Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Hzswp8TTjFLBLtq_0yz3CxRyH5I.roa
File: Hzswp8TTjFLBLtq_0yz3CxRyH5I.roa (raw, json)
Hash identifier: MP4gqKAVDOE83sn9DN5h59teDQEElcryGm3TvZLWgnM=
Subject key identifier: 1F:3B:30:A7:C4:D3:8C:52:C1:2E:DA:BF:D3:2C:F7:0B:14:72:1F:92
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D48DD377F3D2BF8C7D775865A18FFEF13
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Hzswp8TTjFLBLtq_0yz3CxRyH5I.roa
Signing time: Wed 01 Apr 2026 11:45:50 +0000
ROA not before: Wed 01 Apr 2026 11:45:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22427
IP address blocks: 95.155.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:dd:37:7f:3d:2b:f8:c7:d7:75:86:5a:18:ff:ef:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Apr 1 11:45:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f3b30a7c4d38c52c12edabfd32cf70b14721f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:b3:94:d7:82:ba:b3:97:8d:2b:73:cd:de:
2a:2b:3d:fc:c4:fa:b7:9a:96:0c:a8:2b:2e:07:78:
e6:e1:df:be:93:a0:a5:35:e7:c1:4a:f6:d5:c9:c8:
7d:d5:56:32:f4:b9:18:27:32:7b:d5:0a:ed:b2:95:
63:ce:18:5c:75:b0:1b:c5:38:e4:c9:f4:da:08:34:
71:36:ac:fe:fd:c0:b5:0e:9b:b1:7a:d5:8b:89:19:
0c:bd:28:e5:ca:52:af:bb:dc:93:41:9d:49:fc:9e:
2a:57:27:9a:4a:4a:87:8d:6e:8c:58:0b:5a:6f:6d:
50:c3:2f:2e:44:c8:76:23:ae:aa:11:d4:62:d0:03:
ff:85:81:36:ff:06:ec:03:78:5c:b1:52:42:26:d6:
a5:c1:8f:c7:6f:22:f4:9b:20:9e:b0:5b:c6:89:24:
5a:96:3e:89:19:4f:fc:26:ce:4a:c9:06:03:cc:39:
98:b3:95:b1:16:1a:af:41:fa:23:71:63:05:2c:8b:
aa:9c:90:3a:d8:3c:4a:2e:89:d1:51:72:de:a3:4a:
a5:ad:62:f3:2a:46:29:4d:68:06:d0:2a:ba:93:46:
a5:9f:78:7d:be:78:2c:48:0c:52:ad:2d:be:44:89:
e0:82:58:81:39:e9:e7:c1:92:7f:b7:4d:66:03:14:
d3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:30:A7:C4:D3:8C:52:C1:2E:DA:BF:D3:2C:F7:0B:14:72:1F:92
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Hzswp8TTjFLBLtq_0yz3CxRyH5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.182.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4d:2f:96:75:9d:6a:47:fb:27:dc:4c:f4:97:f3:b4:55:cd:
fe:a8:0d:d5:34:f2:35:41:ad:26:9a:79:8c:20:10:11:07:10:
ba:10:59:39:13:96:8b:7d:2d:b2:8d:59:61:fb:51:06:0f:06:
13:66:b0:1e:0d:1b:23:cd:08:f9:51:18:1e:cc:f9:59:4e:64:
8b:5c:cd:47:d5:b1:5e:3c:3b:06:65:3d:72:44:b5:f4:48:b2:
68:c4:23:50:fa:05:77:4b:c9:b6:03:93:b4:16:d9:49:13:fb:
00:06:37:25:3e:c7:32:41:ae:74:2d:f4:3c:dc:c9:46:48:f7:
26:fb:81:67:57:cd:bb:0d:1a:84:7d:57:ba:87:5e:e5:69:14:
d7:d0:a7:b4:58:72:02:a5:f7:c1:2a:46:e9:2c:85:24:6e:07:
7d:f7:9e:53:30:00:b9:ee:e4:da:72:8b:6c:27:36:fa:32:97:
e5:e6:d2:63:c4:19:32:45:4e:25:0a:14:d7:6f:7f:26:49:da:
6c:31:53:54:5e:2f:25:b4:72:50:8f:b5:33:d8:7e:37:31:00:
cf:64:8f:91:5e:6c:d8:d3:fc:07:54:30:1a:33:ac:22:38:7f:
85:c6:ef:ee:4b:85:2d:0a:ae:36:b2:34:26:3d:e0:68:51:e9:
ba:3f:a5:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1I3Td/PSv4x9d1hloY/+8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwNDAxMTE0NTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNiMzBhN2M0ZDM4YzUyYzEyZWRhYmZkMzJjZjcwYjE0NzIxZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeuzlNeCurOXjStzzd4qKz38xPq3
mpYMqCsuB3jm4d++k6ClNefBSvbVych91VYy9LkYJzJ71QrtspVjzhhcdbAbxTjk
yfTaCDRxNqz+/cC1DpuxetWLiRkMvSjlylKvu9yTQZ1J/J4qVyeaSkqHjW6MWAta
b21Qwy8uRMh2I66qEdRi0AP/hYE2/wbsA3hcsVJCJtalwY/HbyL0myCesFvGiSRa
lj6JGU/8Js5KyQYDzDmYs5WxFhqvQfojcWMFLIuqnJA62DxKLonRUXLeo0qlrWLz
KkYpTWgG0Cq6k0aln3h9vngsSAxSrS2+RInggliBOennwZJ/t01mAxTTmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB87MKfE04xSwS7av9Ms9wsUch+SMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvSHpzd3A4VFRqRkxCTHRxXzB5ejNDeFJ5SDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX5u2MA0G
CSqGSIb3DQEBCwUAA4IBAQAUTS+WdZ1qR/sn3Ez0l/O0Vc3+qA3VNPI1Qa0mmnmM
IBARBxC6EFk5E5aLfS2yjVlh+1EGDwYTZrAeDRsjzQj5URgezPlZTmSLXM1H1bFe
PDsGZT1yRLX0SLJoxCNQ+gV3S8m2A5O0FtlJE/sABjclPscyQa50LfQ83MlGSPcm
+4FnV827DRqEfVe6h17laRTX0Ke0WHICpffBKkbpLIUkbgd9955TMAC57uTacots
Jzb6Mpfl5tJjxBkyRU4lChTXb38mSdpsMVNUXi8ltHJQj7Uz2H43MQDPZI+RXmzY
0/wHVDAaM6wiOH+Fxu/uS4UtCq42sjQmPeBoUem6P6WB
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:42:23 2026 by rpki-client