Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/HgKDk1kuAHkL3yy_TXl0qxP-7Ps.roa
File: HgKDk1kuAHkL3yy_TXl0qxP-7Ps.roa (raw, json)
Hash identifier: EYBlGLzCjhMCJqevk0Sz3CYuuG7NvC8a6JulLnYLrvQ=
Subject key identifier: 1E:02:83:93:59:2E:00:79:0B:DF:2C:BF:4D:79:74:AB:13:FE:EC:FB
Certificate issuer: /CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Certificate serial: 019C95D2D081081071EDDB3C34697608761F
Authority key identifier: 05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/HgKDk1kuAHkL3yy_TXl0qxP-7Ps.roa
Signing time: Wed 25 Feb 2026 17:22:26 +0000
ROA not before: Wed 25 Feb 2026 17:22:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56325
IP address blocks: 2a11:85c0::/29 maxlen: 29
2a11:9fc0::/29 maxlen: 29
2a11:acc0::/29 maxlen: 29
2a11:c440::/29 maxlen: 29
2a11:c540::/29 maxlen: 29
2a11:e540::/29 maxlen: 29
2a11:e7c0::/29 maxlen: 29
2a11:fec0::/29 maxlen: 29
2a12:4500::/29 maxlen: 29
2a12:4c00::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:7980::/29 maxlen: 29
2a12:8800::/29 maxlen: 29
2a12:9700::/29 maxlen: 29
2a12:c180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:d2:d0:81:08:10:71:ed:db:3c:34:69:76:08:76:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Validity
Not Before: Feb 25 17:22:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e028393592e00790bdf2cbf4d7974ab13feecfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:51:66:ed:e4:0e:4f:b7:c9:64:d6:66:ce:
99:95:86:32:2d:66:15:a0:b2:a6:d9:48:6b:ac:f5:
40:cf:d0:a7:d9:ab:5c:ca:3d:27:e5:5f:8e:a7:57:
e2:1e:af:e1:8b:86:f9:5f:6f:8e:d9:52:fa:9c:5e:
83:30:e1:e5:42:7d:8a:2d:19:d0:98:a7:55:83:4c:
70:9f:48:6e:c6:a2:f4:53:6b:e7:7c:c3:5b:79:b4:
76:d6:95:89:72:bf:3a:c4:8e:84:cb:58:ed:0a:4c:
30:e1:54:e6:52:87:53:b0:c7:1b:fe:27:0c:cc:c5:
75:86:31:98:ac:f6:fc:a6:6e:47:8f:76:e8:17:2a:
42:7c:c5:4a:66:27:ca:2a:8b:15:ee:d5:b6:4f:aa:
c3:c2:f2:df:fe:56:04:b2:3b:d8:12:b1:44:9c:49:
fd:8b:7d:75:b2:08:e7:cb:52:59:ac:26:84:e6:73:
b3:2d:5c:b5:79:54:84:df:ae:6d:92:bf:f5:90:14:
eb:6c:ce:60:81:a1:af:fc:48:1a:10:2f:06:aa:11:
75:3f:c1:d7:0f:94:09:54:ba:52:ed:1b:10:57:37:
e3:13:c0:c2:27:9e:75:67:a8:f8:6f:12:28:f7:ef:
ea:9c:2d:8a:01:c3:e6:52:cd:40:21:34:6d:1f:33:
b7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:02:83:93:59:2E:00:79:0B:DF:2C:BF:4D:79:74:AB:13:FE:EC:FB
X509v3 Authority Key Identifier:
keyid:05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/HgKDk1kuAHkL3yy_TXl0qxP-7Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:85c0::/29
2a11:9fc0::/29
2a11:acc0::/29
2a11:c440::/29
2a11:c540::/29
2a11:e540::/29
2a11:e7c0::/29
2a11:fec0::/29
2a12:4500::/29
2a12:4c00::/29
2a12:5580::/29
2a12:7980::/29
2a12:8800::/29
2a12:9700::/29
2a12:c180::/29
Signature Algorithm: sha256WithRSAEncryption
20:1c:77:0b:4d:2b:b0:5b:9f:9e:4b:d0:d4:ee:01:dc:54:a6:
74:75:25:47:8b:5b:2f:37:4a:2d:d6:f3:f8:46:44:40:4b:47:
56:6e:95:c3:d4:88:fb:f6:8a:f1:6f:b9:7b:b1:70:22:3e:31:
2b:89:32:7e:4c:42:56:72:cc:62:06:4e:63:93:b5:fa:59:d8:
27:c1:e3:0e:21:6a:cf:ea:ec:77:e9:ed:60:06:ad:db:f6:01:
de:37:63:c6:09:f8:a2:44:5e:28:09:88:68:00:c3:d8:af:db:
0e:72:60:83:42:a9:8d:97:01:92:b3:04:49:61:b0:19:79:d0:
24:ff:5f:d3:4b:b2:89:57:f6:cb:75:9f:28:11:91:aa:68:f1:
e3:a7:b6:bf:69:0a:ab:05:75:bb:31:f2:b4:3a:c1:b2:a8:af:
d6:b6:a3:9e:b3:1f:9a:dd:d3:77:77:0d:36:0a:83:b4:22:36:
d8:3d:53:fe:4e:ff:7c:38:1d:39:f9:0a:e1:c6:d4:f4:69:ea:
b0:c4:8c:d3:a2:f8:04:73:7b:29:60:e8:19:74:41:73:1a:a1:
01:2d:79:52:14:2d:6c:5b:59:1c:6e:12:39:0a:e8:1d:d0:03:
7c:94:fa:8b:1a:d2:92:ae:a9:15:c1:54:cc:7a:33:b3:b8:45:
4f:50:4d:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZyV0tCBCBBx7ds8NGl2CHYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDRkNDlkYTNlMTQ4NTVhN2I4ODM2MDNmZjE0OGMxYmIy
MWY2OTAwHhcNMjYwMjI1MTcyMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTAyODM5MzU5MmUwMDc5MGJkZjJjYmY0ZDc5NzRhYjEzZmVlY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGZRZu3kDk+3yWTWZs6ZlYYyLWYV
oLKm2UhrrPVAz9Cn2atcyj0n5V+Op1fiHq/hi4b5X2+O2VL6nF6DMOHlQn2KLRnQ
mKdVg0xwn0huxqL0U2vnfMNbebR21pWJcr86xI6Ey1jtCkww4VTmUodTsMcb/icM
zMV1hjGYrPb8pm5Hj3boFypCfMVKZifKKosV7tW2T6rDwvLf/lYEsjvYErFEnEn9
i311sgjny1JZrCaE5nOzLVy1eVSE365tkr/1kBTrbM5ggaGv/EgaEC8GqhF1P8HX
D5QJVLpS7RsQVzfjE8DCJ551Z6j4bxIo9+/qnC2KAcPmUs1AITRtHzO3CwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFB4Cg5NZLgB5C98sv015dKsT/uz7MB8GA1UdIwQY
MBaAFAXU1J2j4UhVp7iDYD/xSMG7IfaQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQt
NThmMWNiZjNjYWMzLzEvSGdLRGsxa3VBSGtMM3l5X1RYbDBxeFAtN1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQtNThmMWNiZjNjYWMz
LzEvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFAyoRhcAD
BQMqEZ/AAwUDKhGswAMFAyoRxEADBQMqEcVAAwUDKhHlQAMFAyoR58ADBQMqEf7A
AwUDKhJFAAMFAyoSTAADBQMqElWAAwUDKhJ5gAMFAyoSiAADBQMqEpcAAwUDKhLB
gDANBgkqhkiG9w0BAQsFAAOCAQEAIBx3C00rsFufnkvQ1O4B3FSmdHUlR4tbLzdK
Ldbz+EZEQEtHVm6Vw9SI+/aK8W+5e7FwIj4xK4kyfkxCVnLMYgZOY5O1+lnYJ8Hj
DiFqz+rsd+ntYAat2/YB3jdjxgn4okReKAmIaADD2K/bDnJgg0KpjZcBkrMESWGw
GXnQJP9f00uyiVf2y3WfKBGRqmjx46e2v2kKqwV1uzHytDrBsqiv1rajnrMfmt3T
d3cNNgqDtCI22D1T/k7/fDgdOfkK4cbU9GnqsMSM06L4BHN7KWDoGXRBcxqhAS15
UhQtbFtZHG4SOQroHdADfJT6ixrSkq6pFcFUzHozs7hFT1BNiQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:44:55 2026 by rpki-client