Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/HvPuzupiO3Z449T8DejhvcuWJI8.roa
File: HvPuzupiO3Z449T8DejhvcuWJI8.roa (raw, json)
Hash identifier: d/KHbVCd1y2BI+CW/A2kCa+tSbu/RU5vseQ+Nk58moM=
Subject key identifier: 1E:F3:EE:CE:EA:62:3B:76:78:E3:D4:FC:0D:E8:E1:BD:CB:96:24:8F
Certificate issuer: /CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Certificate serial: 019E16578D9522B941C1CD8A23C1A2ACBCF0
Authority key identifier: BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/HvPuzupiO3Z449T8DejhvcuWJI8.roa
Signing time: Mon 11 May 2026 09:21:37 +0000
ROA not before: Mon 11 May 2026 09:21:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48971
IP address blocks: 94.231.80.0/20 maxlen: 24
94.231.80.0/21 maxlen: 21
94.231.80.0/24 maxlen: 24
94.231.88.0/21 maxlen: 21
94.231.93.0/24 maxlen: 24
94.231.94.0/24 maxlen: 24
94.231.95.0/24 maxlen: 24
185.19.84.0/22 maxlen: 22
195.2.228.0/23 maxlen: 23
2a00:41c0::/29 maxlen: 29
2a00:41c0::/32 maxlen: 32
2a00:41c0:7::/48 maxlen: 48
2a00:41c0:8::/48 maxlen: 48
2a00:41c0:9::/48 maxlen: 48
2a00:41c0:10::/48 maxlen: 48
2a00:41c0:11::/48 maxlen: 48
2a00:41c0:14::/48 maxlen: 48
2a00:41c0:16::/48 maxlen: 48
2a00:41c0:19::/48 maxlen: 48
2a00:41c0:20::/48 maxlen: 48
2a00:41c0:21::/48 maxlen: 48
2a00:41c0:81::/48 maxlen: 48
2a00:41c0:a8::/47 maxlen: 47
2a00:41c0:185::/48 maxlen: 48
2a00:41c0:194::/48 maxlen: 48
2a00:41c0:a11::/48 maxlen: 48
2a00:41c0:a21::/48 maxlen: 48
2a00:41c0:a94::/48 maxlen: 48
2a00:41c0:b94::/48 maxlen: 48
2a00:41c0:e94::/48 maxlen: 48
2a00:41c0:1185::/48 maxlen: 48
2a00:41c0:a121::/48 maxlen: 48
2a00:41c0:a123::/48 maxlen: 48
2a00:41c0:a185::/48 maxlen: 48
2a00:41c0:a186::/48 maxlen: 48
2a00:41c0:d185::/48 maxlen: 48
2a00:41c0:f185::/48 maxlen: 48
2a00:41c0:f231::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:57:8d:95:22:b9:41:c1:cd:8a:23:c1:a2:ac:bc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Validity
Not Before: May 11 09:21:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ef3eeceea623b7678e3d4fc0de8e1bdcb96248f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:57:c6:3b:10:a0:40:86:70:3f:19:ef:c1:bb:
65:83:51:25:d8:d8:08:98:73:c8:af:80:51:43:6b:
25:6e:d4:d7:e1:ee:02:71:98:31:11:42:34:f1:7a:
71:0f:30:ce:f0:d7:9c:ee:ec:30:1c:42:49:1f:42:
33:ba:0e:2e:5c:61:ec:c4:c9:28:cc:74:ad:d3:b6:
24:38:b3:b9:15:b8:26:d7:4b:ee:fc:8c:e4:e3:b3:
a4:9c:cb:27:9e:c0:93:8d:7f:28:da:14:0f:55:55:
53:1a:ac:3e:ea:96:2c:f0:5b:86:68:84:81:ad:e0:
8f:95:39:bd:ae:ea:6e:5f:08:15:69:36:0b:72:74:
9c:f9:12:72:cb:7d:f4:25:62:97:3f:48:ab:af:9b:
62:a4:53:e4:dc:a7:63:7d:ee:3a:6e:14:4d:4e:6e:
28:81:37:a3:b5:87:68:49:98:35:59:b6:94:0b:91:
3c:83:b1:00:88:35:b1:54:86:ab:92:c6:c1:3b:32:
99:be:5e:be:d0:49:1b:7b:7d:e0:b8:90:ed:d4:bb:
f7:11:8d:35:71:28:4e:7e:23:40:69:31:d3:86:73:
4a:a8:99:ca:19:e5:1b:30:99:32:c1:ce:fe:08:fc:
40:a8:70:d7:c7:7b:b6:71:54:c4:a6:b0:5c:4d:0f:
73:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F3:EE:CE:EA:62:3B:76:78:E3:D4:FC:0D:E8:E1:BD:CB:96:24:8F
X509v3 Authority Key Identifier:
keyid:BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/HvPuzupiO3Z449T8DejhvcuWJI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.80.0/20
185.19.84.0/22
195.2.228.0/23
IPv6:
2a00:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:64:cc:1f:35:df:6a:a0:db:83:9a:c8:40:06:47:40:46:bd:
ea:b2:24:6e:5d:94:5a:73:2b:dd:87:95:e1:0a:f5:c0:8f:0f:
6b:9d:a7:53:33:76:31:26:e5:9d:2c:d0:4b:b5:c9:44:ea:59:
09:a7:5f:44:b9:d4:68:f6:b1:e4:c4:56:10:d7:66:92:90:2e:
83:d4:b6:78:cd:8a:2f:b6:cd:06:89:f9:06:e1:44:df:f5:f2:
f9:fc:05:0e:31:3a:96:42:07:f3:db:26:2e:8e:28:a8:73:5e:
a6:17:61:a2:47:6a:0d:2d:96:d1:f6:88:16:d7:0c:4f:d9:06:
d5:fc:ed:1b:78:72:3e:2b:07:50:28:2c:a1:ae:cd:07:cf:b3:
42:e9:31:37:85:34:16:c6:1e:57:b4:48:7a:f6:b9:ff:a2:19:
49:93:89:93:07:51:66:88:11:a2:c9:be:af:1c:eb:1a:02:e8:
3c:64:63:27:c6:89:99:57:c5:d5:19:b6:8a:7e:41:a7:47:08:
8e:81:c5:73:ee:71:d1:c0:02:0c:ed:58:91:51:1f:ae:8d:97:
ad:4c:e2:aa:15:fa:25:30:7d:c3:a7:1c:61:bd:da:76:93:25:
d6:b8:ff:07:8c:3a:2c:27:0b:d5:07:50:c3:a4:96:e8:cf:4a:
45:71:15:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4WV42VIrlBwc2KI8GirLzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDYzZDk0NGJiODFmYzMxY2JhMTE0OTlkZDAwNmViNGVj
ZTk2MjQwHhcNMjYwNTExMDkyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYzZWVjZWVhNjIzYjc2NzhlM2Q0ZmMwZGU4ZTFiZGNiOTYyNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFfGOxCgQIZwPxnvwbtlg1El2NgI
mHPIr4BRQ2slbtTX4e4CcZgxEUI08XpxDzDO8Nec7uwwHEJJH0Izug4uXGHsxMko
zHSt07YkOLO5Fbgm10vu/Izk47OknMsnnsCTjX8o2hQPVVVTGqw+6pYs8FuGaISB
reCPlTm9rupuXwgVaTYLcnSc+RJyy330JWKXP0irr5tipFPk3Kdjfe46bhRNTm4o
gTejtYdoSZg1WbaUC5E8g7EAiDWxVIarksbBOzKZvl6+0Ekbe33guJDt1Lv3EY01
cShOfiNAaTHThnNKqJnKGeUbMJkywc7+CPxAqHDXx3u2cVTEprBcTQ9zlwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB7z7s7qYjt2eOPU/A3o4b3LliSPMB8GA1UdIwQY
MBaAFL0GPZRLuB/DHLoRSZ3QButOzpYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYt
ZWE3MGEyOWM3NmYwLzEvSHZQdXp1cGlPM1o0NDlUOERlamh2Y3VXSkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYtZWE3MGEyOWM3NmYw
LzEvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEXudQAwQC
uRNUAwQBwwLkMA0EAgACMAcDBQMqAEHAMA0GCSqGSIb3DQEBCwUAA4IBAQAIZMwf
Nd9qoNuDmshABkdARr3qsiRuXZRacyvdh5XhCvXAjw9rnadTM3YxJuWdLNBLtclE
6lkJp19EudRo9rHkxFYQ12aSkC6D1LZ4zYovts0GifkG4UTf9fL5/AUOMTqWQgfz
2yYujiioc16mF2GiR2oNLZbR9ogW1wxP2QbV/O0beHI+KwdQKCyhrs0Hz7NC6TE3
hTQWxh5XtEh69rn/ohlJk4mTB1FmiBGiyb6vHOsaAug8ZGMnxomZV8XVGbaKfkGn
RwiOgcVz7nHRwAIM7ViRUR+ujZetTOKqFfolMH3Dpxxhvdp2kyXWuP8HjDosJwvV
B1DDpJboz0pFcRU9
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:26 2026 by rpki-client