:3f:31:61:a6:cd:21:c8:50:b5:69:03:21:63:de:f9:c2:b1:
77:7c:d7:77:c7:bd:46:3e:a7:31:85:08:81:b4:5c:dd:06:fc:
8f:f6:5c:65:83:84:58:7e:1b:e3:23:04:7d:be:a8:fc:09:e4:
1c:a2:98:25:b9:5b:10:af:e5:17:6e:e3:85:28:ad:5b:9c:42:
9e:d0:b7:af:f0:ae:53:00:b4:82:5b:ec:18:c0:d9:59:29:dc:
37:60:ad:14:88:23:ee:51:f3:2a:86:1c:09:d2:a5:29:79:86:
14:c2:65:98:32:f6:92:6e:9f:ac:4d:c1:cd:65:93:ac:76:e0:
fa:83:a6:9c:a1:7c:b1:98:80:c1:ae:a0:cc:ef:c3:0d:a0:f6:
82:09:4c:d0:fa:27:c8:09:ec:cb:db:46:58:4f:bf:a9:d4:cc:
fa:90:96:01:a3:4e:6b:38:c6:89:bd:8f:a0:8b:6e:bd:78:29:
ba:12:b5:11:e6:41:60:17:00:99:5e:4a:2b:9b:20:79:6e:10:
5c:2a:34:cd:cc:10:bf:c1:cb:88:c1:b7:b1:f4:7f:c8:56:07:
34:10:8d:d8:26:4c:c4:96:e2:ba:f5:f4:86:03:4e:1b:49:99:
6a:cf:47:c6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZwFkigUeLU53GM8AgeCv/IIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjYwMTI4MTcwNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTEzYjc3ZDg5NWFiMGQ5NTdiOTYwOTY5OWFmMjg5NGYwMzVlMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCZHAUhcLXGqkySXSIPQc1y+rXXu
BKyaPGeig+dkiooZSDV+YoirhUAeLo+fCpLQYio2mfiyxXdIpm8Xi2PASBmUrb6A
dbO5lNknIl9dpQtE6xFgLzsF5OEkOahonn95pxBL4FCHigxoBrKktm83G414kAJ5
7eis8ci3pu7RHq9xH4wImT+u5ZfWrblZkTFJOYazVA3bTU1lZkrcsqY0Xt6xBhKY
WPrmnOhFtgWFBemciDLUIDSb9bwBw5ZBA/z9brYwMPwHTHvLIZen4UPcZQX0J4XU
0Dn6Zq0fPuy5VMT0ETgLHj9rwuD3vIW6emIZToz9XK8mTV2XNXYs0I3uWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB4Tt32JWrDZV7lglpmvKJTwNeCPMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvSGhPM2ZZbGFzTmxYdVdDV21hOG9sUEExNEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQEvPbAAwQA
wWzHAwQD1QVYMBYEAgACMBADBwAgAQZ8AbgDBQMqA5gAMA0GCSqGSIb3DQEBCwUA
A4IBAQAf8uPsXqqfg622YnxYj2p5DmEtPzFhps0hyFC1aQMhY975wrF3fNd3x71G
PqcxhQiBtFzdBvyP9lxlg4RYfhvjIwR9vqj8CeQcopgluVsQr+UXbuOFKK1bnEKe
0Lev8K5TALSCW+wYwNlZKdw3YK0UiCPuUfMqhhwJ0qUpeYYUwmWYMvaSbp+sTcHN
ZZOsduD6g6acoXyxmIDBrqDM78MNoPaCCUzQ+ifICezL20ZYT7+p1Mz6kJYBo05r
OMaJvY+gi269eCm6ErUR5kFgFwCZXkormyB5bhBcKjTNzBC/wcuIwbex9H/IVgc0
EI3YJkzEluK69fSGA04bSZlqz0fG
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:13 2026 by rpki-client