Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/huzRRdVqCPg8Fnb-gO89NUhOd8s.roa
File: huzRRdVqCPg8Fnb-gO89NUhOd8s.roa (raw, json)
Hash identifier: kTmMBo7ynuyXV7K1e28S/Iv7hnEZXH2WxQ2xB2XUlxc=
Subject key identifier: 86:EC:D1:45:D5:6A:08:F8:3C:16:76:FE:80:EF:3D:35:48:4E:77:CB
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019D52AEE188B2DED8CFBEC055F9CCA3DB94
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/huzRRdVqCPg8Fnb-gO89NUhOd8s.roa
Signing time: Fri 03 Apr 2026 09:31:25 +0000
ROA not before: Fri 03 Apr 2026 09:31:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213832
IP address blocks: 2a0f:e3c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:ae:e1:88:b2:de:d8:cf:be:c0:55:f9:cc:a3:db:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Apr 3 09:31:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86ecd145d56a08f83c1676fe80ef3d35484e77cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:11:2e:c6:c3:74:52:05:cd:c1:af:a9:57:
9b:97:e5:56:58:1f:fe:66:38:20:54:ae:2e:72:23:
86:8c:14:88:28:e5:9d:e9:22:3f:b5:39:59:f5:77:
26:ef:4c:39:7e:52:44:05:f7:3b:62:b0:4a:d1:cc:
15:b2:9c:61:ed:41:f9:64:75:5e:02:e7:cd:b7:d5:
0c:2e:0b:bf:f6:dd:e2:f1:ed:5a:be:36:fb:81:c7:
22:9a:3c:fa:0f:f8:9c:56:48:58:cb:a5:8a:09:6c:
03:11:d0:18:e1:78:ca:cd:7d:40:10:e5:e4:45:b5:
22:12:b2:1b:9c:d3:d2:78:aa:5a:92:ca:85:34:bc:
b2:e0:2f:d9:cd:98:74:90:21:1c:83:62:14:2a:47:
f5:89:3c:78:a6:16:f5:88:fa:20:33:d7:41:33:eb:
1b:60:fe:de:3b:ef:47:e6:1b:53:5f:9d:62:ad:d2:
cf:2c:2a:7f:ab:03:db:0d:3d:5d:d8:4f:2e:8c:ad:
57:d0:f4:04:ac:e7:14:06:8f:3f:1e:24:32:8a:31:
a6:ae:2f:79:5c:f6:aa:d5:8f:e1:aa:f4:ab:77:be:
49:2f:e7:68:dc:89:d5:71:25:fb:1d:f2:00:cc:e7:
01:8f:08:e1:57:27:1d:da:47:0b:e4:79:fe:d5:8b:
b5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EC:D1:45:D5:6A:08:F8:3C:16:76:FE:80:EF:3D:35:48:4E:77:CB
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/huzRRdVqCPg8Fnb-gO89NUhOd8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:da:c4:ac:9b:8d:13:cc:cb:19:ca:1a:b7:92:c5:32:ff:60:
f5:6c:78:d8:19:4d:eb:cb:fe:cc:5f:a7:a2:7d:7b:22:f6:2f:
c1:77:37:b0:c8:7b:05:07:46:34:65:5b:ae:5c:d1:66:cf:ff:
59:56:d9:77:e8:ab:01:ae:2e:df:48:8a:6d:be:f7:16:e9:a3:
82:0b:10:5a:d6:4e:56:2a:93:ba:2c:2f:a0:4a:f2:49:65:70:
9e:45:1f:23:66:10:16:22:90:19:33:35:22:44:31:42:08:d5:
58:3a:2d:a0:b8:2b:4c:55:2e:e6:d2:6d:22:48:a9:4e:24:f1:
f7:fd:4e:60:20:5b:40:a5:46:29:54:d3:43:20:49:d8:29:fd:
86:76:6a:e2:93:f5:ff:9c:7e:53:1c:9a:ac:a6:b5:da:3d:7d:
26:e6:81:a6:e8:0e:12:4b:d3:89:20:21:46:e6:ca:56:74:bf:
30:7f:76:37:ba:28:5e:c3:56:15:dc:38:cc:69:0b:99:d2:13:
be:ea:75:98:71:b3:c7:ae:4f:e7:3d:28:91:51:c1:99:5a:9c:
e6:9c:60:05:21:aa:a8:fb:51:fb:d2:98:64:44:81:6a:86:19:
72:53:8a:17:59:71:60:93:3c:e6:86:31:63:75:9e:f8:69:49:
c7:25:e4:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ1SruGIst7Yz77AVfnMo9uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjYwNDAzMDkzMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVjZDE0NWQ1NmEwOGY4M2MxNjc2ZmU4MGVmM2QzNTQ4NGU3N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFoRLsbDdFIFzcGvqVebl+VWWB/+
ZjggVK4uciOGjBSIKOWd6SI/tTlZ9Xcm70w5flJEBfc7YrBK0cwVspxh7UH5ZHVe
AufNt9UMLgu/9t3i8e1avjb7gccimjz6D/icVkhYy6WKCWwDEdAY4XjKzX1AEOXk
RbUiErIbnNPSeKpaksqFNLyy4C/ZzZh0kCEcg2IUKkf1iTx4phb1iPogM9dBM+sb
YP7eO+9H5htTX51irdLPLCp/qwPbDT1d2E8ujK1X0PQErOcUBo8/HiQyijGmri95
XPaq1Y/hqvSrd75JL+do3InVcSX7HfIAzOcBjwjhVycd2kcL5Hn+1Yu15wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIbs0UXVagj4PBZ2/oDvPTVITnfLMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvaHV6UlJkVnFDUGc4Rm5iLWdPODlOVWhPZDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/jwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHdrErJuNE8zLGcoat5LFMv9g9Wx42BlN68v+zF+n
on17IvYvwXc3sMh7BQdGNGVbrlzRZs//WVbZd+irAa4u30iKbb73FumjggsQWtZO
ViqTuiwvoErySWVwnkUfI2YQFiKQGTM1IkQxQgjVWDotoLgrTFUu5tJtIkipTiTx
9/1OYCBbQKVGKVTTQyBJ2Cn9hnZq4pP1/5x+UxyarKa12j19JuaBpugOEkvTiSAh
RubKVnS/MH92N7ooXsNWFdw4zGkLmdITvup1mHGzx65P5z0okVHBmVqc5pxgBSGq
qPtR+9KYZESBaoYZclOKF1lxYJM85oYxY3We+GlJxyXkiQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:20:33 2026 by rpki-client