Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/hKeFeFo6493_38OQ9i00adzif9I.roa
File: hKeFeFo6493_38OQ9i00adzif9I.roa (raw, json)
Hash identifier: 53uE5bZj+EC0/O49ny+JkcCWuYcfpKEUEDdPY2U5sKo=
Subject key identifier: 84:A7:85:78:5A:3A:E3:DD:FF:DF:C3:90:F6:2D:34:69:DC:E2:7F:D2
Certificate issuer: /CN=f7858b91a6627f2358eaadcd26ba5c2c5c46ea03
Certificate serial: 019E760AE88F5F03196F61FD6CE70FB6C2E7
Authority key identifier: F7:85:8B:91:A6:62:7F:23:58:EA:AD:CD:26:BA:5C:2C:5C:46:EA:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94WLkaZifyNY6q3NJrpcLFxG6gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/hKeFeFo6493_38OQ9i00adzif9I.roa
Signing time: Fri 29 May 2026 23:21:26 +0000
ROA not before: Fri 29 May 2026 23:21:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42183
IP address blocks: 185.82.96.0/22 maxlen: 24
185.82.96.0/24 maxlen: 24
185.82.97.0/24 maxlen: 24
185.82.98.0/24 maxlen: 24
185.82.99.0/24 maxlen: 24
2a05:8ec0::/29 maxlen: 29
2a05:8ec0::/32 maxlen: 32
2a05:8ec0:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/94WLkaZifyNY6q3NJrpcLFxG6gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/94WLkaZifyNY6q3NJrpcLFxG6gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/94WLkaZifyNY6q3NJrpcLFxG6gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:76:0a:e8:8f:5f:03:19:6f:61:fd:6c:e7:0f:b6:c2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7858b91a6627f2358eaadcd26ba5c2c5c46ea03
Validity
Not Before: May 29 23:21:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=84a785785a3ae3ddffdfc390f62d3469dce27fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:34:25:83:fe:87:48:90:1b:73:64:85:3f:
4e:5c:e5:6b:68:af:6c:32:50:5b:e1:5d:ec:6a:62:
de:8b:c3:93:e4:4a:c1:c2:48:e4:20:50:1c:d6:00:
42:3e:cf:bf:0d:6e:1a:17:ac:43:f2:a6:ea:8b:b7:
33:98:80:e6:8f:05:3d:66:3a:86:24:6d:79:6e:32:
e7:b6:71:a7:51:5e:47:df:d0:1d:41:be:35:8b:bc:
2e:7f:c9:6d:b8:35:72:b9:d6:f9:e2:8d:3f:f1:0a:
ba:c9:9c:4d:9b:10:67:c4:51:17:59:32:05:4a:d1:
92:5b:b0:f4:e6:05:73:68:36:92:00:ef:8c:1f:d2:
16:32:6a:4d:95:86:96:96:ac:54:18:c0:3d:bf:b3:
77:2c:36:19:6e:6d:95:bf:f2:57:22:bb:98:b3:ae:
01:62:44:da:b6:2a:1b:55:74:50:30:e9:a2:31:9f:
51:97:df:38:be:e0:ed:fa:cb:e0:b2:5e:86:28:83:
1d:98:9e:45:19:f3:14:67:82:10:7b:a7:f5:ec:50:
75:54:41:c3:04:a9:31:a4:ec:aa:53:2c:0c:20:4b:
3f:5b:fb:32:54:b2:ad:21:26:47:f9:de:d6:64:30:
90:05:73:05:ab:26:1a:6b:92:36:b6:85:1d:5a:85:
e3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A7:85:78:5A:3A:E3:DD:FF:DF:C3:90:F6:2D:34:69:DC:E2:7F:D2
X509v3 Authority Key Identifier:
keyid:F7:85:8B:91:A6:62:7F:23:58:EA:AD:CD:26:BA:5C:2C:5C:46:EA:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94WLkaZifyNY6q3NJrpcLFxG6gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/hKeFeFo6493_38OQ9i00adzif9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f028e8-f041-4880-8a9d-f27aa9c6eb6b/1/94WLkaZifyNY6q3NJrpcLFxG6gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.96.0/22
IPv6:
2a05:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
17:bd:cd:e2:a0:62:46:ff:96:68:69:47:bd:f1:63:1d:a3:bc:
c3:13:bc:ed:dd:79:ea:01:82:1a:88:a8:c6:8d:f9:11:d2:94:
51:16:d0:3d:7e:fd:78:1b:a6:32:ec:ec:8a:43:c2:6c:2e:4c:
33:56:3a:3f:52:e2:d8:c5:8b:0f:cc:a3:88:ba:07:df:a3:e8:
7b:23:ce:ae:29:36:d6:57:96:29:bd:c2:5c:e2:1b:c8:e4:df:
f3:15:d1:ba:6f:b4:bb:b6:a5:c7:2a:06:9d:13:d1:ac:1c:a0:
a1:75:13:87:ef:87:cd:d1:c9:5e:8f:45:b8:1f:1c:53:1c:fa:
d5:d7:5c:f9:1e:f3:b4:dd:0e:b6:49:26:23:f9:56:f4:52:a9:
77:dd:b9:eb:87:d4:38:4b:6e:08:9b:20:f2:7e:9a:43:8a:04:
4d:66:ba:c2:77:e7:52:82:54:56:1d:0a:d1:47:a8:d5:30:d6:
c3:cd:15:3e:b8:9b:1b:11:74:2a:c4:73:92:d5:b3:32:6c:24:
f2:0f:a5:67:a5:e7:50:d9:8e:b2:c9:14:ed:92:50:55:4c:5d:
d3:65:60:cf:0f:ea:0e:2e:f7:30:3d:d4:42:bf:7c:6b:a8:c5:
05:eb:47:fe:82:6a:c7:f2:56:05:ad:12:9d:d6:b3:c0:33:66:
3e:ca:b4:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ52CuiPXwMZb2H9bOcPtsLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODU4YjkxYTY2MjdmMjM1OGVhYWRjZDI2YmE1YzJjNWM0
NmVhMDMwHhcNMjYwNTI5MjMyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE3ODU3ODVhM2FlM2RkZmZkZmMzOTBmNjJkMzQ2OWRjZTI3ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm40JYP+h0iQG3NkhT9OXOVraK9s
MlBb4V3samLei8OT5ErBwkjkIFAc1gBCPs+/DW4aF6xD8qbqi7czmIDmjwU9ZjqG
JG15bjLntnGnUV5H39AdQb41i7wuf8ltuDVyudb54o0/8Qq6yZxNmxBnxFEXWTIF
StGSW7D05gVzaDaSAO+MH9IWMmpNlYaWlqxUGMA9v7N3LDYZbm2Vv/JXIruYs64B
YkTatiobVXRQMOmiMZ9Rl984vuDt+svgsl6GKIMdmJ5FGfMUZ4IQe6f17FB1VEHD
BKkxpOyqUywMIEs/W/syVLKtISZH+d7WZDCQBXMFqyYaa5I2toUdWoXj3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFISnhXhaOuPd/9/DkPYtNGnc4n/SMB8GA1UdIwQY
MBaAFPeFi5GmYn8jWOqtzSa6XCxcRuoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRXTGthWmlmeU5ZNnEzTkpycGNMRnhHNmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9mMDI4ZTgtZjA0MS00ODgwLThhOWQt
ZjI3YWE5YzZlYjZiLzEvaEtlRmVGbzY0OTNfMzhPUTlpMDBhZHppZjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9mMDI4ZTgtZjA0MS00ODgwLThhOWQtZjI3YWE5YzZlYjZi
LzEvOTRXTGthWmlmeU5ZNnEzTkpycGNMRnhHNmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJgMA0E
AgACMAcDBQMqBY7AMA0GCSqGSIb3DQEBCwUAA4IBAQAXvc3ioGJG/5ZoaUe98WMd
o7zDE7zt3XnqAYIaiKjGjfkR0pRRFtA9fv14G6Yy7OyKQ8JsLkwzVjo/UuLYxYsP
zKOIugffo+h7I86uKTbWV5YpvcJc4hvI5N/zFdG6b7S7tqXHKgadE9GsHKChdROH
74fN0clej0W4HxxTHPrV11z5HvO03Q62SSYj+Vb0Uql33bnrh9Q4S24ImyDyfppD
igRNZrrCd+dSglRWHQrRR6jVMNbDzRU+uJsbEXQqxHOS1bMybCTyD6VnpedQ2Y6y
yRTtklBVTF3TZWDPD+oOLvcwPdRCv3xrqMUF60f+gmrH8lYFrRKd1rPAM2Y+yrTZ
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:48:31 2026 by rpki-client