Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/HlyeT63d_hTRQoUdqffq7QL-QuQ.roa
File: HlyeT63d_hTRQoUdqffq7QL-QuQ.roa (raw, json)
Hash identifier: x2NNm6m6wU3oFBfBTa5MizhpP5bdnw5qPXYrszPxhbc=
Subject key identifier: 1E:5C:9E:4F:AD:DD:FE:14:D1:42:85:1D:A9:F7:EA:ED:02:FE:42:E4
Certificate issuer: /CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Certificate serial: 019E1BC1A78E100391F7EBDA0FF2F6B836B1
Authority key identifier: 06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/HlyeT63d_hTRQoUdqffq7QL-QuQ.roa
Signing time: Tue 12 May 2026 10:35:36 +0000
ROA not before: Tue 12 May 2026 10:35:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198949
IP address blocks: 193.135.120.0/24 maxlen: 24
193.135.121.0/24 maxlen: 24
193.135.122.0/24 maxlen: 24
193.135.123.0/24 maxlen: 24
193.141.23.0/24 maxlen: 24
193.141.24.0/24 maxlen: 24
2a09:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:c1:a7:8e:10:03:91:f7:eb:da:0f:f2:f6:b8:36:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Validity
Not Before: May 12 10:35:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e5c9e4fadddfe14d142851da9f7eaed02fe42e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:ba:2a:b3:93:bf:47:88:0f:e8:c2:51:7b:
ff:a0:c2:8c:1c:b6:64:3f:11:40:b4:9d:cf:73:3b:
da:0f:29:4a:8b:73:d3:55:96:e7:c4:c3:49:73:88:
ce:42:f8:f9:36:05:7a:2f:4d:14:a8:2c:8b:c2:f5:
79:89:58:52:65:22:7d:c5:84:80:6a:62:ba:25:6c:
14:af:d1:f8:b3:08:20:71:c8:cd:65:41:e0:12:b7:
72:89:c7:e1:65:36:40:71:94:31:2d:df:b9:d9:65:
f5:99:e4:55:88:c5:9b:7f:c5:21:6a:0b:01:e7:62:
ac:39:03:1a:a6:64:00:d3:f3:c3:fd:a7:e4:2d:d3:
84:70:49:f5:01:b3:8c:2e:5a:b6:53:3e:24:f8:9b:
ae:76:a6:58:9f:08:cb:b6:1a:d8:db:26:8e:6b:ab:
7a:11:36:d5:cc:b6:28:12:b1:7b:ae:0b:33:a9:e9:
3b:cb:8a:17:06:63:14:b7:e8:3e:a3:73:40:2b:01:
08:77:82:76:75:db:d0:61:68:52:e0:03:67:f6:59:
96:3d:f1:dc:05:88:63:04:ce:d8:35:bc:af:52:51:
1c:e7:52:55:b3:92:0d:20:9a:f3:39:f7:02:df:28:
c6:98:e3:5f:f4:77:53:a0:39:d0:ca:f3:e3:ce:83:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5C:9E:4F:AD:DD:FE:14:D1:42:85:1D:A9:F7:EA:ED:02:FE:42:E4
X509v3 Authority Key Identifier:
keyid:06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/HlyeT63d_hTRQoUdqffq7QL-QuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.120.0/22
193.141.23.0-193.141.24.255
IPv6:
2a09:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
20:f4:57:1b:fc:f3:16:43:a1:77:10:1d:38:f1:b6:af:69:29:
c9:d5:c2:b1:d3:e4:27:7a:bd:e4:d6:62:b3:63:b9:5c:51:ac:
ec:94:ba:f3:b8:8b:61:22:44:18:b8:25:a4:aa:8b:7d:43:03:
dd:f4:bf:c4:24:5f:45:c5:cf:b2:a3:8f:cc:0a:92:27:96:b8:
19:2b:08:5f:34:b4:3f:33:97:2f:11:25:95:01:47:5d:db:1a:
b4:15:0a:a7:4a:9a:e9:b7:ce:53:ce:6a:c0:de:65:22:81:23:
48:10:85:46:5b:6f:64:be:0b:cb:56:7e:b2:fc:21:47:eb:f4:
9a:7d:9d:97:b7:ac:50:47:3c:1c:c0:83:ee:ae:04:58:ad:5f:
9f:b7:02:e4:a0:a7:eb:bf:52:d9:d7:6d:70:30:24:43:d3:68:
b5:c9:35:19:69:1d:d5:d4:0e:65:7b:d0:dc:da:cb:43:4b:02:
17:cb:34:b1:38:44:31:fc:7f:2a:90:8f:8f:c9:e5:e5:de:52:
f1:3a:c2:65:2f:d3:87:52:e2:fd:6e:94:e3:d6:5a:83:b3:8d:
07:b6:e4:3b:74:76:3e:ab:81:aa:53:c5:3f:90:bb:16:25:1c:
85:c8:99:b4:19:00:ed:9f:23:e7:fe:f6:0f:b6:9c:f3:92:ea:
1f:32:c4:65
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ4bwaeOEAOR9+vaD/L2uDaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGRjZDBlZTcwMTRlZmIyZTNiNTU0ZmJiNzA2Mzg0ZWYx
MWQwNTEwHhcNMjYwNTEyMTAzNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVjOWU0ZmFkZGRmZTE0ZDE0Mjg1MWRhOWY3ZWFlZDAyZmU0MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMq6KrOTv0eID+jCUXv/oMKMHLZk
PxFAtJ3PczvaDylKi3PTVZbnxMNJc4jOQvj5NgV6L00UqCyLwvV5iVhSZSJ9xYSA
amK6JWwUr9H4swggccjNZUHgErdyicfhZTZAcZQxLd+52WX1meRViMWbf8UhagsB
52KsOQMapmQA0/PD/afkLdOEcEn1AbOMLlq2Uz4k+JuudqZYnwjLthrY2yaOa6t6
ETbVzLYoErF7rgszqek7y4oXBmMUt+g+o3NAKwEId4J2ddvQYWhS4ANn9lmWPfHc
BYhjBM7YNbyvUlEc51JVs5INIJrzOfcC3yjGmONf9HdToDnQyvPjzoOXVQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB5cnk+t3f4U0UKFHan36u0C/kLkMB8GA1UdIwQY
MBaAFAZNzQ7nAU77LjtVT7twY4TvEdBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTkt
ZmI0NzQwZmRhMjUwLzEvSGx5ZVQ2M2RfaFRSUW9VZHFmZnE3UUwtUXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTktZmI0NzQwZmRhMjUw
LzEvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCwYd4MAwD
BADBjRcDBADBjRgwDQQCAAIwBwMFAyoJ+wAwDQYJKoZIhvcNAQELBQADggEBACD0
Vxv88xZDoXcQHTjxtq9pKcnVwrHT5Cd6veTWYrNjuVxRrOyUuvO4i2EiRBi4JaSq
i31DA930v8QkX0XFz7Kjj8wKkieWuBkrCF80tD8zly8RJZUBR13bGrQVCqdKmum3
zlPOasDeZSKBI0gQhUZbb2S+C8tWfrL8IUfr9Jp9nZe3rFBHPBzAg+6uBFitX5+3
AuSgp+u/UtnXbXAwJEPTaLXJNRlpHdXUDmV70Nzay0NLAhfLNLE4RDH8fyqQj4/J
5eXeUvE6wmUv04dS4v1ulOPWWoOzjQe25Dt0dj6rgapTxT+QuxYlHIXImbQZAO2f
I+f+9g+2nPOS6h8yxGU=
-----END CERTIFICATE-----
Generated at Wed May 13 01:44:59 2026 by rpki-client