Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HBlEoeh9YM3qO039NBIuOq8e5TY.roa
File: HBlEoeh9YM3qO039NBIuOq8e5TY.roa (raw, json)
Hash identifier: 4pXDfG4zDS2ZTLS92Y4fOudj/rIY8DUgk10t6MAb+t0=
Subject key identifier: 1C:19:44:A1:E8:7D:60:CD:EA:3B:4D:FD:34:12:2E:3A:AF:1E:E5:36
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 019DE2F745781B26D966CC54A2E0B4D09631
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HBlEoeh9YM3qO039NBIuOq8e5TY.roa
Signing time: Fri 01 May 2026 09:55:49 +0000
ROA not before: Fri 01 May 2026 09:55:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
151.216.48.0/20 maxlen: 20
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
194.104.149.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:f7:45:78:1b:26:d9:66:cc:54:a2:e0:b4:d0:96:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: May 1 09:55:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c1944a1e87d60cdea3b4dfd34122e3aaf1ee536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:8b:a2:b2:fb:0d:52:9e:2a:8d:2f:39:8b:
b0:86:92:3d:05:d1:07:73:28:cb:52:b1:11:a2:4f:
ee:b5:84:63:17:30:64:db:d4:17:34:35:16:aa:81:
93:37:62:2a:9b:f1:db:e4:c9:f8:89:8e:3b:ab:93:
8b:56:fa:2c:01:c1:c2:4f:e2:92:e4:97:ab:a6:bb:
97:9f:53:b9:39:cf:28:53:b6:6c:59:87:f9:82:9e:
8f:73:bb:73:ab:5d:73:79:3e:2d:c3:83:91:c2:7f:
e4:10:cc:b9:ba:2c:d3:a4:fd:cf:ba:5f:52:08:32:
a7:e4:24:53:38:6a:40:e7:0b:6f:fe:8e:25:80:c5:
2d:38:2e:7b:83:43:66:38:16:7c:3f:50:bb:a9:92:
63:4b:57:7c:51:3f:2f:67:89:2a:d2:1f:be:86:1a:
88:73:c8:97:ed:d4:98:70:fc:8c:72:92:21:31:78:
c2:ee:5d:93:ae:7b:d6:00:3c:bb:84:0d:32:41:93:
80:18:fb:13:a3:89:97:83:a6:22:72:11:1a:4e:41:
db:3e:23:80:5d:a9:00:54:a1:b9:0b:d9:3c:95:25:
4e:39:06:83:93:4d:1b:e4:43:95:6b:55:58:a2:28:
f3:59:a5:3a:d0:17:31:dc:8a:26:d3:cc:11:68:88:
72:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:19:44:A1:E8:7D:60:CD:EA:3B:4D:FD:34:12:2E:3A:AF:1E:E5:36
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/HBlEoeh9YM3qO039NBIuOq8e5TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
151.216.48.0/20
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
3e:3b:43:8d:42:89:20:cf:5f:e4:a5:d4:f8:0f:70:4a:0b:38:
9b:1f:cd:a4:33:7b:b2:3c:4e:9c:a6:bf:54:a2:bd:eb:d7:c9:
a1:48:2b:c3:07:af:7c:e2:fd:7e:c9:2f:38:6b:80:22:68:bf:
c0:e9:35:8a:ac:47:14:2e:14:12:6a:51:ee:f5:ba:38:e3:83:
6a:f6:ce:ef:86:94:78:f0:53:cb:a2:76:b0:1e:de:e0:ab:64:
1d:49:30:cc:19:1f:31:98:f8:22:65:e4:25:83:73:b5:41:c8:
9a:49:0b:41:3b:2b:6c:f8:c4:ec:6f:2a:4d:11:63:aa:71:bb:
f9:2c:20:21:ee:24:74:fb:31:b3:c2:7b:27:40:cc:c3:62:35:
cf:ae:69:19:cc:6e:a5:f0:d3:c0:80:b6:5d:2d:31:79:c7:b3:
ec:c0:37:ea:64:1a:2b:f9:27:f0:c0:86:8f:d0:27:a6:70:e3:
59:ca:1c:02:58:d6:91:6c:76:e6:e3:58:5d:12:08:95:64:2b:
6f:bc:ff:db:e7:09:db:ff:db:b9:55:b0:c0:7f:6e:02:5c:9f:
70:41:c5:40:23:d7:d3:51:7d:83:e3:28:a3:4e:a3:10:47:36:
79:ba:49:6e:5b:27:ab:78:ef:38:c7:2f:67:fa:6b:ed:a8:bf:
c4:8e:92:f7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ3i90V4GybZZsxUouC00JYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjYwNTAxMDk1NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE5NDRhMWU4N2Q2MGNkZWEzYjRkZmQzNDEyMmUzYWFmMWVlNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbaLorL7DVKeKo0vOYuwhpI9BdEH
cyjLUrERok/utYRjFzBk29QXNDUWqoGTN2Iqm/Hb5Mn4iY47q5OLVvosAcHCT+KS
5JerpruXn1O5Oc8oU7ZsWYf5gp6Pc7tzq11zeT4tw4ORwn/kEMy5uizTpP3Pul9S
CDKn5CRTOGpA5wtv/o4lgMUtOC57g0NmOBZ8P1C7qZJjS1d8UT8vZ4kq0h++hhqI
c8iX7dSYcPyMcpIhMXjC7l2TrnvWADy7hA0yQZOAGPsTo4mXg6YichEaTkHbPiOA
XakAVKG5C9k8lSVOOQaDk00b5EOVa1VYoijzWaU60Bcx3Iom08wRaIhyBwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBwZRKHofWDN6jtN/TQSLjqvHuU2MB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvSEJsRW9laDlZTTNxTzAzOU5CSXVPcThlNVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAJeSCAwQA
XvePAwQEl9gwAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqG
SIb3DQEBCwUAA4IBAQA+O0ONQokgz1/kpdT4D3BKCzibH82kM3uyPE6cpr9Uor3r
18mhSCvDB6984v1+yS84a4AiaL/A6TWKrEcULhQSalHu9bo444Nq9s7vhpR48FPL
onawHt7gq2QdSTDMGR8xmPgiZeQlg3O1QciaSQtBOyts+MTsbypNEWOqcbv5LCAh
7iR0+zGzwnsnQMzDYjXPrmkZzG6l8NPAgLZdLTF5x7PswDfqZBor+SfwwIaP0Cem
cONZyhwCWNaRbHbm41hdEgiVZCtvvP/b5wnb/9u5VbDAf24CXJ9wQcVAI9fTUX2D
4yijTqMQRzZ5ukluWyereO84xy9n+mvtqL/EjpL3
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:55 2026 by rpki-client