Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hsF-37Wxovsq4ET3HfuSoaGDtNM.roa
File: hsF-37Wxovsq4ET3HfuSoaGDtNM.roa (raw, json)
Hash identifier: S++/ePDHA6COSJvBXLPEIeF68zg4DsT2XPbEQ6Z+HgM=
Subject key identifier: 86:C1:7E:DF:B5:B1:A2:FB:2A:E0:44:F7:1D:FB:92:A1:A1:83:B4:D3
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019C90B9CB0A14A2C373F040239FBFD550ED
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hsF-37Wxovsq4ET3HfuSoaGDtNM.roa
Signing time: Tue 24 Feb 2026 17:37:01 +0000
ROA not before: Tue 24 Feb 2026 17:37:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 5.182.72.0/22 maxlen: 24
45.146.224.0/22 maxlen: 24
77.81.167.0/24 maxlen: 24
92.114.36.0/24 maxlen: 24
92.114.53.0/24 maxlen: 24
92.114.83.0/24 maxlen: 24
185.126.232.0/22 maxlen: 24
185.128.192.0/22 maxlen: 24
185.150.80.0/22 maxlen: 24
185.230.0.0/22 maxlen: 24
185.248.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:b9:cb:0a:14:a2:c3:73:f0:40:23:9f:bf:d5:50:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Feb 24 17:37:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86c17edfb5b1a2fb2ae044f71dfb92a1a183b4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0b:1a:53:88:4e:36:08:0f:ec:a6:34:41:7e:
6a:5c:52:f8:2d:a4:fe:18:8a:a3:ca:8f:db:36:d2:
01:f6:ff:f4:ca:86:9b:36:2f:ea:39:1c:4b:ac:ec:
2e:9b:c1:d4:21:f8:99:41:40:76:f8:ab:b9:07:f6:
b3:9e:71:f9:0c:d9:37:29:3b:e6:62:a1:03:bd:1d:
a8:67:d7:fb:15:d3:3c:ec:be:e4:09:e6:f6:e0:ae:
ef:62:9a:f4:2d:73:a7:ae:05:ae:e4:1b:d2:ef:a1:
76:25:59:ee:25:6a:76:fe:e9:a7:1d:b1:82:27:52:
4d:84:e2:47:a5:de:79:43:8a:c8:f7:9f:cc:76:da:
e4:8b:e1:5c:f9:a6:c1:2e:81:7f:1a:46:47:5c:b6:
3b:e6:e2:5a:33:89:02:0b:6c:de:33:0a:4c:fb:7b:
51:9e:cb:b5:0c:e1:9f:6c:6c:02:38:d3:11:86:89:
02:dc:9e:35:c3:b0:98:61:ee:5c:0c:36:87:2e:ee:
47:54:16:66:08:7a:94:1a:82:8e:1f:b1:e8:d2:7a:
f0:c4:a0:fc:83:a6:b0:ec:77:ee:a8:25:9f:c5:25:
8e:21:a6:01:dd:56:e8:e8:fb:52:ef:14:e2:af:8c:
2a:b4:73:72:c5:e3:87:f8:e3:5f:64:12:19:2f:5e:
9c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C1:7E:DF:B5:B1:A2:FB:2A:E0:44:F7:1D:FB:92:A1:A1:83:B4:D3
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hsF-37Wxovsq4ET3HfuSoaGDtNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.72.0/22
45.146.224.0/22
77.81.167.0/24
92.114.36.0/24
92.114.53.0/24
92.114.83.0/24
185.126.232.0/22
185.128.192.0/22
185.150.80.0/22
185.230.0.0/22
185.248.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:49:5c:ff:f5:a1:cf:c4:fc:c9:1f:18:d7:d6:e0:b3:43:9d:
d6:75:e5:db:96:0b:6f:6b:72:ac:00:78:06:56:0b:db:f6:a0:
cf:8d:94:9f:56:7d:da:a7:0d:b1:1d:de:7a:16:84:3e:91:00:
1c:a7:ee:ca:ae:a7:f1:06:a2:34:4e:34:be:f9:8e:27:1f:63:
22:9a:f3:7f:20:f8:23:a7:66:d1:2e:26:02:c7:b0:4e:7c:ce:
f6:fc:50:2a:d4:59:39:9f:84:d3:9f:41:8d:29:a6:bb:9f:dd:
5b:64:cc:15:37:36:b1:8c:d7:5a:c5:93:0b:a3:55:f4:3b:24:
bb:4d:9b:23:7d:8b:47:c8:22:8a:6c:bc:f1:08:e6:10:09:de:
78:76:e3:be:80:39:44:74:65:d7:ff:ab:5b:72:82:1c:6f:e7:
ce:b8:a4:0b:a3:45:d0:d9:b4:6a:ff:b4:75:61:2f:f1:4b:c1:
9d:21:77:42:4f:71:4a:34:4a:12:e9:96:2a:d5:f1:35:45:52:
34:90:9b:81:27:d4:d6:5e:d1:e5:ee:17:97:f4:c6:70:f6:a8:
f7:08:3d:a3:fd:2b:b7:4d:e4:cf:af:6e:c5:35:22:90:b7:6c:
2a:a6:20:df:fa:ff:ba:71:3a:06:ac:6a:cf:bd:27:15:62:17:
24:ed:b7:79
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZyQucsKFKLDc/BAI5+/1VDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjYwMjI0MTczNzAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmMxN2VkZmI1YjFhMmZiMmFlMDQ0ZjcxZGZiOTJhMWExODNiNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwsaU4hONggP7KY0QX5qXFL4LaT+
GIqjyo/bNtIB9v/0yoabNi/qORxLrOwum8HUIfiZQUB2+Ku5B/aznnH5DNk3KTvm
YqEDvR2oZ9f7FdM87L7kCeb24K7vYpr0LXOnrgWu5BvS76F2JVnuJWp2/umnHbGC
J1JNhOJHpd55Q4rI95/Mdtrki+Fc+abBLoF/GkZHXLY75uJaM4kCC2zeMwpM+3tR
nsu1DOGfbGwCONMRhokC3J41w7CYYe5cDDaHLu5HVBZmCHqUGoKOH7Ho0nrwxKD8
g6aw7HfuqCWfxSWOIaYB3Vbo6PtS7xTir4wqtHNyxeOH+ONfZBIZL16cdQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIbBft+1saL7KuBE9x37kqGhg7TTMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvaHNGLTM3V3hvdnNxNEVUM0hmdVNvYUdEdE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCBbZIAwQC
LZLgAwQATVGnAwQAXHIkAwQAXHI1AwQAXHJTAwQCuX7oAwQCuYDAAwQCuZZQAwQC
ueYAAwQCufjQMA0GCSqGSIb3DQEBCwUAA4IBAQAsSVz/9aHPxPzJHxjX1uCzQ53W
deXblgtva3KsAHgGVgvb9qDPjZSfVn3apw2xHd56FoQ+kQAcp+7KrqfxBqI0TjS+
+Y4nH2MimvN/IPgjp2bRLiYCx7BOfM72/FAq1Fk5n4TTn0GNKaa7n91bZMwVNzax
jNdaxZMLo1X0OyS7TZsjfYtHyCKKbLzxCOYQCd54duO+gDlEdGXX/6tbcoIcb+fO
uKQLo0XQ2bRq/7R1YS/xS8GdIXdCT3FKNEoS6ZYq1fE1RVI0kJuBJ9TWXtHl7heX
9MZw9qj3CD2j/Su3TeTPr27FNSKQt2wqpiDf+v+6cToGrGrPvScVYhck7bd5
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:49 2026 by rpki-client