Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/HjhcNkYhwKAwsCXy5ZYGbpaMSLg.roa
File: HjhcNkYhwKAwsCXy5ZYGbpaMSLg.roa (raw, json)
Hash identifier: xX7UUwpJ+KfmGQzUw1STndVlg/7oKae9beZ2g3g7Y4U=
Subject key identifier: 1E:38:5C:36:46:21:C0:A0:30:B0:25:F2:E5:96:06:6E:96:8C:48:B8
Certificate issuer: /CN=d58cc8506fedbb5061de9925b07d649918a19926
Certificate serial: 019B7C7FE53495463D36015EDE7BC2FC7C4F
Authority key identifier: D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/HjhcNkYhwKAwsCXy5ZYGbpaMSLg.roa
Signing time: Fri 02 Jan 2026 02:18:34 +0000
ROA not before: Fri 02 Jan 2026 02:18:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44416
IP address blocks: 188.239.192.0/18 maxlen: 18
188.239.192.0/21 maxlen: 21
188.239.200.0/21 maxlen: 21
188.239.208.0/21 maxlen: 21
188.239.216.0/21 maxlen: 21
188.239.224.0/21 maxlen: 21
188.239.232.0/21 maxlen: 21
188.239.240.0/20 maxlen: 21
188.239.240.0/21 maxlen: 21
193.228.2.0/24 maxlen: 24
2001:678:c7c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 17:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:e5:34:95:46:3d:36:01:5e:de:7b:c2:fc:7c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58cc8506fedbb5061de9925b07d649918a19926
Validity
Not Before: Jan 2 02:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e385c364621c0a030b025f2e596066e968c48b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:66:73:43:fe:82:bf:5a:fd:93:ae:6e:ff:
47:d1:0f:c0:41:57:7e:0a:53:cc:7f:d1:d9:0d:7c:
ac:f9:80:71:e2:0c:3f:8c:e8:3b:eb:53:c0:7c:bb:
6a:4f:4f:11:81:92:24:c4:f0:35:37:23:d7:05:0f:
bb:08:c6:ba:22:fa:b6:20:ef:01:ef:2d:c9:a0:b2:
f6:96:f6:39:e1:a1:da:0b:9a:25:af:cb:95:51:d2:
7c:f5:e6:8e:8b:bc:05:43:e7:34:26:76:82:31:e8:
c1:2d:8d:19:05:ce:16:06:b0:d5:bb:32:4a:d7:a7:
2d:a3:54:dc:d1:b0:b0:a9:14:48:3d:16:4b:9b:06:
06:1e:df:99:1b:02:7e:24:fd:e3:e2:a3:1b:31:77:
2e:12:e6:e8:0d:99:21:22:43:08:dc:ea:22:be:db:
18:c9:da:ed:14:12:21:e5:79:f5:09:98:c9:56:c1:
37:a2:4e:4e:7d:81:14:1e:26:c1:cc:00:ea:af:e6:
18:03:e1:f8:97:8c:f5:15:35:05:a7:81:f7:0b:fb:
14:50:c0:23:a7:11:fd:6f:48:da:8a:80:30:1a:42:
d3:65:3c:64:8c:4c:08:40:1e:ee:c9:25:36:d5:ae:
c8:9c:a5:cd:29:dc:74:85:3b:6d:55:91:93:26:51:
79:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:38:5C:36:46:21:C0:A0:30:B0:25:F2:E5:96:06:6E:96:8C:48:B8
X509v3 Authority Key Identifier:
keyid:D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/HjhcNkYhwKAwsCXy5ZYGbpaMSLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.239.192.0/18
193.228.2.0/24
IPv6:
2001:678:c7c::/48
Signature Algorithm: sha256WithRSAEncryption
73:69:da:56:13:d6:68:05:4b:92:ac:1f:e8:3b:39:03:e7:32:
c6:07:ae:74:60:3d:47:cf:7e:70:7d:50:e0:2d:8f:99:cb:07:
b3:53:15:d4:c7:26:c4:99:ef:24:6d:20:19:13:12:75:97:fb:
24:3a:0a:87:c4:50:29:af:57:b2:65:00:c4:3b:1e:ce:7d:44:
98:3f:69:83:d8:e9:e5:70:f5:43:37:dc:1a:1e:0c:72:5b:c2:
c0:39:b6:50:48:88:5d:57:0d:06:51:86:a9:7d:8a:51:23:0a:
3a:57:68:5d:7b:5a:ae:51:17:61:c2:0e:6e:6a:97:66:a6:25:
db:86:6a:1e:18:8d:55:5b:b4:5e:67:5a:f9:de:ac:7b:3a:3e:
ed:ac:af:a3:fb:ae:41:9c:18:e9:b2:20:fd:5a:5c:b0:89:30:
5a:32:3b:65:5e:49:80:7e:a7:6c:60:d7:91:c3:1b:14:d4:4e:
af:9b:4c:d0:e6:3e:c1:00:68:09:9a:e9:39:13:67:56:63:66:
83:99:b2:60:43:48:a7:14:db:14:6b:94:b3:45:2e:7d:62:17:
36:3d:4f:c6:17:6c:cb:58:b3:27:ff:8e:55:49:33:3a:c2:b4:
08:eb:14:5e:73:15:df:40:1f:54:51:8c:6a:3a:06:33:a5:73:
86:9a:d2:e9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZt8f+U0lUY9NgFe3nvC/HxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OGNjODUwNmZlZGJiNTA2MWRlOTkyNWIwN2Q2NDk5MThh
MTk5MjYwHhcNMjYwMTAyMDIxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM4NWMzNjQ2MjFjMGEwMzBiMDI1ZjJlNTk2MDY2ZTk2OGM0OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkhmc0P+gr9a/ZOubv9H0Q/AQVd+
ClPMf9HZDXys+YBx4gw/jOg761PAfLtqT08RgZIkxPA1NyPXBQ+7CMa6Ivq2IO8B
7y3JoLL2lvY54aHaC5olr8uVUdJ89eaOi7wFQ+c0JnaCMejBLY0ZBc4WBrDVuzJK
16cto1Tc0bCwqRRIPRZLmwYGHt+ZGwJ+JP3j4qMbMXcuEuboDZkhIkMI3OoivtsY
ydrtFBIh5Xn1CZjJVsE3ok5OfYEUHibBzADqr+YYA+H4l4z1FTUFp4H3C/sUUMAj
pxH9b0jaioAwGkLTZTxkjEwIQB7uySU21a7InKXNKdx0hTttVZGTJlF5+wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB44XDZGIcCgMLAl8uWWBm6WjEi4MB8GA1UdIwQY
MBaAFNWMyFBv7btQYd6ZJbB9ZJkYoZkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEt
YmIzZTgxOWYzZGRjLzEvSGpoY05rWWh3S0F3c0NYeTVaWUdicGFNU0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEtYmIzZTgxOWYzZGRj
LzEvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQGvO/AAwQA
weQCMA8EAgACMAkDBwAgAQZ4DHwwDQYJKoZIhvcNAQELBQADggEBAHNp2lYT1mgF
S5KsH+g7OQPnMsYHrnRgPUfPfnB9UOAtj5nLB7NTFdTHJsSZ7yRtIBkTEnWX+yQ6
CofEUCmvV7JlAMQ7Hs59RJg/aYPY6eVw9UM33BoeDHJbwsA5tlBIiF1XDQZRhql9
ilEjCjpXaF17Wq5RF2HCDm5ql2amJduGah4YjVVbtF5nWvnerHs6Pu2sr6P7rkGc
GOmyIP1aXLCJMFoyO2VeSYB+p2xg15HDGxTUTq+bTNDmPsEAaAma6TkTZ1ZjZoOZ
smBDSKcU2xRrlLNFLn1iFzY9T8YXbMtYsyf/jlVJMzrCtAjrFF5zFd9AH1RRjGo6
BjOlc4aa0uk=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:57:15 2026 by rpki-client