Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/hLY2--5SKTnZ1QC36Cf-E8Iq5ho.roa
File: hLY2--5SKTnZ1QC36Cf-E8Iq5ho.roa (raw, json)
Hash identifier: lfg0kzyvgHw2ZfZ5eS4nTJ7bYAVmeebrxL6dhvaG0Ms=
Subject key identifier: 84:B6:36:FB:EE:52:29:39:D9:D5:00:B7:E8:27:FE:13:C2:2A:E6:1A
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 019C43F0AF31C422BC45A2F3AD9A9FCF8A0E
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/hLY2--5SKTnZ1QC36Cf-E8Iq5ho.roa
Signing time: Mon 09 Feb 2026 19:46:12 +0000
ROA not before: Mon 09 Feb 2026 19:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14907
IP address blocks: 91.198.174.0/24 maxlen: 24
185.15.56.0/22 maxlen: 22
185.15.56.0/24 maxlen: 24
185.15.57.0/24 maxlen: 24
185.15.58.0/24 maxlen: 24
185.15.59.0/24 maxlen: 24
185.71.138.0/24 maxlen: 24
2001:67c:930::/48 maxlen: 48
2a02:ec80::/29 maxlen: 29
2a02:ec80:51::/48 maxlen: 48
2a02:ec80:52::/48 maxlen: 48
2a02:ec80:53::/48 maxlen: 48
2a02:ec80:300::/48 maxlen: 48
2a02:ec80:600::/48 maxlen: 48
2a02:ec80:700::/48 maxlen: 48
2a02:ec80:a000::/48 maxlen: 48
2a02:ec80:a100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:43:f0:af:31:c4:22:bc:45:a2:f3:ad:9a:9f:cf:8a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Feb 9 19:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=84b636fbee522939d9d500b7e827fe13c22ae61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4a:12:e1:c1:c7:ff:4d:e6:77:3b:f0:fc:a2:
c8:d0:85:6d:c7:78:6d:37:77:7b:b9:73:19:18:ad:
72:15:38:a2:e1:52:c9:d9:1f:47:fe:4f:6e:10:b5:
5e:0c:d4:31:e0:8c:42:15:8e:39:6b:aa:7c:70:b8:
b9:03:2b:a5:85:ed:c7:c3:91:be:f3:d8:e5:66:b2:
8d:77:41:44:df:4c:fe:e5:e7:23:05:26:0a:8d:6b:
67:af:d9:45:11:f8:10:cc:a8:54:13:c4:07:23:48:
99:da:70:fc:81:10:c8:4e:8d:ae:31:fc:d8:23:c9:
69:ac:a8:0a:69:a1:05:e6:c0:17:15:fb:46:9e:6e:
db:2c:05:03:63:6f:5d:13:bc:64:fe:d3:3b:a6:c9:
52:8d:1c:10:c5:69:c9:55:32:35:be:84:ca:1f:17:
ef:dc:cd:3a:e4:4f:ab:62:19:e7:82:c0:2c:1a:af:
6f:40:32:68:d8:4f:b5:cd:f9:c0:44:13:58:13:b9:
35:83:81:12:6f:6b:c1:b3:3e:5e:a3:47:76:2a:e2:
cc:b3:1f:2b:a3:82:89:c0:15:a0:5d:e8:93:11:55:
8f:0f:90:d4:64:20:93:49:d6:a3:b3:06:e1:f2:8e:
1f:05:95:7f:93:7a:42:f8:ce:13:c1:50:54:a2:c7:
e3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B6:36:FB:EE:52:29:39:D9:D5:00:B7:E8:27:FE:13:C2:2A:E6:1A
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/hLY2--5SKTnZ1QC36Cf-E8Iq5ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.174.0/24
185.15.56.0/22
185.71.138.0/24
IPv6:
2001:67c:930::/48
2a02:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
79:31:7a:5b:2f:5b:1e:d8:34:21:ca:7c:49:a2:38:8e:82:86:
41:95:89:de:ec:71:0d:3b:51:d5:f8:af:2e:ff:2f:0d:99:f4:
b8:40:6a:d0:51:d9:00:48:c2:08:43:49:5d:f2:1f:4e:8f:ff:
e7:cd:20:d1:9b:8c:22:66:28:7d:3c:55:b4:f8:c8:ed:b5:d4:
06:90:2e:13:9d:86:e1:31:9c:d9:8b:03:e7:62:63:a3:de:6a:
1e:2e:02:27:27:c3:8a:41:5d:99:8f:a8:1a:5e:39:eb:9e:c4:
2b:2a:0d:66:6a:fc:74:80:a6:0b:2b:62:19:51:ad:78:f0:52:
f6:d4:e9:f2:f7:9a:98:e1:20:89:3e:68:41:fb:fa:e4:a7:1c:
5a:7b:5c:3b:9b:1d:56:58:e6:a7:1d:e7:13:44:2e:7d:f6:89:
d4:a6:fb:22:15:9c:ff:6b:9f:ea:c5:b4:91:5f:2a:c2:b0:ee:
d8:8c:7e:90:75:b1:4f:23:7a:bd:66:18:be:6a:39:33:8e:fe:
04:c7:0d:87:76:a3:87:fc:e2:62:44:f4:30:be:bf:d3:8d:f3:
76:f7:4d:8d:f2:a2:72:e5:e1:72:0e:01:48:96:5f:96:3c:b7:
82:18:d3:80:35:cc:f0:da:66:cd:d2:7e:27:8a:79:33:b8:d8:
74:31:16:40
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZxD8K8xxCK8RaLzrZqfz4oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjYwMjA5MTk0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI2MzZmYmVlNTIyOTM5ZDlkNTAwYjdlODI3ZmUxM2MyMmFlNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0oS4cHH/03mdzvw/KLI0IVtx3ht
N3d7uXMZGK1yFTii4VLJ2R9H/k9uELVeDNQx4IxCFY45a6p8cLi5Ayulhe3Hw5G+
89jlZrKNd0FE30z+5ecjBSYKjWtnr9lFEfgQzKhUE8QHI0iZ2nD8gRDITo2uMfzY
I8lprKgKaaEF5sAXFftGnm7bLAUDY29dE7xk/tM7pslSjRwQxWnJVTI1voTKHxfv
3M065E+rYhnngsAsGq9vQDJo2E+1zfnARBNYE7k1g4ESb2vBsz5eo0d2KuLMsx8r
o4KJwBWgXeiTEVWPD5DUZCCTSdajswbh8o4fBZV/k3pC+M4TwVBUosfjpQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIS2NvvuUik52dUAt+gn/hPCKuYaMB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvaExZMi0tNVNLVG5aMVFDMzZDZi1FOElxNWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQAW8auAwQC
uQ84AwQAuUeKMBYEAgACMBADBwAgAQZ8CTADBQMqAuyAMA0GCSqGSIb3DQEBCwUA
A4IBAQB5MXpbL1se2DQhynxJojiOgoZBlYne7HENO1HV+K8u/y8NmfS4QGrQUdkA
SMIIQ0ld8h9Oj//nzSDRm4wiZih9PFW0+MjttdQGkC4TnYbhMZzZiwPnYmOj3moe
LgInJ8OKQV2Zj6gaXjnrnsQrKg1mavx0gKYLK2IZUa148FL21Ony95qY4SCJPmhB
+/rkpxxae1w7mx1WWOanHecTRC599onUpvsiFZz/a5/qxbSRXyrCsO7YjH6QdbFP
I3q9Zhi+ajkzjv4Exw2HdqOH/OJiRPQwvr/TjfN2902N8qJy5eFyDgFIll+WPLeC
GNOANczw2mbN0n4ninkzuNh0MRZA
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:36:21 2026 by rpki-client