Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/hY0aJNRR_6F6hcj2HU6oTmY_Pcw.roa
File: hY0aJNRR_6F6hcj2HU6oTmY_Pcw.roa (raw, json)
Hash identifier: 57iH2xrm7fGDAmF/kYd4rhaoKj2e48MM0T5HY2yEuRU=
Subject key identifier: 85:8D:1A:24:D4:51:FF:A1:7A:85:C8:F6:1D:4E:A8:4E:66:3F:3D:CC
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019C9F7455FF48830A706CEC5E35DE34FF79
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/hY0aJNRR_6F6hcj2HU6oTmY_Pcw.roa
Signing time: Fri 27 Feb 2026 14:15:27 +0000
ROA not before: Fri 27 Feb 2026 14:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 45.89.60.0/24 maxlen: 24
45.150.66.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
138.124.186.0/24 maxlen: 24
212.18.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:74:55:ff:48:83:0a:70:6c:ec:5e:35:de:34:ff:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Feb 27 14:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=858d1a24d451ffa17a85c8f61d4ea84e663f3dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:49:80:40:d2:50:11:4d:94:19:34:37:63:
93:43:47:5b:d8:5e:a6:91:fd:36:fc:8e:4d:87:38:
ba:4c:84:b3:f1:21:b0:a3:0e:e4:6b:63:30:28:67:
c4:98:8a:9b:c6:77:c8:b9:64:f5:4c:89:95:3c:7f:
0e:7d:12:7c:75:8b:09:57:ff:31:91:f1:2b:2f:92:
2f:1c:a6:16:d6:d5:ff:dc:93:54:63:78:67:92:86:
5a:43:66:df:62:27:06:f1:d6:3e:89:b6:33:ab:8d:
be:20:a8:c3:fb:d4:b8:37:13:08:6c:54:b3:66:b0:
7d:43:25:24:3a:27:90:e5:89:0a:e4:5f:19:fb:cd:
88:bd:0f:0e:f2:56:89:12:f4:29:e8:1b:16:ff:b6:
61:5d:11:04:0f:34:28:2a:ca:e5:30:28:47:f7:c0:
29:b7:21:cf:0c:ce:91:ac:21:6d:7c:1a:85:42:35:
af:88:17:be:af:b9:19:fa:3e:4c:b6:86:f6:4a:99:
b3:39:df:5b:81:6f:59:89:df:cd:98:93:2b:09:ea:
48:1c:8c:c7:1c:7e:24:26:76:16:6b:9b:da:86:b2:
9b:8b:8c:c6:97:e6:f6:74:01:61:f9:7b:d9:3d:20:
10:4f:70:46:cf:09:a1:71:42:03:cd:ac:18:d2:59:
53:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8D:1A:24:D4:51:FF:A1:7A:85:C8:F6:1D:4E:A8:4E:66:3F:3D:CC
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/hY0aJNRR_6F6hcj2HU6oTmY_Pcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.60.0/24
45.150.66.0/24
138.124.181.0/24
138.124.186.0/24
212.18.104.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:4a:ac:9a:10:36:80:8c:8c:51:d8:a0:0b:b4:fd:30:0e:4f:
ea:94:68:f7:b3:f1:26:ae:1a:88:d1:25:d9:be:25:ec:28:3f:
a3:f5:d9:cb:56:bb:13:73:f5:3c:80:e4:cc:a2:9e:65:41:f5:
16:a6:1d:e6:67:02:8f:d0:1e:c1:ef:e2:87:6d:4a:e7:05:dc:
88:8a:28:15:72:85:a1:6a:0b:20:5a:87:56:21:c5:fb:c1:43:
db:33:80:10:7b:7c:1d:46:9b:9c:e6:94:67:d1:0e:31:89:2e:
6f:ef:b9:4a:6f:b8:20:7f:77:f4:b9:0d:66:3f:84:30:3d:a1:
eb:ce:1c:da:11:dc:95:e7:66:38:b1:72:7b:d8:23:7a:87:bb:
f3:04:dc:ff:6f:a0:b6:53:ab:3f:72:41:c0:72:78:11:1f:36:
c0:db:79:88:3b:80:a2:64:c5:f2:a0:b8:aa:82:f7:3f:d3:5a:
2f:f7:7c:ed:bc:13:bb:f3:39:de:3e:a2:f3:34:83:4f:8a:81:
60:6c:f5:71:36:2e:35:fc:bf:87:d3:c9:8d:c4:fd:94:18:65:
b2:02:7f:62:ad:82:7a:e2:31:32:7e:36:f6:5d:09:d7:b4:f5:
9f:02:f8:17:cd:e0:ea:2b:93:0f:eb:b7:53:c0:98:3d:6e:0e:
7a:ab:9d:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZyfdFX/SIMKcGzsXjXeNP95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjYwMjI3MTQxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThkMWEyNGQ0NTFmZmExN2E4NWM4ZjYxZDRlYTg0ZTY2M2YzZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApExJgEDSUBFNlBk0N2OTQ0db2F6m
kf02/I5Nhzi6TISz8SGwow7ka2MwKGfEmIqbxnfIuWT1TImVPH8OfRJ8dYsJV/8x
kfErL5IvHKYW1tX/3JNUY3hnkoZaQ2bfYicG8dY+ibYzq42+IKjD+9S4NxMIbFSz
ZrB9QyUkOieQ5YkK5F8Z+82IvQ8O8laJEvQp6BsW/7ZhXREEDzQoKsrlMChH98Ap
tyHPDM6RrCFtfBqFQjWviBe+r7kZ+j5Mtob2SpmzOd9bgW9Zid/NmJMrCepIHIzH
HH4kJnYWa5vahrKbi4zGl+b2dAFh+XvZPSAQT3BGzwmhcUIDzawY0llT8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIWNGiTUUf+heoXI9h1OqE5mPz3MMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvaFkwYUpOUlJfNkY2aGNqMkhVNm9UbVlfUGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVk8AwQA
LZZCAwQAiny1AwQAiny6AwQA1BJoMA0GCSqGSIb3DQEBCwUAA4IBAQBPSqyaEDaA
jIxR2KALtP0wDk/qlGj3s/EmrhqI0SXZviXsKD+j9dnLVrsTc/U8gOTMop5lQfUW
ph3mZwKP0B7B7+KHbUrnBdyIiigVcoWhagsgWodWIcX7wUPbM4AQe3wdRpuc5pRn
0Q4xiS5v77lKb7ggf3f0uQ1mP4QwPaHrzhzaEdyV52Y4sXJ72CN6h7vzBNz/b6C2
U6s/ckHAcngRHzbA23mIO4CiZMXyoLiqgvc/01ov93ztvBO78znePqLzNINPioFg
bPVxNi41/L+H08mNxP2UGGWyAn9irYJ64jEyfjb2XQnXtPWfAvgXzeDqK5MP67dT
wJg9bg56q53e
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:57:21 2026 by rpki-client