Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/HHjJ1Jx6EFiUg-5UQ5lbufk8Ptg.roa
File: HHjJ1Jx6EFiUg-5UQ5lbufk8Ptg.roa (raw, json)
Hash identifier: W0hfwWTjdZ4KxXq1ymHqcepaSyG/pOfrh8l71J5Jp1E=
Subject key identifier: 1C:78:C9:D4:9C:7A:10:58:94:83:EE:54:43:99:5B:B9:F9:3C:3E:D8
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019D2F7298A451EC794C4BBA2901E07F52A3
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/HHjJ1Jx6EFiUg-5UQ5lbufk8Ptg.roa
Signing time: Fri 27 Mar 2026 13:18:52 +0000
ROA not before: Fri 27 Mar 2026 13:18:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
94.131.80.0/20 maxlen: 24
94.131.176.0/20 maxlen: 24
194.116.140.0/24 maxlen: 24
2a07:aa40::/29 maxlen: 48
2a07:aa40:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:72:98:a4:51:ec:79:4c:4b:ba:29:01:e0:7f:52:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Mar 27 13:18:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c78c9d49c7a10589483ee5443995bb9f93c3ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b6:af:92:ac:29:94:ca:a5:55:91:4a:6b:2a:
bd:d3:53:08:b6:fe:c7:d8:8f:7c:11:7f:8e:57:34:
6d:c6:1c:1c:7c:e2:c9:65:6c:d1:36:26:2d:d0:5c:
55:ba:7c:43:e9:4e:ba:74:21:0f:a8:b3:47:25:3f:
04:46:c8:00:19:3c:65:81:9f:40:e9:6c:00:b4:03:
63:54:34:d2:de:56:ee:49:28:ca:64:ec:3e:75:7b:
3d:8d:d5:1e:65:10:56:25:0e:e1:4e:04:b8:ed:58:
0b:5c:24:8e:29:a1:22:80:36:f2:a2:c7:e2:ba:e5:
37:0e:96:73:3d:80:33:71:27:e1:8d:73:e0:64:c3:
14:77:ac:71:05:6a:9b:86:ae:70:87:c2:1e:83:a7:
d5:fb:bd:ce:64:e1:83:b2:b3:8c:26:11:0b:a2:69:
d4:db:46:1e:13:e2:e1:97:c3:2a:b8:67:40:be:31:
95:4d:8c:40:45:31:8d:b2:d5:5d:ce:47:5c:70:34:
63:10:ef:51:b8:66:5d:a9:22:f5:11:99:be:7a:72:
4c:30:91:bc:1a:75:0c:11:e6:4e:97:7d:bd:0d:35:
5a:2c:cf:bf:e6:3e:59:71:c1:a4:35:13:33:51:b0:
c3:a2:ce:d0:e0:93:09:a5:75:0a:e4:4a:ee:58:eb:
53:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:78:C9:D4:9C:7A:10:58:94:83:EE:54:43:99:5B:B9:F9:3C:3E:D8
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/HHjJ1Jx6EFiUg-5UQ5lbufk8Ptg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
94.131.80.0/20
94.131.176.0/20
194.116.140.0/24
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
24:d3:e6:ee:9c:47:39:bf:ef:f8:a7:6a:57:c5:ff:b8:e6:1e:
c2:ea:99:db:be:9f:be:e7:eb:4b:7e:4a:b2:7e:10:c7:95:98:
37:74:fd:90:04:20:34:97:d7:97:37:df:c7:58:db:eb:3d:47:
a6:83:19:5f:8f:a8:1f:2f:67:03:15:a3:f3:46:85:75:ff:3a:
74:4b:c1:53:1a:6b:f1:11:3b:ee:d0:46:b6:a9:3b:22:7d:a8:
79:84:af:92:1a:e7:34:23:f1:eb:97:5c:93:a4:3b:b1:a3:a9:
f3:c3:81:41:13:69:2c:a3:94:61:48:16:f2:b4:0a:3c:71:17:
c1:88:89:2a:0a:26:1a:9c:35:8f:3f:a6:21:ad:83:1c:1f:ab:
8a:76:a7:42:9d:d8:cb:26:66:a0:ee:71:b0:ba:df:df:f4:f8:
2a:c7:35:60:ba:02:d6:0c:d2:9f:3f:70:7b:cb:2b:96:7d:8a:
09:95:86:b7:d1:cb:d2:aa:fa:8d:4e:79:ff:6b:94:6a:af:b0:
09:32:72:9e:7e:8d:34:17:03:1e:20:2d:82:80:b5:08:59:22:
8b:d5:d0:91:85:c5:ca:37:66:17:d7:40:44:93:0d:48:80:b5:
80:d6:7b:c2:fe:40:7c:f5:2a:33:ab:3f:90:09:91:a0:9c:11:
73:ab:53:21
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ0vcpikUex5TEu6KQHgf1KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjYwMzI3MTMxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc4YzlkNDljN2ExMDU4OTQ4M2VlNTQ0Mzk5NWJiOWY5M2MzZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtravkqwplMqlVZFKayq901MItv7H
2I98EX+OVzRtxhwcfOLJZWzRNiYt0FxVunxD6U66dCEPqLNHJT8ERsgAGTxlgZ9A
6WwAtANjVDTS3lbuSSjKZOw+dXs9jdUeZRBWJQ7hTgS47VgLXCSOKaEigDbyosfi
uuU3DpZzPYAzcSfhjXPgZMMUd6xxBWqbhq5wh8Ieg6fV+73OZOGDsrOMJhELomnU
20YeE+Lhl8MquGdAvjGVTYxARTGNstVdzkdccDRjEO9RuGZdqSL1EZm+enJMMJG8
GnUMEeZOl329DTVaLM+/5j5ZccGkNRMzUbDDos7Q4JMJpXUK5EruWOtT5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBx4ydScehBYlIPuVEOZW7n5PD7YMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvSEhqSjFKeDZFRmlVZy01VVE1bGJ1Zms4UHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBSNoAwQE
XoNQAwQEXoOwAwQAwnSMMA0EAgACMAcDBQMqB6pAMA0GCSqGSIb3DQEBCwUAA4IB
AQAk0+bunEc5v+/4p2pXxf+45h7C6pnbvp++5+tLfkqyfhDHlZg3dP2QBCA0l9eX
N9/HWNvrPUemgxlfj6gfL2cDFaPzRoV1/zp0S8FTGmvxETvu0Ea2qTsifah5hK+S
Guc0I/Hrl1yTpDuxo6nzw4FBE2kso5RhSBbytAo8cRfBiIkqCiYanDWPP6YhrYMc
H6uKdqdCndjLJmag7nGwut/f9PgqxzVgugLWDNKfP3B7yyuWfYoJlYa30cvSqvqN
Tnn/a5Rqr7AJMnKefo00FwMeIC2CgLUIWSKL1dCRhcXKN2YX10BEkw1IgLWA1nvC
/kB89Sozqz+QCZGgnBFzq1Mh
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:58:56 2026 by rpki-client