Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/Hn8PQyjLrgS6wf-4GZkEHuiPt8I.roa
File: Hn8PQyjLrgS6wf-4GZkEHuiPt8I.roa (raw, json)
Hash identifier: B1KDHu5Q7IVTvBJkPx3Mc8M6o2s+jQ1JcT/y4p7LFng=
Subject key identifier: 1E:7F:0F:43:28:CB:AE:04:BA:C1:FF:B8:19:99:04:1E:E8:8F:B7:C2
Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Certificate serial: 019E2694F6BB64937A8A0C3615CD01E7B89E
Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/Hn8PQyjLrgS6wf-4GZkEHuiPt8I.roa
Signing time: Thu 14 May 2026 13:02:37 +0000
ROA not before: Thu 14 May 2026 13:02:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205719
IP address blocks: 88.210.62.0/24 maxlen: 24
204.62.120.0/24 maxlen: 24
207.89.20.0/24 maxlen: 24
207.89.21.0/24 maxlen: 24
216.162.45.0/24 maxlen: 24
2a14:a087:2::/48 maxlen: 64
2a14:a087:5::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:94:f6:bb:64:93:7a:8a:0c:36:15:cd:01:e7:b8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Validity
Not Before: May 14 13:02:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e7f0f4328cbae04bac1ffb81999041ee88fb7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:53:50:bd:16:fe:1a:eb:11:4f:31:93:c8:
bd:38:4a:eb:c7:f9:26:47:c3:40:4b:93:82:33:cc:
d8:e8:72:4d:b4:07:69:8d:e9:9b:d5:fa:76:d5:e7:
dc:ab:66:01:72:d6:24:84:2f:55:ee:b3:81:48:28:
68:4a:e0:ce:8d:c7:ea:76:61:69:39:dc:79:2d:e7:
39:a3:20:64:c6:a4:30:ae:c0:d8:3b:7e:a5:aa:f3:
a6:a7:d7:12:7b:b6:37:dd:bf:4a:44:be:8a:e3:78:
ec:d3:a6:85:eb:e3:7b:ac:7f:bc:2b:3c:4c:37:5e:
1f:09:e5:9b:d0:bb:30:7a:bb:56:ce:8a:f5:ca:90:
34:6f:9f:4a:da:d9:a5:ae:97:66:d5:89:1c:8e:24:
c9:0f:8f:71:a8:96:6d:d6:fa:c3:97:85:31:cd:f7:
74:37:35:c9:e5:02:c9:80:05:3e:45:bc:b7:71:14:
a9:1d:a9:b2:ad:ea:8f:f0:c5:94:23:a5:f0:6b:44:
b7:9c:d5:cb:91:b3:fe:81:68:73:79:40:25:56:eb:
6d:81:9a:70:11:42:fc:b3:2f:57:63:55:93:a5:1b:
70:d2:95:87:57:7e:27:3f:9b:28:aa:b8:7e:ce:07:
73:71:41:3d:cd:da:33:02:16:e7:83:89:b3:3d:0d:
02:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7F:0F:43:28:CB:AE:04:BA:C1:FF:B8:19:99:04:1E:E8:8F:B7:C2
X509v3 Authority Key Identifier:
keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/Hn8PQyjLrgS6wf-4GZkEHuiPt8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.62.0/24
204.62.120.0/24
207.89.20.0/23
216.162.45.0/24
IPv6:
2a14:a087:2::/48
2a14:a087:5::/48
Signature Algorithm: sha256WithRSAEncryption
9e:6a:07:5c:e5:00:c2:53:98:eb:b1:d1:81:fe:e4:ab:f9:f5:
32:6b:2a:0f:18:63:73:06:bc:0b:60:4d:0e:27:cc:76:8d:bb:
e9:60:41:fb:3e:9b:56:39:b8:ae:98:0d:7d:00:87:5b:67:06:
0e:c7:8f:b3:bb:20:76:ea:2c:ab:76:07:0e:a7:71:91:6f:47:
b6:fa:19:db:09:67:8a:27:b8:4f:6d:ad:cc:db:47:dc:5b:5f:
82:61:bf:fe:57:cf:ad:dc:e7:d7:2c:1a:2e:15:ab:66:eb:0b:
6c:ee:18:44:36:db:6b:68:5b:e6:f3:2c:d0:eb:0a:a7:70:ba:
04:42:9e:67:d2:84:a8:b4:04:4d:54:ff:4d:ff:8b:ac:fa:e8:
45:69:11:09:90:14:b7:c8:71:9e:51:d3:99:09:c3:e7:9d:95:
7c:b1:92:62:53:e7:52:ec:fe:ff:2a:ec:96:f4:92:62:70:f2:
b9:be:de:0f:cb:37:93:25:f7:56:d0:9a:30:2f:ba:83:78:e5:
3c:38:38:c5:4b:0c:5c:ec:b8:15:8e:cb:6c:e2:f2:7e:99:f6:
bb:11:03:76:b0:f8:e5:d5:79:a0:16:55:97:cb:84:b6:85:f7:
28:39:5c:7f:31:6f:b6:bb:d4:79:f8:6a:38:84:e2:ea:0b:3a:
84:57:71:f1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ4mlPa7ZJN6igw2Fc0B57ieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0
YTdjZGMwHhcNMjYwNTE0MTMwMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTdmMGY0MzI4Y2JhZTA0YmFjMWZmYjgxOTk5MDQxZWU4OGZiN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtRTUL0W/hrrEU8xk8i9OErrx/km
R8NAS5OCM8zY6HJNtAdpjemb1fp21efcq2YBctYkhC9V7rOBSChoSuDOjcfqdmFp
Odx5Lec5oyBkxqQwrsDYO36lqvOmp9cSe7Y33b9KRL6K43js06aF6+N7rH+8KzxM
N14fCeWb0LswertWzor1ypA0b59K2tmlrpdm1YkcjiTJD49xqJZt1vrDl4Uxzfd0
NzXJ5QLJgAU+Rby3cRSpHamyreqP8MWUI6Xwa0S3nNXLkbP+gWhzeUAlVuttgZpw
EUL8sy9XY1WTpRtw0pWHV34nP5soqrh+zgdzcUE9zdozAhbng4mzPQ0COwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFB5/D0Moy64EusH/uBmZBB7oj7fCMB8GA1UdIwQY
MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt
MmUyOGI5NjQ5OGE5LzEvSG44UFF5akxyZ1M2d2YtNEdaa0VIdWlQdDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5
LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAWNI+AwQA
zD54AwQBz1kUAwQA2KItMBgEAgACMBIDBwAqFKCHAAIDBwAqFKCHAAUwDQYJKoZI
hvcNAQELBQADggEBAJ5qB1zlAMJTmOux0YH+5Kv59TJrKg8YY3MGvAtgTQ4nzHaN
u+lgQfs+m1Y5uK6YDX0Ah1tnBg7Hj7O7IHbqLKt2Bw6ncZFvR7b6GdsJZ4onuE9t
rczbR9xbX4Jhv/5Xz63c59csGi4Vq2brC2zuGEQ222toW+bzLNDrCqdwugRCnmfS
hKi0BE1U/03/i6z66EVpEQmQFLfIcZ5R05kJw+edlXyxkmJT51Ls/v8q7Jb0kmJw
8rm+3g/LN5Ml91bQmjAvuoN45Tw4OMVLDFzsuBWOy2zi8n6Z9rsRA3aw+OXVeaAW
VZfLhLaF9yg5XH8xb7a71Hn4ajiE4uoLOoRXcfE=
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:08:17 2026 by rpki-client