Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/HNYjnMa8XonNqZQ0AY5BlHwMzX8.roa
File: HNYjnMa8XonNqZQ0AY5BlHwMzX8.roa (raw, json)
Hash identifier: 93bbzx6/nbiayVdplAT1nOdB7pkJO7+NMwUpbbLpb2Y=
Subject key identifier: 1C:D6:23:9C:C6:BC:5E:89:CD:A9:94:34:01:8E:41:94:7C:0C:CD:7F
Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264
Certificate serial: 019CB449D03C8F3704BAEDB3A541CD3B345D
Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/HNYjnMa8XonNqZQ0AY5BlHwMzX8.roa
Signing time: Tue 03 Mar 2026 15:21:02 +0000
ROA not before: Tue 03 Mar 2026 15:21:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199995
IP address blocks: 80.91.214.0/24 maxlen: 24
109.71.77.0/24 maxlen: 24
146.19.226.0/24 maxlen: 24
185.76.68.0/22 maxlen: 22
185.109.52.0/24 maxlen: 24
185.109.53.0/24 maxlen: 24
185.109.54.0/23 maxlen: 23
185.151.84.0/24 maxlen: 24
185.151.85.0/24 maxlen: 24
185.151.86.0/24 maxlen: 24
185.151.87.0/24 maxlen: 24
188.93.115.0/24 maxlen: 24
193.37.251.0/24 maxlen: 24
2a05:5740::/29 maxlen: 29
2a06:4ec4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b4:49:d0:3c:8f:37:04:ba:ed:b3:a5:41:cd:3b:34:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264
Validity
Not Before: Mar 3 15:21:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cd6239cc6bc5e89cda99434018e41947c0ccd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:aa:e6:ad:b2:ca:01:e2:c0:12:27:93:39:
47:a4:d5:76:39:e0:ae:93:be:b5:a9:8e:12:7a:37:
09:c4:23:4a:dd:e0:77:dd:23:ad:ed:e1:59:10:78:
08:b4:82:b9:ea:e9:27:1c:20:d1:a5:49:81:2b:d0:
4e:95:d8:e4:93:3e:d8:97:e5:b6:95:fa:20:e6:4a:
94:d7:e9:78:9c:98:6b:53:ab:af:ca:e0:b1:36:f1:
97:1d:76:ae:fe:57:44:83:3f:e1:2e:16:b4:f2:00:
d1:97:85:4d:31:1a:8a:04:95:80:35:79:7d:3a:45:
72:88:e3:30:e7:b5:fb:53:9b:4e:96:7c:98:47:bf:
56:28:55:ba:e2:4f:2e:56:6c:cc:64:5f:32:4f:41:
4f:84:d5:27:02:32:61:03:2c:2b:5c:1c:79:62:1b:
42:4d:31:7e:21:7a:cc:29:eb:41:a0:ca:fb:0c:cb:
b5:6c:5b:5b:46:64:74:28:5d:f0:47:04:13:1d:c4:
fb:d7:f2:26:59:47:5e:0d:ae:65:c8:c1:b5:95:cf:
d3:80:05:e0:13:de:ec:63:40:63:80:2b:3b:3b:49:
d1:36:fd:af:cf:07:37:07:65:66:77:86:4d:9b:12:
2f:56:3f:ac:e1:64:cd:20:22:98:50:3a:5e:76:1a:
ad:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D6:23:9C:C6:BC:5E:89:CD:A9:94:34:01:8E:41:94:7C:0C:CD:7F
X509v3 Authority Key Identifier:
keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/HNYjnMa8XonNqZQ0AY5BlHwMzX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.214.0/24
109.71.77.0/24
146.19.226.0/24
185.76.68.0/22
185.109.52.0/22
185.151.84.0/22
188.93.115.0/24
193.37.251.0/24
IPv6:
2a05:5740::/29
2a06:4ec4::/30
Signature Algorithm: sha256WithRSAEncryption
a4:23:93:9a:b4:82:f3:13:bc:c9:68:aa:d6:7a:ab:50:6c:8e:
49:25:df:38:77:ac:a5:45:38:85:3b:41:9b:b6:0d:9f:3c:b8:
64:fa:a6:8e:5d:9a:85:9c:bd:0b:53:c0:cf:c6:04:ff:9c:ce:
bd:55:6b:36:ed:ae:43:ae:0a:32:31:1a:88:93:a9:74:8a:8d:
f1:ab:9c:29:63:74:80:4c:f1:6e:55:4d:ba:93:78:7b:d6:bc:
51:e6:8f:7c:d9:11:df:f7:74:b1:ba:47:55:2c:3b:9d:b2:80:
a9:f4:fe:56:32:1d:1c:a5:dc:6d:d1:a3:45:e8:7f:87:52:56:
10:c9:e7:b9:9f:39:c0:db:d1:5b:ae:7a:8e:31:5d:02:2f:f5:
83:46:1b:04:96:34:78:ca:bd:f0:51:a2:46:11:4e:ae:d6:dd:
28:12:b7:21:57:e4:49:8a:f0:84:5b:9e:96:7d:65:a3:9d:97:
54:d2:44:6e:a4:77:fe:cc:e5:3c:c3:25:a6:01:02:ac:d8:04:
b0:16:2d:7f:0b:8c:bf:3f:d7:11:02:0d:3b:a5:01:52:e1:3e:
35:93:35:00:ca:a3:9a:5e:34:3d:5b:e8:22:4d:fb:05:6d:7d:
5b:25:22:78:57:51:4e:77:7c:30:98:57:e8:5e:ad:78:c5:3f:
28:37:19:60
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZy0SdA8jzcEuu2zpUHNOzRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzYxODBhYjQ1NDJkNmVlZTY2ZDlmOTkwMzBkZjcxMjM2
Y2UyNjQwHhcNMjYwMzAzMTUyMTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q2MjM5Y2M2YmM1ZTg5Y2RhOTk0MzQwMThlNDE5NDdjMGNjZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQmq5q2yygHiwBInkzlHpNV2OeCu
k761qY4SejcJxCNK3eB33SOt7eFZEHgItIK56uknHCDRpUmBK9BOldjkkz7Yl+W2
lfog5kqU1+l4nJhrU6uvyuCxNvGXHXau/ldEgz/hLha08gDRl4VNMRqKBJWANXl9
OkVyiOMw57X7U5tOlnyYR79WKFW64k8uVmzMZF8yT0FPhNUnAjJhAywrXBx5YhtC
TTF+IXrMKetBoMr7DMu1bFtbRmR0KF3wRwQTHcT71/ImWUdeDa5lyMG1lc/TgAXg
E97sY0BjgCs7O0nRNv2vzwc3B2Vmd4ZNmxIvVj+s4WTNICKYUDpedhqtZwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFBzWI5zGvF6JzamUNAGOQZR8DM1/MB8GA1UdIwQY
MBaAFMs2GAq0VC1u7mbZ+ZAw33EjbOJkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWIt
NjY3ZGIxZGMxYjg2LzEvSE5Zam5NYThYb25OcVpRMEFZNUJsSHdNelg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWItNjY3ZGIxZGMxYjg2
LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAUFvWAwQA
bUdNAwQAkhPiAwQCuUxEAwQCuW00AwQCuZdUAwQAvF1zAwQAwSX7MBQEAgACMA4D
BQMqBVdAAwUCKgZOxDANBgkqhkiG9w0BAQsFAAOCAQEApCOTmrSC8xO8yWiq1nqr
UGyOSSXfOHespUU4hTtBm7YNnzy4ZPqmjl2ahZy9C1PAz8YE/5zOvVVrNu2uQ64K
MjEaiJOpdIqN8aucKWN0gEzxblVNupN4e9a8UeaPfNkR3/d0sbpHVSw7nbKAqfT+
VjIdHKXcbdGjReh/h1JWEMnnuZ85wNvRW656jjFdAi/1g0YbBJY0eMq98FGiRhFO
rtbdKBK3IVfkSYrwhFueln1lo52XVNJEbqR3/szlPMMlpgECrNgEsBYtfwuMvz/X
EQINO6UBUuE+NZM1AMqjml40PVvoIk37BW19WyUieFdRTnd8MJhX6F6teMU/KDcZ
YA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:47:20 2026 by rpki-client