Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/hcZloSkdYGK9XCrWm4CVMOF43yE.roa
File: hcZloSkdYGK9XCrWm4CVMOF43yE.roa (raw, json)
Hash identifier: H1sw03Ihy1EfiycGZPoaW/9VUod2H1404tJdc89TOyM=
Subject key identifier: 85:C6:65:A1:29:1D:60:62:BD:5C:2A:D6:9B:80:95:30:E1:78:DF:21
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 019EA8246C482483DB804018439E2ACB8450
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/hcZloSkdYGK9XCrWm4CVMOF43yE.roa
Signing time: Mon 08 Jun 2026 16:50:19 +0000
ROA not before: Mon 08 Jun 2026 16:50:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210099
IP address blocks: 46.31.78.0/24 maxlen: 24
85.117.236.0/24 maxlen: 24
85.117.237.0/24 maxlen: 24
85.117.238.0/24 maxlen: 24
185.17.112.0/24 maxlen: 24
185.17.113.0/24 maxlen: 24
185.17.114.0/24 maxlen: 24
185.17.115.0/24 maxlen: 24
185.73.200.0/24 maxlen: 24
185.73.201.0/24 maxlen: 24
185.73.202.0/24 maxlen: 24
185.73.203.0/24 maxlen: 24
2a04:7c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:24:6c:48:24:83:db:80:40:18:43:9e:2a:cb:84:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: Jun 8 16:50:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=85c665a1291d6062bd5c2ad69b809530e178df21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:c2:bb:4d:95:d8:88:61:8c:50:e5:6d:cc:
e9:5e:45:5e:51:0d:a4:a5:14:5d:0d:c2:45:d1:b9:
ea:57:e1:65:5e:d6:9e:b0:e0:02:f4:6a:e6:35:94:
a1:7c:20:9f:89:be:af:3f:d1:69:09:9e:59:4b:5c:
60:85:ec:b0:40:b5:96:98:ea:7c:05:be:76:68:bc:
87:34:99:de:66:ab:62:0f:f9:57:cd:d4:d8:8c:07:
f4:d5:3e:7c:32:7f:30:63:6d:e8:a3:5b:2f:51:51:
e2:f0:b4:19:56:87:b3:bc:0a:5e:15:71:4d:c7:e1:
50:27:b1:51:7f:24:37:ef:ac:6b:40:e5:76:8b:8a:
9e:bf:25:f1:e1:6d:e8:0b:02:4a:c5:03:13:00:21:
12:3c:38:ab:29:63:77:fd:ad:e0:96:b3:e1:fb:e4:
e1:ca:14:2b:4e:9c:c7:53:fa:51:97:08:5d:b2:ca:
1f:4d:e4:d9:01:49:05:54:7d:a4:13:05:35:da:e2:
eb:ea:2f:b3:b2:6a:c6:0a:f9:2f:16:94:05:95:a9:
a5:dd:fb:bf:71:d6:ec:34:75:98:0f:be:8d:48:77:
8f:9f:3c:27:c1:cd:61:80:c2:3d:34:c5:e6:3f:86:
7d:4d:c5:59:e5:be:72:e0:39:77:8a:24:ce:06:e3:
27:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C6:65:A1:29:1D:60:62:BD:5C:2A:D6:9B:80:95:30:E1:78:DF:21
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/hcZloSkdYGK9XCrWm4CVMOF43yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.78.0/24
85.117.236.0-85.117.238.255
185.17.112.0/22
185.73.200.0/22
IPv6:
2a04:7c1::/32
Signature Algorithm: sha256WithRSAEncryption
93:71:98:82:99:e6:a0:56:55:2a:94:1d:05:3b:3c:0c:44:d0:
f1:f2:72:19:97:28:79:50:40:4a:5d:fc:67:c6:30:0e:54:e4:
76:da:c2:d9:6a:c1:43:4a:ca:30:fb:a8:1c:6d:1f:33:d9:a1:
9c:dc:0d:0e:ca:fc:85:27:33:85:e2:76:ad:6c:dd:c0:8d:ab:
54:14:cc:8d:a1:c0:1b:88:21:7f:2d:9d:f6:f7:1e:1d:ea:8e:
6f:c5:d7:4e:df:b7:52:bd:42:c8:57:1f:be:89:d7:ea:5b:8d:
ff:1f:bf:6d:ec:0f:0d:3d:53:6e:9e:ac:9d:b8:b1:c8:60:4c:
89:fc:01:38:ca:27:3c:4c:bb:06:32:d5:2b:7c:2d:03:1f:97:
bd:ab:17:da:13:6a:5d:7f:48:6a:9e:22:ad:55:1a:85:fd:79:
8b:05:90:39:48:0a:13:34:ed:4a:bd:e7:09:8d:ba:ec:b2:ae:
49:18:6c:ab:1b:f7:a0:ab:23:37:5b:d7:65:7b:e3:85:cf:59:
82:c8:bb:33:19:54:c4:c1:83:f8:59:46:f6:61:38:53:69:f5:
80:7d:fc:f2:df:8d:ba:bd:ac:f2:ac:ea:a1:8f:b4:44:2f:99:
a6:3d:5c:af:79:66:5c:ab:fd:f7:80:41:19:66:5b:5b:88:97:
11:2f:b1:19
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ6oJGxIJIPbgEAYQ54qy4RQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjYwNjA4MTY1MDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM2NjVhMTI5MWQ2MDYyYmQ1YzJhZDY5YjgwOTUzMGUxNzhkZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHjCu02V2IhhjFDlbczpXkVeUQ2k
pRRdDcJF0bnqV+FlXtaesOAC9GrmNZShfCCfib6vP9FpCZ5ZS1xgheywQLWWmOp8
Bb52aLyHNJneZqtiD/lXzdTYjAf01T58Mn8wY23oo1svUVHi8LQZVoezvApeFXFN
x+FQJ7FRfyQ376xrQOV2i4qevyXx4W3oCwJKxQMTACESPDirKWN3/a3glrPh++Th
yhQrTpzHU/pRlwhdssofTeTZAUkFVH2kEwU12uLr6i+zsmrGCvkvFpQFlaml3fu/
cdbsNHWYD76NSHePnzwnwc1hgMI9NMXmP4Z9TcVZ5b5y4Dl3iiTOBuMnHwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIXGZaEpHWBivVwq1puAlTDheN8hMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvaGNabG9Ta2RZR0s5WENyV200Q1ZNT0Y0M3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQALh9OMAwD
BAJVdewDBABVde4DBAK5EXADBAK5ScgwDQQCAAIwBwMFACoEB8EwDQYJKoZIhvcN
AQELBQADggEBAJNxmIKZ5qBWVSqUHQU7PAxE0PHychmXKHlQQEpd/GfGMA5U5Hba
wtlqwUNKyjD7qBxtHzPZoZzcDQ7K/IUnM4Xidq1s3cCNq1QUzI2hwBuIIX8tnfb3
Hh3qjm/F107ft1K9QshXH76J1+pbjf8fv23sDw09U26erJ24schgTIn8ATjKJzxM
uwYy1St8LQMfl72rF9oTal1/SGqeIq1VGoX9eYsFkDlIChM07Uq95wmNuuyyrkkY
bKsb96CrIzdb12V744XPWYLIuzMZVMTBg/hZRvZhOFNp9YB9/PLfjbq9rPKs6qGP
tEQvmaY9XK95Zlyr/feAQRlmW1uIlxEvsRk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:22 2026 by rpki-client