Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/HJPaq1ftIce0cbhMLY5uOEC-VWo.roa
File: HJPaq1ftIce0cbhMLY5uOEC-VWo.roa (raw, json)
Hash identifier: fBTxWIRtt9pgmNZdV8y8oKacQV2jXNDSMOz+g4gJZQ4=
Subject key identifier: 1C:93:DA:AB:57:ED:21:C7:B4:71:B8:4C:2D:8E:6E:38:40:BE:55:6A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019CD8C8E892126EABFB7AE72AAD48E3AB45
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/HJPaq1ftIce0cbhMLY5uOEC-VWo.roa
Signing time: Tue 10 Mar 2026 17:26:11 +0000
ROA not before: Tue 10 Mar 2026 17:26:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19793
IP address blocks: 185.236.8.0/24 maxlen: 24
185.255.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:c8:e8:92:12:6e:ab:fb:7a:e7:2a:ad:48:e3:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Mar 10 17:26:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c93daab57ed21c7b471b84c2d8e6e3840be556a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:55:da:86:37:f5:90:10:62:e1:0e:69:9a:58:
e8:9e:e6:85:07:46:c4:b1:1d:07:28:07:4b:10:c7:
8e:d9:e1:19:4c:b8:d5:af:0e:07:5c:fa:64:a3:e7:
14:8f:64:7c:4f:d8:10:6c:a4:84:a5:47:11:6d:0a:
ec:8a:19:2d:66:43:36:59:27:fa:07:30:12:f1:07:
24:ab:6f:c5:8d:8f:63:ff:06:eb:97:cc:80:07:5b:
a2:30:c4:d7:e7:31:2d:d3:49:35:fa:8d:07:63:45:
2c:71:30:cf:68:4a:94:39:65:ac:6a:f9:73:40:d6:
49:ee:f4:f4:85:d3:78:ee:0b:3e:0c:04:cb:d9:53:
fe:8d:60:d1:3b:6a:85:4e:e1:1f:89:5a:aa:f2:b3:
63:f7:d0:b1:e1:31:04:d7:78:de:18:67:e0:1b:77:
10:10:23:16:9b:ee:d1:84:ce:75:87:c7:ed:6f:fe:
00:bb:51:40:0a:2a:c2:d4:44:1f:6c:5a:49:28:88:
57:f7:19:54:3c:48:0a:fb:78:7a:98:13:dd:54:35:
7a:0c:e9:c1:40:e6:18:9b:cc:21:c1:95:a6:42:32:
a5:60:e2:b7:8d:9c:b1:b6:96:2b:39:ea:90:6f:7a:
ff:70:0a:b8:16:c6:e3:f9:77:b1:16:a7:16:c8:ad:
7a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:93:DA:AB:57:ED:21:C7:B4:71:B8:4C:2D:8E:6E:38:40:BE:55:6A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/HJPaq1ftIce0cbhMLY5uOEC-VWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.8.0/24
185.255.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:03:f0:ff:d2:bb:0b:d0:a4:1c:e5:3e:c3:20:c4:3e:74:10:
db:c2:14:3e:60:c0:51:1d:e8:95:40:8f:13:09:f6:db:62:cc:
d2:be:b4:7a:f7:47:c5:86:6f:e2:f4:36:a9:8d:a8:8d:26:ba:
dd:ac:95:79:d4:75:86:e0:ef:70:b6:c6:fb:a3:57:e7:fa:48:
02:32:61:d0:64:55:8b:88:b3:74:71:a2:5a:e8:07:e5:f4:32:
ff:f1:35:0e:44:85:79:65:4d:6a:0b:3e:d9:ea:0b:cc:e2:03:
d0:cf:5c:c0:40:c3:df:15:59:c5:c3:6e:9e:31:e9:ff:f3:87:
6a:dd:87:3d:bd:a2:7f:a1:ae:43:7d:0c:42:fb:3f:c6:15:08:
29:89:6c:4f:ca:17:e5:6b:8f:7d:1c:8e:4f:e6:0c:5c:0b:86:
8a:d8:fd:57:ad:71:a2:c2:8f:61:3c:8a:f5:28:04:47:b3:a0:
1f:20:56:84:47:a5:2e:4d:9d:6b:7d:db:e6:03:d2:56:01:0e:
8a:bd:91:87:d4:c7:ac:1f:b8:ed:bf:35:1e:36:d2:06:93:91:
80:9b:7f:b1:bc:80:5b:f9:d9:62:92:73:f7:93:7f:8a:8a:bb:
0d:4b:b5:f8:d5:37:82:2f:6b:5f:5a:f5:3b:f1:c7:b3:d5:e5:
5a:41:de:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzYyOiSEm6r+3rnKq1I46tFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjYwMzEwMTcyNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzkzZGFhYjU3ZWQyMWM3YjQ3MWI4NGMyZDhlNmUzODQwYmU1NTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VXahjf1kBBi4Q5pmljonuaFB0bE
sR0HKAdLEMeO2eEZTLjVrw4HXPpko+cUj2R8T9gQbKSEpUcRbQrsihktZkM2WSf6
BzAS8Qckq2/FjY9j/wbrl8yAB1uiMMTX5zEt00k1+o0HY0UscTDPaEqUOWWsavlz
QNZJ7vT0hdN47gs+DATL2VP+jWDRO2qFTuEfiVqq8rNj99Cx4TEE13jeGGfgG3cQ
ECMWm+7RhM51h8ftb/4Au1FACirC1EQfbFpJKIhX9xlUPEgK+3h6mBPdVDV6DOnB
QOYYm8whwZWmQjKlYOK3jZyxtpYrOeqQb3r/cAq4Fsbj+XexFqcWyK16QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFByT2qtX7SHHtHG4TC2ObjhAvlVqMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvSEpQYXExZnRJY2UwY2JoTUxZNXVPRUMtVldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewIAwQA
uf9yMA0GCSqGSIb3DQEBCwUAA4IBAQB9A/D/0rsL0KQc5T7DIMQ+dBDbwhQ+YMBR
HeiVQI8TCfbbYszSvrR690fFhm/i9DapjaiNJrrdrJV51HWG4O9wtsb7o1fn+kgC
MmHQZFWLiLN0caJa6Afl9DL/8TUORIV5ZU1qCz7Z6gvM4gPQz1zAQMPfFVnFw26e
Men/84dq3Yc9vaJ/oa5DfQxC+z/GFQgpiWxPyhfla499HI5P5gxcC4aK2P1XrXGi
wo9hPIr1KARHs6AfIFaER6UuTZ1rfdvmA9JWAQ6KvZGH1MesH7jtvzUeNtIGk5GA
m3+xvIBb+dliknP3k3+KirsNS7X41TeCL2tfWvU78cez1eVaQd42
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:38 2026 by rpki-client