Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/HTGpA29r_p96fZCnIs8rHPCaAWg.roa
File: HTGpA29r_p96fZCnIs8rHPCaAWg.roa (raw, json)
Hash identifier: 0NEOZclYkdeZ3p/EmP0YoypOQ8XIb7jGpt4K1aPjz6Q=
Subject key identifier: 1D:31:A9:03:6F:6B:FE:9F:7A:7D:90:A7:22:CF:2B:1C:F0:9A:01:68
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 019B7EA72D2D0505A36DB915DBDB8667CC9E
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/HTGpA29r_p96fZCnIs8rHPCaAWg.roa
Signing time: Fri 02 Jan 2026 12:20:43 +0000
ROA not before: Fri 02 Jan 2026 12:20:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48239
IP address blocks: 91.209.51.0/24 maxlen: 24
185.191.176.0/22 maxlen: 22
212.90.32.0/19 maxlen: 19
212.90.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a7:2d:2d:05:05:a3:6d:b9:15:db:db:86:67:cc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Jan 2 12:20:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d31a9036f6bfe9f7a7d90a722cf2b1cf09a0168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7c:64:6a:c0:09:bb:0d:8e:f4:92:06:bc:f5:
8f:62:2e:90:17:38:32:c2:84:e9:f8:24:c0:d1:ae:
0c:25:9e:45:5e:a1:0a:7b:40:4a:21:65:59:47:74:
89:39:d8:32:df:93:b2:03:13:ad:1b:c9:28:b3:79:
e6:28:94:b1:35:53:d1:ed:26:20:7e:4c:43:fd:ed:
bb:ec:65:3f:07:0a:a7:6d:d3:0b:2f:77:68:09:0f:
ec:d8:37:b7:92:12:e4:20:05:90:b5:ea:9b:1b:e2:
f7:a6:7a:78:0b:16:ff:7f:1e:ee:2b:a8:20:b6:c7:
5c:90:51:bf:01:12:13:df:cf:97:34:f2:28:2f:a5:
ac:43:6d:90:6d:8b:a5:40:85:80:83:c0:1f:e8:f6:
2d:93:c4:bc:95:01:e0:75:b2:be:f9:00:5d:0a:97:
62:1d:5a:97:5d:8e:fb:54:fc:78:5e:b4:f9:d6:5a:
6d:73:97:2c:95:a4:35:7b:4b:b6:a9:0a:1a:e9:76:
e7:52:7a:aa:19:f7:e9:3b:35:a4:b0:bf:36:1d:27:
06:59:69:24:56:2c:4f:9c:b9:47:77:9f:06:b7:3d:
12:78:b5:61:13:98:6c:7e:fc:3d:c5:4e:a4:a4:97:
1d:4e:05:9c:4c:73:e8:d7:cb:4c:d2:79:a8:d1:eb:
21:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:31:A9:03:6F:6B:FE:9F:7A:7D:90:A7:22:CF:2B:1C:F0:9A:01:68
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/HTGpA29r_p96fZCnIs8rHPCaAWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.51.0/24
185.191.176.0/22
212.90.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:4b:e7:01:63:07:3e:69:7d:05:8b:92:47:53:0f:1d:46:8b:
2e:7e:3d:0e:36:7d:49:fd:f9:33:0f:cb:b7:c4:2b:a1:70:1e:
08:f4:31:4f:da:3e:32:73:6e:66:fb:f0:cc:48:58:16:10:c1:
67:5a:66:9e:1c:60:9e:18:2a:1e:d8:bc:80:00:ee:c6:4c:85:
f1:af:83:de:ef:60:6d:8c:da:e5:ff:43:f2:72:0a:c0:65:68:
64:e8:fb:a7:b2:7f:14:73:03:69:ab:7f:1f:25:0f:52:79:e5:
a0:16:02:a1:51:97:17:a0:8a:ec:d8:78:22:18:d2:8a:de:fe:
2d:56:22:fe:60:f4:83:94:59:e4:e2:d4:04:0a:d1:48:00:ba:
cc:6a:da:54:37:14:5f:37:58:0a:a4:15:bd:ae:a4:14:a7:4b:
4d:0a:79:2c:fa:07:36:af:5b:7d:6a:08:e3:70:33:84:b4:f3:
ab:72:3b:8b:44:1e:05:6f:ac:83:af:74:f5:00:8a:92:6a:1e:
d6:41:64:2b:db:28:c6:f6:69:c8:e8:9b:e8:14:a1:1e:5e:99:
93:d9:1a:88:28:66:42:ac:ca:fd:e6:aa:f5:1d:a3:ee:f9:55:
99:d3:9a:22:b7:be:e5:e0:fd:d9:12:e5:44:1a:7a:ad:17:f7:
52:b0:e9:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt+py0tBQWjbbkV29uGZ8yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjYwMTAyMTIyMDQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMxYTkwMzZmNmJmZTlmN2E3ZDkwYTcyMmNmMmIxY2YwOWEwMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nxkasAJuw2O9JIGvPWPYi6QFzgy
woTp+CTA0a4MJZ5FXqEKe0BKIWVZR3SJOdgy35OyAxOtG8kos3nmKJSxNVPR7SYg
fkxD/e277GU/BwqnbdMLL3doCQ/s2De3khLkIAWQteqbG+L3pnp4Cxb/fx7uK6gg
tsdckFG/ARIT38+XNPIoL6WsQ22QbYulQIWAg8Af6PYtk8S8lQHgdbK++QBdCpdi
HVqXXY77VPx4XrT51lptc5cslaQ1e0u2qQoa6XbnUnqqGffpOzWksL82HScGWWkk
VixPnLlHd58Gtz0SeLVhE5hsfvw9xU6kpJcdTgWcTHPo18tM0nmo0eshAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB0xqQNva/6fen2QpyLPKxzwmgFoMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvSFRHcEEyOXJfcDk2ZlpDbklzOHJIUENhQVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EzAwQC
ub+wAwQF1FogMA0GCSqGSIb3DQEBCwUAA4IBAQCoS+cBYwc+aX0Fi5JHUw8dRosu
fj0ONn1J/fkzD8u3xCuhcB4I9DFP2j4yc25m+/DMSFgWEMFnWmaeHGCeGCoe2LyA
AO7GTIXxr4Pe72BtjNrl/0PycgrAZWhk6Punsn8UcwNpq38fJQ9SeeWgFgKhUZcX
oIrs2HgiGNKK3v4tViL+YPSDlFnk4tQECtFIALrMatpUNxRfN1gKpBW9rqQUp0tN
Cnks+gc2r1t9agjjcDOEtPOrcjuLRB4Fb6yDr3T1AIqSah7WQWQr2yjG9mnI6Jvo
FKEeXpmT2RqIKGZCrMr95qr1HaPu+VWZ05oit77l4P3ZEuVEGnqtF/dSsOlS
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:05:09 2026 by rpki-client