Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hjneWPeo7_dZ1c34mmuS-Okbp4U.roa
File: hjneWPeo7_dZ1c34mmuS-Okbp4U.roa (raw, json)
Hash identifier: GFjnN3fMonOhk0lQuNUL2deo5xcmZlpvSxXrrX+0TyY=
Subject key identifier: 86:39:DE:58:F7:A8:EF:F7:59:D5:CD:F8:9A:6B:92:F8:E9:1B:A7:85
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019D09F4C74C143D5B8E51C77F4DDC064881
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hjneWPeo7_dZ1c34mmuS-Okbp4U.roa
Signing time: Fri 20 Mar 2026 06:35:29 +0000
ROA not before: Fri 20 Mar 2026 06:35:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.2.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.114.74.0/24 maxlen: 24
93.114.75.0/24 maxlen: 24
93.114.76.0/24 maxlen: 24
93.114.77.0/24 maxlen: 24
93.114.78.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:f4:c7:4c:14:3d:5b:8e:51:c7:7f:4d:dc:06:48:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 20 06:35:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8639de58f7a8eff759d5cdf89a6b92f8e91ba785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:99:44:16:6d:a7:47:36:8d:68:98:66:8f:81:
45:78:cb:92:31:77:69:62:f8:c6:af:57:23:46:7d:
00:e0:63:54:b8:0e:3a:64:1b:65:71:52:a3:2a:08:
11:41:42:2c:e6:91:b0:c0:03:f8:5a:ec:34:21:46:
dd:63:4c:65:f4:9a:3a:51:b0:23:0f:12:3b:1b:84:
0b:90:1f:cf:22:8e:f4:9a:e8:5b:97:3c:2e:ca:6b:
18:9f:e6:45:87:fc:9f:2a:cf:d1:74:75:c9:8e:8c:
1b:2b:39:c4:18:8e:cd:49:a4:fe:92:1a:85:b9:1d:
35:1d:d6:4a:21:8d:c9:54:ca:8b:bf:67:69:46:e4:
a6:dc:0b:f3:67:da:6e:ae:31:e4:9a:3f:e8:9c:d3:
6e:e4:39:2a:69:cf:3b:2b:91:a9:e4:22:88:4d:f6:
46:d7:87:f3:a2:27:cc:d1:e1:77:af:18:9e:89:8f:
f2:cc:ff:ba:de:3c:1b:88:0a:61:eb:f3:e2:ae:ee:
d6:ca:10:c5:42:28:c1:46:8f:97:3e:e4:84:a4:f9:
72:5f:52:c0:b7:df:22:d4:45:4b:8e:53:04:da:24:
e8:a7:9b:9c:1a:67:06:61:49:f6:cc:30:4e:2f:b8:
90:42:f4:e6:85:76:69:3c:3c:4c:30:5d:cd:91:5c:
ca:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:39:DE:58:F7:A8:EF:F7:59:D5:CD:F8:9A:6B:92:F8:E9:1B:A7:85
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hjneWPeo7_dZ1c34mmuS-Okbp4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.228.0/24
89.34.231.0/24
89.37.119.0/24
89.38.228.0/23
89.40.82.0/24
89.42.80.0-89.42.82.255
89.42.86.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.46.2.0/23
89.47.99.0/24
89.47.115.0/24
89.47.117.0-89.47.119.255
89.47.125.0-89.47.126.255
93.113.181.0/24
93.114.74.0-93.114.79.255
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
53:85:db:e9:d5:27:21:8f:30:37:a4:82:2a:6d:55:92:e2:0f:
6e:67:ca:28:00:51:c5:0c:ea:95:27:a6:3a:ac:82:2b:8a:00:
94:d4:ee:15:39:1e:b1:f4:bf:7d:0d:01:dc:69:2c:d9:cf:d3:
c7:5d:34:11:e6:88:3f:7c:76:da:b8:cd:da:0f:0f:a2:13:f6:
17:95:11:e6:f5:2f:48:c3:38:09:4c:ee:87:79:ce:0d:09:d9:
3a:e1:6f:8c:3c:9d:a6:18:42:87:c8:5b:a6:6b:75:df:25:71:
f5:ee:f2:12:de:d1:6b:72:01:00:af:a8:30:57:0f:aa:8d:e1:
c2:ab:70:07:c2:59:55:35:65:e0:88:a2:9e:c6:e7:e4:f3:19:
d9:b0:12:30:c5:5a:a4:24:ff:c2:30:ea:04:4a:38:2c:db:0c:
db:ea:fe:a8:e8:75:63:a6:d4:78:ad:18:ae:8a:68:dd:57:83:
0b:e3:74:d0:c9:6c:d0:bb:b8:fc:68:66:fa:94:33:1f:6d:84:
f6:f3:7e:c7:d7:43:ab:b2:48:1b:a7:7d:8e:4f:35:87:88:be:
59:74:d4:e0:44:08:ec:ec:f0:03:cc:1a:33:98:a4:13:ed:5d:
86:f3:37:46:a8:33:9b:8b:f4:e0:11:7b:ed:32:64:65:c9:d1:
1a:63:90:2e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ0J9MdMFD1bjlHHf03cBkiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMzIwMDYzNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjM5ZGU1OGY3YThlZmY3NTlkNWNkZjg5YTZiOTJmOGU5MWJhNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZlEFm2nRzaNaJhmj4FFeMuSMXdp
YvjGr1cjRn0A4GNUuA46ZBtlcVKjKggRQUIs5pGwwAP4Wuw0IUbdY0xl9Jo6UbAj
DxI7G4QLkB/PIo70muhblzwuymsYn+ZFh/yfKs/RdHXJjowbKznEGI7NSaT+khqF
uR01HdZKIY3JVMqLv2dpRuSm3AvzZ9purjHkmj/onNNu5Dkqac87K5Gp5CKITfZG
14fzoifM0eF3rxieiY/yzP+63jwbiAph6/Piru7WyhDFQijBRo+XPuSEpPlyX1LA
t98i1EVLjlME2iTop5ucGmcGYUn2zDBOL7iQQvTmhXZpPDxMMF3NkVzKYQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFIY53lj3qO/3WdXN+JprkvjpG6eFMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaGpuZVdQZW83X2RaMWMzNG1tdVMtT2ticDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBABZ
IuQDBABZIucDBABZJXcDBAFZJuQDBABZKFIwDAMEBFkqUAMEAFkqUgMEAFkqVgME
AFkqXwMEAFkrjAMEAFkrjwMEAVkuAgMEAFkvYwMEAFkvczAMAwQAWS91AwQDWS9w
MAwDBABZL30DBABZL34DBABdcbUwDAMEAV1ySgMEBF1yQAMEALllaTANBgkqhkiG
9w0BAQsFAAOCAQEAU4Xb6dUnIY8wN6SCKm1VkuIPbmfKKABRxQzqlSemOqyCK4oA
lNTuFTkesfS/fQ0B3Gks2c/Tx100EeaIP3x22rjN2g8PohP2F5UR5vUvSMM4CUzu
h3nODQnZOuFvjDydphhCh8hbpmt13yVx9e7yEt7Ra3IBAK+oMFcPqo3hwqtwB8JZ
VTVl4Iiinsbn5PMZ2bASMMVapCT/wjDqBEo4LNsM2+r+qOh1Y6bUeK0Yropo3VeD
C+N00Mls0Lu4/Ghm+pQzH22E9vN+x9dDq7JIG6d9jk81h4i+WXTU4EQI7OzwA8wa
M5ikE+1dhvM3Rqgzm4v04BF77TJkZcnRGmOQLg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:37:21 2026 by rpki-client