Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/H6fEkqVKszpXDZG-GKB24yi6fGA.roa
File: H6fEkqVKszpXDZG-GKB24yi6fGA.roa (raw, json)
Hash identifier: VZx0qzECb8pJ5sSNI4YrIdOddJh7Fq3Sv2eEUes2jOk=
Subject key identifier: 1F:A7:C4:92:A5:4A:B3:3A:57:0D:91:BE:18:A0:76:E3:28:BA:7C:60
Certificate issuer: /CN=8453d1e8618ef8fae8075ddd58270d094006be99
Certificate serial: 019C99E1EFF58F02A89D4C5DCDACA80BA274
Authority key identifier: 84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/H6fEkqVKszpXDZG-GKB24yi6fGA.roa
Signing time: Thu 26 Feb 2026 12:17:26 +0000
ROA not before: Thu 26 Feb 2026 12:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59577
IP address blocks: 91.201.232.0/22 maxlen: 22
178.216.14.0/24 maxlen: 24
185.223.161.0/24 maxlen: 24
195.72.144.0/24 maxlen: 24
195.72.145.0/24 maxlen: 24
195.72.146.0/24 maxlen: 24
2a12:5b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:e1:ef:f5:8f:02:a8:9d:4c:5d:cd:ac:a8:0b:a2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8453d1e8618ef8fae8075ddd58270d094006be99
Validity
Not Before: Feb 26 12:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1fa7c492a54ab33a570d91be18a076e328ba7c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d3:5d:97:c6:d9:f6:ee:58:68:42:8e:77:b3:
78:f3:59:4e:7f:5b:f6:65:20:2b:59:d7:47:88:75:
a4:a6:fa:ab:c6:7c:d1:2f:3f:5b:1c:97:64:7e:d0:
6d:0d:5e:fd:51:79:f3:dc:be:32:82:50:35:fd:70:
ae:98:be:7d:9c:ca:41:7e:8c:9f:28:60:26:29:a7:
be:17:5f:1d:d3:a4:69:d4:69:6b:b5:06:31:50:d5:
08:70:d9:3e:56:fd:6b:1d:23:2a:58:72:3d:5d:67:
1d:fa:4d:88:f1:2f:dd:72:7f:ef:9a:b5:ca:7a:20:
cc:e6:7d:12:d5:52:16:eb:b9:b6:46:30:83:d9:fb:
d4:a5:26:14:c2:80:35:fd:c4:a5:9e:7a:6b:d9:fb:
59:22:f5:50:19:8f:34:d7:46:1d:ac:11:9a:da:fd:
4c:93:54:fe:d2:55:f2:34:9a:43:3c:37:fd:ed:83:
83:38:11:4e:40:1b:51:7e:4e:f2:7b:e6:24:0d:fb:
5c:e5:76:19:b7:a4:c0:39:e0:aa:cc:9d:be:b6:6b:
44:49:df:18:b7:c2:85:11:2f:a9:49:0f:c4:ff:d1:
61:de:a5:b2:78:b5:a9:ff:2c:4b:02:53:7d:e7:cd:
75:63:a7:c8:a1:58:9f:79:2e:d3:72:35:b6:52:0b:
20:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A7:C4:92:A5:4A:B3:3A:57:0D:91:BE:18:A0:76:E3:28:BA:7C:60
X509v3 Authority Key Identifier:
keyid:84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/H6fEkqVKszpXDZG-GKB24yi6fGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.232.0/22
178.216.14.0/24
185.223.161.0/24
195.72.144.0-195.72.146.255
IPv6:
2a12:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
38:4e:00:08:e2:8c:2b:6a:04:15:3a:a0:10:97:36:47:21:bd:
77:34:11:24:72:c4:5a:52:08:45:d0:27:4b:53:d4:6a:13:02:
1a:1c:65:73:eb:fc:26:50:74:f0:9a:fe:6d:45:92:50:da:32:
9d:0c:23:5f:db:e6:b5:db:8f:c1:97:60:50:de:80:21:84:de:
d5:e2:40:04:71:bf:fb:f8:7a:7a:03:04:64:d5:80:83:72:ac:
d3:e5:49:d1:42:2e:eb:6c:40:7e:13:7e:cf:48:5a:b6:04:c0:
8f:a0:3b:45:82:88:4d:da:a5:ce:31:91:f7:3c:9a:f3:69:7d:
67:87:21:6b:2d:2c:5f:ab:0f:ae:c6:b9:fd:1a:8b:af:34:40:
ff:9d:18:8d:a5:23:cf:43:70:6e:f0:59:55:75:4f:33:cc:d7:
72:0d:41:2e:97:68:0c:c6:35:39:85:ee:51:23:46:af:fd:4e:
44:fc:da:e7:8e:7e:84:f9:a1:b7:c5:b6:82:7c:65:4f:ec:55:
44:64:f0:bc:48:50:63:1c:9f:d4:8a:4c:db:58:b3:62:44:6b:
a2:69:b8:ba:b7:f6:da:c3:74:8d:c3:cc:e5:60:80:ea:48:15:
27:4f:0d:07:89:46:91:72:4b:90:f9:b0:c8:0d:91:54:05:58:
dd:5e:ed:bd
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZyZ4e/1jwKonUxdzayoC6J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTNkMWU4NjE4ZWY4ZmFlODA3NWRkZDU4MjcwZDA5NDAw
NmJlOTkwHhcNMjYwMjI2MTIxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmE3YzQ5MmE1NGFiMzNhNTcwZDkxYmUxOGEwNzZlMzI4YmE3YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNNdl8bZ9u5YaEKOd7N481lOf1v2
ZSArWddHiHWkpvqrxnzRLz9bHJdkftBtDV79UXnz3L4yglA1/XCumL59nMpBfoyf
KGAmKae+F18d06Rp1GlrtQYxUNUIcNk+Vv1rHSMqWHI9XWcd+k2I8S/dcn/vmrXK
eiDM5n0S1VIW67m2RjCD2fvUpSYUwoA1/cSlnnpr2ftZIvVQGY8010YdrBGa2v1M
k1T+0lXyNJpDPDf97YODOBFOQBtRfk7ye+YkDftc5XYZt6TAOeCqzJ2+tmtESd8Y
t8KFES+pSQ/E/9Fh3qWyeLWp/yxLAlN95811Y6fIoVifeS7TcjW2UgsgLwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFB+nxJKlSrM6Vw2RvhigduMounxgMB8GA1UdIwQY
MBaAFIRT0ehhjvj66Add3VgnDQlABr6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEt
ZDRhZTQwNzEzMjhmLzEvSDZmRWtxVktzenBYRFpHLUdLQjI0eWk2ZkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEtZDRhZTQwNzEzMjhm
LzEvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCW8noAwQA
stgOAwQAud+hMAwDBATDSJADBADDSJIwDQQCAAIwBwMFAyoSW4AwDQYJKoZIhvcN
AQELBQADggEBADhOAAjijCtqBBU6oBCXNkchvXc0ESRyxFpSCEXQJ0tT1GoTAhoc
ZXPr/CZQdPCa/m1FklDaMp0MI1/b5rXbj8GXYFDegCGE3tXiQARxv/v4enoDBGTV
gINyrNPlSdFCLutsQH4Tfs9IWrYEwI+gO0WCiE3apc4xkfc8mvNpfWeHIWstLF+r
D67Guf0ai680QP+dGI2lI89DcG7wWVV1TzPM13INQS6XaAzGNTmF7lEjRq/9TkT8
2ueOfoT5obfFtoJ8ZU/sVURk8LxIUGMcn9SKTNtYs2JEa6JpuLq39trDdI3DzOVg
gOpIFSdPDQeJRpFyS5D5sMgNkVQFWN1e7b0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:23:16 2026 by rpki-client