Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/khbk2O6uaJwQ02xod7VfRqroSH8.roa
File: khbk2O6uaJwQ02xod7VfRqroSH8.roa (raw, json)
Hash identifier: JHGyb709uPLZ2YerR1cXSu892JXCz6N62IZ5FMhPQdk=
Subject key identifier: 92:16:E4:D8:EE:AE:68:9C:10:D3:6C:68:77:B5:5F:46:AA:E8:48:7F
Certificate issuer: /CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Certificate serial: 019B7AC7A758E07185153EFB23FD3AA70BC4
Authority key identifier: 1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/khbk2O6uaJwQ02xod7VfRqroSH8.roa
Signing time: Thu 01 Jan 2026 18:17:43 +0000
ROA not before: Thu 01 Jan 2026 18:17:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209551
IP address blocks: 5.154.160.0/21 maxlen: 32
185.74.216.0/22 maxlen: 32
185.146.204.0/22 maxlen: 32
185.192.28.0/22 maxlen: 32
195.181.252.0/23 maxlen: 32
2a11:8040::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/HCM-7mJMGSxsfa2hQy3gueeLCbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/HCM-7mJMGSxsfa2hQy3gueeLCbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c7:a7:58:e0:71:85:15:3e:fb:23:fd:3a:a7:0b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Validity
Not Before: Jan 1 18:17:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9216e4d8eeae689c10d36c6877b55f46aae8487f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5a:74:ee:0c:b1:d0:4e:cb:79:11:52:9f:34:
f9:cc:62:05:7a:f0:61:19:a1:32:d6:18:87:8c:ce:
ff:9b:5f:be:fb:97:20:dc:e0:dd:f5:b9:a5:44:3d:
de:01:02:7e:1d:2e:b1:72:9e:88:85:c6:2d:3c:94:
1b:30:0f:1b:76:aa:ea:26:a7:30:4c:af:56:7c:68:
21:03:2c:93:c8:c2:9f:0c:c4:19:52:6b:38:2f:0c:
2a:17:76:50:4c:5a:f3:3e:c6:f6:11:5e:43:38:8d:
dc:4c:d3:c3:3a:01:f2:14:75:56:ab:6e:a2:ca:24:
04:9d:6c:b7:3c:af:5b:c5:b7:d7:05:d9:88:b3:91:
74:3e:3e:f6:ec:a3:0e:00:7b:89:6e:c6:5b:e2:61:
ae:85:b9:c6:46:bf:12:04:4e:22:dd:5c:9a:9d:1f:
64:33:d4:6c:76:e3:56:4d:90:66:b5:f2:27:0c:42:
bf:c4:b0:e9:1f:60:4e:38:3d:0a:25:7b:b8:79:de:
33:36:61:68:e9:2f:52:a6:58:7a:6d:5d:5c:9e:0b:
a1:d0:2f:c9:8a:6b:26:e7:64:aa:a8:d4:5c:3d:10:
b4:02:b1:11:d6:b5:37:37:55:a9:45:49:09:0d:c8:
b7:f3:33:2d:e4:ab:be:4e:4c:0c:f3:40:5f:ae:6a:
3d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:16:E4:D8:EE:AE:68:9C:10:D3:6C:68:77:B5:5F:46:AA:E8:48:7F
X509v3 Authority Key Identifier:
keyid:1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/khbk2O6uaJwQ02xod7VfRqroSH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/HCM-7mJMGSxsfa2hQy3gueeLCbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.160.0/21
185.74.216.0/22
185.146.204.0/22
185.192.28.0/22
195.181.252.0/23
IPv6:
2a11:8040::/29
Signature Algorithm: sha256WithRSAEncryption
39:8b:5d:72:f8:8d:3f:b8:5a:be:65:ba:df:02:0e:ef:ec:bb:
c3:26:2e:3d:40:7f:1d:b4:59:90:c2:57:8b:a0:be:7b:60:4e:
9c:e9:2d:b9:08:79:df:57:cc:8e:f5:b9:69:7d:c1:76:9a:c6:
19:d8:00:62:cc:84:89:6a:8d:95:23:f3:d7:fb:4f:a6:c6:38:
0d:b4:5f:32:a4:47:54:d3:cb:b6:6a:b2:c1:62:c5:e0:8f:bc:
cd:18:f6:6b:b1:4a:49:8a:d7:4a:2b:9b:e9:39:82:ea:84:21:
7e:88:33:2b:23:4e:a7:66:c5:2b:20:30:12:1c:f1:c6:c7:17:
f2:c8:26:9c:c0:58:1b:23:c3:c8:d8:f3:9b:76:1e:d0:98:ce:
84:7e:23:16:26:1f:08:4b:9e:48:42:44:b4:72:0f:75:21:fe:
5d:1d:68:87:6d:8f:e2:f1:63:5e:f6:44:f2:ad:9e:ca:4e:e1:
51:b7:73:cb:f7:f6:d0:30:85:36:64:eb:f6:83:ef:ad:22:3c:
4e:7f:76:90:ff:e2:4a:ba:b3:d2:63:b3:e6:b1:25:bc:a0:a4:
42:6b:97:10:59:3c:ef:5e:ba:c7:fa:b2:22:c9:f8:ce:fe:2d:
10:07:75:3d:bc:30:39:68:ff:5e:e8:de:67:b3:eb:89:f2:64:
8e:e5:7b:cd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZt6x6dY4HGFFT77I/06pwvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjMzZWVlNjI0YzE5MmM2YzdkYWRhMTQzMmRlMGI5ZTc4
YjA5YmEwHhcNMjYwMTAxMTgxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE2ZTRkOGVlYWU2ODljMTBkMzZjNjg3N2I1NWY0NmFhZTg0ODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFp07gyx0E7LeRFSnzT5zGIFevBh
GaEy1hiHjM7/m1+++5cg3ODd9bmlRD3eAQJ+HS6xcp6IhcYtPJQbMA8bdqrqJqcw
TK9WfGghAyyTyMKfDMQZUms4LwwqF3ZQTFrzPsb2EV5DOI3cTNPDOgHyFHVWq26i
yiQEnWy3PK9bxbfXBdmIs5F0Pj727KMOAHuJbsZb4mGuhbnGRr8SBE4i3VyanR9k
M9RsduNWTZBmtfInDEK/xLDpH2BOOD0KJXu4ed4zNmFo6S9Splh6bV1cnguh0C/J
imsm52SqqNRcPRC0ArER1rU3N1WpRUkJDci38zMt5Ku+TkwM80Bfrmo93wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJIW5NjurmicENNsaHe1X0aq6Eh/MB8GA1UdIwQY
MBaAFBwjPu5iTBksbH2toUMt4Lnniwm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENNLTdtSk1HU3hzZmEyaFF5M2d1ZWVMQ2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNWJlZjctMjViMy00NDYzLWIzYmYt
NTdhOTUxZjQ5OTMwLzEva2hiazJPNnVhSndRMDJ4b2Q3VmZScXJvU0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNWJlZjctMjViMy00NDYzLWIzYmYtNTdhOTUxZjQ5OTMw
LzEvSENNLTdtSk1HU3hzZmEyaFF5M2d1ZWVMQ2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZqgAwQC
uUrYAwQCuZLMAwQCucAcAwQBw7X8MA0EAgACMAcDBQMqEYBAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5i11y+I0/uFq+ZbrfAg7v7LvDJi49QH8dtFmQwleLoL57YE6c6S25
CHnfV8yO9blpfcF2msYZ2ABizISJao2VI/PX+0+mxjgNtF8ypEdU08u2arLBYsXg
j7zNGPZrsUpJitdKK5vpOYLqhCF+iDMrI06nZsUrIDASHPHGxxfyyCacwFgbI8PI
2PObdh7QmM6EfiMWJh8IS55IQkS0cg91If5dHWiHbY/i8WNe9kTyrZ7KTuFRt3PL
9/bQMIU2ZOv2g++tIjxOf3aQ/+JKurPSY7PmsSW8oKRCa5cQWTzvXrrH+rIiyfjO
/i0QB3U9vDA5aP9e6N5ns+uJ8mSO5XvN
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:31:48 2026 by rpki-client