Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HPvMvi69SRHvSgq5Hkf0hKD-wLE.roa
File: HPvMvi69SRHvSgq5Hkf0hKD-wLE.roa (raw, json)
Hash identifier: DeAAaJSbHXhAWtEwopLCLds0m0AzZXRhzc4Idcu9Thw=
Subject key identifier: 1C:FB:CC:BE:2E:BD:49:11:EF:4A:0A:B9:1E:47:F4:84:A0:FE:C0:B1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019C93FD28C4B9EE199080925D6DCEAA6B9F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HPvMvi69SRHvSgq5Hkf0hKD-wLE.roa
Signing time: Wed 25 Feb 2026 08:49:27 +0000
ROA not before: Wed 25 Feb 2026 08:49:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10111
IP address blocks: 2a0f:29c0::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:93:fd:28:c4:b9:ee:19:90:80:92:5d:6d:ce:aa:6b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 25 08:49:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cfbccbe2ebd4911ef4a0ab91e47f484a0fec0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c0:45:da:79:83:8e:09:9a:55:31:00:53:a7:
f2:d3:4b:40:b7:66:5e:3d:d7:14:76:8e:b9:34:19:
30:09:2b:0a:df:e0:fb:a6:50:d6:18:ad:2b:d6:98:
84:b9:14:04:36:f6:17:a4:e1:ef:b7:8a:97:cd:ae:
42:c1:b7:c2:c2:2c:b8:69:81:a6:9a:e7:f7:63:fe:
b1:30:4e:c1:59:16:4f:4e:aa:01:66:a7:1a:ad:93:
f9:41:a5:fa:f5:e4:e0:9a:ab:14:15:5b:74:af:5f:
b2:d3:df:e0:9b:80:16:17:c5:39:87:b9:f9:a4:ee:
f2:9a:3e:45:92:3a:04:ba:4b:f7:31:f2:8f:2c:6b:
89:4d:cb:85:24:5b:d5:43:de:32:c7:c8:b8:5c:6e:
7f:5c:58:c0:c3:c1:e6:62:42:a4:22:34:0a:c6:e1:
8c:df:b4:f3:48:29:61:bf:e9:79:77:8e:e2:4a:94:
2b:9f:b5:fc:ae:d1:91:ce:04:b9:1e:9c:b3:6b:eb:
19:e5:91:5d:f4:97:3d:8b:01:ec:fb:d4:62:d7:7e:
0e:ab:6c:3f:59:91:68:26:62:f8:c0:96:46:c1:30:
99:8c:f5:3b:2d:59:32:4d:c4:02:aa:ab:48:f8:cf:
be:49:14:8f:57:24:f2:ae:6a:c0:1c:7a:02:5e:28:
e1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FB:CC:BE:2E:BD:49:11:EF:4A:0A:B9:1E:47:F4:84:A0:FE:C0:B1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HPvMvi69SRHvSgq5Hkf0hKD-wLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:29c0::/29
2a0f:2f40::/29
2a0f:7280::/29
2a0f:ac00::/29
2a10:37c0::/29
2a10:5200::/29
2a10:6840::/29
Signature Algorithm: sha256WithRSAEncryption
cc:03:ee:92:84:64:16:4f:42:6b:f3:41:f7:35:dc:ba:17:10:
2c:43:14:bf:bc:b8:7d:82:df:d3:90:65:b8:fe:08:ae:4d:3e:
5c:9a:d7:de:57:9c:c5:28:c2:4c:10:d4:d1:83:31:6d:36:2e:
3e:93:f4:ed:80:e9:93:a2:4d:3c:15:9a:d7:db:7d:47:74:6c:
d6:86:bf:76:14:ae:93:6f:fe:23:2a:e0:5a:c2:81:d8:f5:f4:
31:8f:ff:75:2f:11:b6:d1:31:d1:c2:7d:07:50:f3:f0:b2:60:
7c:93:5f:8c:d8:7d:73:5f:66:84:5c:c9:fb:7b:42:31:4d:2a:
0c:66:be:a0:2b:9d:c5:89:3c:d6:23:b7:c0:63:23:20:06:e5:
22:76:11:3b:b3:00:3e:10:d9:97:bc:60:f6:db:3f:52:47:33:
11:13:ae:e7:8a:1d:dc:2b:3b:82:12:bc:a4:8a:49:dd:62:60:
49:48:8a:47:c7:61:7a:92:5d:91:d9:af:e7:48:c4:0a:b1:4b:
90:94:e0:6d:34:32:9a:de:72:d1:b0:a2:78:52:a9:a3:40:a8:
f5:ea:22:b6:7f:b6:b1:49:af:75:ea:df:06:6b:60:ad:77:ae:
0b:a9:48:b3:3a:b8:b0:f1:96:69:06:bf:c5:b4:45:68:6a:90:
42:f7:56:e7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZyT/SjEue4ZkICSXW3OqmufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI1MDg0OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZiY2NiZTJlYmQ0OTExZWY0YTBhYjkxZTQ3ZjQ4NGEwZmVjMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8BF2nmDjgmaVTEAU6fy00tAt2Ze
PdcUdo65NBkwCSsK3+D7plDWGK0r1piEuRQENvYXpOHvt4qXza5CwbfCwiy4aYGm
muf3Y/6xME7BWRZPTqoBZqcarZP5QaX69eTgmqsUFVt0r1+y09/gm4AWF8U5h7n5
pO7ymj5FkjoEukv3MfKPLGuJTcuFJFvVQ94yx8i4XG5/XFjAw8HmYkKkIjQKxuGM
37TzSClhv+l5d47iSpQrn7X8rtGRzgS5Hpyza+sZ5ZFd9Jc9iwHs+9Ri134Oq2w/
WZFoJmL4wJZGwTCZjPU7LVkyTcQCqqtI+M++SRSPVyTyrmrAHHoCXijhUwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBz7zL4uvUkR70oKuR5H9ISg/sCxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSFB2TXZpNjlTUkh2U2dxNUhrZjBoS0Qtd0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg8pwAMF
AyoPL0ADBQMqD3KAAwUDKg+sAAMFAyoQN8ADBQMqEFIAAwUDKhBoQDANBgkqhkiG
9w0BAQsFAAOCAQEAzAPukoRkFk9Ca/NB9zXcuhcQLEMUv7y4fYLf05BluP4Irk0+
XJrX3lecxSjCTBDU0YMxbTYuPpP07YDpk6JNPBWa19t9R3Rs1oa/dhSuk2/+Iyrg
WsKB2PX0MY//dS8RttEx0cJ9B1Dz8LJgfJNfjNh9c19mhFzJ+3tCMU0qDGa+oCud
xYk81iO3wGMjIAblInYRO7MAPhDZl7xg9ts/UkczEROu54od3Cs7ghK8pIpJ3WJg
SUiKR8dhepJdkdmv50jECrFLkJTgbTQymt5y0bCieFKpo0Co9eoitn+2sUmvderf
BmtgrXeuC6lIszq4sPGWaQa/xbRFaGqQQvdW5w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:27:04 2026 by rpki-client