Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/h_yjq7AmhSaSJ2TqEYTtarEnp7c.roa
File: h_yjq7AmhSaSJ2TqEYTtarEnp7c.roa (raw, json)
Hash identifier: 2lWs2bC7i2HgN7Q/Gmo0OtQZ5nH0I3WfwhHR9PEz0Mw=
Subject key identifier: 87:FC:A3:AB:B0:26:85:26:92:27:64:EA:11:84:ED:6A:B1:27:A7:B7
Certificate issuer: /CN=1a753613b4220f68f2b546d092a230bed6edacb8
Certificate serial: 019B7A5ABCA491F234B57A40E1D772C88518
Authority key identifier: 1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/h_yjq7AmhSaSJ2TqEYTtarEnp7c.roa
Signing time: Thu 01 Jan 2026 16:18:45 +0000
ROA not before: Thu 01 Jan 2026 16:18:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57247
IP address blocks: 194.116.230.0/24 maxlen: 24
2a02:4680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5a:bc:a4:91:f2:34:b5:7a:40:e1:d7:72:c8:85:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a753613b4220f68f2b546d092a230bed6edacb8
Validity
Not Before: Jan 1 16:18:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=87fca3abb0268526922764ea1184ed6ab127a7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e3:ca:34:15:ad:ff:60:b1:53:d5:c9:e5:53:
75:d5:19:6c:5a:7c:4f:45:58:a5:27:f6:16:8b:87:
fa:8e:77:b0:34:52:f4:83:1b:1c:b9:03:61:00:f2:
be:a1:c2:67:59:09:e4:67:6d:80:e9:60:77:80:f5:
31:e6:7c:c9:24:12:82:a6:dc:6c:22:9d:96:fc:3b:
89:00:f6:7c:77:0d:a1:94:5e:96:f4:6d:65:a2:4a:
1a:c1:4a:9c:f6:af:0a:3f:63:5d:86:e3:49:0f:1e:
40:e3:88:ae:c1:83:fb:3c:11:62:b7:11:43:6f:7f:
b7:a7:cb:37:de:ab:bc:b4:cb:8d:72:5d:69:ca:ae:
00:f1:f5:5e:23:25:e4:67:7e:e6:2a:4f:d1:db:51:
19:ee:46:5a:6c:42:c9:d8:33:27:99:0c:94:c8:26:
08:83:d1:59:ac:2a:c5:65:a9:4a:99:3f:41:ec:66:
a3:07:0a:b0:f9:01:52:26:82:74:d7:0a:2a:11:62:
43:be:4a:08:7e:c4:ef:88:d0:1c:b2:62:54:86:c9:
71:a7:ac:de:1a:a5:0d:f2:29:d3:e9:83:cd:20:91:
2a:8b:bf:6d:fd:63:a9:2b:17:11:58:57:bf:2f:21:
78:bf:68:18:ad:56:17:75:f7:bc:70:bc:06:b3:71:
a6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FC:A3:AB:B0:26:85:26:92:27:64:EA:11:84:ED:6A:B1:27:A7:B7
X509v3 Authority Key Identifier:
keyid:1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/h_yjq7AmhSaSJ2TqEYTtarEnp7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.230.0/24
IPv6:
2a02:4680::/29
Signature Algorithm: sha256WithRSAEncryption
94:76:5d:fc:db:31:b2:b0:47:71:9e:e7:81:ad:2c:0d:ae:4e:
d2:48:ab:db:85:9d:91:fd:ac:e8:44:61:6d:24:c0:6e:2b:da:
2f:88:ff:01:c7:b2:a8:db:91:69:e4:2e:70:fe:33:a3:1c:72:
e2:1a:10:21:23:ab:bc:40:ba:bb:47:0d:80:cb:99:af:16:cb:
ff:db:d0:5d:f8:2f:56:4f:3a:28:3c:92:e3:a7:f1:2c:54:53:
e7:6d:46:dd:95:ed:d0:8e:fd:04:1d:a3:7e:02:95:05:07:62:
6f:1c:d7:fd:e9:f3:89:1f:d0:15:aa:73:ac:d7:93:14:3a:5c:
bb:7e:14:8f:78:ad:f4:06:d2:32:1d:b3:8c:1f:a9:f6:d4:88:
c3:02:33:e5:0d:4e:11:ec:ac:b2:6f:40:75:5a:15:eb:0e:1a:
1f:cc:5a:26:48:10:93:41:ed:eb:f4:7b:50:13:82:7d:91:ef:
b0:df:92:25:d6:dc:6f:5c:84:fe:d3:c4:22:85:75:e8:07:5d:
7f:58:81:78:84:ba:0b:15:02:86:cc:2d:07:87:61:56:d4:1f:
b5:b2:32:87:1b:ea:83:f5:0c:cb:80:26:c7:66:4b:ec:e2:e0:
a3:ce:4e:2b:ea:b1:e8:dc:08:e7:35:d3:d0:5c:ab:9e:ff:85:
31:fa:05:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt6WrykkfI0tXpA4ddyyIUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzUzNjEzYjQyMjBmNjhmMmI1NDZkMDkyYTIzMGJlZDZl
ZGFjYjgwHhcNMjYwMTAxMTYxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZjYTNhYmIwMjY4NTI2OTIyNzY0ZWExMTg0ZWQ2YWIxMjdhN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkePKNBWt/2CxU9XJ5VN11RlsWnxP
RVilJ/YWi4f6jnewNFL0gxscuQNhAPK+ocJnWQnkZ22A6WB3gPUx5nzJJBKCptxs
Ip2W/DuJAPZ8dw2hlF6W9G1lokoawUqc9q8KP2NdhuNJDx5A44iuwYP7PBFitxFD
b3+3p8s33qu8tMuNcl1pyq4A8fVeIyXkZ37mKk/R21EZ7kZabELJ2DMnmQyUyCYI
g9FZrCrFZalKmT9B7GajBwqw+QFSJoJ01woqEWJDvkoIfsTviNAcsmJUhslxp6ze
GqUN8inT6YPNIJEqi79t/WOpKxcRWFe/LyF4v2gYrVYXdfe8cLwGs3GmqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIf8o6uwJoUmkidk6hGE7WqxJ6e3MB8GA1UdIwQY
MBaAFBp1NhO0Ig9o8rVG0JKiML7W7ay4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYt
NjA5ZmE0ZTU0MDY3LzEvaF95anE3QW1oU2FTSjJUcUVZVHRhckVucDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYtNjA5ZmE0ZTU0MDY3
LzEvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnTmMA0E
AgACMAcDBQMqAkaAMA0GCSqGSIb3DQEBCwUAA4IBAQCUdl382zGysEdxnueBrSwN
rk7SSKvbhZ2R/azoRGFtJMBuK9oviP8Bx7Ko25Fp5C5w/jOjHHLiGhAhI6u8QLq7
Rw2Ay5mvFsv/29Bd+C9WTzooPJLjp/EsVFPnbUbdle3Qjv0EHaN+ApUFB2JvHNf9
6fOJH9AVqnOs15MUOly7fhSPeK30BtIyHbOMH6n21IjDAjPlDU4R7Kyyb0B1WhXr
DhofzFomSBCTQe3r9HtQE4J9ke+w35Il1txvXIT+08QihXXoB11/WIF4hLoLFQKG
zC0Hh2FW1B+1sjKHG+qD9QzLgCbHZkvs4uCjzk4r6rHo3AjnNdPQXKue/4Ux+gWP
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:45:17 2026 by rpki-client