Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/hvRhuS7UdwiN-bqkZM01GqNPwsc.roa
File: hvRhuS7UdwiN-bqkZM01GqNPwsc.roa (raw, json)
Hash identifier: 2Dz+wS7Q0ZwRnrr5BmP3fM2iHAZ/irPyOUJZmKoQHhI=
Subject key identifier: 86:F4:61:B9:2E:D4:77:08:8D:F9:BA:A4:64:CD:35:1A:A3:4F:C2:C7
Certificate issuer: /CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Certificate serial: 019B7F83ADA08049635E91F6FBD35DBF2FC4
Authority key identifier: 78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/hvRhuS7UdwiN-bqkZM01GqNPwsc.roa
Signing time: Fri 02 Jan 2026 16:21:34 +0000
ROA not before: Fri 02 Jan 2026 16:21:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59702
IP address blocks: 31.31.160.0/21 maxlen: 21
31.31.161.0/24 maxlen: 24
31.31.163.0/24 maxlen: 24
31.31.164.0/24 maxlen: 24
31.31.165.0/24 maxlen: 24
31.31.166.0/24 maxlen: 24
31.31.167.0/24 maxlen: 24
81.25.144.0/20 maxlen: 20
146.66.232.0/21 maxlen: 21
172.103.88.0/21 maxlen: 21
185.16.200.0/22 maxlen: 22
185.47.192.0/22 maxlen: 22
185.47.192.0/24 maxlen: 24
185.47.193.0/24 maxlen: 24
185.47.194.0/24 maxlen: 24
185.80.216.0/22 maxlen: 22
194.37.249.0/24 maxlen: 24
195.42.104.0/23 maxlen: 23
207.189.192.0/20 maxlen: 20
213.244.240.0/21 maxlen: 21
216.158.96.0/20 maxlen: 20
2a03:780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/eIEejjbiIoC7L2Wn0sYDTs-GcWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/eIEejjbiIoC7L2Wn0sYDTs-GcWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:ad:a0:80:49:63:5e:91:f6:fb:d3:5d:bf:2f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Validity
Not Before: Jan 2 16:21:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86f461b92ed477088df9baa464cd351aa34fc2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8e:78:cf:b9:6d:bb:08:9e:5c:08:46:ca:20:
f3:1a:a2:f6:84:69:ca:03:dd:74:6c:a1:53:c5:99:
e7:8f:35:2e:2d:97:4e:ef:8e:cc:26:88:74:01:df:
d9:35:0d:81:b2:d6:b7:db:ec:9b:58:93:62:54:fe:
6c:13:40:1d:94:ee:86:8a:27:48:ad:67:a7:85:aa:
69:2a:ec:c1:5b:48:df:96:26:95:d2:02:fc:37:c4:
90:a1:aa:63:15:f7:91:a3:7d:00:fa:d2:ab:89:53:
7e:80:29:69:eb:1c:47:04:b9:02:cf:77:b5:01:ec:
47:89:76:07:d4:e7:2e:85:01:4f:7f:ba:2c:15:eb:
65:3b:a9:96:5a:b9:54:fd:68:a5:c8:2a:ca:57:8b:
7b:27:3e:f5:8f:6b:38:9b:1c:d2:0f:70:b8:4e:2d:
a4:45:b5:72:f0:33:83:06:87:5b:64:28:f9:7f:cd:
4f:e2:4a:83:2d:65:6c:8f:1b:58:6f:fc:1a:51:e7:
8b:88:39:45:47:9b:90:0d:f2:b9:77:8a:27:e0:3a:
24:91:a7:1b:f7:9f:a5:63:a0:1c:2e:44:80:fd:2a:
32:75:d7:1d:bf:f6:b4:d6:cb:f4:26:22:14:cf:43:
14:db:3e:7e:d7:f2:2a:62:56:e6:25:07:5a:8c:b3:
52:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F4:61:B9:2E:D4:77:08:8D:F9:BA:A4:64:CD:35:1A:A3:4F:C2:C7
X509v3 Authority Key Identifier:
keyid:78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/hvRhuS7UdwiN-bqkZM01GqNPwsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/eIEejjbiIoC7L2Wn0sYDTs-GcWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.160.0/21
81.25.144.0/20
146.66.232.0/21
172.103.88.0/21
185.16.200.0/22
185.47.192.0/22
185.80.216.0/22
194.37.249.0/24
195.42.104.0/23
207.189.192.0/20
213.244.240.0/21
216.158.96.0/20
IPv6:
2a03:780::/32
Signature Algorithm: sha256WithRSAEncryption
36:03:76:8a:e0:37:5c:91:ba:01:2c:b8:4f:cd:50:c2:8d:a0:
aa:63:02:74:0d:cc:1e:38:1b:ba:47:3c:f0:d5:4e:20:0e:43:
dd:74:96:50:3a:bf:1b:86:0b:92:78:8e:3a:56:fb:37:f0:4d:
27:ef:83:cc:e0:56:8b:20:2f:35:b4:83:32:8e:d5:bb:7c:13:
82:18:23:bf:59:c0:4f:a4:2a:95:ef:15:aa:63:c1:c8:b8:c8:
7d:df:b1:e1:6b:a3:e1:8a:f5:61:d8:1a:2c:5a:85:79:5c:27:
ef:8d:85:49:c8:90:de:7e:37:d0:df:95:47:71:07:ff:d2:30:
61:0a:aa:2d:0c:74:d7:94:95:d8:b3:44:d8:eb:cf:0d:fc:85:
99:33:d1:3b:b2:cd:6e:49:bb:60:3a:7d:df:71:9b:e7:b4:78:
f7:9f:16:8f:ec:bd:c2:95:ea:f1:50:47:d2:9b:7e:10:d8:77:
8d:0f:26:c7:96:43:15:ba:e2:6a:48:49:4f:e6:36:5b:f9:26:
5c:ff:48:ea:76:1c:24:2d:45:1e:67:33:de:6f:69:88:aa:11:
e2:d9:07:85:ed:50:f6:f1:ba:e0:f4:fe:b7:bc:c9:ed:6f:20:
67:ef:4d:a8:4a:0f:02:8a:89:57:6b:8c:87:51:a2:d9:ca:b5:
a5:6c:4f:ee
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZt/g62ggEljXpH2+9Ndvy/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ODExZThlMzZlMjIyODBiYjJmNjVhN2QyYzYwMzRlY2Y4
NjcxNmMwHhcNMjYwMTAyMTYyMTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY0NjFiOTJlZDQ3NzA4OGRmOWJhYTQ2NGNkMzUxYWEzNGZjMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5454z7ltuwieXAhGyiDzGqL2hGnK
A910bKFTxZnnjzUuLZdO747MJoh0Ad/ZNQ2Bsta32+ybWJNiVP5sE0AdlO6GiidI
rWenhappKuzBW0jfliaV0gL8N8SQoapjFfeRo30A+tKriVN+gClp6xxHBLkCz3e1
AexHiXYH1OcuhQFPf7osFetlO6mWWrlU/WilyCrKV4t7Jz71j2s4mxzSD3C4Ti2k
RbVy8DODBodbZCj5f81P4kqDLWVsjxtYb/waUeeLiDlFR5uQDfK5d4on4Dokkacb
95+lY6AcLkSA/Soyddcdv/a01sv0JiIUz0MU2z5+1/IqYlbmJQdajLNSBwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFIb0Ybku1HcIjfm6pGTNNRqjT8LHMB8GA1UdIwQY
MBaAFHiBHo424iKAuy9lp9LGA07PhnFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUlFZWpqYmlJb0M3TDJXbjBzWURUcy1HY1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xNzEyNTEtNmE3NS00ZTllLWFjZjAt
ODI1ZTVhMDYxZGY5LzEvaHZSaHVTN1Vkd2lOLWJxa1pNMDFHcU5Qd3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xNzEyNTEtNmE3NS00ZTllLWFjZjAtODI1ZTVhMDYxZGY5
LzEvZUlFZWpqYmlJb0M3TDJXbjBzWURUcy1HY1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHx+gAwQE
URmQAwQDkkLoAwQDrGdYAwQCuRDIAwQCuS/AAwQCuVDYAwQAwiX5AwQBwypoAwQE
z73AAwQD1fTwAwQE2J5gMA0EAgACMAcDBQAqAweAMA0GCSqGSIb3DQEBCwUAA4IB
AQA2A3aK4DdckboBLLhPzVDCjaCqYwJ0DcweOBu6Rzzw1U4gDkPddJZQOr8bhguS
eI46Vvs38E0n74PM4FaLIC81tIMyjtW7fBOCGCO/WcBPpCqV7xWqY8HIuMh937Hh
a6PhivVh2BosWoV5XCfvjYVJyJDefjfQ35VHcQf/0jBhCqotDHTXlJXYs0TY688N
/IWZM9E7ss1uSbtgOn3fcZvntHj3nxaP7L3ClerxUEfSm34Q2HeNDybHlkMVuuJq
SElP5jZb+SZc/0jqdhwkLUUeZzPeb2mIqhHi2QeF7VD28brg9P63vMntbyBn702o
Sg8CiolXa4yHUaLZyrWlbE/u
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:01:48 2026 by rpki-client