Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/hA6_YTErxhku_uiY6bcvhY1hUhs.roa
File: hA6_YTErxhku_uiY6bcvhY1hUhs.roa (raw, json)
Hash identifier: Q6FjJQt1zpguz0aAPZUF4vlr1RqYwbpYRo9ftd9mu0E=
Subject key identifier: 84:0E:BF:61:31:2B:C6:19:2E:FE:E8:98:E9:B7:2F:85:8D:61:52:1B
Certificate issuer: /CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Certificate serial: 019DD7F9DB6961698F1874DA7AD34BD4E923
Authority key identifier: 70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/hA6_YTErxhku_uiY6bcvhY1hUhs.roa
Signing time: Wed 29 Apr 2026 06:42:49 +0000
ROA not before: Wed 29 Apr 2026 06:42:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13045
IP address blocks: 81.14.128.0/17 maxlen: 24
89.182.0.0/15 maxlen: 16
185.93.136.0/22 maxlen: 24
193.254.18.0/24 maxlen: 24
212.59.32.0/19 maxlen: 24
2a02:560::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:f9:db:69:61:69:8f:18:74:da:7a:d3:4b:d4:e9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Validity
Not Before: Apr 29 06:42:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=840ebf61312bc6192efee898e9b72f858d61521b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9b:43:ee:00:03:f4:0f:85:9f:27:38:4c:cd:
55:80:5a:bd:56:2a:fd:8c:45:c1:0c:eb:58:4d:6d:
7f:28:75:27:1a:4b:3e:5e:8d:0b:4f:4f:b5:0a:cf:
8c:89:64:cc:ad:94:78:62:ec:b9:98:43:71:e1:f3:
99:a7:40:ac:db:78:b5:c7:78:05:22:dd:db:db:24:
f9:21:ad:73:09:0a:ca:34:91:c4:70:c5:ee:d2:6f:
7c:96:1b:0d:f4:03:2b:9c:ec:e7:97:5f:17:a2:40:
88:7c:47:6d:98:58:ec:1d:90:11:6f:75:fd:9d:7b:
5f:dd:68:20:d5:00:7f:d2:20:12:c0:82:60:2f:3a:
45:ab:74:d1:0c:b8:68:43:74:73:b7:3e:a9:3d:19:
42:d5:ac:41:e8:0d:ef:38:a8:63:cb:7d:1b:fb:7e:
1a:23:b2:5a:13:e0:e9:84:a5:32:ce:49:0f:2c:fc:
22:7d:8a:7a:e0:c8:7a:bd:1f:2e:ae:5d:09:40:2c:
57:15:e4:5e:7f:d1:0c:42:77:85:94:de:4e:ab:cb:
a9:e6:3a:90:bb:0a:02:3a:b1:15:39:3c:2b:da:fb:
d4:8b:35:02:39:3f:45:92:76:6e:24:b2:37:f8:19:
b3:26:1a:eb:0f:19:4a:4f:7a:a5:a9:5e:43:e7:fa:
67:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0E:BF:61:31:2B:C6:19:2E:FE:E8:98:E9:B7:2F:85:8D:61:52:1B
X509v3 Authority Key Identifier:
keyid:70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/hA6_YTErxhku_uiY6bcvhY1hUhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.128.0/17
89.182.0.0/15
185.93.136.0/22
193.254.18.0/24
212.59.32.0/19
IPv6:
2a02:560::/29
Signature Algorithm: sha256WithRSAEncryption
3f:c8:be:f2:10:c0:61:53:f1:e9:c7:13:3a:b7:11:ec:89:ae:
8e:b6:82:62:08:95:a6:62:da:0d:71:72:4b:5a:ff:a8:28:ab:
52:0d:1d:6d:6b:b6:bc:f5:a5:8f:db:71:de:a2:26:77:59:8f:
d2:ac:f3:77:0a:89:49:5d:9f:b8:5a:a5:75:8b:61:c8:dd:a2:
6a:38:f3:8f:2e:2b:d3:c6:64:90:02:d0:16:04:e1:d9:33:78:
2d:1a:eb:6b:4d:e4:bb:dd:0c:9a:56:b6:89:d4:be:b3:c5:0a:
31:77:0f:0e:db:f7:4b:11:b5:b2:ca:1c:f4:31:1c:6e:87:04:
5d:36:b3:99:bd:d5:39:8f:0b:84:42:da:1d:05:22:29:1d:14:
d3:59:7f:7d:bc:e5:5c:1c:e8:9a:fa:d5:67:c8:36:9d:57:8c:
63:f4:e1:34:fe:ca:d0:3d:51:84:92:1e:5a:3f:19:9e:68:29:
c1:84:65:44:c8:99:b3:22:82:d1:b2:48:b0:d5:ed:80:6c:27:
f1:f7:67:25:61:d7:08:d7:44:c4:ad:4e:5e:a5:e4:5e:1b:35:
99:d5:bb:fe:29:0d:1c:cf:f1:d9:46:33:6d:8c:d3:57:56:8f:
56:dc:7e:82:1a:52:3f:b9:03:96:a7:f0:30:5c:ca:42:59:86:
f7:a4:77:d1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ3X+dtpYWmPGHTaetNL1OkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMmY0ZTAwOTQzNzAwYzA4OTdkZTdhZGJjZmNlZDVkMTBi
ZjJlMDEwHhcNMjYwNDI5MDY0MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBlYmY2MTMxMmJjNjE5MmVmZWU4OThlOWI3MmY4NThkNjE1MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqptD7gAD9A+Fnyc4TM1VgFq9Vir9
jEXBDOtYTW1/KHUnGks+Xo0LT0+1Cs+MiWTMrZR4Yuy5mENx4fOZp0Cs23i1x3gF
It3b2yT5Ia1zCQrKNJHEcMXu0m98lhsN9AMrnOznl18XokCIfEdtmFjsHZARb3X9
nXtf3Wgg1QB/0iASwIJgLzpFq3TRDLhoQ3Rztz6pPRlC1axB6A3vOKhjy30b+34a
I7JaE+DphKUyzkkPLPwifYp64Mh6vR8url0JQCxXFeRef9EMQneFlN5Oq8up5jqQ
uwoCOrEVOTwr2vvUizUCOT9FknZuJLI3+BmzJhrrDxlKT3qlqV5D5/pnkQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIQOv2ExK8YZLv7omOm3L4WNYVIbMB8GA1UdIwQY
MBaAFHAvTgCUNwDAiX3nrbz87V0Qvy4BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0M5T0FKUTNBTUNKZmVldHZQenRYUkNfTGdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iY2I2ZWItZTI2Mi00ZDY5LTgwZmIt
NTliMGZjOTEzZDM2LzEvaEE2X1lURXJ4aGt1X3VpWTZiY3ZoWTFoVWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iY2I2ZWItZTI2Mi00ZDY5LTgwZmItNTliMGZjOTEzZDM2
LzEvY0M5T0FKUTNBTUNKZmVldHZQenRYUkNfTGdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHUQ6AAwMB
WbYDBAK5XYgDBADB/hIDBAXUOyAwDQQCAAIwBwMFAyoCBWAwDQYJKoZIhvcNAQEL
BQADggEBAD/IvvIQwGFT8enHEzq3EeyJro62gmIIlaZi2g1xckta/6goq1INHW1r
trz1pY/bcd6iJndZj9Ks83cKiUldn7hapXWLYcjdomo4848uK9PGZJAC0BYE4dkz
eC0a62tN5LvdDJpWtonUvrPFCjF3Dw7b90sRtbLKHPQxHG6HBF02s5m91TmPC4RC
2h0FIikdFNNZf3285Vwc6Jr61WfINp1XjGP04TT+ytA9UYSSHlo/GZ5oKcGEZUTI
mbMigtGySLDV7YBsJ/H3ZyVh1wjXRMStTl6l5F4bNZnVu/4pDRzP8dlGM22M01dW
j1bcfoIaUj+5A5an8DBcykJZhvekd9E=
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:52:54 2026 by rpki-client