Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HlU80qVHfg9aL2zhsIxglzvH0gk.roa
File: HlU80qVHfg9aL2zhsIxglzvH0gk.roa (raw, json)
Hash identifier: elzflqJbrv+phPhbHMYk4zxkXdBWUPejC448Mo9aXfY=
Subject key identifier: 1E:55:3C:D2:A5:47:7E:0F:5A:2F:6C:E1:B0:8C:60:97:3B:C7:D2:09
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D9675E1CD396D2CD4F7A2C25634CE7DE8
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HlU80qVHfg9aL2zhsIxglzvH0gk.roa
Signing time: Thu 16 Apr 2026 13:23:21 +0000
ROA not before: Thu 16 Apr 2026 13:23:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 82.108.64.0/22 maxlen: 22
87.82.200.0/22 maxlen: 22
87.82.204.0/23 maxlen: 23
87.82.208.0/23 maxlen: 23
87.82.211.0/24 maxlen: 24
87.83.37.0/24 maxlen: 24
87.83.38.0/24 maxlen: 24
87.83.40.0/24 maxlen: 24
87.83.42.0/23 maxlen: 23
87.83.76.0/22 maxlen: 22
87.84.50.0/23 maxlen: 23
87.84.72.0/24 maxlen: 24
87.84.74.0/23 maxlen: 23
87.84.136.0/24 maxlen: 24
87.84.138.0/24 maxlen: 24
87.84.148.0/23 maxlen: 23
87.84.181.0/24 maxlen: 24
87.84.184.0/23 maxlen: 23
87.86.6.0/23 maxlen: 23
87.86.15.0/24 maxlen: 24
87.86.26.0/24 maxlen: 24
195.40.3.0/24 maxlen: 24
195.40.14.0/23 maxlen: 23
195.40.64.0/23 maxlen: 23
195.40.66.0/23 maxlen: 23
195.40.68.0/23 maxlen: 23
195.40.79.0/24 maxlen: 24
195.40.81.0/24 maxlen: 24
195.40.84.0/24 maxlen: 24
195.40.90.0/24 maxlen: 24
195.40.93.0/24 maxlen: 24
195.40.98.0/23 maxlen: 23
195.40.102.0/23 maxlen: 23
195.40.124.0/23 maxlen: 23
195.40.126.0/23 maxlen: 23
195.40.164.0/23 maxlen: 23
195.40.168.0/23 maxlen: 23
195.40.170.0/23 maxlen: 23
195.40.172.0/23 maxlen: 23
195.40.174.0/23 maxlen: 23
195.40.190.0/23 maxlen: 23
195.172.126.0/23 maxlen: 23
195.172.146.0/23 maxlen: 23
195.172.148.0/23 maxlen: 23
195.172.208.0/23 maxlen: 23
212.135.14.0/23 maxlen: 23
212.135.176.0/23 maxlen: 24
212.135.182.0/23 maxlen: 23
212.135.184.0/23 maxlen: 23
212.135.186.0/23 maxlen: 23
212.135.188.0/24 maxlen: 24
212.135.216.0/23 maxlen: 23
212.135.224.0/23 maxlen: 23
212.135.226.0/23 maxlen: 23
212.135.229.0/24 maxlen: 24
212.135.230.0/23 maxlen: 23
212.135.232.0/23 maxlen: 23
212.135.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:75:e1:cd:39:6d:2c:d4:f7:a2:c2:56:34:ce:7d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 16 13:23:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e553cd2a5477e0f5a2f6ce1b08c60973bc7d209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4a:a5:3d:5d:8a:7e:fb:4f:e7:fb:3a:3a:d3:
48:cf:27:5a:b7:70:fe:bf:db:05:95:dc:c5:57:eb:
fb:69:2b:03:e8:80:e6:ff:c2:f4:fe:e1:21:42:72:
17:03:b6:2d:30:77:7f:9f:17:0a:9e:0f:fb:aa:6e:
27:a1:d1:96:5e:9f:90:fe:80:dd:cd:49:7d:e5:b8:
ad:d5:67:06:72:00:9d:c0:02:97:bc:33:0d:e0:35:
dd:30:be:0c:26:cf:f6:6b:e8:b4:af:5a:fe:90:21:
09:97:e7:05:48:96:09:84:4d:2e:39:fe:cf:06:9e:
7d:b6:bb:91:5a:29:71:2b:04:ce:e5:c1:59:fb:c5:
ce:d4:9c:4c:28:b0:63:9e:da:e6:31:8a:b8:36:eb:
44:bc:22:66:b8:26:3b:68:e3:32:9e:ba:e2:a4:bb:
72:ee:cb:c6:91:70:66:a3:79:42:9c:9b:25:5f:84:
44:8f:77:2c:f4:e2:00:e6:c4:50:77:7a:ed:e1:cc:
59:74:9e:64:f0:a4:15:bf:e5:20:02:fd:9d:cb:50:
2c:81:75:3e:3d:ed:be:95:0a:ad:c6:93:6b:c3:d2:
fd:73:82:2a:d2:8e:c7:95:d3:2c:07:52:b6:90:75:
94:fc:aa:cf:15:5b:ef:3c:73:74:3d:04:cd:cd:d2:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:55:3C:D2:A5:47:7E:0F:5A:2F:6C:E1:B0:8C:60:97:3B:C7:D2:09
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HlU80qVHfg9aL2zhsIxglzvH0gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.64.0/22
87.82.200.0-87.82.205.255
87.82.208.0/23
87.82.211.0/24
87.83.37.0-87.83.38.255
87.83.40.0/24
87.83.42.0/23
87.83.76.0/22
87.84.50.0/23
87.84.72.0/24
87.84.74.0/23
87.84.136.0/24
87.84.138.0/24
87.84.148.0/23
87.84.181.0/24
87.84.184.0/23
87.86.6.0/23
87.86.15.0/24
87.86.26.0/24
195.40.3.0/24
195.40.14.0/23
195.40.64.0-195.40.69.255
195.40.79.0/24
195.40.81.0/24
195.40.84.0/24
195.40.90.0/24
195.40.93.0/24
195.40.98.0/23
195.40.102.0/23
195.40.124.0/22
195.40.164.0/23
195.40.168.0/21
195.40.190.0/23
195.172.126.0/23
195.172.146.0-195.172.149.255
195.172.208.0/23
212.135.14.0/23
212.135.176.0/23
212.135.182.0-212.135.188.255
212.135.216.0/23
212.135.224.0/22
212.135.229.0-212.135.233.255
212.135.238.0/23
Signature Algorithm: sha256WithRSAEncryption
71:f6:63:43:25:47:01:b0:ef:34:5f:a7:cd:4c:a6:c5:b2:5e:
8f:1c:69:8b:7c:e2:7c:87:da:6f:42:06:f6:34:68:34:b5:15:
ab:4e:4f:c4:b5:ce:c3:d5:5a:61:3f:38:3c:4d:04:c2:85:fc:
69:96:41:35:a6:4e:ac:5d:13:9d:e4:c5:5a:99:0d:db:b4:a8:
4d:0e:cc:ce:79:36:2c:bb:88:df:07:e6:69:8f:75:bf:2d:aa:
a3:05:f6:15:1b:78:d3:fe:83:b2:e6:e4:ae:a1:1a:f9:be:a0:
0a:32:57:68:bb:84:2d:3a:03:ca:c0:51:97:59:6c:4e:53:29:
09:db:05:5b:63:34:7f:2e:9b:d3:02:03:c8:76:8e:90:c7:a4:
e5:5f:ee:a9:98:43:9f:d2:de:18:70:4e:b0:fd:30:3a:e9:66:
e4:ef:d1:fa:b9:ee:bb:e3:73:be:e4:86:2f:dc:e4:2d:52:aa:
15:30:46:35:d7:83:e7:b8:5c:e7:8b:08:79:a4:93:a3:4e:78:
95:49:e9:2a:cf:6c:e0:08:61:1e:fc:91:64:ac:4f:7d:a0:75:
b7:4b:59:df:5e:56:2a:d1:82:a7:1e:b8:34:7e:5d:4f:07:ac:
89:a7:f8:98:92:23:e8:eb:a9:26:c6:87:2e:d6:9d:54:c9:1c:
89:2e:b3:60
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAZ2WdeHNOW0s1PeiwlY0zn3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDE2MTMyMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU1M2NkMmE1NDc3ZTBmNWEyZjZjZTFiMDhjNjA5NzNiYzdkMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUqlPV2KfvtP5/s6OtNIzydat3D+
v9sFldzFV+v7aSsD6IDm/8L0/uEhQnIXA7YtMHd/nxcKng/7qm4nodGWXp+Q/oDd
zUl95bit1WcGcgCdwAKXvDMN4DXdML4MJs/2a+i0r1r+kCEJl+cFSJYJhE0uOf7P
Bp59truRWilxKwTO5cFZ+8XO1JxMKLBjntrmMYq4NutEvCJmuCY7aOMynrripLty
7svGkXBmo3lCnJslX4REj3cs9OIA5sRQd3rt4cxZdJ5k8KQVv+UgAv2dy1AsgXU+
Pe2+lQqtxpNrw9L9c4Iq0o7HldMsB1K2kHWU/KrPFVvvPHN0PQTNzdLvOwIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFB5VPNKlR34PWi9s4bCMYJc7x9IJMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSGxVODBxVkhmZzlhTDJ6aHNJeGdsenZIMGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAlJsQDAMAwQDV1LIAwQBV1LMAwQBV1LQAwQAV1LTMAwDBABXUyUDBABXUyYD
BABXUygDBAFXUyoDBAJXU0wDBAFXVDIDBABXVEgDBAFXVEoDBABXVIgDBABXVIoD
BAFXVJQDBABXVLUDBAFXVLgDBAFXVgYDBABXVg8DBABXVhoDBADDKAMDBAHDKA4w
DAMEBsMoQAMEAcMoRAMEAMMoTwMEAMMoUQMEAMMoVAMEAMMoWgMEAMMoXQMEAcMo
YgMEAcMoZgMEAsMofAMEAcMopAMEA8MoqAMEAcMovgMEAcOsfjAMAwQBw6ySAwQB
w6yUAwQBw6zQAwQB1IcOAwQB1IewMAwDBAHUh7YDBADUh7wDBAHUh9gDBALUh+Aw
DAMEANSH5QMEAdSH6AMEAdSH7jANBgkqhkiG9w0BAQsFAAOCAQEAcfZjQyVHAbDv
NF+nzUymxbJejxxpi3zifIfab0IG9jRoNLUVq05PxLXOw9VaYT84PE0EwoX8aZZB
NaZOrF0TneTFWpkN27SoTQ7Mznk2LLuI3wfmaY91vy2qowX2FRt40/6DsubkrqEa
+b6gCjJXaLuELToDysBRl1lsTlMpCdsFW2M0fy6b0wIDyHaOkMek5V/uqZhDn9Le
GHBOsP0wOulm5O/R+rnuu+NzvuSGL9zkLVKqFTBGNdeD57hc54sIeaSTo054lUnp
Ks9s4AhhHvyRZKxPfaB1t0tZ315WKtGCpx64NH5dTwesiaf4mJIj6OupJsaHLtad
VMkciS6zYA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:41:30 2026 by rpki-client