Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Hn6HT0rI8yw7OpMX6Ki5ydHEALE.roa
File: Hn6HT0rI8yw7OpMX6Ki5ydHEALE.roa (raw, json)
Hash identifier: zwMQqyYw0odC6f9bIE+RcXjMzhkbC7l0+euZhieJ6Hw=
Subject key identifier: 1E:7E:87:4F:4A:C8:F3:2C:3B:3A:93:17:E8:A8:B9:C9:D1:C4:00:B1
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019C98E7152E9441B23F9744096B1DFF587A
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Hn6HT0rI8yw7OpMX6Ki5ydHEALE.roa
Signing time: Thu 26 Feb 2026 07:43:26 +0000
ROA not before: Thu 26 Feb 2026 07:43:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/23 maxlen: 23
31.170.50.0/23 maxlen: 23
31.170.52.0/23 maxlen: 23
31.170.54.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
31.170.56.0/23 maxlen: 23
31.170.58.0/23 maxlen: 23
31.170.60.0/22 maxlen: 22
37.49.148.0/24 maxlen: 24
94.74.128.0/23 maxlen: 23
94.74.130.0/23 maxlen: 23
94.74.132.0/22 maxlen: 22
94.74.136.0/24 maxlen: 24
94.74.138.0/23 maxlen: 23
94.74.141.0/24 maxlen: 24
94.74.142.0/23 maxlen: 23
94.74.144.0/24 maxlen: 24
94.74.146.0/24 maxlen: 24
94.74.148.0/23 maxlen: 23
94.74.150.0/23 maxlen: 23
94.74.152.0/22 maxlen: 22
94.74.160.0/22 maxlen: 22
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.168.0/23 maxlen: 24
94.74.170.0/24 maxlen: 24
94.74.172.0/24 maxlen: 24
94.74.174.0/23 maxlen: 23
94.74.176.0/22 maxlen: 22
94.74.180.0/23 maxlen: 23
94.74.182.0/23 maxlen: 23
94.74.186.0/23 maxlen: 23
94.74.188.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.138.0/23 maxlen: 23
176.46.141.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.148.0/23 maxlen: 23
176.46.152.0/22 maxlen: 22
176.46.156.0/23 maxlen: 23
176.46.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:98:e7:15:2e:94:41:b2:3f:97:44:09:6b:1d:ff:58:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 26 07:43:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e7e874f4ac8f32c3b3a9317e8a8b9c9d1c400b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:97:89:20:ce:44:aa:85:aa:a4:b5:06:cc:
f8:7f:c0:f3:8f:e0:06:d0:4e:71:84:49:87:37:79:
e4:4f:9f:e0:5f:26:f9:a6:76:41:f1:8e:88:78:d5:
07:27:b8:d5:07:cb:f8:8d:b6:20:8e:40:f9:6f:48:
cf:57:85:85:ee:9b:c3:21:40:b9:9c:a4:42:2f:2c:
11:40:87:81:ea:6d:fe:04:13:64:c3:bc:db:6e:7e:
0d:a8:78:fe:92:0d:da:6f:ab:ee:27:ef:0a:4a:23:
3e:86:79:ef:51:f1:2f:47:92:d5:77:55:40:76:45:
32:e1:1a:e3:f5:03:4f:23:9f:c3:4b:9c:bc:d7:24:
bc:51:a0:b0:da:92:4c:de:ba:1d:f4:1f:c1:5f:d3:
14:5a:5d:7d:ac:fc:29:2f:68:5b:fd:79:e7:dd:f7:
c2:0f:c1:a5:ea:18:c2:08:2a:ae:af:bd:9d:34:8a:
29:b2:9b:1e:c5:56:3c:ca:90:65:95:8c:e3:d7:80:
4a:94:68:a9:3f:18:e5:d4:a9:6a:a5:b7:30:4b:c7:
08:4b:9d:a2:25:cf:41:9a:fd:b1:30:05:95:20:2a:
85:78:0c:08:5d:f7:f9:f7:87:f3:38:6e:78:26:74:
f0:f9:d3:56:50:74:f0:9e:6b:c7:d9:1b:ab:7b:c3:
0d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7E:87:4F:4A:C8:F3:2C:3B:3A:93:17:E8:A8:B9:C9:D1:C4:00:B1
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Hn6HT0rI8yw7OpMX6Ki5ydHEALE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
37.49.148.0/24
94.74.128.0-94.74.136.255
94.74.138.0/23
94.74.141.0-94.74.144.255
94.74.146.0/24
94.74.148.0-94.74.155.255
94.74.160.0/22
94.74.165.0-94.74.170.255
94.74.172.0/24
94.74.174.0-94.74.183.255
94.74.186.0-94.74.191.255
176.46.134.0/24
176.46.138.0/23
176.46.141.0/24
176.46.144.0/24
176.46.147.0-176.46.149.255
176.46.152.0-176.46.158.255
Signature Algorithm: sha256WithRSAEncryption
75:83:3c:f5:27:7a:52:18:4a:72:84:c3:2a:d9:a0:62:b1:da:
16:b7:3f:35:fe:e7:8d:64:a2:53:ee:10:4c:69:1a:53:3f:b6:
44:b2:f5:11:8e:3f:63:d4:fb:b1:55:a9:71:9a:78:f0:16:b9:
8b:69:44:6d:3f:14:6d:1e:74:a6:19:6f:c2:37:1a:f6:db:bd:
29:fa:b5:77:82:e9:6e:58:4d:5e:72:70:c2:8f:6f:cc:e9:96:
91:1d:a4:f6:06:3b:85:3e:2b:5f:6e:80:4c:d2:69:a2:a0:fc:
3b:b5:62:66:71:53:c7:a4:bf:19:0b:1c:c3:72:16:d1:d5:8e:
1a:48:72:15:0c:5b:4d:f0:39:4b:1a:80:42:ba:02:5d:d8:a3:
82:3b:2a:70:13:d7:ac:45:fd:d4:13:14:4b:07:71:fe:e3:ce:
33:84:f5:78:25:8d:44:cb:b7:2f:84:7d:76:8c:84:f6:85:83:
a2:ac:b0:d9:a5:c8:e9:41:7e:96:7d:53:e7:17:ff:f6:f4:c2:
30:28:4b:0f:3d:6d:a0:41:6c:32:d4:0c:e0:07:68:73:03:c5:
ed:fa:f7:e7:5c:8d:69:9f:47:fd:18:ec:de:12:6b:60:8e:5b:
4c:34:a3:fc:e7:d4:d7:cf:b1:06:5f:0f:71:10:86:7b:55:d9:
81:6d:71:fa
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZyY5xUulEGyP5dECWsd/1h6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjYwMjI2MDc0MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTdlODc0ZjRhYzhmMzJjM2IzYTkzMTdlOGE4YjljOWQxYzQwMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUCXiSDORKqFqqS1Bsz4f8Dzj+AG
0E5xhEmHN3nkT5/gXyb5pnZB8Y6IeNUHJ7jVB8v4jbYgjkD5b0jPV4WF7pvDIUC5
nKRCLywRQIeB6m3+BBNkw7zbbn4NqHj+kg3ab6vuJ+8KSiM+hnnvUfEvR5LVd1VA
dkUy4Rrj9QNPI5/DS5y81yS8UaCw2pJM3rod9B/BX9MUWl19rPwpL2hb/Xnn3ffC
D8Gl6hjCCCqur72dNIopspsexVY8ypBllYzj14BKlGipPxjl1KlqpbcwS8cIS52i
Jc9Bmv2xMAWVICqFeAwIXff594fzOG54JnTw+dNWUHTwnmvH2Rure8MNkwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFB5+h09KyPMsOzqTF+ioucnRxACxMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSG42SFQwckk4eXc3T3BNWDZLaTV5ZEhFQUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAQf
qjADBAAlMZQwDAMEB15KgAMEAF5KiAMEAV5KijAMAwQAXkqNAwQAXkqQAwQAXkqS
MAwDBAJeSpQDBAJeSpgDBAJeSqAwDAMEAF5KpQMEAF5KqgMEAF5KrDAMAwQBXkqu
AwQDXkqwMAwDBAFeSroDBAZeSoADBACwLoYDBAGwLooDBACwLo0DBACwLpAwDAME
ALAukwMEAbAulDAMAwQDsC6YAwQAsC6eMA0GCSqGSIb3DQEBCwUAA4IBAQB1gzz1
J3pSGEpyhMMq2aBisdoWtz81/ueNZKJT7hBMaRpTP7ZEsvURjj9j1PuxValxmnjw
FrmLaURtPxRtHnSmGW/CNxr2270p+rV3guluWE1ecnDCj2/M6ZaRHaT2BjuFPitf
boBM0mmioPw7tWJmcVPHpL8ZCxzDchbR1Y4aSHIVDFtN8DlLGoBCugJd2KOCOypw
E9esRf3UExRLB3H+484zhPV4JY1Ey7cvhH12jIT2hYOirLDZpcjpQX6WfVPnF//2
9MIwKEsPPW2gQWwy1AzgB2hzA8Xt+vfnXI1pn0f9GOzeEmtgjltMNKP859TXz7EG
Xw9xEIZ7VdmBbXH6
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:40:17 2026 by rpki-client