Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/H1KxXkqZfOMz2T0T89-BrBE5VBs.roa
File: H1KxXkqZfOMz2T0T89-BrBE5VBs.roa (raw, json)
Hash identifier: 5203tsZCts099zZy2toRHEDTl1Xyfa7Z86N2Mg2UGgg=
Subject key identifier: 1F:52:B1:5E:4A:99:7C:E3:33:D9:3D:13:F3:DF:81:AC:11:39:54:1B
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 019EF3F5430FB8A14FE1B5F24F63352AEF42
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/H1KxXkqZfOMz2T0T89-BrBE5VBs.roa
Signing time: Tue 23 Jun 2026 10:09:57 +0000
ROA not before: Tue 23 Jun 2026 10:09:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198969
IP address blocks: 150.40.107.0/24 maxlen: 24
150.40.108.0/24 maxlen: 24
150.40.123.0/24 maxlen: 24
150.40.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 04:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f3:f5:43:0f:b8:a1:4f:e1:b5:f2:4f:63:35:2a:ef:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: Jun 23 10:09:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f52b15e4a997ce333d93d13f3df81ac1139541b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:90:ec:2f:29:21:12:38:11:c5:f7:ff:bc:
5e:3e:41:72:e9:0d:ef:ab:8d:79:fb:aa:66:ba:47:
50:dd:19:e3:e2:14:89:4e:c0:41:00:a4:f3:ff:e6:
a9:0e:42:02:ed:bc:83:b1:ee:42:73:02:65:de:93:
be:d6:67:1a:a4:e2:e4:76:8d:fa:58:0a:89:0e:86:
fc:04:fe:c4:9b:fd:13:de:2e:f6:24:db:11:88:d3:
56:b3:ec:d2:49:37:4f:02:b2:c7:26:3e:55:cb:bb:
ad:8a:0c:b6:70:1d:da:14:ed:87:42:7e:5f:c1:f5:
b7:40:fd:a5:68:48:21:24:7d:fe:91:67:d4:08:04:
a3:a9:7c:57:09:e7:56:27:96:3c:19:2a:65:ee:63:
b0:ec:38:9c:05:66:f0:80:b6:04:12:88:f1:a2:8d:
36:d1:f1:82:06:f2:91:41:c2:a3:48:57:51:5b:30:
c0:c5:62:62:52:da:51:96:52:1b:9b:94:37:ab:15:
7a:10:ab:9e:b5:fc:5c:1d:2e:db:21:8f:dd:3f:d2:
d7:ca:54:3a:e6:16:1b:4d:71:6f:53:f9:9c:f7:9b:
90:59:fe:da:46:1d:91:6f:e8:54:d6:69:a8:79:84:
25:5d:be:d6:2b:b1:1e:31:5d:42:27:d5:b8:97:38:
12:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:52:B1:5E:4A:99:7C:E3:33:D9:3D:13:F3:DF:81:AC:11:39:54:1B
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/H1KxXkqZfOMz2T0T89-BrBE5VBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.40.107.0-150.40.108.255
150.40.123.0/24
150.40.125.0/24
Signature Algorithm: sha256WithRSAEncryption
38:75:08:4a:b9:01:83:ce:8d:dd:54:6f:3a:5a:7d:ee:e5:c3:
0c:cc:64:cd:89:f6:7e:d4:ac:81:70:8e:b3:64:e9:c0:d8:79:
bb:f4:e3:73:f8:a7:5c:44:f8:bd:ad:f6:b3:a0:d3:49:7e:07:
d9:96:aa:aa:a1:35:8b:8c:08:6c:95:c5:b4:ba:8b:1e:2d:fa:
08:f3:1f:7c:14:57:d8:ca:2d:fa:04:16:52:80:9f:3e:87:b7:
6c:03:d6:49:db:5e:a7:c3:99:4d:ce:ad:f3:f8:5c:ca:f4:dc:
7a:48:dd:e1:d5:3d:4c:ef:2a:07:72:70:3f:c0:9e:41:38:29:
0d:1e:47:53:1b:36:b8:2b:1f:05:ba:e4:8f:4b:b0:01:d7:4f:
ec:56:ef:69:86:1a:91:30:62:90:44:ff:7c:2f:4c:8c:65:b7:
99:1e:1c:bd:93:ad:e8:ff:ae:59:09:bd:ed:ed:31:e4:5d:fa:
c8:4b:4c:6f:2a:48:9d:5e:05:6f:a4:ae:b3:b2:a3:7f:60:40:
05:79:bd:40:ef:5f:6e:1e:1a:91:da:ab:34:16:f4:7c:fd:59:
bb:08:7e:4f:37:fe:85:3e:27:05:b4:4b:9c:f5:44:1c:b1:a0:
9f:45:46:a6:93:b9:99:7d:fe:ed:12:90:22:9f:40:6b:5e:cc:
fd:9c:d0:ea
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ7z9UMPuKFP4bXyT2M1Ku9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjYwNjIzMTAwOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUyYjE1ZTRhOTk3Y2UzMzNkOTNkMTNmM2RmODFhYzExMzk1NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM6Q7C8pIRI4EcX3/7xePkFy6Q3v
q415+6pmukdQ3Rnj4hSJTsBBAKTz/+apDkIC7byDse5CcwJl3pO+1mcapOLkdo36
WAqJDob8BP7Em/0T3i72JNsRiNNWs+zSSTdPArLHJj5Vy7utigy2cB3aFO2HQn5f
wfW3QP2laEghJH3+kWfUCASjqXxXCedWJ5Y8GSpl7mOw7DicBWbwgLYEEojxoo02
0fGCBvKRQcKjSFdRWzDAxWJiUtpRllIbm5Q3qxV6EKuetfxcHS7bIY/dP9LXylQ6
5hYbTXFvU/mc95uQWf7aRh2Rb+hU1mmoeYQlXb7WK7EeMV1CJ9W4lzgSbwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB9SsV5KmXzjM9k9E/PfgawROVQbMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvSDFLeFhrcVpmT016MlQwVDg5LUJyQkU1VkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACWKGsD
BACWKGwDBACWKHsDBACWKH0wDQYJKoZIhvcNAQELBQADggEBADh1CEq5AYPOjd1U
bzpafe7lwwzMZM2J9n7UrIFwjrNk6cDYebv043P4p1xE+L2t9rOg00l+B9mWqqqh
NYuMCGyVxbS6ix4t+gjzH3wUV9jKLfoEFlKAnz6Ht2wD1knbXqfDmU3OrfP4XMr0
3HpI3eHVPUzvKgdycD/AnkE4KQ0eR1MbNrgrHwW65I9LsAHXT+xW72mGGpEwYpBE
/3wvTIxlt5keHL2Trej/rlkJve3tMeRd+shLTG8qSJ1eBW+krrOyo39gQAV5vUDv
X24eGpHaqzQW9Hz9WbsIfk83/oU+JwW0S5z1RByxoJ9FRqaTuZl9/u0SkCKfQGte
zP2c0Oo=
-----END CERTIFICATE-----
Generated at Tue Jun 30 13:06:12 2026 by rpki-client