Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/1HBoVtpeEwE1uY8lKI1iy4MINM0.roa
File: 1HBoVtpeEwE1uY8lKI1iy4MINM0.roa (raw, json)
Hash identifier: rICAqYpj28Fm8p3qxUy4lh7+XRzfVev+3QseeZH+tJc=
Subject key identifier: D4:70:68:56:DA:5E:13:01:35:B9:8F:25:28:8D:62:CB:83:08:34:CD
Certificate issuer: /CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Certificate serial: 019E0108032F0AA1D92A7232A7C04B68EF98
Authority key identifier: B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/1HBoVtpeEwE1uY8lKI1iy4MINM0.roa
Signing time: Thu 07 May 2026 06:02:42 +0000
ROA not before: Thu 07 May 2026 06:02:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21454
IP address blocks: 80.252.224.0/20 maxlen: 24
80.252.232.0/24 maxlen: 24
185.173.236.0/22 maxlen: 24
185.173.237.0/24 maxlen: 24
185.173.239.0/24 maxlen: 24
188.214.198.0/24 maxlen: 24
195.74.75.0/24 maxlen: 24
2a10:5340::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:08:03:2f:0a:a1:d9:2a:72:32:a7:c0:4b:68:ef:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Validity
Not Before: May 7 06:02:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d4706856da5e130135b98f25288d62cb830834cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:89:2e:e0:60:dd:85:99:b5:e8:43:f3:b6:
80:69:b2:9a:0a:fe:d4:a3:73:7f:c2:d7:21:ae:60:
92:5d:21:ea:0c:c8:a1:73:84:fa:9d:8d:62:e4:e8:
cc:f5:01:58:9d:28:ec:02:9e:59:b5:29:a0:1d:76:
6c:32:b8:be:42:a4:49:6f:9d:24:14:cf:42:7a:d8:
be:a3:39:96:1c:fe:da:47:ee:86:f1:c2:2e:b6:1b:
70:f7:f7:fa:ee:6c:76:bf:e8:d8:26:71:fd:cd:2c:
ab:aa:1a:d5:66:13:ca:45:63:5c:ca:2e:3b:92:5a:
68:aa:92:d1:ea:66:27:53:ef:d2:64:1f:6c:b9:4d:
fb:22:fa:ee:29:63:23:36:61:25:f1:31:d7:32:37:
88:56:0e:46:f5:d6:49:e5:fa:81:57:dd:89:20:c6:
ab:ad:41:81:27:23:cd:db:60:15:2a:4c:94:60:bd:
4e:d7:46:b5:bd:b6:76:d3:e9:bb:6e:3b:bd:30:c7:
02:7c:66:94:2b:d2:ad:54:8d:95:0c:a6:cd:b7:67:
6e:2c:2e:30:13:e5:db:ef:b2:a2:24:62:85:1d:f3:
a0:cb:8c:4d:76:57:fe:9d:5d:07:fe:f8:0c:6e:d7:
fd:1e:f7:f7:0d:3e:1e:bf:62:da:59:66:c4:a1:93:
92:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:70:68:56:DA:5E:13:01:35:B9:8F:25:28:8D:62:CB:83:08:34:CD
X509v3 Authority Key Identifier:
keyid:B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/1HBoVtpeEwE1uY8lKI1iy4MINM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.224.0/20
185.173.236.0/22
188.214.198.0/24
195.74.75.0/24
IPv6:
2a10:5340::/29
Signature Algorithm: sha256WithRSAEncryption
0f:3c:5e:36:4a:8b:5a:2d:ed:b8:6f:04:da:45:a1:47:67:4c:
cb:72:c8:fb:eb:54:90:64:69:d8:c3:c2:2c:a2:1a:bc:96:97:
92:98:1c:d9:43:48:69:8f:7f:2f:30:88:36:29:b4:fa:f2:07:
00:cb:b9:92:e6:d6:27:c3:c8:fc:fc:e7:7e:e7:1e:8d:0e:55:
27:e5:d5:b6:9a:c4:74:17:c5:d7:da:80:aa:75:43:75:36:54:
a0:8f:e1:79:50:67:b3:97:af:2f:80:8c:ba:82:50:61:bb:df:
f2:92:0e:03:92:0e:17:90:e1:e2:7e:68:f1:89:2e:84:18:93:
4e:7a:25:b0:e1:2e:cc:29:ee:6a:e4:b0:f8:55:06:17:fb:f6:
2e:ef:8e:36:d5:96:a0:f0:19:10:32:94:e4:ae:cc:bb:92:29:
7c:43:86:5d:92:84:e4:43:33:50:89:5c:e5:39:e2:be:f7:3f:
68:cd:f4:08:58:d5:55:24:b0:b1:9b:82:a3:33:38:50:ec:59:
57:aa:11:c9:5b:4c:ce:8c:ae:fa:91:80:d4:fa:0e:b1:98:0b:
13:83:f1:70:20:75:f9:a0:2a:8c:af:7e:8c:21:a4:72:95:9c:
d6:eb:bc:b6:f5:f0:5e:d2:e3:7f:43:e4:d8:53:8c:38:3a:97:
38:01:e5:06
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ4BCAMvCqHZKnIyp8BLaO+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTJkYzIzNDBjNTMwOWI2M2ViYTIzY2ZiZTdlZWQxMWI3
NGFmNDcwHhcNMjYwNTA3MDYwMjQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcwNjg1NmRhNWUxMzAxMzViOThmMjUyODhkNjJjYjgzMDgzNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PqJLuBg3YWZtehD87aAabKaCv7U
o3N/wtchrmCSXSHqDMihc4T6nY1i5OjM9QFYnSjsAp5ZtSmgHXZsMri+QqRJb50k
FM9Ceti+ozmWHP7aR+6G8cIuthtw9/f67mx2v+jYJnH9zSyrqhrVZhPKRWNcyi47
klpoqpLR6mYnU+/SZB9suU37IvruKWMjNmEl8THXMjeIVg5G9dZJ5fqBV92JIMar
rUGBJyPN22AVKkyUYL1O10a1vbZ20+m7bju9MMcCfGaUK9KtVI2VDKbNt2duLC4w
E+Xb77KiJGKFHfOgy4xNdlf+nV0H/vgMbtf9Hvf3DT4ev2LaWWbEoZOSLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNRwaFbaXhMBNbmPJSiNYsuDCDTNMB8GA1UdIwQY
MBaAFLni3CNAxTCbY+uiPPvn7tEbdK9HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUt
OWNiZWRjZWM4NmQ2LzEvMUhCb1Z0cGVFd0UxdVk4bEtJMWl5NE1JTk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUtOWNiZWRjZWM4NmQ2
LzEvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPzgAwQC
ua3sAwQAvNbGAwQAw0pLMA0EAgACMAcDBQMqEFNAMA0GCSqGSIb3DQEBCwUAA4IB
AQAPPF42SotaLe24bwTaRaFHZ0zLcsj761SQZGnYw8Isohq8lpeSmBzZQ0hpj38v
MIg2KbT68gcAy7mS5tYnw8j8/Od+5x6NDlUn5dW2msR0F8XX2oCqdUN1NlSgj+F5
UGezl68vgIy6glBhu9/ykg4Dkg4XkOHifmjxiS6EGJNOeiWw4S7MKe5q5LD4VQYX
+/Yu74421Zag8BkQMpTkrsy7kil8Q4ZdkoTkQzNQiVzlOeK+9z9ozfQIWNVVJLCx
m4KjMzhQ7FlXqhHJW0zOjK76kYDU+g6xmAsTg/FwIHX5oCqMr36MIaRylZzW67y2
9fBe0uN/Q+TYU4w4Opc4AeUG
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:53:41 2026 by rpki-client