Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/hkLHtBSccrknC-g5ge_WXXiKorY.roa
File: hkLHtBSccrknC-g5ge_WXXiKorY.roa (raw, json)
Hash identifier: nU/F/e4w7RMQIPXByIUc7DaW4gVnGyG14yLqREu8Cyo=
Subject key identifier: 86:42:C7:B4:14:9C:72:B9:27:0B:E8:39:81:EF:D6:5D:78:8A:A2:B6
Certificate issuer: /CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Certificate serial: 019C66F49D4340157EF6368C69B9CF5ED292
Authority key identifier: 54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/hkLHtBSccrknC-g5ge_WXXiKorY.roa
Signing time: Mon 16 Feb 2026 14:57:12 +0000
ROA not before: Mon 16 Feb 2026 14:57:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211381
IP address blocks: 188.137.176.0/24 maxlen: 24
188.137.177.0/24 maxlen: 24
188.137.179.0/24 maxlen: 24
188.137.180.0/24 maxlen: 24
188.137.181.0/24 maxlen: 24
188.137.182.0/24 maxlen: 24
188.137.183.0/24 maxlen: 24
188.137.224.0/24 maxlen: 24
188.137.225.0/24 maxlen: 24
188.137.227.0/24 maxlen: 24
188.137.228.0/24 maxlen: 24
188.137.229.0/24 maxlen: 24
188.137.230.0/24 maxlen: 24
188.137.231.0/24 maxlen: 24
188.137.240.0/24 maxlen: 24
188.137.241.0/24 maxlen: 24
188.137.242.0/24 maxlen: 24
188.137.243.0/24 maxlen: 24
188.137.245.0/24 maxlen: 24
188.137.246.0/24 maxlen: 24
188.137.247.0/24 maxlen: 24
188.137.248.0/24 maxlen: 24
188.137.249.0/24 maxlen: 24
188.137.250.0/24 maxlen: 24
188.137.251.0/24 maxlen: 24
188.137.252.0/24 maxlen: 24
188.137.253.0/24 maxlen: 24
188.137.254.0/24 maxlen: 24
188.137.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:f4:9d:43:40:15:7e:f6:36:8c:69:b9:cf:5e:d2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Validity
Not Before: Feb 16 14:57:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8642c7b4149c72b9270be83981efd65d788aa2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:c3:67:2c:12:e5:07:f5:6a:0f:0c:90:58:
58:6c:33:8b:fd:10:2e:de:18:5d:b2:ca:40:49:f1:
a6:0d:f9:e7:5d:f1:ca:29:da:6d:9f:77:a4:e1:8a:
04:d1:89:1c:4f:19:8f:7b:e8:8d:55:7f:45:3c:8b:
bf:d9:e0:1c:cf:c6:51:e3:b8:4c:d7:b9:73:64:43:
86:95:58:ff:4d:ed:ba:c9:92:09:8d:ce:bb:8f:74:
56:5f:ca:30:a6:2a:81:69:f4:78:e5:b5:2a:9d:6a:
8e:e1:67:26:db:ac:e0:8d:ad:ce:eb:a5:f5:fa:40:
f9:83:c7:02:93:ce:97:97:06:cb:cd:2b:3e:33:b5:
4e:d8:e8:cb:4b:7b:01:4f:3b:ae:3f:1a:26:0e:bb:
86:92:f8:85:68:73:7c:55:df:68:6b:84:70:ae:f0:
5a:bf:ad:0c:0b:15:a8:2a:37:e9:8c:46:cc:1d:eb:
b6:ea:d4:62:b4:be:5f:a5:f6:89:92:a4:d8:aa:e3:
8a:a1:5b:21:53:f2:98:6b:2b:ef:b2:7c:fd:6d:6b:
5b:e8:06:06:48:1f:2d:b7:66:44:82:74:14:ff:69:
bc:5f:cf:a7:70:a0:88:fc:2e:43:29:c8:65:25:6e:
dd:0c:85:38:cb:1a:a2:b3:8c:ae:2b:20:51:36:cd:
40:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:42:C7:B4:14:9C:72:B9:27:0B:E8:39:81:EF:D6:5D:78:8A:A2:B6
X509v3 Authority Key Identifier:
keyid:54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/hkLHtBSccrknC-g5ge_WXXiKorY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.176.0/23
188.137.179.0-188.137.183.255
188.137.224.0/23
188.137.227.0-188.137.231.255
188.137.240.0/22
188.137.245.0-188.137.255.255
Signature Algorithm: sha256WithRSAEncryption
89:cb:31:7d:c3:51:96:71:84:07:e0:7d:5d:ff:c9:8c:54:4a:
7e:f3:14:da:11:38:d7:e5:6e:b5:64:26:5f:83:98:ee:3e:8c:
09:67:a0:18:17:6c:84:65:0d:c9:ed:87:9f:2d:bd:02:3a:5b:
7a:e3:98:b7:3f:80:31:f9:8e:ff:62:86:43:e8:63:4f:62:38:
87:b0:b1:47:84:1e:d7:92:fe:6c:b9:fd:0c:42:8b:cf:d6:65:
2f:e4:d8:b0:cc:43:b3:16:12:a8:21:8f:11:4b:38:6e:18:37:
d2:25:a5:c7:55:44:e3:3c:ff:a3:1d:fb:b7:1b:d2:1b:be:88:
9c:40:d8:08:34:a4:05:56:a9:b5:bd:23:92:a8:70:64:03:e3:
b4:1a:35:89:16:45:b6:dd:cd:30:0b:8b:30:ca:3c:fe:8c:63:
f0:7e:c0:c9:d0:e5:33:14:11:8b:6b:62:08:c3:0c:4c:00:e3:
d5:c5:42:81:5a:d6:4c:7a:bd:e2:4f:16:d4:e6:1a:e2:dd:b0:
42:05:0a:15:33:b3:f1:06:44:f4:9e:7b:7b:51:25:f8:8b:06:
92:30:d0:af:2c:eb:ac:00:51:f2:24:5f:62:bd:2e:65:1a:06:
c5:53:dc:37:21:04:c2:80:0d:5f:b1:db:ee:91:92:ae:c9:25:
ca:0c:44:88
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZxm9J1DQBV+9jaMabnPXtKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NGE4MmFhNWUyZWI3MTcxOWI3ZjlmMDQ5YTMwN2IxMjQ1
NDQ5N2UwHhcNMjYwMjE2MTQ1NzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQyYzdiNDE0OWM3MmI5MjcwYmU4Mzk4MWVmZDY1ZDc4OGFhMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMPDZywS5Qf1ag8MkFhYbDOL/RAu
3hhdsspASfGmDfnnXfHKKdptn3ek4YoE0YkcTxmPe+iNVX9FPIu/2eAcz8ZR47hM
17lzZEOGlVj/Te26yZIJjc67j3RWX8owpiqBafR45bUqnWqO4Wcm26zgja3O66X1
+kD5g8cCk86XlwbLzSs+M7VO2OjLS3sBTzuuPxomDruGkviFaHN8Vd9oa4RwrvBa
v60MCxWoKjfpjEbMHeu26tRitL5fpfaJkqTYquOKoVshU/KYayvvsnz9bWtb6AYG
SB8tt2ZEgnQU/2m8X8+ncKCI/C5DKchlJW7dDIU4yxqis4yuKyBRNs1AlQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFIZCx7QUnHK5JwvoOYHv1l14iqK2MB8GA1UdIwQY
MBaAFFRKgqpeLrcXGbf58EmjB7EkVEl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYt
MDJkZTAxMjQyMjhlLzEvaGtMSHRCU2NjcmtuQy1nNWdlX1dYWGlLb3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYtMDJkZTAxMjQyMjhl
LzEvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBvImwMAwD
BAC8ibMDBAO8ibADBAG8ieAwDAMEALyJ4wMEA7yJ4AMEAryJ8DALAwQAvIn1AwMB
vIgwDQYJKoZIhvcNAQELBQADggEBAInLMX3DUZZxhAfgfV3/yYxUSn7zFNoRONfl
brVkJl+DmO4+jAlnoBgXbIRlDcnth58tvQI6W3rjmLc/gDH5jv9ihkPoY09iOIew
sUeEHteS/my5/QxCi8/WZS/k2LDMQ7MWEqghjxFLOG4YN9IlpcdVROM8/6Md+7cb
0hu+iJxA2Ag0pAVWqbW9I5KocGQD47QaNYkWRbbdzTALizDKPP6MY/B+wMnQ5TMU
EYtrYgjDDEwA49XFQoFa1kx6veJPFtTmGuLdsEIFChUzs/EGRPSee3tRJfiLBpIw
0K8s66wAUfIkX2K9LmUaBsVT3DchBMKADV+x2+6Rkq7JJcoMRIg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:57:20 2026 by rpki-client