Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/hrDir8hInSlFPN-Q1uO1aajy_9g.roa
File: hrDir8hInSlFPN-Q1uO1aajy_9g.roa (raw, json)
Hash identifier: LO9s/4upanODPdu0Y/QyxRsG/lztm/48QBv0SUqV5f8=
Subject key identifier: 86:B0:E2:AF:C8:48:9D:29:45:3C:DF:90:D6:E3:B5:69:A8:F2:FF:D8
Certificate issuer: /CN=d6d4ab4fb4c57640564881dc77b3a661fc4cc435
Certificate serial: 019B7E3911CD0A0E5ADFAC3B0AC32CE2229D
Authority key identifier: D6:D4:AB:4F:B4:C5:76:40:56:48:81:DC:77:B3:A6:61:FC:4C:C4:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tSrT7TFdkBWSIHcd7OmYfxMxDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/hrDir8hInSlFPN-Q1uO1aajy_9g.roa
Signing time: Fri 02 Jan 2026 10:20:27 +0000
ROA not before: Fri 02 Jan 2026 10:20:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203043
IP address blocks: 93.180.240.0/24 maxlen: 24
93.180.241.0/24 maxlen: 24
93.180.242.0/24 maxlen: 24
93.180.243.0/24 maxlen: 24
93.180.247.0/24 maxlen: 24
185.146.248.0/24 maxlen: 24
185.146.249.0/24 maxlen: 24
185.146.250.0/24 maxlen: 24
185.146.251.0/24 maxlen: 24
2a05:6c0::/36 maxlen: 36
2a05:6c0:1000::/36 maxlen: 36
2a05:6c0:2000::/36 maxlen: 36
2a05:6c0:4000::/36 maxlen: 36
2a05:6c0:5000::/36 maxlen: 36
2a05:6c0:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/1tSrT7TFdkBWSIHcd7OmYfxMxDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/1tSrT7TFdkBWSIHcd7OmYfxMxDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1tSrT7TFdkBWSIHcd7OmYfxMxDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:39:11:cd:0a:0e:5a:df:ac:3b:0a:c3:2c:e2:22:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6d4ab4fb4c57640564881dc77b3a661fc4cc435
Validity
Not Before: Jan 2 10:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86b0e2afc8489d29453cdf90d6e3b569a8f2ffd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:21:e3:cb:2e:5a:6a:35:56:4f:d5:7e:30:c6:
2d:0b:31:73:67:dc:2e:19:c0:8e:df:cc:09:3a:bf:
6c:dd:1d:25:73:35:3b:8e:9f:57:12:66:d6:7b:29:
01:4d:26:48:4e:00:dd:3f:40:a1:fb:00:ce:20:29:
68:30:1c:48:86:af:ba:9b:8a:e5:16:b2:6e:ed:0f:
f9:0b:97:a4:48:bf:e6:21:16:d0:21:ea:c4:1c:1f:
78:9c:a3:da:f3:50:72:e5:45:ba:f4:5a:9d:86:be:
81:be:9d:18:8a:81:3d:80:ca:57:3f:06:4c:20:bf:
8b:10:3a:0b:ad:17:bb:2e:03:1c:99:e9:75:20:d4:
63:ff:52:22:d1:16:90:a5:25:f9:7d:fe:d1:80:c0:
1a:97:41:54:8d:24:56:95:6d:bb:2c:e8:3a:90:35:
fa:ca:12:6f:3b:38:2d:0a:21:5a:9b:03:78:7e:71:
a3:e1:1a:e1:0f:2d:6a:f4:7d:65:f6:b2:7c:3b:3b:
a1:52:98:66:b8:f6:7e:c5:90:32:c5:7f:79:d1:9a:
5b:ce:6e:16:da:48:f5:24:5f:fb:d7:4c:d7:8a:27:
fd:b5:65:81:c0:f7:81:15:74:5f:0a:04:e9:c5:94:
e5:77:a2:92:e0:78:54:32:be:2c:d3:be:86:9a:24:
4e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B0:E2:AF:C8:48:9D:29:45:3C:DF:90:D6:E3:B5:69:A8:F2:FF:D8
X509v3 Authority Key Identifier:
keyid:D6:D4:AB:4F:B4:C5:76:40:56:48:81:DC:77:B3:A6:61:FC:4C:C4:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tSrT7TFdkBWSIHcd7OmYfxMxDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/hrDir8hInSlFPN-Q1uO1aajy_9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/68e53f-70a8-43ae-830e-f9d6f4a33309/1/1tSrT7TFdkBWSIHcd7OmYfxMxDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.240.0/22
93.180.247.0/24
185.146.248.0/22
IPv6:
2a05:6c0::-2a05:6c0:2fff:ffff:ffff:ffff:ffff:ffff
2a05:6c0:4000::-2a05:6c0:6fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:16:77:86:74:70:dd:a3:67:c2:73:3b:d5:30:8b:d1:45:52:
9d:45:e2:1c:6f:52:9a:78:43:d5:ab:42:27:35:86:e4:c4:0a:
2c:da:dd:6d:0f:07:a1:64:80:a7:8e:8d:29:20:7e:8b:50:6a:
cf:95:12:39:00:e4:24:9a:af:4f:74:cb:02:84:df:e7:8f:92:
1c:05:df:24:08:60:ea:84:25:4d:d5:2c:64:38:8f:be:45:29:
6e:d2:e3:2e:50:cf:19:b2:6b:1e:66:09:01:b5:b1:51:39:2b:
74:ca:9c:f1:9c:cb:c0:a2:c3:66:d0:9f:ad:3a:fc:8f:e6:2a:
8e:4b:91:66:20:3c:62:67:ae:f1:0a:88:27:78:11:7b:33:27:
45:5f:12:2b:e8:46:62:30:19:9e:26:9a:9e:5a:1e:1e:6c:e8:
16:bc:29:ed:c6:80:33:bc:1a:a6:6c:30:39:82:17:c1:d5:03:
d8:b7:47:a5:92:ae:6b:22:d2:fb:90:69:c0:6d:1c:a8:23:5a:
c0:0d:27:ac:a7:0e:df:bd:da:2d:7b:46:16:b0:fe:61:42:69:
21:55:0c:a1:47:5a:58:3e:af:32:be:c4:dc:3c:ee:7e:cb:0b:
f5:bd:4c:f6:dc:ed:97:0a:da:94:f8:0e:ec:38:1e:55:6a:c8:
a1:cb:d3:ae
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZt+ORHNCg5a36w7CsMs4iKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZDRhYjRmYjRjNTc2NDA1NjQ4ODFkYzc3YjNhNjYxZmM0
Y2M0MzUwHhcNMjYwMTAyMTAyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIwZTJhZmM4NDg5ZDI5NDUzY2RmOTBkNmUzYjU2OWE4ZjJmZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyHjyy5aajVWT9V+MMYtCzFzZ9wu
GcCO38wJOr9s3R0lczU7jp9XEmbWeykBTSZITgDdP0Ch+wDOICloMBxIhq+6m4rl
FrJu7Q/5C5ekSL/mIRbQIerEHB94nKPa81By5UW69Fqdhr6Bvp0YioE9gMpXPwZM
IL+LEDoLrRe7LgMcmel1INRj/1Ii0RaQpSX5ff7RgMAal0FUjSRWlW27LOg6kDX6
yhJvOzgtCiFamwN4fnGj4RrhDy1q9H1l9rJ8OzuhUphmuPZ+xZAyxX950Zpbzm4W
2kj1JF/710zXiif9tWWBwPeBFXRfCgTpxZTld6KS4HhUMr4s076GmiROvQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFIaw4q/ISJ0pRTzfkNbjtWmo8v/YMB8GA1UdIwQY
MBaAFNbUq0+0xXZAVkiB3HezpmH8TMQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXRTclQ3VEZka0JXU0lIY2Q3T21ZZnhNeERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OGU1M2YtNzBhOC00M2FlLTgzMGUt
ZjlkNmY0YTMzMzA5LzEvaHJEaXI4aEluU2xGUE4tUTF1TzFhYWp5XzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OGU1M2YtNzBhOC00M2FlLTgzMGUtZjlkNmY0YTMzMzA5
LzEvMXRTclQ3VEZka0JXU0lIY2Q3T21ZZnhNeERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAYBAIAATASAwQCXbTwAwQA
XbT3AwQCuZL4MCkEAgACMCMwDwMFBioFBsADBgQqBQbAIDAQAwYGKgUGwEADBgQq
BQbAYDANBgkqhkiG9w0BAQsFAAOCAQEAChZ3hnRw3aNnwnM71TCL0UVSnUXiHG9S
mnhD1atCJzWG5MQKLNrdbQ8HoWSAp46NKSB+i1Bqz5USOQDkJJqvT3TLAoTf54+S
HAXfJAhg6oQlTdUsZDiPvkUpbtLjLlDPGbJrHmYJAbWxUTkrdMqc8ZzLwKLDZtCf
rTr8j+YqjkuRZiA8Ymeu8QqIJ3gRezMnRV8SK+hGYjAZniaanloeHmzoFrwp7caA
M7wapmwwOYIXwdUD2LdHpZKuayLS+5BpwG0cqCNawA0nrKcO373aLXtGFrD+YUJp
IVUMoUdaWD6vMr7E3DzufssL9b1M9tztlwralPgO7DgeVWrIocvTrg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:00:54 2026 by rpki-client