Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/HmlJTSh98j2b4r1IpFlj1CVeIc0.roa
File: HmlJTSh98j2b4r1IpFlj1CVeIc0.roa (raw, json)
Hash identifier: E16zHYKL/NoTKgyVCojIMSFHddr9iDrUl04ERlr6eDk=
Subject key identifier: 1E:69:49:4D:28:7D:F2:3D:9B:E2:BD:48:A4:59:63:D4:25:5E:21:CD
Certificate issuer: /CN=f69fa5f9d9c6b70382241e961a0ae096725c0f77
Certificate serial: 019DC5DA8893EF04A5C76635A1AD386E4159
Authority key identifier: F6:9F:A5:F9:D9:C6:B7:03:82:24:1E:96:1A:0A:E0:96:72:5C:0F:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9p-l-dnGtwOCJB6WGgrglnJcD3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/HmlJTSh98j2b4r1IpFlj1CVeIc0.roa
Signing time: Sat 25 Apr 2026 18:15:26 +0000
ROA not before: Sat 25 Apr 2026 18:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198911
IP address blocks: 2001:678:1244::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/9p-l-dnGtwOCJB6WGgrglnJcD3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/9p-l-dnGtwOCJB6WGgrglnJcD3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/9p-l-dnGtwOCJB6WGgrglnJcD3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c5:da:88:93:ef:04:a5:c7:66:35:a1:ad:38:6e:41:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69fa5f9d9c6b70382241e961a0ae096725c0f77
Validity
Not Before: Apr 25 18:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e69494d287df23d9be2bd48a45963d4255e21cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:a2:c3:bd:1a:a5:6b:fd:8e:77:a7:8e:b6:
f6:9f:ae:6c:d3:59:d5:2d:b5:9b:59:8d:05:39:ee:
e9:15:07:53:74:1d:59:cc:33:bd:95:41:6a:56:e7:
be:9f:6f:2f:9d:54:a5:c3:a9:80:74:95:ba:10:1d:
7d:56:0c:03:19:9c:27:8d:6a:78:ef:99:ab:13:2a:
08:59:17:6f:62:01:55:8c:cf:6a:b0:f8:93:5d:44:
4a:ec:ea:53:b4:89:9d:5d:2b:dd:9b:93:0a:fd:f2:
32:3b:a2:5d:d6:43:b0:f9:76:96:24:8c:4e:d2:d9:
6f:35:2b:0f:e6:26:d4:5b:7b:3e:ca:a7:28:52:73:
f1:00:33:a0:39:a8:ea:a5:71:cd:dc:93:cc:3c:46:
00:c0:70:56:13:0d:2b:9e:60:0c:e8:f8:a3:9d:69:
66:31:2a:f0:19:7b:b7:9b:4d:71:6a:2f:79:4b:e8:
c8:37:35:d3:54:ef:c2:ea:84:75:d3:51:b9:ae:5c:
15:e4:59:d5:f5:60:55:cc:27:b1:74:5c:19:9a:4b:
98:5f:07:e8:d7:06:5c:af:8f:f8:f8:1f:5c:68:74:
c2:6c:f0:d8:07:89:33:a0:83:01:a4:cd:32:c0:f9:
96:57:0c:ed:f7:ba:e8:5b:da:e3:0e:0f:4a:69:52:
69:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:69:49:4D:28:7D:F2:3D:9B:E2:BD:48:A4:59:63:D4:25:5E:21:CD
X509v3 Authority Key Identifier:
keyid:F6:9F:A5:F9:D9:C6:B7:03:82:24:1E:96:1A:0A:E0:96:72:5C:0F:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p-l-dnGtwOCJB6WGgrglnJcD3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/HmlJTSh98j2b4r1IpFlj1CVeIc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1fb518-c29b-49d7-b264-6a21355cc02e/1/9p-l-dnGtwOCJB6WGgrglnJcD3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1244::/48
Signature Algorithm: sha256WithRSAEncryption
17:51:1c:43:6c:86:da:85:72:1e:57:dc:2a:06:ea:0b:51:a3:
f4:a7:a8:fc:d1:17:11:85:1c:a8:fa:59:0d:ac:bc:91:d9:6e:
69:7e:ee:fa:fd:6e:5b:7f:9e:73:4c:08:dd:45:a3:6f:47:7d:
fa:e0:ca:3a:da:00:9b:dc:10:41:c5:8a:72:c0:a7:58:f5:f6:
f6:3e:f1:51:ae:84:1a:63:2c:6f:3d:af:50:7a:bd:1c:45:ac:
65:89:75:fa:b0:76:59:27:b0:f3:53:24:09:d3:f8:b4:9c:02:
6d:40:28:d7:46:01:65:e1:d6:82:7d:e3:8f:5e:c6:13:63:a3:
c9:34:b4:a2:b4:e0:ab:d7:6f:35:b7:1c:20:cf:e1:dd:1b:c4:
a0:04:81:f2:18:d5:94:81:5d:31:01:11:2b:46:3b:d2:07:d5:
80:a5:ea:b8:4f:7f:1a:3d:aa:48:72:8b:7b:ba:b9:eb:07:62:
fa:3f:13:51:f0:42:c2:8d:70:c6:b5:bb:14:0c:b7:fb:07:7f:
a9:78:b0:1d:f9:c3:61:58:15:fe:6c:72:52:c4:22:ed:e8:89:
00:aa:fd:6b:6c:07:2a:77:18:3d:df:36:1f:a2:80:bd:0a:84:
53:0f:f0:bd:57:75:78:e6:a6:a6:e0:c6:82:0e:6c:7b:09:ff:
f1:0c:4a:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ3F2oiT7wSlx2Y1oa04bkFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWZhNWY5ZDljNmI3MDM4MjI0MWU5NjFhMGFlMDk2NzI1
YzBmNzcwHhcNMjYwNDI1MTgxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY5NDk0ZDI4N2RmMjNkOWJlMmJkNDhhNDU5NjNkNDI1NWUyMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWGiw70apWv9jnenjrb2n65s01nV
LbWbWY0FOe7pFQdTdB1ZzDO9lUFqVue+n28vnVSlw6mAdJW6EB19VgwDGZwnjWp4
75mrEyoIWRdvYgFVjM9qsPiTXURK7OpTtImdXSvdm5MK/fIyO6Jd1kOw+XaWJIxO
0tlvNSsP5ibUW3s+yqcoUnPxADOgOajqpXHN3JPMPEYAwHBWEw0rnmAM6PijnWlm
MSrwGXu3m01xai95S+jINzXTVO/C6oR101G5rlwV5FnV9WBVzCexdFwZmkuYXwfo
1wZcr4/4+B9caHTCbPDYB4kzoIMBpM0ywPmWVwzt97roW9rjDg9KaVJpAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB5pSU0offI9m+K9SKRZY9QlXiHNMB8GA1UdIwQY
MBaAFPafpfnZxrcDgiQelhoK4JZyXA93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXAtbC1kbkd0d09DSkI2V0dncmdsbkpjRDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xZmI1MTgtYzI5Yi00OWQ3LWIyNjQt
NmEyMTM1NWNjMDJlLzEvSG1sSlRTaDk4ajJiNHIxSXBGbGoxQ1ZlSWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xZmI1MTgtYzI5Yi00OWQ3LWIyNjQtNmEyMTM1NWNjMDJl
LzEvOXAtbC1kbkd0d09DSkI2V0dncmdsbkpjRDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeBJE
MA0GCSqGSIb3DQEBCwUAA4IBAQAXURxDbIbahXIeV9wqBuoLUaP0p6j80RcRhRyo
+lkNrLyR2W5pfu76/W5bf55zTAjdRaNvR3364Mo62gCb3BBBxYpywKdY9fb2PvFR
roQaYyxvPa9Qer0cRaxliXX6sHZZJ7DzUyQJ0/i0nAJtQCjXRgFl4daCfeOPXsYT
Y6PJNLSitOCr1281txwgz+HdG8SgBIHyGNWUgV0xARErRjvSB9WApeq4T38aPapI
cot7urnrB2L6PxNR8ELCjXDGtbsUDLf7B3+peLAd+cNhWBX+bHJSxCLt6IkAqv1r
bAcqdxg93zYfooC9CoRTD/C9V3V45qam4MaCDmx7Cf/xDErs
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:36 2026 by rpki-client