Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HL91hnfvZYuzwAGIgGE1-QGaCXQ.roa
File: HL91hnfvZYuzwAGIgGE1-QGaCXQ.roa (raw, json)
Hash identifier: jDQ6eUUyOFwRVUUYF3VHII48dzIxKsIUmrfqcjlnCis=
Subject key identifier: 1C:BF:75:86:77:EF:65:8B:B3:C0:01:88:80:61:35:F9:01:9A:09:74
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D728B5C4B2C9919EE3DD4A315627100C7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HL91hnfvZYuzwAGIgGE1-QGaCXQ.roa
Signing time: Thu 09 Apr 2026 14:00:28 +0000
ROA not before: Thu 09 Apr 2026 14:00:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
92.119.199.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 16:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:8b:5c:4b:2c:99:19:ee:3d:d4:a3:15:62:71:00:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 9 14:00:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cbf758677ef658bb3c00188806135f9019a0974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:84:ce:76:53:67:c9:28:e2:73:2d:26:44:
79:5f:0b:dc:75:1b:9b:b2:30:83:62:4b:c6:4c:fa:
9e:da:be:68:c0:84:c7:04:cb:fb:56:1d:c6:b6:da:
43:ee:25:cf:e4:08:98:5c:cb:dc:55:93:3f:a4:8f:
23:53:c9:be:53:08:18:a2:f3:d3:d9:51:25:a1:66:
d7:a5:d8:bf:ef:79:1f:34:a6:48:8b:6a:2c:f8:7e:
ca:26:46:33:8b:85:44:bf:f2:43:79:d0:96:55:2f:
cd:45:fb:34:dd:e6:2d:17:88:f6:16:a3:77:31:e5:
cb:b4:66:49:89:b1:57:28:aa:74:ce:ff:d4:11:2e:
4c:b1:df:e2:a1:ac:74:8c:20:13:8c:a1:c0:33:05:
94:9e:65:9f:f2:f4:3c:97:b7:8b:5f:20:78:5c:bb:
e7:fe:d5:77:a9:c8:ed:d7:71:0f:92:4a:14:b8:d1:
08:b6:66:a5:5a:b4:5c:d3:5e:10:54:fe:ec:eb:9e:
c6:0c:7b:8e:50:ea:1e:f9:3e:f7:87:97:58:45:af:
36:5e:d6:0d:21:28:01:1e:65:99:51:aa:67:ff:9c:
9b:51:f3:7b:1e:1f:f3:91:e7:b8:27:bf:6e:c1:34:
d3:4c:08:fd:82:db:bc:e1:33:e3:0d:a2:9a:f7:a8:
b4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BF:75:86:77:EF:65:8B:B3:C0:01:88:80:61:35:F9:01:9A:09:74
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HL91hnfvZYuzwAGIgGE1-QGaCXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
92.119.199.0/24
92.249.50.0/24
93.123.109.0/24
94.103.127.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
76:45:a9:0c:e0:6c:08:c7:ee:7e:8f:c2:6a:55:b8:ee:6e:b3:
06:ae:7d:e4:d0:67:31:e4:75:e7:4f:ef:fe:8e:d8:23:72:f4:
94:55:85:aa:db:6d:3d:cd:35:d2:3a:e6:25:a4:04:f0:8d:3e:
34:f0:06:48:ec:53:86:41:87:1d:d6:53:01:04:9b:fc:0a:d2:
fe:cf:6d:42:6f:d9:da:b5:aa:93:ec:fa:5f:9a:96:81:2f:40:
49:f8:11:5f:b2:b8:92:6e:18:85:1b:25:65:a3:11:a5:28:f7:
89:e3:9c:13:4a:3c:e2:40:72:30:3b:d0:5f:ef:31:b6:f5:fb:
8b:35:e4:19:68:97:b9:bf:c2:c2:5f:56:7e:47:31:a2:cd:dd:
94:f4:5c:87:36:61:7e:59:90:59:0b:d0:37:52:1e:1b:2d:1c:
23:f5:79:7e:ec:12:cd:ba:24:7f:3e:a3:e7:61:f5:ff:3b:f2:
de:0c:ab:bf:cc:1a:0d:11:97:c4:4a:c5:a7:1f:22:fe:e3:73:
d3:f7:54:c4:b3:af:6c:50:19:d0:94:34:35:96:92:ac:f9:9c:
4b:6e:db:a0:8c:1e:bd:dd:44:64:e4:c1:e9:eb:a3:7e:58:e3:
a8:3e:4e:6e:f5:c3:cb:e4:89:c6:c9:63:dd:97:fc:e4:85:32:
76:8a:44:f5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ1yi1xLLJkZ7j3UoxVicQDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA5MTQwMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JmNzU4Njc3ZWY2NThiYjNjMDAxODg4MDYxMzVmOTAxOWEwOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5WEznZTZ8ko4nMtJkR5XwvcdRub
sjCDYkvGTPqe2r5owITHBMv7Vh3GttpD7iXP5AiYXMvcVZM/pI8jU8m+UwgYovPT
2VEloWbXpdi/73kfNKZIi2os+H7KJkYzi4VEv/JDedCWVS/NRfs03eYtF4j2FqN3
MeXLtGZJibFXKKp0zv/UES5Msd/ioax0jCATjKHAMwWUnmWf8vQ8l7eLXyB4XLvn
/tV3qcjt13EPkkoUuNEItmalWrRc014QVP7s657GDHuOUOoe+T73h5dYRa82XtYN
ISgBHmWZUapn/5ybUfN7Hh/zkee4J79uwTTTTAj9gtu84TPjDaKa96i0KQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBy/dYZ372WLs8ABiIBhNfkBmgl0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSEw5MWhuZnZaWXV6d0FHSWdHRTEtUUdhQ1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt
QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBABTj3EDBABUNjMDBABVHy8DBAFV
2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBABcd8cDBABc+TIDBABde20DBABe
Z38DBACTTmUDBAK52lQDBAC53qADBADBGdgDBADCN7oDBADCqa8wDQYJKoZIhvcN
AQELBQADggEBAHZFqQzgbAjH7n6PwmpVuO5uswaufeTQZzHkdedP7/6O2CNy9JRV
harbbT3NNdI65iWkBPCNPjTwBkjsU4ZBhx3WUwEEm/wK0v7PbUJv2dq1qpPs+l+a
loEvQEn4EV+yuJJuGIUbJWWjEaUo94njnBNKPOJAcjA70F/vMbb1+4s15Blol7m/
wsJfVn5HMaLN3ZT0XIc2YX5ZkFkL0DdSHhstHCP1eX7sEs26JH8+o+dh9f878t4M
q7/MGg0Rl8RKxacfIv7jc9P3VMSzr2xQGdCUNDWWkqz5nEtu26CMHr3dRGTkwenr
o35Y46g+Tm71w8vkicbJY92X/OSFMnaKRPU=
-----END CERTIFICATE-----
Generated at Fri Apr 10 01:48:26 2026 by rpki-client