Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/hXdgp8zgmG7JYs_k37tuaNt0law.roa
File: hXdgp8zgmG7JYs_k37tuaNt0law.roa (raw, json)
Hash identifier: XCDaAPor8tbWo85ZTNfTXsO+zViuoLRUnnO/NnA5uPk=
Subject key identifier: 85:77:60:A7:CC:E0:98:6E:C9:62:CF:E4:DF:BB:6E:68:DB:74:95:AC
Certificate issuer: /CN=612423536e51f94fabfc50acf944d798aacf403f
Certificate serial: 019B7F833ABFBC736244E8C37BAB2904CE06
Authority key identifier: 61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/hXdgp8zgmG7JYs_k37tuaNt0law.roa
Signing time: Fri 02 Jan 2026 16:21:05 +0000
ROA not before: Fri 02 Jan 2026 16:21:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41766
IP address blocks: 193.37.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:3a:bf:bc:73:62:44:e8:c3:7b:ab:29:04:ce:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612423536e51f94fabfc50acf944d798aacf403f
Validity
Not Before: Jan 2 16:21:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=857760a7cce0986ec962cfe4dfbb6e68db7495ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:9b:bc:47:79:d4:c5:2e:de:51:11:f8:cd:
4e:e5:4d:61:ba:7f:19:0a:ee:a2:87:bd:d3:1b:b6:
a7:f4:ef:73:44:41:01:52:42:f5:20:18:84:3a:fd:
22:e9:54:50:d4:87:41:08:c8:35:ef:b3:0f:fa:d2:
06:c7:88:9d:df:d6:7c:19:9a:38:01:b3:bd:a0:33:
f3:36:40:c0:0a:f0:ae:1e:f2:79:65:52:d3:54:84:
c4:65:22:c7:5f:aa:02:ae:78:3c:90:2c:ae:15:5a:
2b:df:42:62:4a:4f:17:92:7a:32:f5:e9:5e:1a:d9:
b2:e3:0b:52:c9:d9:aa:a7:a9:8d:b8:00:02:65:92:
67:17:01:98:6c:cc:5f:50:54:be:82:ea:71:b3:67:
65:5a:98:11:1c:13:eb:ad:ee:b4:b1:e4:e8:e8:bd:
0c:f4:0a:6a:cb:a3:7b:ae:dc:8d:c5:b2:5c:2f:3b:
aa:bd:cc:95:52:29:ac:49:a7:c4:3c:cb:d1:82:91:
1d:08:7c:21:0a:9f:ef:c5:a4:b5:db:ea:22:d4:1c:
38:2c:0a:e3:d7:16:7c:79:ee:d3:69:9c:36:3c:e1:
7a:cb:cf:06:3e:d1:70:10:e3:da:58:85:a7:b1:19:
96:13:38:4f:45:39:2f:5c:de:d1:02:0e:00:26:98:
b6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:77:60:A7:CC:E0:98:6E:C9:62:CF:E4:DF:BB:6E:68:DB:74:95:AC
X509v3 Authority Key Identifier:
keyid:61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/hXdgp8zgmG7JYs_k37tuaNt0law.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.147.0/24
Signature Algorithm: sha256WithRSAEncryption
80:63:42:8a:58:42:60:79:ba:cf:f6:c4:08:fa:84:f1:c3:b7:
de:d7:e4:0b:6f:b6:00:4a:9a:c5:f6:f7:a1:9d:25:60:54:0a:
2f:6f:08:df:7c:8e:88:ab:65:b1:6f:e4:69:2f:bd:fd:2d:dc:
a6:7c:53:fe:a6:ae:ca:ba:fd:8f:48:44:c0:78:b1:26:6d:c8:
20:3d:f4:31:a9:ab:c0:6e:71:b2:92:c1:26:c7:69:14:03:54:
27:5d:b0:4e:76:3a:1d:72:fe:51:50:c2:d5:99:54:17:05:eb:
4b:a5:6a:4c:b2:d5:73:d2:da:7a:0b:08:0f:a1:9a:d1:ac:67:
0a:90:5b:4f:93:c0:b6:10:de:37:72:62:52:98:7a:2c:4a:09:
ff:58:96:03:5e:21:c3:b2:14:79:af:89:e7:0d:6d:b4:a9:cc:
99:8a:e0:e5:0f:b5:73:13:72:49:8c:12:dd:dc:55:e3:c4:c5:
8c:5d:21:e6:8c:b4:31:b1:d8:75:1b:6f:b3:be:c9:6a:64:b5:
da:90:da:10:9a:ec:15:07:29:41:22:7f:44:cd:88:29:63:7b:
87:aa:3d:57:b8:9e:4b:f0:14:65:0c:34:6c:43:10:04:f0:05:
e4:ba:3a:6f:ad:ee:75:b0:78:10:fd:97:d2:1b:47:1b:e2:65:
fc:24:bd:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gzq/vHNiROjDe6spBM4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMjQyMzUzNmU1MWY5NGZhYmZjNTBhY2Y5NDRkNzk4YWFj
ZjQwM2YwHhcNMjYwMTAyMTYyMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc3NjBhN2NjZTA5ODZlYzk2MmNmZTRkZmJiNmU2OGRiNzQ5NWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEqbvEd51MUu3lER+M1O5U1hun8Z
Cu6ih73TG7an9O9zREEBUkL1IBiEOv0i6VRQ1IdBCMg177MP+tIGx4id39Z8GZo4
AbO9oDPzNkDACvCuHvJ5ZVLTVITEZSLHX6oCrng8kCyuFVor30JiSk8Xknoy9ele
Gtmy4wtSydmqp6mNuAACZZJnFwGYbMxfUFS+gupxs2dlWpgRHBPrre60seTo6L0M
9Apqy6N7rtyNxbJcLzuqvcyVUimsSafEPMvRgpEdCHwhCp/vxaS12+oi1Bw4LArj
1xZ8ee7TaZw2POF6y88GPtFwEOPaWIWnsRmWEzhPRTkvXN7RAg4AJpi2EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIV3YKfM4JhuyWLP5N+7bmjbdJWsMB8GA1UdIwQY
MBaAFGEkI1NuUflPq/xQrPlE15iqz0A/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWIt
N2IwNGQzNTk3Mzc4LzEvaFhkZ3A4emdtRzdKWXNfazM3dHVhTnQwbGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWItN2IwNGQzNTk3Mzc4
LzEvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSWTMA0G
CSqGSIb3DQEBCwUAA4IBAQCAY0KKWEJgebrP9sQI+oTxw7fe1+QLb7YASprF9veh
nSVgVAovbwjffI6Iq2Wxb+RpL739LdymfFP+pq7Kuv2PSETAeLEmbcggPfQxqavA
bnGyksEmx2kUA1QnXbBOdjodcv5RUMLVmVQXBetLpWpMstVz0tp6CwgPoZrRrGcK
kFtPk8C2EN43cmJSmHosSgn/WJYDXiHDshR5r4nnDW20qcyZiuDlD7VzE3JJjBLd
3FXjxMWMXSHmjLQxsdh1G2+zvslqZLXakNoQmuwVBylBIn9EzYgpY3uHqj1XuJ5L
8BRlDDRsQxAE8AXkujpvre51sHgQ/ZfSG0cb4mX8JL1F
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:25:40 2026 by rpki-client