Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/HCRPp5sqGGtIFHlFpCyszLUz01k.roa
File: HCRPp5sqGGtIFHlFpCyszLUz01k.roa (raw, json)
Hash identifier: cvHb6PDwmvy9cnfO0m3z8Rn9MwuFaJOfZKh3d+uRF+I=
Subject key identifier: 1C:24:4F:A7:9B:2A:18:6B:48:14:79:45:A4:2C:AC:CC:B5:33:D3:59
Certificate issuer: /CN=eacdc1e247faa95318082a4ac5edbd80511f8df7
Certificate serial: 019C941D33128DCA90D488D3190DC59D6732
Authority key identifier: EA:CD:C1:E2:47:FA:A9:53:18:08:2A:4A:C5:ED:BD:80:51:1F:8D:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6s3B4kf6qVMYCCpKxe29gFEfjfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/HCRPp5sqGGtIFHlFpCyszLUz01k.roa
Signing time: Wed 25 Feb 2026 09:24:27 +0000
ROA not before: Wed 25 Feb 2026 09:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42846
IP address blocks: 70.40.138.0/24 maxlen: 24
70.40.139.0/24 maxlen: 24
104.247.160.0/24 maxlen: 24
104.247.161.0/24 maxlen: 24
104.247.162.0/24 maxlen: 24
104.247.163.0/24 maxlen: 24
104.247.164.0/24 maxlen: 24
104.247.165.0/24 maxlen: 24
104.247.166.0/24 maxlen: 24
104.247.167.0/24 maxlen: 24
104.247.168.0/24 maxlen: 24
104.247.169.0/24 maxlen: 24
104.247.173.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/6s3B4kf6qVMYCCpKxe29gFEfjfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/6s3B4kf6qVMYCCpKxe29gFEfjfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6s3B4kf6qVMYCCpKxe29gFEfjfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:1d:33:12:8d:ca:90:d4:88:d3:19:0d:c5:9d:67:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eacdc1e247faa95318082a4ac5edbd80511f8df7
Validity
Not Before: Feb 25 09:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c244fa79b2a186b48147945a42cacccb533d359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f6:a5:3c:be:7f:97:aa:ca:6b:06:ee:f5:20:
ec:e3:b1:80:01:c3:01:31:a6:88:f3:ac:32:ee:e1:
e5:eb:c4:3c:8a:e4:2e:ea:2f:55:a8:13:04:d8:21:
73:00:a3:7f:04:fe:be:69:a1:05:a4:f6:76:45:90:
1f:e9:1a:1e:aa:6e:e2:03:fb:21:63:26:ed:d7:4c:
ac:f2:e5:ea:31:59:03:7f:56:a0:6b:93:88:88:94:
93:5f:59:83:69:4c:e9:94:22:5b:d1:b0:a9:58:ce:
bf:5e:49:78:d9:42:21:b9:7e:f0:ad:12:b2:17:9a:
03:13:5e:66:4c:d1:e3:4a:6c:0c:07:da:52:42:01:
6d:db:70:f3:ba:6e:7a:57:6c:87:9e:d1:1e:47:56:
9d:32:cf:80:87:28:74:15:25:80:f2:24:97:ee:ec:
4b:d9:ee:95:73:df:ea:dd:00:35:4b:57:47:50:63:
fb:60:5e:10:5d:23:a6:c1:ca:bd:94:3d:53:f9:9b:
53:b8:a5:98:8b:3c:45:90:66:98:20:f1:66:12:25:
3f:36:f9:8c:ed:a7:5c:f9:5f:6e:38:b3:77:47:dd:
c4:71:d8:85:cf:35:24:a5:36:15:ae:be:85:9c:37:
8c:98:12:47:e1:d5:4e:93:c6:a1:3e:66:cb:a6:25:
be:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:24:4F:A7:9B:2A:18:6B:48:14:79:45:A4:2C:AC:CC:B5:33:D3:59
X509v3 Authority Key Identifier:
keyid:EA:CD:C1:E2:47:FA:A9:53:18:08:2A:4A:C5:ED:BD:80:51:1F:8D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6s3B4kf6qVMYCCpKxe29gFEfjfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/HCRPp5sqGGtIFHlFpCyszLUz01k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e6c44c-3125-4fe6-a00d-628ccf00dfbd/1/6s3B4kf6qVMYCCpKxe29gFEfjfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.40.138.0/23
104.247.160.0-104.247.169.255
104.247.173.0/24
104.247.179.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e4:2f:5b:48:8e:d7:d9:d4:ca:6b:12:05:18:af:b0:1e:89:
56:01:b5:fd:56:cf:26:60:12:e2:66:90:b3:9b:ba:11:cb:16:
fc:21:1e:c8:14:99:f8:99:0b:c6:30:ca:17:4b:52:33:e4:c3:
2a:96:3a:34:e6:51:db:1a:7a:c1:b2:a1:78:fa:42:00:bb:8b:
2a:6b:a8:18:60:4f:cf:e2:f9:11:0f:23:3d:9b:07:b5:b6:8c:
2c:28:b2:43:bb:d1:8b:91:6c:40:eb:28:a8:c3:7a:ad:0e:51:
87:3d:09:de:42:05:05:c0:b1:87:da:87:6c:2e:20:30:6c:9f:
fa:04:73:b6:b6:16:c4:57:35:bb:15:3e:82:5b:6f:0a:38:5e:
89:96:6c:d8:15:13:d1:84:67:35:bb:54:09:d1:63:ab:14:09:
e5:68:6e:df:14:30:32:2c:4d:f5:42:ef:8c:8f:46:6c:7a:10:
09:21:9b:be:a1:93:8a:ae:70:88:de:74:18:f1:0e:b0:0c:3c:
d8:76:04:d8:94:84:40:7c:64:3e:f7:3e:7b:71:a9:88:d7:a5:
b9:b4:98:e6:5f:45:4a:0c:5d:af:9b:e8:8b:15:04:ba:2d:1b:
1e:58:86:73:35:52:c9:50:84:8e:f8:25:e5:58:f5:b5:e4:f9:
f3:b4:a8:a5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZyUHTMSjcqQ1IjTGQ3FnWcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhY2RjMWUyNDdmYWE5NTMxODA4MmE0YWM1ZWRiZDgwNTEx
ZjhkZjcwHhcNMjYwMjI1MDkyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI0NGZhNzliMmExODZiNDgxNDc5NDVhNDJjYWNjY2I1MzNkMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPalPL5/l6rKawbu9SDs47GAAcMB
MaaI86wy7uHl68Q8iuQu6i9VqBME2CFzAKN/BP6+aaEFpPZ2RZAf6Roeqm7iA/sh
Yybt10ys8uXqMVkDf1aga5OIiJSTX1mDaUzplCJb0bCpWM6/Xkl42UIhuX7wrRKy
F5oDE15mTNHjSmwMB9pSQgFt23Dzum56V2yHntEeR1adMs+Ahyh0FSWA8iSX7uxL
2e6Vc9/q3QA1S1dHUGP7YF4QXSOmwcq9lD1T+ZtTuKWYizxFkGaYIPFmEiU/NvmM
7adc+V9uOLN3R93EcdiFzzUkpTYVrr6FnDeMmBJH4dVOk8ahPmbLpiW+DwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBwkT6ebKhhrSBR5RaQsrMy1M9NZMB8GA1UdIwQY
MBaAFOrNweJH+qlTGAgqSsXtvYBRH433MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnMzQjRrZjZxVk1ZQ0NwS3hlMjlnRkVmamZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lNmM0NGMtMzEyNS00ZmU2LWEwMGQt
NjI4Y2NmMDBkZmJkLzEvSENSUHA1c3FHR3RJRkhsRnBDeXN6TFV6MDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lNmM0NGMtMzEyNS00ZmU2LWEwMGQtNjI4Y2NmMDBkZmJk
LzEvNnMzQjRrZjZxVk1ZQ0NwS3hlMjlnRkVmamZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBRiiKMAwD
BAVo96ADBAFo96gDBABo960DBABo97MwDQYJKoZIhvcNAQELBQADggEBAI3kL1tI
jtfZ1MprEgUYr7AeiVYBtf1WzyZgEuJmkLObuhHLFvwhHsgUmfiZC8YwyhdLUjPk
wyqWOjTmUdsaesGyoXj6QgC7iyprqBhgT8/i+REPIz2bB7W2jCwoskO70YuRbEDr
KKjDeq0OUYc9Cd5CBQXAsYfah2wuIDBsn/oEc7a2FsRXNbsVPoJbbwo4XomWbNgV
E9GEZzW7VAnRY6sUCeVobt8UMDIsTfVC74yPRmx6EAkhm76hk4qucIjedBjxDrAM
PNh2BNiUhEB8ZD73PntxqYjXpbm0mOZfRUoMXa+b6IsVBLotGx5YhnM1UslQhI74
JeVY9bXk+fO0qKU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:37:03 2026 by rpki-client