Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/H1XFMhgUushwFU7kDhujJn54P4U.roa
File: H1XFMhgUushwFU7kDhujJn54P4U.roa (raw, json)
Hash identifier: /3ShDBGWSg3eJROSWDsbwqCzeMLQnnA9/My7cPu7jU0=
Subject key identifier: 1F:55:C5:32:18:14:BA:C8:70:15:4E:E4:0E:1B:A3:26:7E:78:3F:85
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019EB872327DF7D777F26E020FB5E7927086
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/H1XFMhgUushwFU7kDhujJn54P4U.roa
Signing time: Thu 11 Jun 2026 20:49:12 +0000
ROA not before: Thu 11 Jun 2026 20:49:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213958
IP address blocks: 2a06:9801:79e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:72:32:7d:f7:d7:77:f2:6e:02:0f:b5:e7:92:70:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Jun 11 20:49:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f55c5321814bac870154ee40e1ba3267e783f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6f:c2:31:bc:57:17:47:27:e0:18:38:a7:ea:
7d:6a:3e:6d:82:44:95:f1:4e:59:95:b4:e9:70:e0:
2f:81:17:e6:2d:c4:6d:4b:9a:26:74:ff:36:00:a4:
6b:09:ec:d3:9e:5c:80:4b:d3:f4:a5:11:8d:95:3f:
ec:e0:20:2e:3b:2a:d2:43:df:1f:ad:87:aa:5a:f4:
a1:fd:19:c5:5a:f9:2d:ac:d0:75:32:2c:0b:d9:46:
be:18:47:c9:74:9d:01:db:2b:a2:2e:16:92:53:af:
30:6e:39:77:6e:6b:35:59:de:7b:28:b3:2c:05:95:
f2:33:7c:08:70:b3:93:cb:b8:40:6d:3f:0a:f2:7b:
44:57:0c:06:88:2e:cd:11:f3:c4:f0:11:61:f0:5f:
aa:68:6e:fe:8a:33:90:dc:c8:75:88:5c:7f:c5:13:
03:02:f8:00:21:32:09:50:37:05:6a:26:96:e6:79:
8a:eb:85:69:ec:38:dd:66:55:96:a3:d1:4a:f1:8c:
66:a6:a9:12:1f:31:95:76:9b:55:44:64:44:da:73:
2c:2a:3d:3a:0b:c9:2c:4c:59:a7:b6:12:56:cb:bc:
b2:27:6c:55:74:36:1b:f9:c2:48:83:52:33:1f:1a:
11:da:32:f0:a8:de:0d:f7:23:8b:ae:ef:19:a6:52:
c0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:55:C5:32:18:14:BA:C8:70:15:4E:E4:0E:1B:A3:26:7E:78:3F:85
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/H1XFMhgUushwFU7kDhujJn54P4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:79e::/48
Signature Algorithm: sha256WithRSAEncryption
48:6b:3f:49:b6:06:79:f5:61:d6:67:ff:45:fa:00:24:bc:1c:
68:1a:86:0d:0c:41:af:94:6c:17:35:ed:a4:3b:b0:71:9c:5c:
ed:83:2c:99:21:b8:72:13:65:80:14:32:e1:ba:56:4a:99:d3:
39:6c:41:5f:89:db:39:49:5d:ca:8b:4a:4b:c5:3c:54:19:b3:
52:84:a1:23:4f:d8:6f:40:77:1f:21:68:17:80:93:38:a6:d7:
ee:7b:8a:db:ea:cd:a5:c6:9a:27:e8:06:fe:f2:85:a1:ee:e1:
90:ca:a1:f0:34:3b:9f:24:03:99:12:55:76:3e:66:f6:8f:7c:
c1:7d:40:d9:63:af:d7:9b:df:0e:c5:e4:0c:23:a8:e4:ad:af:
90:b6:e2:01:5e:d8:fb:d5:07:70:91:c0:80:cd:bf:88:b3:52:
06:60:83:15:ef:8a:73:ff:2e:28:7a:52:0c:7d:7e:dd:e9:71:
1e:1d:2b:fd:01:d4:f6:24:64:3a:5f:8b:99:d0:9c:58:9a:3b:
7d:1d:25:bd:5d:6f:ec:53:e1:b1:52:ef:fd:03:77:f0:f1:ba:
c3:77:45:04:ac:fe:4c:59:53:52:88:41:16:f2:f9:64:be:93:
d3:74:e3:46:b7:17:49:f2:7b:44:58:ba:11:27:8e:7f:72:8a:
ee:75:02:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ64cjJ999d38m4CD7XnknCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNjExMjA0OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU1YzUzMjE4MTRiYWM4NzAxNTRlZTQwZTFiYTMyNjdlNzgzZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW/CMbxXF0cn4Bg4p+p9aj5tgkSV
8U5ZlbTpcOAvgRfmLcRtS5omdP82AKRrCezTnlyAS9P0pRGNlT/s4CAuOyrSQ98f
rYeqWvSh/RnFWvktrNB1MiwL2Ua+GEfJdJ0B2yuiLhaSU68wbjl3bms1Wd57KLMs
BZXyM3wIcLOTy7hAbT8K8ntEVwwGiC7NEfPE8BFh8F+qaG7+ijOQ3Mh1iFx/xRMD
AvgAITIJUDcFaiaW5nmK64Vp7DjdZlWWo9FK8YxmpqkSHzGVdptVRGRE2nMsKj06
C8ksTFmnthJWy7yyJ2xVdDYb+cJIg1IzHxoR2jLwqN4N9yOLru8ZplLA5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB9VxTIYFLrIcBVO5A4boyZ+eD+FMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvSDFYRk1oZ1V1c2h3RlU3a0RodWpKbjU0UDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQee
MA0GCSqGSIb3DQEBCwUAA4IBAQBIaz9JtgZ59WHWZ/9F+gAkvBxoGoYNDEGvlGwX
Ne2kO7BxnFztgyyZIbhyE2WAFDLhulZKmdM5bEFfids5SV3Ki0pLxTxUGbNShKEj
T9hvQHcfIWgXgJM4ptfue4rb6s2lxpon6Ab+8oWh7uGQyqHwNDufJAOZElV2Pmb2
j3zBfUDZY6/Xm98OxeQMI6jkra+QtuIBXtj71QdwkcCAzb+Is1IGYIMV74pz/y4o
elIMfX7d6XEeHSv9AdT2JGQ6X4uZ0JxYmjt9HSW9XW/sU+GxUu/9A3fw8brDd0UE
rP5MWVNSiEEW8vlkvpPTdONGtxdJ8ntEWLoRJ45/corudQLX
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:38:12 2026 by rpki-client