Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/h0OnQS_LDhHmHtdq9MOUPdDXqMY.roa
File: h0OnQS_LDhHmHtdq9MOUPdDXqMY.roa (raw, json)
Hash identifier: fvbR4O3MuxsJi7oWYqjm2ohLFx0/5Mha06ohU0AwT/A=
Subject key identifier: 87:43:A7:41:2F:CB:0E:11:E6:1E:D7:6A:F4:C3:94:3D:D0:D7:A8:C6
Certificate issuer: /CN=a1e5fc635a1a775574b779aea9ccd6524cc4d0f9
Certificate serial: 019D2973F64721A5EE238755069499ED0259
Authority key identifier: A1:E5:FC:63:5A:1A:77:55:74:B7:79:AE:A9:CC:D6:52:4C:C4:D0:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/h0OnQS_LDhHmHtdq9MOUPdDXqMY.roa
Signing time: Thu 26 Mar 2026 09:22:38 +0000
ROA not before: Thu 26 Mar 2026 09:22:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28785
IP address blocks: 213.222.192.0/19 maxlen: 19
213.222.192.0/21 maxlen: 21
213.222.192.0/24 maxlen: 24
213.222.200.0/21 maxlen: 21
213.222.201.0/24 maxlen: 24
213.222.204.0/24 maxlen: 24
213.222.205.0/24 maxlen: 24
213.222.206.0/24 maxlen: 24
213.222.207.0/24 maxlen: 24
213.222.208.0/21 maxlen: 21
213.222.208.0/24 maxlen: 24
213.222.209.0/24 maxlen: 24
213.222.210.0/24 maxlen: 24
213.222.211.0/24 maxlen: 24
213.222.212.0/24 maxlen: 24
213.222.213.0/24 maxlen: 24
213.222.216.0/24 maxlen: 24
213.222.217.0/24 maxlen: 24
213.222.219.0/24 maxlen: 24
2a03:7580::/32 maxlen: 32
2a03:7580::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:73:f6:47:21:a5:ee:23:87:55:06:94:99:ed:02:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e5fc635a1a775574b779aea9ccd6524cc4d0f9
Validity
Not Before: Mar 26 09:22:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8743a7412fcb0e11e61ed76af4c3943dd0d7a8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6e:90:c2:df:9a:72:cf:b0:e0:e7:a0:fe:f2:
29:ce:37:37:9c:4a:b8:9b:45:8a:8f:85:c8:e6:1b:
fb:5a:f8:79:86:6a:8e:2e:8c:af:72:fa:e5:be:3a:
77:0e:c8:0e:ae:2b:2a:34:61:8b:d0:29:7a:66:f4:
bc:d7:d0:b7:a6:58:6c:74:82:50:d7:b3:ed:5f:05:
aa:8f:66:74:d7:11:fe:4f:fe:ba:ed:e2:73:30:60:
ae:82:b0:48:c7:9e:a2:90:e8:e0:90:bf:d6:94:91:
82:21:02:ee:5d:be:6e:74:f1:c3:4e:53:db:30:d7:
12:01:1b:7d:61:18:f9:b5:57:aa:6c:1e:ee:9d:7d:
c5:65:fa:52:fa:77:cb:10:d5:c2:68:f7:76:c2:ea:
38:b6:fa:74:35:59:f0:23:d4:e1:cc:68:36:c7:29:
dc:d5:a2:c7:68:53:e4:cd:63:ee:5e:1f:89:e3:1f:
45:7f:7a:70:0b:15:e4:94:53:2f:a0:ca:44:4b:98:
c6:d9:14:01:d0:ac:cc:c8:71:7d:f3:d8:18:3e:a7:
96:ef:6c:dc:6f:2f:4a:6e:9b:be:d9:2b:e1:98:7d:
c5:9d:6e:6f:75:9c:26:30:48:e8:5c:de:ce:8b:a6:
54:e0:f6:cd:ca:3d:e0:55:af:0d:21:e7:ac:0f:15:
3c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:43:A7:41:2F:CB:0E:11:E6:1E:D7:6A:F4:C3:94:3D:D0:D7:A8:C6
X509v3 Authority Key Identifier:
keyid:A1:E5:FC:63:5A:1A:77:55:74:B7:79:AE:A9:CC:D6:52:4C:C4:D0:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/h0OnQS_LDhHmHtdq9MOUPdDXqMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.222.192.0/19
IPv6:
2a03:7580::/32
Signature Algorithm: sha256WithRSAEncryption
4b:64:67:22:f9:14:bf:25:59:36:ab:d9:bd:0b:6a:b5:a2:2a:
71:b4:5f:4c:58:3d:83:2a:4a:ce:18:da:43:a1:4f:75:95:99:
f8:2e:4c:4c:3f:ec:38:b9:35:76:12:9d:39:de:f4:79:ea:96:
a4:f1:49:53:5f:71:cc:14:84:71:55:b2:b0:3a:16:81:f2:32:
2e:0c:9b:6d:e6:10:d4:55:d4:eb:d1:b0:0f:ed:a1:08:cf:94:
5e:58:85:31:d7:4d:87:46:a0:c2:b2:cf:29:b4:aa:0f:f6:76:
7b:51:f2:49:0d:e2:4b:ff:f2:8c:d8:b5:02:b0:7e:e9:c0:47:
ed:81:db:64:70:ed:1e:f9:7b:d9:5b:62:d4:15:7f:25:7d:3c:
c2:f7:be:62:0a:f6:6d:3d:c6:68:4e:44:f3:e2:fa:50:51:82:
f9:2d:1a:18:b2:1b:3b:4f:46:b8:c5:ec:6a:20:ab:b3:b2:bf:
01:68:5d:48:dd:ad:27:6a:e3:73:8f:7d:16:43:48:12:3e:b6:
b9:52:a6:25:40:b7:7b:a4:a7:d0:21:dd:37:36:7a:3d:08:6b:
ca:11:57:4b:2f:f4:65:23:6c:4f:2d:ea:43:3f:b6:89:38:d3:
9e:bd:f7:84:3e:fb:a4:a5:01:2f:eb:eb:72:69:66:ba:87:72:
0d:8c:64:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0pc/ZHIaXuI4dVBpSZ7QJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZTVmYzYzNWExYTc3NTU3NGI3NzlhZWE5Y2NkNjUyNGNj
NGQwZjkwHhcNMjYwMzI2MDkyMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQzYTc0MTJmY2IwZTExZTYxZWQ3NmFmNGMzOTQzZGQwZDdhOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW6Qwt+acs+w4Oeg/vIpzjc3nEq4
m0WKj4XI5hv7Wvh5hmqOLoyvcvrlvjp3DsgOrisqNGGL0Cl6ZvS819C3plhsdIJQ
17PtXwWqj2Z01xH+T/667eJzMGCugrBIx56ikOjgkL/WlJGCIQLuXb5udPHDTlPb
MNcSARt9YRj5tVeqbB7unX3FZfpS+nfLENXCaPd2wuo4tvp0NVnwI9ThzGg2xync
1aLHaFPkzWPuXh+J4x9Ff3pwCxXklFMvoMpES5jG2RQB0KzMyHF989gYPqeW72zc
by9Kbpu+2SvhmH3FnW5vdZwmMEjoXN7Oi6ZU4PbNyj3gVa8NIeesDxU8pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIdDp0Evyw4R5h7XavTDlD3Q16jGMB8GA1UdIwQY
MBaAFKHl/GNaGndVdLd5rqnM1lJMxND5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2VYOFkxb2FkMVYwdDNtdXFjeldVa3pFMFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wN2QwYzctZGMxZS00MDg5LWJkNDgt
N2VlMGU2MGJiMDUzLzEvaDBPblFTX0xEaEhtSHRkcTlNT1VQZERYcU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wN2QwYzctZGMxZS00MDg5LWJkNDgtN2VlMGU2MGJiMDUz
LzEvb2VYOFkxb2FkMVYwdDNtdXFjeldVa3pFMFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1d7AMA0E
AgACMAcDBQAqA3WAMA0GCSqGSIb3DQEBCwUAA4IBAQBLZGci+RS/JVk2q9m9C2q1
oipxtF9MWD2DKkrOGNpDoU91lZn4LkxMP+w4uTV2Ep053vR56pak8UlTX3HMFIRx
VbKwOhaB8jIuDJtt5hDUVdTr0bAP7aEIz5ReWIUx102HRqDCss8ptKoP9nZ7UfJJ
DeJL//KM2LUCsH7pwEftgdtkcO0e+XvZW2LUFX8lfTzC975iCvZtPcZoTkTz4vpQ
UYL5LRoYshs7T0a4xexqIKuzsr8BaF1I3a0nauNzj30WQ0gSPra5UqYlQLd7pKfQ
Id03Nno9CGvKEVdLL/RlI2xPLepDP7aJONOevfeEPvukpQEv6+tyaWa6h3INjGQ1
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:06:58 2026 by rpki-client