Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/aaHpIpUNJCPLemmyB6IfQXXyPEE.roa
File: aaHpIpUNJCPLemmyB6IfQXXyPEE.roa (raw, json)
Hash identifier: OldkvNHI3e3Xq22g7tLXVjk3zVZxwtRnCQyVA3M2gx8=
Subject key identifier: 69:A1:E9:22:95:0D:24:23:CB:7A:69:B2:07:A2:1F:41:75:F2:3C:41
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 019C9EE841089DB8415E87CCA782AA969F16
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/aaHpIpUNJCPLemmyB6IfQXXyPEE.roa
Signing time: Fri 27 Feb 2026 11:42:26 +0000
ROA not before: Fri 27 Feb 2026 11:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 185.58.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:e8:41:08:9d:b8:41:5e:87:cc:a7:82:aa:96:9f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Feb 27 11:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69a1e922950d2423cb7a69b207a21f4175f23c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:93:ef:dd:85:29:15:34:86:76:7f:24:c5:70:
d7:7d:cf:9e:d5:3c:97:f1:78:d5:d2:d9:e7:7b:c7:
31:17:78:e6:55:b8:49:59:28:c2:29:f0:5c:24:4d:
ef:27:c2:26:dd:f0:fa:08:29:44:5a:19:63:3a:ff:
55:93:51:76:11:c3:5d:d1:25:59:74:fd:33:c0:38:
f0:e6:2f:98:2d:bc:17:27:c1:51:7e:ac:09:5d:c8:
8a:67:22:bb:62:5d:34:f6:29:ea:e1:27:7f:6c:3e:
8d:23:0a:24:e4:b4:1d:06:fc:05:56:2d:65:f5:0e:
90:d6:dc:f2:9d:45:84:e0:e8:a9:36:bc:20:eb:4a:
98:86:36:0f:5e:f3:8d:c3:74:9a:cc:93:97:f3:e9:
2d:1c:b4:3f:47:a3:cd:70:80:07:be:12:69:c9:29:
6c:b6:72:b0:80:72:eb:c2:99:70:10:55:f7:ed:8a:
c3:f4:bd:7e:24:a4:a3:d9:da:67:a2:1f:33:f6:e2:
2b:20:10:7e:d3:53:9d:65:f4:6e:ae:15:5d:2f:17:
92:ac:87:aa:9e:a6:03:1e:c5:d4:6a:9c:7b:57:39:
ac:4c:b1:31:38:cf:ed:04:86:c0:e3:0b:da:79:e2:
c1:16:dd:d7:25:17:e4:0b:c7:a4:ed:7e:5e:4c:bd:
93:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A1:E9:22:95:0D:24:23:CB:7A:69:B2:07:A2:1F:41:75:F2:3C:41
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/aaHpIpUNJCPLemmyB6IfQXXyPEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.23.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:13:12:69:28:1e:aa:20:b4:f2:a2:9b:f1:2e:04:9f:5c:aa:
70:db:22:69:aa:f4:24:90:d3:8b:59:f7:18:4c:93:8e:9a:1d:
3e:c0:cf:18:e1:53:d0:e0:9b:be:36:54:12:d2:0c:a8:5d:c7:
1d:ae:e2:e2:2e:45:5a:c3:3c:19:40:d7:20:da:69:4b:ac:89:
97:9b:ba:8d:43:d0:c0:df:77:8a:6c:5c:d1:b7:f6:f7:72:db:
8d:de:ba:d8:85:d6:13:d2:9c:76:a3:21:45:c5:77:b9:86:bd:
fa:46:ae:94:04:ac:f8:4a:ef:e9:b1:7d:cc:6d:09:fc:b0:09:
40:da:a9:05:10:d4:8c:07:f8:ed:cd:3c:59:a8:03:c6:d5:86:
11:1d:a6:d0:4f:54:2f:cf:1e:1c:d9:24:82:09:66:3d:d1:ac:
0b:a7:d9:22:cc:02:84:f9:b3:e4:02:1f:05:e2:02:65:4f:e9:
bb:06:9a:95:c8:ff:56:20:47:83:7a:87:c3:8d:91:b8:d0:f3:
f5:56:ed:3b:07:49:86:70:6a:4a:f2:88:08:b2:42:a3:10:7e:
57:0b:67:55:b2:85:ab:3f:c1:4d:d1:01:41:3a:8b:8b:e3:9a:
ee:69:53:e1:1d:f5:a5:39:39:e3:f0:01:0d:05:5f:7e:f6:ca:
5a:89:29:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZye6EEInbhBXofMp4Kqlp8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjYwMjI3MTE0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWExZTkyMjk1MGQyNDIzY2I3YTY5YjIwN2EyMWY0MTc1ZjIzYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZPv3YUpFTSGdn8kxXDXfc+e1TyX
8XjV0tnne8cxF3jmVbhJWSjCKfBcJE3vJ8Im3fD6CClEWhljOv9Vk1F2EcNd0SVZ
dP0zwDjw5i+YLbwXJ8FRfqwJXciKZyK7Yl009inq4Sd/bD6NIwok5LQdBvwFVi1l
9Q6Q1tzynUWE4OipNrwg60qYhjYPXvONw3SazJOX8+ktHLQ/R6PNcIAHvhJpySls
tnKwgHLrwplwEFX37YrD9L1+JKSj2dpnoh8z9uIrIBB+01OdZfRurhVdLxeSrIeq
nqYDHsXUapx7VzmsTLExOM/tBIbA4wvaeeLBFt3XJRfkC8ek7X5eTL2TAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmh6SKVDSQjy3ppsgeiH0F18jxBMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvYWFIcElwVU5KQ1BMZW1teUI2SWZRWFh5UEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuToXMA0G
CSqGSIb3DQEBCwUAA4IBAQBbExJpKB6qILTyopvxLgSfXKpw2yJpqvQkkNOLWfcY
TJOOmh0+wM8Y4VPQ4Ju+NlQS0gyoXccdruLiLkVawzwZQNcg2mlLrImXm7qNQ9DA
33eKbFzRt/b3ctuN3rrYhdYT0px2oyFFxXe5hr36Rq6UBKz4Su/psX3MbQn8sAlA
2qkFENSMB/jtzTxZqAPG1YYRHabQT1Qvzx4c2SSCCWY90awLp9kizAKE+bPkAh8F
4gJlT+m7BpqVyP9WIEeDeofDjZG40PP1Vu07B0mGcGpK8ogIskKjEH5XC2dVsoWr
P8FN0QFBOouL45ruaVPhHfWlOTnj8AENBV9+9spaiSkt
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:58:52 2026 by rpki-client