Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/HYc8PMbOFsRAWOME7rl0Q65YY00.roa
File: HYc8PMbOFsRAWOME7rl0Q65YY00.roa (raw, json)
Hash identifier: 52xFMZrAWpFOsty+L7I8JPsQwCx7ytoOFt1BHFVVDH0=
Subject key identifier: 1D:87:3C:3C:C6:CE:16:C4:40:58:E3:04:EE:B9:74:43:AE:58:63:4D
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 019EAB0C9EE3B3702B63EF2BFCAB8251C3EB
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/HYc8PMbOFsRAWOME7rl0Q65YY00.roa
Signing time: Tue 09 Jun 2026 06:23:11 +0000
ROA not before: Tue 09 Jun 2026 06:23:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
5.183.215.0/24 maxlen: 24
37.72.232.0/24 maxlen: 24
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
62.64.32.0/19 maxlen: 19
79.141.192.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.194.0/24 maxlen: 24
79.141.195.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
79.141.204.0/24 maxlen: 24
79.141.206.0/23 maxlen: 23
195.146.224.0/20 maxlen: 20
195.146.240.0/20 maxlen: 20
2a01:8e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:0c:9e:e3:b3:70:2b:63:ef:2b:fc:ab:82:51:c3:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jun 9 06:23:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d873c3cc6ce16c44058e304eeb97443ae58634d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:28:93:4a:67:be:2e:1e:7e:7a:b2:6a:5a:
3e:c1:f0:dd:bb:2c:18:d8:c7:e0:7b:97:f0:e6:c9:
3a:e1:9c:0f:36:c3:48:65:18:5e:e1:7e:5b:d2:bc:
aa:4b:8b:19:59:73:0f:13:28:f9:d9:8d:50:18:d4:
a6:fc:97:91:4a:03:10:5b:43:6d:05:6f:aa:09:6b:
ab:33:f7:c9:37:90:80:81:77:66:03:ea:56:cd:bc:
e9:42:5f:91:25:8d:14:95:29:34:1c:cc:90:11:eb:
91:eb:c7:d1:2f:95:cd:66:b6:6f:c8:58:ed:2e:5e:
a6:ef:43:b5:7d:4b:d3:11:2f:6d:7a:91:33:58:eb:
5d:d1:64:17:68:c6:5b:a0:3a:51:db:df:e6:07:74:
70:9f:a7:21:1d:68:cf:1f:26:d6:8c:33:9f:38:6f:
50:b2:bb:a4:0f:dd:93:1a:ef:ec:d7:0d:3e:21:6f:
74:f1:13:f3:31:38:91:4b:22:66:59:30:40:b2:2b:
1b:00:a7:e5:52:05:f8:4e:53:2a:a6:a8:b7:29:f8:
ab:4e:1d:a1:48:c4:dd:7d:26:73:34:c7:4b:89:ef:
c0:b7:bf:31:fe:3d:d2:48:5a:e2:db:46:46:7d:24:
d1:c9:b1:80:62:24:f5:89:37:2d:1b:37:a9:12:30:
95:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:87:3C:3C:C6:CE:16:C4:40:58:E3:04:EE:B9:74:43:AE:58:63:4D
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/HYc8PMbOFsRAWOME7rl0Q65YY00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
5.183.215.0/24
37.72.232.0/24
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/22
79.141.197.0/24
79.141.204.0/24
79.141.206.0/23
195.146.224.0/19
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
37:5f:57:e4:f9:f8:c6:2d:92:ed:25:ca:e3:93:e2:0c:2a:74:
4a:80:b3:74:dd:60:4d:49:10:8f:ce:00:be:7e:51:56:52:9b:
d6:8d:70:66:fd:7a:25:25:5a:1a:d2:b1:33:41:92:3c:b9:54:
a7:8f:03:d7:ec:68:06:bf:bc:0e:d8:5b:61:ab:f7:46:06:9d:
5d:c8:86:d4:a2:a3:01:6a:88:4f:e6:09:17:a7:7b:12:5d:d6:
6d:38:81:14:fa:41:28:e6:42:22:52:5e:80:ca:0c:00:c8:67:
96:74:00:d4:b8:6d:d9:78:ca:de:67:ab:78:a5:a3:6d:fa:82:
04:d1:33:e7:ec:69:ce:b2:6e:1c:6b:2c:40:45:fd:0e:e6:b0:
0f:36:ad:ab:2b:6a:73:69:ff:0a:38:2f:7d:22:2c:2b:42:45:
ca:4e:a1:78:16:c0:5a:c5:6d:71:f4:79:c9:eb:99:4b:88:e7:
69:76:37:65:4a:eb:e8:a7:66:7b:30:e6:f8:39:d8:b1:d7:fc:
31:3c:0d:72:ef:f9:b8:a3:ee:da:39:fb:a4:77:c8:af:2b:51:
54:05:f1:9a:8b:6a:3a:98:4a:02:da:09:6e:4b:e4:55:36:eb:
fe:86:41:80:24:b4:80:d8:65:09:eb:80:a7:49:7c:fa:d9:3b:
d2:29:af:78
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZ6rDJ7js3ArY+8r/KuCUcPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjYwNjA5MDYyMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg3M2MzY2M2Y2UxNmM0NDA1OGUzMDRlZWI5NzQ0M2FlNTg2MzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR4ok0pnvi4efnqyalo+wfDduywY
2Mfge5fw5sk64ZwPNsNIZRhe4X5b0ryqS4sZWXMPEyj52Y1QGNSm/JeRSgMQW0Nt
BW+qCWurM/fJN5CAgXdmA+pWzbzpQl+RJY0UlSk0HMyQEeuR68fRL5XNZrZvyFjt
Ll6m70O1fUvTES9tepEzWOtd0WQXaMZboDpR29/mB3Rwn6chHWjPHybWjDOfOG9Q
srukD92TGu/s1w0+IW908RPzMTiRSyJmWTBAsisbAKflUgX4TlMqpqi3KfirTh2h
SMTdfSZzNMdLie/At78x/j3SSFri20ZGfSTRybGAYiT1iTctGzepEjCV5QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFB2HPDzGzhbEQFjjBO65dEOuWGNNMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvSFljOFBNYk9Gc1JBV09NRTdybDBRNjVZWTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEBZ7wAwQA
BbfXAwQAJUjoAwQEJdwwAwQGLqKAAwQFPkAgAwQCT43AAwQAT43FAwQAT43MAwQB
T43OAwQFw5LgMA0EAgACMAcDBQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQA3X1fk
+fjGLZLtJcrjk+IMKnRKgLN03WBNSRCPzgC+flFWUpvWjXBm/XolJVoa0rEzQZI8
uVSnjwPX7GgGv7wO2Fthq/dGBp1dyIbUoqMBaohP5gkXp3sSXdZtOIEU+kEo5kIi
Ul6AygwAyGeWdADUuG3ZeMreZ6t4paNt+oIE0TPn7GnOsm4cayxARf0O5rAPNq2r
K2pzaf8KOC99IiwrQkXKTqF4FsBaxW1x9HnJ65lLiOdpdjdlSuvop2Z7MOb4Odix
1/wxPA1y7/m4o+7aOfukd8ivK1FUBfGai2o6mEoC2gluS+RVNuv+hkGAJLSA2GUJ
64CnSXz62TvSKa94
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:20:55 2026 by rpki-client