Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/rHkDmoeEUk_UKkDPiPl2ZLunlP8.roa
File: rHkDmoeEUk_UKkDPiPl2ZLunlP8.roa (raw, json)
Hash identifier: N4gR2twlyF+k4BziCYf7gyFcmHQBn89bTMP/4cwgXIQ=
Subject key identifier: AC:79:03:9A:87:84:52:4F:D4:2A:40:CF:88:F9:76:64:BB:A7:94:FF
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 019C64EE6D2E352A19CFD6152D7EBBAE558B
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/rHkDmoeEUk_UKkDPiPl2ZLunlP8.roa
Signing time: Mon 16 Feb 2026 05:31:13 +0000
ROA not before: Mon 16 Feb 2026 05:31:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213541
IP address blocks: 45.88.100.0/24 maxlen: 24
45.95.128.0/24 maxlen: 24
45.95.129.0/24 maxlen: 24
45.95.130.0/23 maxlen: 24
78.41.84.0/22 maxlen: 24
185.221.197.0/24 maxlen: 24
185.238.88.0/24 maxlen: 24
185.238.89.0/24 maxlen: 24
185.238.91.0/24 maxlen: 24
185.246.218.0/23 maxlen: 24
185.253.24.0/24 maxlen: 24
185.253.25.0/24 maxlen: 24
185.253.26.0/23 maxlen: 24
194.113.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:64:ee:6d:2e:35:2a:19:cf:d6:15:2d:7e:bb:ae:55:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Feb 16 05:31:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ac79039a8784524fd42a40cf88f97664bba794ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a1:aa:aa:69:27:04:d1:09:d2:ef:69:a7:4a:
25:bb:1c:70:29:82:5d:44:58:18:ec:d6:69:2c:8a:
e9:4c:c7:43:48:44:09:a3:81:cc:e3:94:6c:ca:92:
fb:2a:1d:66:a9:19:ce:58:fa:e5:b1:f3:93:ab:04:
6b:9e:30:3a:07:5f:32:c5:f9:3d:77:3a:bd:92:2e:
de:2b:be:27:d3:36:c3:fb:9e:5c:e1:15:f7:3a:c8:
1e:e2:1c:d5:f6:1f:95:90:e4:bd:b1:c9:b9:4d:b8:
ad:e7:51:13:b3:2b:0a:aa:0f:ee:39:2e:ba:d0:7b:
d4:b9:a4:10:c0:e9:42:9a:6b:7a:99:84:4a:43:24:
d3:d3:61:9b:aa:e7:e3:9e:3d:71:2d:dd:b2:01:29:
da:29:17:53:79:a0:43:c3:c6:17:23:b7:dc:d4:75:
65:74:fb:a2:1c:a3:2d:c5:e9:98:79:20:a2:36:8a:
24:cd:fd:37:96:67:0e:79:d1:35:65:e2:99:24:db:
1c:a4:bd:8a:e1:d4:c6:1a:f0:2f:6a:9f:b1:51:54:
45:fd:ca:37:1c:a3:be:be:08:34:59:b1:a6:ba:14:
36:2f:6a:fb:21:db:7c:a0:f7:d9:dc:e5:97:4e:06:
ac:64:79:f7:fd:3d:b1:7a:09:57:e7:c9:e1:30:b7:
5b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:79:03:9A:87:84:52:4F:D4:2A:40:CF:88:F9:76:64:BB:A7:94:FF
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/rHkDmoeEUk_UKkDPiPl2ZLunlP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.100.0/24
45.95.128.0/22
78.41.84.0/22
185.221.197.0/24
185.238.88.0/23
185.238.91.0/24
185.246.218.0/23
185.253.24.0/22
194.113.238.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:22:8f:30:0d:50:92:e5:b5:69:4b:dc:7b:07:a8:32:71:e5:
81:f4:af:d6:cf:8b:2e:d7:9c:07:25:65:db:4c:ec:f3:bb:d2:
9b:93:1f:b1:50:61:d8:12:72:aa:7d:b0:cc:72:b4:0c:61:a4:
3e:2e:a6:6a:e0:b3:34:bb:e4:06:91:77:70:ff:27:f8:a9:52:
a3:bc:a1:95:b5:e2:dc:80:7b:7b:2b:fb:0e:3c:8b:1d:70:1e:
08:50:9d:fb:5f:6b:2e:77:4e:f3:6a:25:a0:ff:1d:34:1f:22:
47:dc:dd:3a:42:3d:86:27:f4:13:16:30:08:ce:3c:22:9a:91:
3d:59:24:06:e3:b4:46:82:a4:d6:87:c1:f0:88:ab:b8:c4:f5:
c0:6e:25:1b:e3:da:4a:ce:bd:ee:6d:8a:3f:0f:27:82:15:cd:
87:23:73:bc:2d:6d:37:ae:f2:d6:be:35:d6:8b:8f:8c:ff:2e:
20:77:5f:9c:76:8f:67:ce:29:77:e8:71:0c:cb:38:cd:33:02:
62:89:9c:97:12:09:1c:bb:f7:ce:e0:ab:99:1e:7e:4a:68:65:
4c:5b:0d:26:4d:fe:86:d9:71:54:f0:6a:79:c5:48:95:5a:5e:
4a:54:7f:31:ec:51:4a:7f:3c:a3:1f:c5:df:97:9f:98:a9:0c:
99:2e:e0:37
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZxk7m0uNSoZz9YVLX67rlWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjYwMjE2MDUzMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc5MDM5YTg3ODQ1MjRmZDQyYTQwY2Y4OGY5NzY2NGJiYTc5NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qGqqmknBNEJ0u9pp0oluxxwKYJd
RFgY7NZpLIrpTMdDSEQJo4HM45RsypL7Kh1mqRnOWPrlsfOTqwRrnjA6B18yxfk9
dzq9ki7eK74n0zbD+55c4RX3Osge4hzV9h+VkOS9scm5Tbit51ETsysKqg/uOS66
0HvUuaQQwOlCmmt6mYRKQyTT02Gbqufjnj1xLd2yASnaKRdTeaBDw8YXI7fc1HVl
dPuiHKMtxemYeSCiNookzf03lmcOedE1ZeKZJNscpL2K4dTGGvAvap+xUVRF/co3
HKO+vgg0WbGmuhQ2L2r7Idt8oPfZ3OWXTgasZHn3/T2xeglX58nhMLdbrQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKx5A5qHhFJP1CpAz4j5dmS7p5T/MB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvckhrRG1vZUVVa19VS2tEUGlQbDJaTHVubFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVhkAwQC
LV+AAwQCTilUAwQAud3FAwQBue5YAwQAue5bAwQBufbaAwQCuf0YAwQAwnHuMA0G
CSqGSIb3DQEBCwUAA4IBAQBvIo8wDVCS5bVpS9x7B6gyceWB9K/Wz4su15wHJWXb
TOzzu9Kbkx+xUGHYEnKqfbDMcrQMYaQ+LqZq4LM0u+QGkXdw/yf4qVKjvKGVteLc
gHt7K/sOPIsdcB4IUJ37X2sud07zaiWg/x00HyJH3N06Qj2GJ/QTFjAIzjwimpE9
WSQG47RGgqTWh8HwiKu4xPXAbiUb49pKzr3ubYo/DyeCFc2HI3O8LW03rvLWvjXW
i4+M/y4gd1+cdo9nzil36HEMyzjNMwJiiZyXEgkcu/fO4KuZHn5KaGVMWw0mTf6G
2XFU8Gp5xUiVWl5KVH8x7FFKfzyjH8Xfl5+YqQyZLuA3
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:06:09 2026 by rpki-client