Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HyYIQlysdxbEjMCMjTsZDnQh6eA.roa
File: HyYIQlysdxbEjMCMjTsZDnQh6eA.roa (raw, json)
Hash identifier: g3hpyf9/HAqIKib0Sw0ECcCcqaYC2Rz7TpU4xEiIjbs=
Subject key identifier: 1F:26:08:42:5C:AC:77:16:C4:8C:C0:8C:8D:3B:19:0E:74:21:E9:E0
Certificate issuer: /CN=b2735983dfb227a246df98876ec9d1af91f3d779
Certificate serial: 019B7758DEE558BB0422E22D8D6DFC045589
Authority key identifier: B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HyYIQlysdxbEjMCMjTsZDnQh6eA.roa
Signing time: Thu 01 Jan 2026 02:17:51 +0000
ROA not before: Thu 01 Jan 2026 02:17:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197581
IP address blocks: 46.235.232.0/21 maxlen: 21
46.235.232.0/24 maxlen: 24
46.235.233.0/24 maxlen: 24
46.235.234.0/24 maxlen: 24
46.235.235.0/24 maxlen: 24
46.235.236.0/24 maxlen: 24
46.235.237.0/24 maxlen: 24
46.235.238.0/24 maxlen: 24
46.235.239.0/24 maxlen: 24
2a00:5ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.mft
rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:de:e5:58:bb:04:22:e2:2d:8d:6d:fc:04:55:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2735983dfb227a246df98876ec9d1af91f3d779
Validity
Not Before: Jan 1 02:17:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f2608425cac7716c48cc08c8d3b190e7421e9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0c:72:ce:49:8b:76:57:9c:ea:43:e2:90:fb:
20:e6:55:2f:c0:bd:0e:c0:4a:1e:d9:a8:20:30:11:
8f:ee:8d:7e:0d:26:82:51:67:85:f2:6e:7b:5a:ea:
09:98:45:5a:5c:50:1b:e5:ee:d4:d3:dd:85:d6:ae:
58:f2:13:68:ba:94:7a:d8:7e:be:93:de:3d:3b:62:
64:2f:89:4c:00:cc:77:a7:be:3c:8b:23:ae:81:22:
1c:3d:c7:d4:c7:42:05:c7:d2:60:b3:6e:31:a8:34:
ee:db:6e:23:59:ba:d2:f9:b3:58:6f:e5:da:29:1a:
56:b8:d6:01:04:23:c4:b3:9a:02:0d:76:52:39:bf:
bc:49:7d:94:b2:45:51:15:fa:ee:d1:e4:e2:87:ce:
7e:2e:bf:eb:17:62:81:26:d1:35:31:02:c1:1f:b6:
79:54:29:be:5f:af:86:28:6e:44:78:a5:66:bb:c9:
d3:69:aa:93:9d:46:8e:81:d0:b9:1e:02:8b:0c:fb:
92:d4:cd:0b:6f:35:64:6a:a1:62:e5:c4:38:52:a0:
81:95:c4:f7:71:5f:1d:c4:0d:a4:e3:a0:ea:e4:d7:
9e:83:0b:0f:ce:30:5d:c4:47:fe:ce:1c:31:3d:41:
9c:56:cc:b3:5d:09:68:f8:c8:9c:82:c9:2c:22:b5:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:08:42:5C:AC:77:16:C4:8C:C0:8C:8D:3B:19:0E:74:21:E9:E0
X509v3 Authority Key Identifier:
keyid:B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HyYIQlysdxbEjMCMjTsZDnQh6eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.232.0/21
IPv6:
2a00:5ec0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:8e:21:7c:11:eb:da:22:ba:9f:98:e8:2d:b1:2d:25:9a:32:
11:be:8f:43:23:39:d0:2c:94:2c:1b:d6:71:df:cb:78:01:17:
96:f9:99:66:7b:ff:3c:8f:8e:3a:39:09:68:85:38:ff:97:fa:
73:b3:92:39:57:c2:15:8a:82:1f:8c:7a:3d:0f:ce:1a:95:41:
d7:0e:bf:51:58:d4:b4:75:2c:01:c4:e9:1b:f3:70:f8:5a:b7:
72:6a:27:d6:a0:f8:61:f4:b9:b6:bf:51:72:5b:38:9f:ef:d0:
0f:fc:32:34:78:30:7d:2e:f5:04:80:f9:62:f1:3c:41:62:26:
6b:24:5e:00:e1:40:f7:bf:16:b8:3a:69:5b:9a:0c:16:1c:fc:
ad:26:1e:97:49:29:30:f5:cf:87:1d:53:b9:d3:f7:31:00:e8:
f2:ca:20:ae:e9:3e:1e:f7:57:aa:55:e9:59:81:10:74:66:cf:
69:f6:44:0f:7f:5f:0c:61:18:f1:e9:46:aa:0c:b5:81:ca:2e:
96:61:ea:b2:11:24:65:fc:c9:47:dd:20:25:63:df:f2:45:69:
60:f8:75:aa:77:52:1b:ea:25:b1:eb:c2:1f:72:92:07:69:bf:
a5:9f:13:27:e6:7d:b1:1b:31:0c:af:49:81:32:02:0f:da:1f:
96:ee:47:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt3WN7lWLsEIuItjW38BFWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzM1OTgzZGZiMjI3YTI0NmRmOTg4NzZlYzlkMWFmOTFm
M2Q3NzkwHhcNMjYwMTAxMDIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2MDg0MjVjYWM3NzE2YzQ4Y2MwOGM4ZDNiMTkwZTc0MjFlOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gxyzkmLdlec6kPikPsg5lUvwL0O
wEoe2aggMBGP7o1+DSaCUWeF8m57WuoJmEVaXFAb5e7U092F1q5Y8hNoupR62H6+
k949O2JkL4lMAMx3p748iyOugSIcPcfUx0IFx9Jgs24xqDTu224jWbrS+bNYb+Xa
KRpWuNYBBCPEs5oCDXZSOb+8SX2UskVRFfru0eTih85+Lr/rF2KBJtE1MQLBH7Z5
VCm+X6+GKG5EeKVmu8nTaaqTnUaOgdC5HgKLDPuS1M0LbzVkaqFi5cQ4UqCBlcT3
cV8dxA2k46Dq5NeegwsPzjBdxEf+zhwxPUGcVsyzXQlo+MicgsksIrWC1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8mCEJcrHcWxIzAjI07GQ50IengMB8GA1UdIwQY
MBaAFLJzWYPfsieiRt+Yh27J0a+R89d5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUt
ZWM1YjMyNWM2ZWIyLzEvSHlZSVFseXNkeGJFak1DTWpUc1pEblFoNmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUtZWM1YjMyNWM2ZWIy
LzEvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuvoMA0E
AgACMAcDBQAqAF7AMA0GCSqGSIb3DQEBCwUAA4IBAQCKjiF8EevaIrqfmOgtsS0l
mjIRvo9DIznQLJQsG9Zx38t4AReW+Zlme/88j446OQlohTj/l/pzs5I5V8IVioIf
jHo9D84alUHXDr9RWNS0dSwBxOkb83D4WrdyaifWoPhh9Lm2v1FyWzif79AP/DI0
eDB9LvUEgPli8TxBYiZrJF4A4UD3vxa4OmlbmgwWHPytJh6XSSkw9c+HHVO50/cx
AOjyyiCu6T4e91eqVelZgRB0Zs9p9kQPf18MYRjx6UaqDLWByi6WYeqyESRl/MlH
3SAlY9/yRWlg+HWqd1Ib6iWx68IfcpIHab+lnxMn5n2xGzEMr0mBMgIP2h+W7kcA
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:30:55 2026 by rpki-client