Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HcD0OU0-BgunHwrHMe49sQr0kss.roa
File: HcD0OU0-BgunHwrHMe49sQr0kss.roa (raw, json)
Hash identifier: G/eaE6js5hrweGFmbmK8WwRymNdv+srvZOXkTKxLvcY=
Subject key identifier: 1D:C0:F4:39:4D:3E:06:0B:A7:1F:0A:C7:31:EE:3D:B1:0A:F4:92:CB
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019E1D1810FE58849EECFA5BFD50D89B8604
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HcD0OU0-BgunHwrHMe49sQr0kss.roa
Signing time: Tue 12 May 2026 16:49:36 +0000
ROA not before: Tue 12 May 2026 16:49:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 88.148.69.0/24 maxlen: 24
88.148.72.0/24 maxlen: 24
88.148.78.0/24 maxlen: 24
88.148.86.0/24 maxlen: 24
88.148.89.0/24 maxlen: 24
88.148.94.0/24 maxlen: 24
88.148.107.0/24 maxlen: 24
89.32.165.0/24 maxlen: 24
89.34.120.0/24 maxlen: 24
89.44.67.0/24 maxlen: 24
89.44.71.0/24 maxlen: 24
89.45.240.0/24 maxlen: 24
89.45.245.0/24 maxlen: 24
94.76.139.0/24 maxlen: 24
94.76.155.0/24 maxlen: 24
94.76.177.0/24 maxlen: 24
94.76.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:18:10:fe:58:84:9e:ec:fa:5b:fd:50:d8:9b:86:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: May 12 16:49:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1dc0f4394d3e060ba71f0ac731ee3db10af492cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:af:6b:45:ae:b9:d0:98:13:66:52:4e:84:ea:
2f:4e:97:cd:d8:c7:2e:68:c9:c4:82:2d:1a:ea:fc:
0b:f5:b8:2b:74:05:21:2d:92:16:02:20:e0:c8:d8:
4e:f9:0e:51:54:a5:5f:c8:3f:88:b4:05:f9:ad:42:
4a:04:e6:15:25:de:56:88:ce:f1:3a:5b:b4:86:5d:
dd:3b:e3:94:99:76:5a:5b:fa:1c:a5:b0:89:2a:d8:
cb:34:97:19:e3:87:7f:42:e5:51:ba:17:9f:bf:5d:
b4:f2:6e:b8:76:07:63:3e:c5:2f:ce:56:d1:5e:a8:
6a:20:2a:00:52:4a:3b:e9:b0:1d:1c:3b:dd:80:b6:
1d:8f:68:ad:27:bf:5d:b8:e9:bf:8f:9d:d3:55:8b:
2f:d6:5b:e9:e8:1d:46:9a:b9:fc:ce:ed:09:99:bd:
3b:42:b2:95:65:dc:60:96:58:9b:79:ea:00:18:86:
76:22:1e:03:fe:6b:d5:7f:92:69:93:40:36:1d:6c:
29:c8:62:81:48:c1:a8:01:ad:db:a1:4e:ed:ac:47:
2e:7f:31:ad:79:4f:c4:8e:b0:99:21:d7:63:e1:d6:
4b:92:92:5a:3f:0a:2c:ec:89:3d:f8:0c:c5:0a:a1:
92:80:5e:d9:e8:9c:9a:f4:09:96:fd:7e:a8:9f:4d:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C0:F4:39:4D:3E:06:0B:A7:1F:0A:C7:31:EE:3D:B1:0A:F4:92:CB
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HcD0OU0-BgunHwrHMe49sQr0kss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.148.69.0/24
88.148.72.0/24
88.148.78.0/24
88.148.86.0/24
88.148.89.0/24
88.148.94.0/24
88.148.107.0/24
89.32.165.0/24
89.34.120.0/24
89.44.67.0/24
89.44.71.0/24
89.45.240.0/24
89.45.245.0/24
94.76.139.0/24
94.76.155.0/24
94.76.177.0/24
94.76.189.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:9a:db:e9:89:e1:e4:23:43:c8:99:63:b6:22:72:78:6a:e6:
90:a2:66:d2:45:1c:e5:18:ba:ab:f1:36:60:40:57:52:4d:3d:
9d:0a:2a:dc:f7:3b:85:91:2f:6c:13:41:fb:ee:a0:9d:95:49:
29:fa:98:20:cc:6f:e2:64:5c:0a:46:4d:fe:2a:f7:55:c0:d1:
6c:cb:d7:38:50:a8:1b:db:d9:3a:10:52:b9:7c:d3:c4:9a:25:
b5:f4:73:de:f4:44:6c:3d:7f:85:32:73:ad:81:4e:31:12:e8:
b2:40:eb:de:4d:63:c4:0a:76:b9:a1:1e:80:e9:be:55:70:a3:
89:3d:d5:97:4e:49:6d:b5:32:ad:3f:13:3b:d3:8f:e0:f5:57:
7b:7c:da:78:a9:1b:80:12:10:e9:64:c7:31:7e:1f:1f:70:f6:
d9:aa:4b:17:5f:84:ca:1a:09:a3:98:85:9b:16:0a:87:1b:81:
83:56:6b:66:b2:45:3b:39:9c:ae:03:af:2e:7c:8f:6a:37:58:
44:8e:de:a3:44:6f:f8:19:85:89:87:db:a4:2e:9d:dd:80:ed:
eb:87:51:04:1e:c3:b9:7e:dc:46:5d:cf:57:70:16:cd:b5:e0:
31:04:1d:f4:89:10:78:7b:4a:8a:05:91:93:a4:ed:22:0f:27:
46:a3:36:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ4dGBD+WISe7Ppb/VDYm4YEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjYwNTEyMTY0OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMwZjQzOTRkM2UwNjBiYTcxZjBhYzczMWVlM2RiMTBhZjQ5MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq9rRa650JgTZlJOhOovTpfN2Mcu
aMnEgi0a6vwL9bgrdAUhLZIWAiDgyNhO+Q5RVKVfyD+ItAX5rUJKBOYVJd5WiM7x
Olu0hl3dO+OUmXZaW/ocpbCJKtjLNJcZ44d/QuVRuhefv1208m64dgdjPsUvzlbR
XqhqICoAUko76bAdHDvdgLYdj2itJ79duOm/j53TVYsv1lvp6B1Gmrn8zu0Jmb07
QrKVZdxgllibeeoAGIZ2Ih4D/mvVf5Jpk0A2HWwpyGKBSMGoAa3boU7trEcufzGt
eU/EjrCZIddj4dZLkpJaPwos7Ik9+AzFCqGSgF7Z6Jya9AmW/X6on037yQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFB3A9DlNPgYLpx8KxzHuPbEK9JLLMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvSGNEME9VMC1CZ3VuSHdySE1lNDlzUXIwa3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAWJRFAwQA
WJRIAwQAWJROAwQAWJRWAwQAWJRZAwQAWJReAwQAWJRrAwQAWSClAwQAWSJ4AwQA
WSxDAwQAWSxHAwQAWS3wAwQAWS31AwQAXkyLAwQAXkybAwQAXkyxAwQAXky9MA0G
CSqGSIb3DQEBCwUAA4IBAQC8mtvpieHkI0PImWO2InJ4auaQombSRRzlGLqr8TZg
QFdSTT2dCirc9zuFkS9sE0H77qCdlUkp+pggzG/iZFwKRk3+KvdVwNFsy9c4UKgb
29k6EFK5fNPEmiW19HPe9ERsPX+FMnOtgU4xEuiyQOveTWPECna5oR6A6b5VcKOJ
PdWXTklttTKtPxM704/g9Vd7fNp4qRuAEhDpZMcxfh8fcPbZqksXX4TKGgmjmIWb
FgqHG4GDVmtmskU7OZyuA68ufI9qN1hEjt6jRG/4GYWJh9ukLp3dgO3rh1EEHsO5
ftxGXc9XcBbNteAxBB30iRB4e0qKBZGTpO0iDydGozbO
-----END CERTIFICATE-----
Generated at Wed May 13 07:46:16 2026 by rpki-client