Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/1hJj5lLq19A-j9_WZiFK8KryVh8.roa
File: 1hJj5lLq19A-j9_WZiFK8KryVh8.roa (raw, json)
Hash identifier: BdyFvctNzfBBkcxWw8lGFz2gTUvcnLbqttbqeJ44fGQ=
Subject key identifier: D6:12:63:E6:52:EA:D7:D0:3E:8F:DF:D6:66:21:4A:F0:AA:F2:56:1F
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019DD32DCAB8FFB680449326391EDCCB0813
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/1hJj5lLq19A-j9_WZiFK8KryVh8.roa
Signing time: Tue 28 Apr 2026 08:21:26 +0000
ROA not before: Tue 28 Apr 2026 08:21:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 80.174.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:2d:ca:b8:ff:b6:80:44:93:26:39:1e:dc:cb:08:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Apr 28 08:21:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d61263e652ead7d03e8fdfd666214af0aaf2561f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ef:17:6b:28:37:27:24:9d:18:83:29:b6:b7:
72:21:34:fa:8a:76:1d:cc:d6:f1:7b:01:c7:93:16:
f4:c6:6e:fb:9c:4b:56:c2:a0:61:d7:41:9d:4a:32:
da:01:4b:e0:29:a2:ed:80:87:64:1a:71:30:5f:a3:
16:59:56:8b:24:93:a4:b6:9c:0b:fe:73:1f:d6:f3:
09:9a:bb:fd:98:e9:b2:f3:6e:b2:86:22:60:35:5f:
13:2d:8c:1c:98:bd:0c:e8:d9:38:18:f8:90:f9:52:
7d:61:46:c8:13:cb:a5:97:f0:3f:ff:da:38:50:78:
07:b6:84:4f:7b:8f:2e:a3:8d:2c:f4:ae:97:ad:7c:
26:ef:b5:ce:20:58:58:00:d5:e3:7c:dc:9e:83:b1:
07:ae:54:3a:f1:bd:62:7d:2d:71:7f:e4:0f:88:c3:
bb:9f:49:12:aa:73:f0:22:94:6b:49:d5:93:bb:76:
86:33:59:83:fb:c3:c7:9a:80:52:55:fa:e9:97:c9:
ad:95:28:73:a5:8c:1a:ce:be:00:95:5c:b3:be:b1:
06:82:e8:8d:e9:bb:8b:c8:25:76:33:07:38:68:bd:
7f:4e:89:fe:a3:1f:50:cc:b7:04:c7:ba:7a:54:f9:
e8:04:46:59:51:93:30:1f:65:6e:60:f7:a1:1f:33:
5c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:12:63:E6:52:EA:D7:D0:3E:8F:DF:D6:66:21:4A:F0:AA:F2:56:1F
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/1hJj5lLq19A-j9_WZiFK8KryVh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.64.0/19
Signature Algorithm: sha256WithRSAEncryption
15:db:ad:3e:ca:24:15:6b:cc:2a:9a:9a:cf:f4:13:59:2f:db:
49:0a:d2:22:90:4a:3e:da:81:ba:7d:1d:df:0f:94:19:aa:38:
d8:dc:80:df:c0:f2:28:c5:a6:9f:6c:6d:34:e1:4e:6d:3e:d9:
df:f0:7f:35:83:6d:03:da:35:19:ac:1f:54:5e:88:bb:e6:c3:
35:e5:5d:cd:02:09:0f:50:a5:1c:96:d1:f2:4d:68:57:bf:11:
6c:e3:45:09:db:d9:f9:f1:7f:89:89:56:33:5c:45:7a:08:88:
9b:7a:6f:d9:ec:40:2c:93:a2:5a:b1:52:88:3e:cc:0a:b5:b5:
da:02:e3:0e:07:95:7f:97:c7:58:28:bd:2a:f1:83:96:cc:b3:
b3:33:c8:94:8f:c2:cb:9e:d0:27:d9:b9:53:07:b8:0f:e2:b1:
4b:37:c4:74:84:de:ab:4a:64:3d:b5:ce:a6:e3:79:97:e2:ed:
fb:58:08:c0:be:21:25:5e:4b:59:9b:22:26:a6:44:eb:65:e9:
2c:5c:f5:f2:c8:ec:65:13:0a:f8:0d:72:7c:a4:17:98:96:7f:
f6:92:0d:34:9f:0e:80:a3:6e:b0:e1:70:da:41:58:db:60:65:
9a:e5:28:8f:e3:38:93:6d:de:ff:e7:9b:94:71:f2:b4:14:42:
7f:ba:c7:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3TLcq4/7aARJMmOR7cywgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNDI4MDgyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEyNjNlNjUyZWFkN2QwM2U4ZmRmZDY2NjIxNGFmMGFhZjI1NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu8Xayg3JySdGIMptrdyITT6inYd
zNbxewHHkxb0xm77nEtWwqBh10GdSjLaAUvgKaLtgIdkGnEwX6MWWVaLJJOktpwL
/nMf1vMJmrv9mOmy826yhiJgNV8TLYwcmL0M6Nk4GPiQ+VJ9YUbIE8ull/A//9o4
UHgHtoRPe48uo40s9K6XrXwm77XOIFhYANXjfNyeg7EHrlQ68b1ifS1xf+QPiMO7
n0kSqnPwIpRrSdWTu3aGM1mD+8PHmoBSVfrpl8mtlShzpYwazr4AlVyzvrEGguiN
6buLyCV2Mwc4aL1/Ton+ox9QzLcEx7p6VPnoBEZZUZMwH2VuYPehHzNcOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYSY+ZS6tfQPo/f1mYhSvCq8lYfMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvMWhKajVsTHExOUEtajlfV1ppRks4S3J5Vmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUK5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAV260+yiQVa8wqmprP9BNZL9tJCtIikEo+2oG6fR3f
D5QZqjjY3IDfwPIoxaafbG004U5tPtnf8H81g20D2jUZrB9UXoi75sM15V3NAgkP
UKUcltHyTWhXvxFs40UJ29n58X+JiVYzXEV6CIibem/Z7EAsk6JasVKIPswKtbXa
AuMOB5V/l8dYKL0q8YOWzLOzM8iUj8LLntAn2blTB7gP4rFLN8R0hN6rSmQ9tc6m
43mX4u37WAjAviElXktZmyImpkTrZeksXPXyyOxlEwr4DXJ8pBeYln/2kg00nw6A
o26w4XDaQVjbYGWa5SiP4ziTbd7/55uUcfK0FEJ/useh
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:16 2026 by rpki-client