Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/HmMFuzQNmbuZacVxvlbBqRTgz2I.roa
File: HmMFuzQNmbuZacVxvlbBqRTgz2I.roa (raw, json)
Hash identifier: dzW9UbNndqVVsySGnumWtM53MKNfGkprvjPA4eQ4mlc=
Subject key identifier: 1E:63:05:BB:34:0D:99:BB:99:69:C5:71:BE:56:C1:A9:14:E0:CF:62
Certificate issuer: /CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Certificate serial: 019B79EC125A9A598A95D509C009BCF64687
Authority key identifier: 52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/HmMFuzQNmbuZacVxvlbBqRTgz2I.roa
Signing time: Thu 01 Jan 2026 14:17:52 +0000
ROA not before: Thu 01 Jan 2026 14:17:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35322
IP address blocks: 91.192.140.0/22 maxlen: 22
91.192.140.0/24 maxlen: 24
91.192.141.0/24 maxlen: 24
91.192.142.0/24 maxlen: 24
91.192.143.0/24 maxlen: 24
193.239.230.0/23 maxlen: 23
193.239.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ec:12:5a:9a:59:8a:95:d5:09:c0:09:bc:f6:46:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Validity
Not Before: Jan 1 14:17:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e6305bb340d99bb9969c571be56c1a914e0cf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:c3:c5:47:de:b2:6b:46:09:81:f4:a8:14:
aa:2d:a1:21:6a:bf:15:aa:9a:3b:22:28:a3:89:58:
61:dc:95:11:5f:a1:fb:14:1b:7f:9c:d8:ec:2b:52:
3b:b2:e2:25:47:dc:cf:c4:b3:8d:ad:bd:4d:51:00:
62:ba:48:cb:f3:1b:7f:a5:72:7f:09:69:ff:35:87:
37:d7:f0:4d:20:4d:34:78:0c:1e:2b:33:57:ae:d2:
ec:f0:71:08:da:0b:99:ef:74:2c:fa:dd:f3:fc:c8:
ee:a9:53:d9:a7:da:3b:6f:a1:5e:7a:1c:74:0e:1b:
67:da:d0:09:cc:49:64:f5:03:8d:f3:7d:f3:7b:d8:
d1:98:df:25:5f:98:15:61:ca:1b:10:87:72:e2:98:
e0:18:f4:37:52:f3:02:c9:4a:c2:49:ef:d8:68:b0:
89:d9:f7:e2:c5:a9:6f:1d:d5:5f:66:36:7e:87:89:
98:60:42:ef:38:aa:af:67:0b:e0:c3:f8:99:bc:d6:
19:ad:be:31:88:25:bf:de:38:30:ce:82:80:7b:93:
fb:02:f6:c1:dc:75:80:b0:7f:ae:d1:5d:08:d5:7b:
9c:59:34:a7:d5:4c:da:90:1d:ff:67:f1:a3:e6:0f:
c8:17:58:56:da:1c:9f:75:32:99:7a:09:c4:26:45:
a9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:63:05:BB:34:0D:99:BB:99:69:C5:71:BE:56:C1:A9:14:E0:CF:62
X509v3 Authority Key Identifier:
keyid:52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/HmMFuzQNmbuZacVxvlbBqRTgz2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.140.0/22
193.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
34:cc:67:0e:40:33:ac:d7:fd:e6:c4:29:8f:f2:e1:95:4d:11:
f1:47:aa:0c:0a:9c:b4:be:ad:20:3b:fb:d9:d6:dd:d0:af:54:
a0:18:37:39:6b:0d:d1:52:13:87:42:c5:da:ed:de:32:25:4a:
f6:0a:c4:58:81:8b:a5:2a:6e:a1:bf:b4:f6:9e:f1:12:83:78:
c1:3d:79:7c:8c:b6:de:88:ba:11:60:f1:00:f2:0a:91:f3:32:
74:7e:b0:c8:8a:26:d7:38:a1:ad:f8:9d:36:ca:56:42:c0:e9:
7c:39:ed:b9:ba:6d:2c:14:a8:e4:d0:11:60:57:82:ac:69:4b:
5e:de:8e:80:5f:2e:13:51:a0:bc:de:cf:d0:90:1b:74:0c:88:
d7:93:27:1f:74:73:aa:77:5a:9f:47:11:83:5d:b5:04:93:ac:
42:f5:ee:32:8c:51:4f:80:60:51:71:8d:ae:8d:ab:7f:1d:03:
57:95:05:35:fc:b2:cd:a3:42:aa:42:bd:d2:56:92:23:0a:4e:
44:f7:7a:85:12:b3:b0:b7:96:d0:f0:25:8a:58:ac:23:92:c3:
88:e0:6e:82:db:85:c1:81:6c:69:61:33:5e:bb:ef:f8:52:9c:
bd:65:6a:14:20:73:16:95:8a:7e:d1:70:38:c7:b7:82:b6:50:
80:5e:6d:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt57BJamlmKldUJwAm89kaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmFiNmQzNjBlOTNkOThmY2U5ZTc4ODhlNTY0YmQ0NjRl
ODllOGEwHhcNMjYwMTAxMTQxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYzMDViYjM0MGQ5OWJiOTk2OWM1NzFiZTU2YzFhOTE0ZTBjZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxPDxUfesmtGCYH0qBSqLaEhar8V
qpo7IiijiVhh3JURX6H7FBt/nNjsK1I7suIlR9zPxLONrb1NUQBiukjL8xt/pXJ/
CWn/NYc31/BNIE00eAweKzNXrtLs8HEI2guZ73Qs+t3z/MjuqVPZp9o7b6Feehx0
Dhtn2tAJzElk9QON833ze9jRmN8lX5gVYcobEIdy4pjgGPQ3UvMCyUrCSe/YaLCJ
2ffixalvHdVfZjZ+h4mYYELvOKqvZwvgw/iZvNYZrb4xiCW/3jgwzoKAe5P7AvbB
3HWAsH+u0V0I1XucWTSn1UzakB3/Z/Gj5g/IF1hW2hyfdTKZegnEJkWpIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5jBbs0DZm7mWnFcb5WwakU4M9iMB8GA1UdIwQY
MBaAFFK6ttNg6T2Y/OnniI5WS9Rk6J6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYt
MmZkZmUzNTA3YTJmLzEvSG1NRnV6UU5tYnVaYWNWeHZsYkJxUlRnejJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYtMmZkZmUzNTA3YTJm
LzEvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8CMAwQB
we/mMA0GCSqGSIb3DQEBCwUAA4IBAQA0zGcOQDOs1/3mxCmP8uGVTRHxR6oMCpy0
vq0gO/vZ1t3Qr1SgGDc5aw3RUhOHQsXa7d4yJUr2CsRYgYulKm6hv7T2nvESg3jB
PXl8jLbeiLoRYPEA8gqR8zJ0frDIiibXOKGt+J02ylZCwOl8Oe25um0sFKjk0BFg
V4KsaUte3o6AXy4TUaC83s/QkBt0DIjXkycfdHOqd1qfRxGDXbUEk6xC9e4yjFFP
gGBRcY2ujat/HQNXlQU1/LLNo0KqQr3SVpIjCk5E93qFErOwt5bQ8CWKWKwjksOI
4G6C24XBgWxpYTNeu+/4Upy9ZWoUIHMWlYp+0XA4x7eCtlCAXm1m
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:04:38 2026 by rpki-client