Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/HWmWJflODDxV52vIx6-epHRasJA.roa
File: HWmWJflODDxV52vIx6-epHRasJA.roa (raw, json)
Hash identifier: f4KecipuBIXANDLC3dbZ4NbJfpK+r2CZ/EO3t/X4kJk=
Subject key identifier: 1D:69:96:25:F9:4E:0C:3C:55:E7:6B:C8:C7:AF:9E:A4:74:5A:B0:90
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 019C8F133673860FBBCB79D0D24D63839DFB
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/HWmWJflODDxV52vIx6-epHRasJA.roa
Signing time: Tue 24 Feb 2026 09:55:26 +0000
ROA not before: Tue 24 Feb 2026 09:55:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203532
IP address blocks: 31.43.174.0/23 maxlen: 23
31.43.174.0/24 maxlen: 24
31.43.175.0/24 maxlen: 24
95.111.128.0/23 maxlen: 23
95.111.130.0/24 maxlen: 24
95.111.131.0/24 maxlen: 24
177.222.64.0/19 maxlen: 19
177.222.64.0/20 maxlen: 20
177.222.64.0/21 maxlen: 21
177.222.72.0/21 maxlen: 21
177.222.80.0/22 maxlen: 22
177.222.84.0/22 maxlen: 22
177.222.88.0/24 maxlen: 24
177.222.89.0/24 maxlen: 24
177.222.90.0/24 maxlen: 24
177.222.91.0/24 maxlen: 24
177.222.92.0/24 maxlen: 24
177.222.93.0/24 maxlen: 24
2a13:7500::/36 maxlen: 36
2a13:7500::/48 maxlen: 48
2a13:7500:200::/40 maxlen: 40
2a13:7500:241::/48 maxlen: 48
2a13:7500:242::/48 maxlen: 48
2a13:7500:248::/48 maxlen: 48
2a13:7500:320::/44 maxlen: 44
2a13:7500:8100::/44 maxlen: 44
2a13:7500:8100::/48 maxlen: 48
2a13:7500:8101::/48 maxlen: 48
2a13:7500:8102::/48 maxlen: 48
2a13:7500:8103::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:13:36:73:86:0f:bb:cb:79:d0:d2:4d:63:83:9d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Feb 24 09:55:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d699625f94e0c3c55e76bc8c7af9ea4745ab090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:32:94:ca:e6:60:e8:80:91:72:73:2e:67:89:
d9:e3:9b:b7:00:eb:37:b3:ae:0e:f8:be:e2:7a:61:
8c:4f:5b:41:c9:1b:3f:7a:b0:c3:92:a8:0d:bb:e1:
1e:4c:37:92:55:fa:89:5f:87:d7:72:2e:99:1c:0a:
9a:93:f5:89:50:f2:6b:84:ee:e4:9c:33:76:f9:fc:
fd:77:4e:f5:42:f1:fd:20:45:79:ee:3c:df:9f:80:
75:da:ed:c5:b8:3f:b0:30:37:ae:26:49:2c:f6:f1:
be:da:56:d6:85:14:b4:60:db:bb:64:bd:a8:b5:37:
cd:5f:dd:7c:1c:66:f7:6a:93:58:d2:4a:d2:16:87:
e8:14:ac:34:df:17:54:fc:56:4c:15:f1:f5:13:51:
98:65:73:d8:2d:b7:f2:54:aa:6e:18:b1:fe:ec:45:
58:f7:2e:c5:79:84:d3:eb:ff:13:6a:90:cf:85:2f:
9e:3e:dd:76:0c:d1:36:c0:42:59:3e:b0:d9:76:0e:
2b:f9:c6:fd:87:b8:5b:61:83:b3:38:f0:e0:9f:fe:
73:fe:83:ef:22:e2:4e:1b:63:0e:6c:32:61:24:de:
bd:50:4a:79:68:82:c6:a8:5b:8a:03:8a:95:52:60:
bd:99:8d:f3:ca:c3:5d:b0:4e:11:dd:2f:90:95:9e:
10:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:69:96:25:F9:4E:0C:3C:55:E7:6B:C8:C7:AF:9E:A4:74:5A:B0:90
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/HWmWJflODDxV52vIx6-epHRasJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
95.111.128.0/22
177.222.64.0/19
IPv6:
2a13:7500::/36
2a13:7500:8100::/44
Signature Algorithm: sha256WithRSAEncryption
1f:40:c1:ed:c1:86:b7:65:d1:8b:d2:6f:ba:43:4a:25:e0:24:
b6:d4:6e:11:b0:a1:92:1b:f3:bc:61:79:de:f0:b2:b8:13:0f:
ba:72:4a:95:96:27:82:42:82:23:dd:a5:ce:51:f4:54:7e:50:
1c:4f:47:f1:77:33:23:ee:e7:1f:1f:e4:fc:d4:a7:48:5f:a4:
47:02:8d:38:35:ee:9b:7e:c5:c5:6d:8f:1a:57:5e:c6:69:c0:
7d:32:4d:dd:07:29:ff:57:45:47:d1:5d:ee:77:c2:de:48:b4:
ba:53:85:19:6b:bd:fc:8b:2c:74:14:0c:85:2e:3b:48:87:c9:
de:10:63:ff:d2:44:8d:4d:6b:9d:31:6e:2f:cd:85:03:c8:93:
e6:06:d2:12:2a:a7:c6:27:cb:f6:2e:05:8f:b9:c1:67:61:93:
4c:d7:09:a1:ec:38:86:c0:68:bc:d5:6f:49:6a:a9:56:56:97:
0b:cf:46:9c:14:56:a5:de:dc:9b:be:6f:d3:65:d7:17:d6:d8:
ce:73:1e:63:76:b6:8d:d2:d8:a0:ba:4d:7f:39:71:95:a2:c7:
62:16:33:11:21:88:e2:cd:c5:00:dc:1f:98:0c:4d:3f:5e:59:
f0:bc:9c:b9:9f:23:ce:ef:a0:f8:4a:f8:5e:4d:47:4c:b3:ed:
59:6b:38:35
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZyPEzZzhg+7y3nQ0k1jg537MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjYwMjI0MDk1NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDY5OTYyNWY5NGUwYzNjNTVlNzZiYzhjN2FmOWVhNDc0NWFiMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDKUyuZg6ICRcnMuZ4nZ45u3AOs3
s64O+L7iemGMT1tByRs/erDDkqgNu+EeTDeSVfqJX4fXci6ZHAqak/WJUPJrhO7k
nDN2+fz9d071QvH9IEV57jzfn4B12u3FuD+wMDeuJkks9vG+2lbWhRS0YNu7ZL2o
tTfNX918HGb3apNY0krSFofoFKw03xdU/FZMFfH1E1GYZXPYLbfyVKpuGLH+7EVY
9y7FeYTT6/8TapDPhS+ePt12DNE2wEJZPrDZdg4r+cb9h7hbYYOzOPDgn/5z/oPv
IuJOG2MObDJhJN69UEp5aILGqFuKA4qVUmC9mY3zysNdsE4R3S+QlZ4QlwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFB1pliX5Tgw8VedryMevnqR0WrCQMB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvSFdtV0pmbE9ERHhWNTJ2SXg2LWVwSFJhc0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQBHyuuAwQC
X2+AAwQFsd5AMBcEAgACMBEDBgQqE3UAAAMHBCoTdQCBADANBgkqhkiG9w0BAQsF
AAOCAQEAH0DB7cGGt2XRi9JvukNKJeAkttRuEbChkhvzvGF53vCyuBMPunJKlZYn
gkKCI92lzlH0VH5QHE9H8XczI+7nHx/k/NSnSF+kRwKNODXum37FxW2PGldexmnA
fTJN3Qcp/1dFR9Fd7nfC3ki0ulOFGWu9/IssdBQMhS47SIfJ3hBj/9JEjU1rnTFu
L82FA8iT5gbSEiqnxifL9i4Fj7nBZ2GTTNcJoew4hsBovNVvSWqpVlaXC89GnBRW
pd7cm75v02XXF9bYznMeY3a2jdLYoLpNfzlxlaLHYhYzESGI4s3FANwfmAxNP15Z
8LycuZ8jzu+g+Er4Xk1HTLPtWWs4NQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:01:59 2026 by rpki-client