Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Hs7JKhJtwC6A36Kjs-_4TZrgnpk.roa
File: Hs7JKhJtwC6A36Kjs-_4TZrgnpk.roa (raw, json)
Hash identifier: 099VsdRInIr4UycUi5XaCXZzdZOiho1gkx4lV1EIJOk=
Subject key identifier: 1E:CE:C9:2A:12:6D:C0:2E:80:DF:A2:A3:B3:EF:F8:4D:9A:E0:9E:99
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 019E401EE04FC5DC5D4E12D001770DB7DE77
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Hs7JKhJtwC6A36Kjs-_4TZrgnpk.roa
Signing time: Tue 19 May 2026 12:03:45 +0000
ROA not before: Tue 19 May 2026 12:03:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56940
IP address blocks: 31.131.40.0/22 maxlen: 22
31.131.46.0/24 maxlen: 24
31.131.47.0/24 maxlen: 24
91.229.12.0/23 maxlen: 23
91.229.14.0/23 maxlen: 23
176.113.100.0/22 maxlen: 22
176.114.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:40:1e:e0:4f:c5:dc:5d:4e:12:d0:01:77:0d:b7:de:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 19 12:03:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ecec92a126dc02e80dfa2a3b3eff84d9ae09e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:21:61:f6:2d:66:e1:1e:39:c1:27:29:e2:
2d:39:0a:6f:05:15:69:c6:e2:42:9f:e9:3c:cf:e2:
ab:53:84:8c:20:63:65:24:e8:b5:08:98:26:46:fa:
6a:2d:7a:9b:1a:5b:1a:43:7e:68:77:c2:37:33:c1:
c4:53:ef:44:f7:37:07:1d:95:e7:e9:0a:b0:e9:4d:
8c:cf:a1:57:df:90:62:d5:32:92:a7:4d:32:57:b3:
16:4f:c3:1e:28:78:9a:74:43:57:77:f6:28:cc:b6:
87:18:28:07:89:eb:f7:a8:1f:5c:1c:95:b0:56:d4:
93:e2:37:99:87:15:f4:82:6b:8f:98:3a:87:a9:50:
9d:0f:76:57:bf:c8:8e:61:46:5f:c8:85:b3:19:42:
5a:8c:2e:17:e9:51:16:97:01:8c:00:9f:18:8b:70:
d1:eb:41:db:f8:da:8d:78:a5:fe:ae:12:d4:0c:b3:
d4:71:ad:17:08:73:67:ff:0c:cf:a2:f1:d6:6b:83:
75:bd:64:63:b8:dd:30:08:8e:1b:fd:a1:73:de:75:
fd:a5:88:76:13:91:12:8a:cf:a7:0a:d1:e8:ee:6e:
b3:3e:28:fd:69:a5:fa:a4:b0:b1:c7:96:cf:7f:f7:
51:ac:f1:97:85:65:52:59:6a:54:13:4f:58:d9:00:
0f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CE:C9:2A:12:6D:C0:2E:80:DF:A2:A3:B3:EF:F8:4D:9A:E0:9E:99
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Hs7JKhJtwC6A36Kjs-_4TZrgnpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.40.0/22
31.131.46.0/23
91.229.12.0/22
176.113.100.0/22
176.114.56.0/21
Signature Algorithm: sha256WithRSAEncryption
61:3f:6c:c1:7f:e3:8d:06:27:81:be:d2:63:6b:7e:91:17:96:
79:69:42:b0:65:a3:a8:ca:cb:50:53:f7:ec:e1:b8:65:61:cc:
8a:71:93:e8:fb:dd:68:f9:cf:d1:bf:e6:e4:87:77:81:82:0d:
83:46:e1:f0:14:82:ef:6f:e8:9b:29:22:53:76:97:27:91:e5:
c7:88:38:c1:18:08:6f:7e:06:b0:55:b5:35:3d:b7:9e:30:7a:
fb:7a:a2:62:dc:19:19:f4:b0:c5:80:01:cd:d2:c1:81:1c:e8:
6c:bc:aa:73:05:34:6f:5a:b1:41:d2:db:ca:a5:ec:d8:6f:f8:
c8:25:34:fe:e2:16:f9:1a:c8:89:ba:8f:8a:21:8a:a9:4c:97:
40:a2:67:12:12:17:8f:7c:89:db:5f:ee:ab:a1:32:59:c6:84:
bd:a3:6f:f4:69:4d:4e:82:d2:0f:3f:90:b6:26:da:22:bd:1d:
c7:dd:a9:a4:ed:b9:f4:3c:34:59:6a:ba:6c:7d:2e:4d:61:02:
6c:87:1e:ba:48:6b:49:56:65:22:82:7d:bb:38:da:b7:a9:fb:
da:c3:bc:2e:56:4b:99:73:b2:ff:53:b6:5f:fa:99:22:e2:20:
8e:ab:53:9c:cb:72:c7:3b:e4:cc:99:65:06:06:dd:f6:81:89:
70:8a:e6:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5AHuBPxdxdThLQAXcNt953MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjYwNTE5MTIwMzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWNlYzkyYTEyNmRjMDJlODBkZmEyYTNiM2VmZjg0ZDlhZTA5ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY4hYfYtZuEeOcEnKeItOQpvBRVp
xuJCn+k8z+KrU4SMIGNlJOi1CJgmRvpqLXqbGlsaQ35od8I3M8HEU+9E9zcHHZXn
6Qqw6U2Mz6FX35Bi1TKSp00yV7MWT8MeKHiadENXd/YozLaHGCgHiev3qB9cHJWw
VtST4jeZhxX0gmuPmDqHqVCdD3ZXv8iOYUZfyIWzGUJajC4X6VEWlwGMAJ8Yi3DR
60Hb+NqNeKX+rhLUDLPUca0XCHNn/wzPovHWa4N1vWRjuN0wCI4b/aFz3nX9pYh2
E5ESis+nCtHo7m6zPij9aaX6pLCxx5bPf/dRrPGXhWVSWWpUE09Y2QAPRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB7OySoSbcAugN+io7Pv+E2a4J6ZMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvSHM3SktoSnR3QzZBMzZLanMtXzRUWnJnbnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH4MoAwQB
H4MuAwQCW+UMAwQCsHFkAwQDsHI4MA0GCSqGSIb3DQEBCwUAA4IBAQBhP2zBf+ON
BieBvtJja36RF5Z5aUKwZaOoystQU/fs4bhlYcyKcZPo+91o+c/Rv+bkh3eBgg2D
RuHwFILvb+ibKSJTdpcnkeXHiDjBGAhvfgawVbU1PbeeMHr7eqJi3BkZ9LDFgAHN
0sGBHOhsvKpzBTRvWrFB0tvKpezYb/jIJTT+4hb5GsiJuo+KIYqpTJdAomcSEheP
fInbX+6roTJZxoS9o2/0aU1OgtIPP5C2JtoivR3H3amk7bn0PDRZarpsfS5NYQJs
hx66SGtJVmUign27ONq3qfvaw7wuVkuZc7L/U7Zf+pki4iCOq1Ocy3LHO+TMmWUG
Bt32gYlwiuYt
-----END CERTIFICATE-----
Generated at Sun Jun 14 03:58:30 2026 by rpki-client