Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/HcUJRBjcecR6A3ZN0J7us5lds74.roa
File: HcUJRBjcecR6A3ZN0J7us5lds74.roa (raw, json)
Hash identifier: 84+REcPQHJTOYxAtxH5dB/r6tY8TotzsAXRxRHbf4mg=
Subject key identifier: 1D:C5:09:44:18:DC:79:C4:7A:03:76:4D:D0:9E:EE:B3:99:5D:B3:BE
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019E0C47435E540819A71594AE688E78B7F0
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/HcUJRBjcecR6A3ZN0J7us5lds74.roa
Signing time: Sat 09 May 2026 10:27:37 +0000
ROA not before: Sat 09 May 2026 10:27:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210773
IP address blocks: 2a14:67c3:190::/48 maxlen: 48
2a14:67c3:191::/48 maxlen: 48
2a14:67c3:192::/48 maxlen: 48
2a14:67c3:880::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0c:47:43:5e:54:08:19:a7:15:94:ae:68:8e:78:b7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: May 9 10:27:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1dc5094418dc79c47a03764dd09eeeb3995db3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:52:b6:86:a2:d5:3f:24:25:2d:24:dd:62:f4:
48:fa:16:3d:cf:2a:16:10:e6:67:c9:6d:80:70:8e:
a1:ce:06:69:6c:5b:28:22:83:e1:be:ce:0b:34:a2:
da:3d:c3:c4:e1:8c:f8:f1:6c:a7:51:b7:6d:1f:ed:
a9:0e:b4:83:c6:70:29:35:37:8d:78:ff:6e:b9:2f:
8c:6c:c9:3d:5c:24:0b:5b:d0:55:95:70:e5:cc:f8:
d9:38:d4:93:af:5f:bc:3c:39:8a:52:3d:ef:1c:5e:
4b:2e:c5:bb:fa:ac:23:3c:65:42:a5:41:1e:b0:83:
b7:e9:da:5e:cc:74:05:fb:cc:ab:c3:46:45:c3:cc:
8b:ec:ed:60:a4:4c:c1:34:39:55:dd:c9:40:23:65:
f8:f5:eb:2d:f0:07:8b:c6:a5:02:60:b2:ce:46:74:
d1:d1:0d:d0:5a:7d:3d:0a:85:71:87:8b:68:d2:cd:
00:32:5c:e5:a5:8c:0f:9f:f4:e0:31:08:fd:90:a1:
a8:67:51:35:fb:4b:c6:39:d0:fa:48:b5:4f:bc:40:
69:3c:03:40:d3:b0:0b:ca:ba:7f:1e:fb:4b:cf:c8:
32:17:44:07:dc:f2:78:f4:2f:5e:f6:0f:c2:4b:bf:
70:34:64:4a:49:73:4e:18:60:8c:89:0f:4a:bb:d2:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C5:09:44:18:DC:79:C4:7A:03:76:4D:D0:9E:EE:B3:99:5D:B3:BE
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/HcUJRBjcecR6A3ZN0J7us5lds74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c3:190::-2a14:67c3:192:ffff:ffff:ffff:ffff:ffff
2a14:67c3:880::/44
Signature Algorithm: sha256WithRSAEncryption
82:aa:9e:ea:1e:da:4a:0d:47:f9:33:78:9b:52:e6:a8:98:c7:
c0:21:7e:c4:de:36:08:69:59:af:27:05:0a:73:48:63:0e:74:
e1:69:a3:c0:78:7b:6b:6b:50:04:d4:2e:6f:d2:27:ac:33:41:
ff:a0:81:16:a0:30:a5:87:86:f5:15:d0:d0:fc:7d:a1:54:2c:
2b:f9:ef:2e:d8:ee:2d:88:c0:67:24:0c:0a:51:92:bc:99:10:
fd:71:cb:c4:85:75:b3:fa:b6:54:9f:35:2a:8b:eb:2c:ac:77:
a8:18:b9:04:b9:c3:98:d9:75:14:c3:20:b6:d8:34:30:1d:38:
55:d7:01:9e:4f:e7:53:11:75:27:f2:88:59:8b:43:69:1d:1e:
9e:3b:5d:b8:bd:b2:d0:1b:92:80:93:d7:0e:5e:2b:f3:2a:5a:
93:86:85:dd:fb:b8:82:f5:d9:f1:0b:51:95:54:dc:40:7c:64:
6e:6b:40:7b:8c:d1:1b:06:cb:a8:4e:84:16:4c:0b:f9:83:41:
49:df:21:c9:d2:f8:99:24:5c:4b:a3:bf:3e:b8:0d:5f:38:d4:
55:be:c9:57:67:ca:0e:7b:89:eb:a5:b2:91:6f:56:4a:0a:37:
f5:e1:82:f0:e4:e1:6b:e5:5a:5f:24:db:47:99:ef:69:47:7b:
ce:e9:c4:e3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ4MR0NeVAgZpxWUrmiOeLfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjYwNTA5MTAyNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM1MDk0NDE4ZGM3OWM0N2EwMzc2NGRkMDllZWViMzk5NWRiM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VK2hqLVPyQlLSTdYvRI+hY9zyoW
EOZnyW2AcI6hzgZpbFsoIoPhvs4LNKLaPcPE4Yz48WynUbdtH+2pDrSDxnApNTeN
eP9uuS+MbMk9XCQLW9BVlXDlzPjZONSTr1+8PDmKUj3vHF5LLsW7+qwjPGVCpUEe
sIO36dpezHQF+8yrw0ZFw8yL7O1gpEzBNDlV3clAI2X49est8AeLxqUCYLLORnTR
0Q3QWn09CoVxh4to0s0AMlzlpYwPn/TgMQj9kKGoZ1E1+0vGOdD6SLVPvEBpPANA
07ALyrp/HvtLz8gyF0QH3PJ49C9e9g/CS79wNGRKSXNOGGCMiQ9Ku9JeuQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB3FCUQY3HnEegN2TdCe7rOZXbO+MB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvSGNVSlJCamNlY1I2QTNaTjBKN3VzNWxkczc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQqFGfD
AZADBwAqFGfDAZIDBwQqFGfDCIAwDQYJKoZIhvcNAQELBQADggEBAIKqnuoe2koN
R/kzeJtS5qiYx8AhfsTeNghpWa8nBQpzSGMOdOFpo8B4e2trUATULm/SJ6wzQf+g
gRagMKWHhvUV0ND8faFULCv57y7Y7i2IwGckDApRkryZEP1xy8SFdbP6tlSfNSqL
6yysd6gYuQS5w5jZdRTDILbYNDAdOFXXAZ5P51MRdSfyiFmLQ2kdHp47Xbi9stAb
koCT1w5eK/MqWpOGhd37uIL12fELUZVU3EB8ZG5rQHuM0RsGy6hOhBZMC/mDQUnf
IcnS+JkkXEujvz64DV841FW+yVdnyg57ieulspFvVkoKN/XhgvDk4WvlWl8k20eZ
72lHe87pxOM=
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:37 2026 by rpki-client