Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hkOFF-GAh5OksHWupZH5eNupm04.roa
File: hkOFF-GAh5OksHWupZH5eNupm04.roa (raw, json)
Hash identifier: Md4nmfTosrwILGqlOIRXDpyVlVIvDRS/dhMw9M5ZmJg=
Subject key identifier: 86:43:85:17:E1:80:87:93:A4:B0:75:AE:A5:91:F9:78:DB:A9:9B:4E
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019E096D94A7354ACBF9588F36E2FB151A8F
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hkOFF-GAh5OksHWupZH5eNupm04.roa
Signing time: Fri 08 May 2026 21:10:36 +0000
ROA not before: Fri 08 May 2026 21:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200590
IP address blocks: 45.141.198.0/24 maxlen: 24
45.141.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:09:6d:94:a7:35:4a:cb:f9:58:8f:36:e2:fb:15:1a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: May 8 21:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86438517e1808793a4b075aea591f978dba99b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:9c:3b:d0:87:f0:72:ec:57:5f:e7:52:80:
af:0d:43:b2:f4:c9:f8:f8:be:e4:b5:18:c4:e2:7f:
33:ab:2a:f0:4e:72:00:22:3b:15:ed:8f:e1:7e:8a:
56:b7:6a:18:d4:cd:0a:29:c8:bc:fc:cf:ac:9d:df:
b5:19:9d:4f:80:06:4a:56:07:58:ff:ea:19:78:ed:
8a:01:7b:08:af:79:81:d1:ec:40:74:54:fc:60:7b:
f0:2a:40:ec:fc:73:e6:88:0e:b9:9d:6e:15:0b:e4:
1e:12:65:d7:2b:f7:d6:1b:d7:89:c5:30:2e:e9:2f:
a6:4e:d5:0e:25:89:e6:a4:d0:57:4c:b6:c3:aa:86:
6e:1e:7d:3b:6e:c6:40:c9:7d:02:64:b8:49:19:fe:
d2:e4:9b:33:83:21:68:79:a2:34:d4:8c:aa:92:ab:
39:74:39:db:d3:10:51:1c:57:f1:b4:20:d4:79:6b:
ce:42:fb:99:0b:87:bc:b9:42:98:0c:11:50:e1:d2:
6c:2c:50:71:b4:c9:04:f9:6a:81:7e:fd:ee:47:85:
1b:30:e7:67:52:a8:5f:af:1d:88:f4:94:66:7e:8d:
a5:bb:df:6e:cd:c9:dd:ea:01:cb:f7:49:5b:31:2a:
35:cb:b7:64:d3:98:fe:23:3b:6e:f7:e5:df:76:90:
3e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:43:85:17:E1:80:87:93:A4:B0:75:AE:A5:91:F9:78:DB:A9:9B:4E
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hkOFF-GAh5OksHWupZH5eNupm04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.198.0/23
Signature Algorithm: sha256WithRSAEncryption
03:5c:7a:12:69:70:ea:d7:e2:17:56:bd:96:dc:f5:b8:41:0a:
66:43:af:8e:85:f3:49:ca:26:4d:24:55:d3:30:03:30:39:ef:
16:18:89:21:8e:a4:41:28:9a:bd:9f:51:a8:09:28:34:ef:29:
5f:fc:d4:73:33:5b:53:42:0f:85:7e:36:40:eb:eb:a9:75:34:
cc:7a:f5:9d:d9:0e:61:fd:d8:37:37:87:00:61:58:c9:09:0c:
ef:e0:5f:3e:24:5c:e7:cb:2d:ec:cb:c6:ec:e5:b2:8a:d1:3e:
e2:22:26:4b:3e:65:25:1e:68:1b:90:28:84:dd:87:e0:17:d0:
bd:0a:47:d4:b8:54:5d:ea:9c:ad:86:9c:23:c1:e4:96:d2:b0:
82:66:d0:81:25:52:a4:ee:d4:38:17:1d:56:a7:48:4b:3b:c2:
ce:92:1c:1f:ea:4c:14:4f:30:e9:ff:1a:36:58:6a:f6:b4:f4:
18:14:fe:a1:aa:a2:c3:80:dc:e9:45:e4:c1:98:ed:70:c9:55:
c3:87:02:af:5f:8d:49:f2:3c:37:a1:f3:58:dd:d2:59:52:3a:
9c:49:8e:9c:60:af:dc:93:d2:2c:ba:9d:b6:ef:56:3c:78:64:
50:b5:d6:b0:8a:56:eb:ff:cb:08:de:9c:a4:a5:ca:f2:05:73:
1c:b0:0f:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4JbZSnNUrL+ViPNuL7FRqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjYwNTA4MjExMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQzODUxN2UxODA4NzkzYTRiMDc1YWVhNTkxZjk3OGRiYTk5YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNOcO9CH8HLsV1/nUoCvDUOy9Mn4
+L7ktRjE4n8zqyrwTnIAIjsV7Y/hfopWt2oY1M0KKci8/M+snd+1GZ1PgAZKVgdY
/+oZeO2KAXsIr3mB0exAdFT8YHvwKkDs/HPmiA65nW4VC+QeEmXXK/fWG9eJxTAu
6S+mTtUOJYnmpNBXTLbDqoZuHn07bsZAyX0CZLhJGf7S5JszgyFoeaI01Iyqkqs5
dDnb0xBRHFfxtCDUeWvOQvuZC4e8uUKYDBFQ4dJsLFBxtMkE+WqBfv3uR4UbMOdn
Uqhfrx2I9JRmfo2lu99uzcnd6gHL90lbMSo1y7dk05j+Iztu9+XfdpA+6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZDhRfhgIeTpLB1rqWR+XjbqZtOMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvaGtPRkYtR0FoNU9rc0hXdXBaSDVlTnVwbTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY3GMA0G
CSqGSIb3DQEBCwUAA4IBAQADXHoSaXDq1+IXVr2W3PW4QQpmQ6+OhfNJyiZNJFXT
MAMwOe8WGIkhjqRBKJq9n1GoCSg07ylf/NRzM1tTQg+FfjZA6+updTTMevWd2Q5h
/dg3N4cAYVjJCQzv4F8+JFznyy3sy8bs5bKK0T7iIiZLPmUlHmgbkCiE3YfgF9C9
CkfUuFRd6pythpwjweSW0rCCZtCBJVKk7tQ4Fx1Wp0hLO8LOkhwf6kwUTzDp/xo2
WGr2tPQYFP6hqqLDgNzpReTBmO1wyVXDhwKvX41J8jw3ofNY3dJZUjqcSY6cYK/c
k9Isup2271Y8eGRQtdawilbr/8sI3pykpcryBXMcsA/c
-----END CERTIFICATE-----
Generated at Wed May 13 05:14:18 2026 by rpki-client