Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HZ-RB1dzvEc-On5_k7WcMbSvrTU.roa
File: HZ-RB1dzvEc-On5_k7WcMbSvrTU.roa (raw, json)
Hash identifier: Lsj/EFS3cO0JF7E3CvAKmx8WLjWUv7rsK+SxgxSphN8=
Subject key identifier: 1D:9F:91:07:57:73:BC:47:3E:3A:7E:7F:93:B5:9C:31:B4:AF:AD:35
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019EACDAF6EA201F742A00B233177444A9AA
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HZ-RB1dzvEc-On5_k7WcMbSvrTU.roa
Signing time: Tue 09 Jun 2026 14:48:11 +0000
ROA not before: Tue 09 Jun 2026 14:48:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 185.85.191.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.25.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 06:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:da:f6:ea:20:1f:74:2a:00:b2:33:17:74:44:a9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jun 9 14:48:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d9f91075773bc473e3a7e7f93b59c31b4afad35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:21:9a:a2:95:e4:a9:e2:62:f2:98:29:f7:7e:
50:20:4b:38:da:1f:e3:85:48:0a:b0:f2:16:b9:0b:
06:ae:7f:16:9b:9d:10:50:f5:00:90:29:68:54:42:
a8:11:d9:d0:0e:ab:be:99:36:ce:4d:6e:06:8e:e9:
c1:dc:65:e2:10:2a:ee:e1:86:ff:ee:a8:df:6d:b3:
42:d4:c1:eb:2c:24:7d:7a:91:7c:c6:10:76:dc:95:
0d:4f:7c:f1:09:9c:5a:05:0f:4b:e4:28:b8:4e:88:
36:c6:7b:73:3f:53:b9:f3:24:02:81:eb:12:6a:32:
ef:d9:df:f9:82:2b:ad:0d:58:a4:af:fd:fa:33:ad:
6a:15:10:56:d7:3a:9e:3c:dd:bc:90:d6:3c:40:92:
03:af:37:15:30:ca:b2:30:0b:90:2d:8c:b4:27:30:
13:71:2b:6a:4c:d8:7f:d1:dd:60:3b:19:60:a1:cc:
12:5a:a9:17:c2:6d:70:ec:9d:87:ae:29:81:3f:b7:
3b:b7:49:ab:1f:ba:8f:e6:64:91:33:b2:a0:39:bc:
92:aa:6d:ae:2f:77:d3:37:c0:3b:05:32:12:4d:0e:
19:c3:a8:07:33:88:ec:01:2c:da:8f:80:ea:89:f3:
00:46:1e:68:2a:bc:75:46:63:8b:bd:56:f3:de:46:
b3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9F:91:07:57:73:BC:47:3E:3A:7E:7F:93:B5:9C:31:B4:AF:AD:35
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HZ-RB1dzvEc-On5_k7WcMbSvrTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.191.0/24
185.86.13.0/24
185.86.164.0/22
185.87.24.0-185.87.26.255
185.87.121.0-185.87.123.255
185.119.83.0/24
Signature Algorithm: sha256WithRSAEncryption
81:3e:5d:31:e2:a4:ec:4a:f1:db:ca:04:17:ad:26:36:1c:9f:
8d:b7:4c:5c:d7:99:a2:59:87:c5:6a:5d:8b:1e:cc:0c:69:34:
7c:30:29:82:c4:8f:d4:21:40:f7:f2:2a:f0:11:3a:e4:f3:57:
9f:ea:df:8a:9d:6c:77:e6:00:5b:9a:59:5c:cb:31:4c:e3:1a:
da:cd:5f:45:5d:ef:7f:d7:90:7d:31:2f:b8:51:5a:1f:a7:39:
e0:8a:36:84:f4:c6:0c:07:82:02:ad:2c:24:e2:0e:ef:b8:16:
9e:25:d8:d1:80:a3:92:fc:c4:fa:a4:53:11:70:71:08:5b:24:
3a:0e:29:34:32:f1:00:88:ce:4b:06:af:17:1e:3d:13:ab:f8:
53:e9:ec:ea:6f:f0:4f:2b:4a:ac:b9:b2:0c:85:04:d8:54:28:
8c:66:74:32:e6:7d:53:a6:07:a8:eb:11:78:0f:b9:22:e7:83:
53:9a:ec:f7:c0:f0:16:09:05:24:a2:c1:87:07:0d:a9:b2:4f:
ba:82:5d:ec:9a:88:48:c7:02:91:95:1c:d0:23:2a:c2:dc:7e:
c2:1a:11:48:60:2e:e4:f8:98:c1:a2:20:c5:30:27:d0:1a:77:
ad:ec:b3:fb:c8:39:22:88:1a:06:20:46:65:62:65:e4:61:db:
31:74:a2:c1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ6s2vbqIB90KgCyMxd0RKmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNjA5MTQ0ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDlmOTEwNzU3NzNiYzQ3M2UzYTdlN2Y5M2I1OWMzMWI0YWZhZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCGaopXkqeJi8pgp935QIEs42h/j
hUgKsPIWuQsGrn8Wm50QUPUAkCloVEKoEdnQDqu+mTbOTW4GjunB3GXiECru4Yb/
7qjfbbNC1MHrLCR9epF8xhB23JUNT3zxCZxaBQ9L5Ci4Tog2xntzP1O58yQCgesS
ajLv2d/5giutDVikr/36M61qFRBW1zqePN28kNY8QJIDrzcVMMqyMAuQLYy0JzAT
cStqTNh/0d1gOxlgocwSWqkXwm1w7J2HrimBP7c7t0mrH7qP5mSRM7KgObySqm2u
L3fTN8A7BTISTQ4Zw6gHM4jsASzaj4DqifMARh5oKrx1RmOLvVbz3kazowIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFB2fkQdXc7xHPjp+f5O1nDG0r601MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvSFotUkIxZHp2RWMtT241X2s3V2NNYlN2clRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAuVW/AwQA
uVYNAwQCuVakMAwDBAO5VxgDBAC5VxowDAMEALlXeQMEArlXeAMEALl3UzANBgkq
hkiG9w0BAQsFAAOCAQEAgT5dMeKk7Erx28oEF60mNhyfjbdMXNeZolmHxWpdix7M
DGk0fDApgsSP1CFA9/Iq8BE65PNXn+rfip1sd+YAW5pZXMsxTOMa2s1fRV3vf9eQ
fTEvuFFaH6c54Io2hPTGDAeCAq0sJOIO77gWniXY0YCjkvzE+qRTEXBxCFskOg4p
NDLxAIjOSwavFx49E6v4U+ns6m/wTytKrLmyDIUE2FQojGZ0MuZ9U6YHqOsReA+5
IueDU5rs98DwFgkFJKLBhwcNqbJPuoJd7JqISMcCkZUc0CMqwtx+whoRSGAu5PiY
waIgxTAn0Bp3reyz+8g5IogaBiBGZWJl5GHbMXSiwQ==
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:37:33 2026 by rpki-client