Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/HNU4PvHtUf3LL3k-T6wKylDR5M4.roa
File: HNU4PvHtUf3LL3k-T6wKylDR5M4.roa (raw, json)
Hash identifier: efP663t/kjdPSNe1Ty2RixQ3W4VbIX6LK4/IXdIxpXU=
Subject key identifier: 1C:D5:38:3E:F1:ED:51:FD:CB:2F:79:3E:4F:AC:0A:CA:50:D1:E4:CE
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019EB058C5367A0872480BFFA0C5E5EEA655
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/HNU4PvHtUf3LL3k-T6wKylDR5M4.roa
Signing time: Wed 10 Jun 2026 07:04:28 +0000
ROA not before: Wed 10 Jun 2026 07:04:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 212.189.88.0/24 maxlen: 24
212.189.98.0/24 maxlen: 24
212.189.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:58:c5:36:7a:08:72:48:0b:ff:a0:c5:e5:ee:a6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 10 07:04:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cd5383ef1ed51fdcb2f793e4fac0aca50d1e4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:0e:7a:58:ad:93:c1:62:97:67:5a:ab:06:
a8:17:9a:0a:53:78:7c:15:ce:b8:4a:02:76:b3:fb:
05:85:1b:79:79:ea:cb:d1:fc:fb:81:06:3b:f6:2e:
28:06:03:e5:81:4a:33:b6:ad:e6:1b:e8:06:40:3c:
52:95:62:9a:ce:ef:1f:ef:77:4a:7d:98:db:3c:a2:
00:a6:0a:f4:8c:d9:26:64:b6:4e:72:76:90:fb:95:
06:a2:e9:de:15:08:61:2e:2e:79:05:c1:cb:6a:ef:
ee:2d:9f:d4:3a:7c:fd:53:c8:74:1d:a2:a8:b3:39:
e4:c1:cd:0a:cc:d5:93:18:1c:7e:4f:c4:c0:37:8e:
54:fc:46:ee:05:b6:5f:b9:ad:35:a1:01:bc:3d:a9:
98:d1:02:78:72:02:97:dc:4b:85:e9:79:4a:de:82:
3e:10:f4:d8:9e:a8:f9:82:54:1f:e8:f8:f5:a5:2b:
c5:79:a0:b1:fa:fb:5d:ae:82:c1:36:ac:1c:a6:0d:
f2:3d:18:ff:8a:57:5b:6d:ca:70:84:2f:8b:9d:31:
1e:b0:f0:26:4d:d1:d7:95:18:02:be:c8:78:13:d1:
39:79:4e:c1:9c:ac:ca:df:c5:c0:c3:20:bd:42:d8:
d8:f8:8c:34:fa:0b:ea:02:5b:1c:f8:81:68:dc:42:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D5:38:3E:F1:ED:51:FD:CB:2F:79:3E:4F:AC:0A:CA:50:D1:E4:CE
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/HNU4PvHtUf3LL3k-T6wKylDR5M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.189.88.0/24
212.189.98.0/24
212.189.116.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:48:3b:d3:28:b7:ad:4e:3a:dc:02:a4:b0:60:e2:fb:da:7e:
6f:47:fd:e9:d4:3d:26:18:c6:2c:81:f8:fe:8a:90:cb:ad:4b:
b8:27:f9:6a:55:57:71:c5:03:ad:8c:37:8a:9f:5c:bc:eb:46:
e0:c8:93:53:f0:8a:cf:95:40:2a:73:b0:4b:9a:ca:22:63:10:
c6:26:aa:89:9c:ff:db:55:6c:45:7a:26:18:2d:ce:b1:38:d4:
e4:92:c8:18:8a:ea:37:8a:ab:f7:e5:27:bf:1c:62:28:1c:0b:
12:c4:e5:9d:3e:e3:8d:a7:be:b1:eb:19:5b:c9:d8:22:6d:ad:
5d:cf:58:03:c2:d6:2b:ce:be:6f:10:55:6e:34:21:80:2a:4a:
5d:43:9d:4c:2f:df:81:80:b8:2e:00:90:f1:fa:c8:11:c5:f8:
6e:08:4d:62:a0:db:97:a3:69:bf:5a:06:65:96:d0:33:6e:47:
bd:8a:33:44:c1:31:2a:54:c5:6c:6b:8f:30:8f:7a:0d:27:7e:
92:5e:78:27:97:b6:39:9f:71:24:42:31:63:e1:6f:31:53:04:
7d:fd:a9:76:63:ae:8e:f3:3e:b7:c8:71:4c:15:19:7f:51:0e:
02:43:69:0c:31:5c:10:d1:77:30:80:4b:a2:a0:66:f7:16:72:
13:34:be:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6wWMU2eghySAv/oMXl7qZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNjEwMDcwNDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q1MzgzZWYxZWQ1MWZkY2IyZjc5M2U0ZmFjMGFjYTUwZDFlNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjkOelitk8Fil2daqwaoF5oKU3h8
Fc64SgJ2s/sFhRt5eerL0fz7gQY79i4oBgPlgUoztq3mG+gGQDxSlWKazu8f73dK
fZjbPKIApgr0jNkmZLZOcnaQ+5UGouneFQhhLi55BcHLau/uLZ/UOnz9U8h0HaKo
sznkwc0KzNWTGBx+T8TAN45U/EbuBbZfua01oQG8PamY0QJ4cgKX3EuF6XlK3oI+
EPTYnqj5glQf6Pj1pSvFeaCx+vtdroLBNqwcpg3yPRj/ildbbcpwhC+LnTEesPAm
TdHXlRgCvsh4E9E5eU7BnKzK38XAwyC9QtjY+Iw0+gvqAlsc+IFo3ELX+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBzVOD7x7VH9yy95Pk+sCspQ0eTOMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvSE5VNFB2SHRVZjNMTDNrLVQ2d0t5bERSNU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1L1YAwQA
1L1iAwQA1L10MA0GCSqGSIb3DQEBCwUAA4IBAQBcSDvTKLetTjrcAqSwYOL72n5v
R/3p1D0mGMYsgfj+ipDLrUu4J/lqVVdxxQOtjDeKn1y860bgyJNT8IrPlUAqc7BL
msoiYxDGJqqJnP/bVWxFeiYYLc6xONTkksgYiuo3iqv35Se/HGIoHAsSxOWdPuON
p76x6xlbydgiba1dz1gDwtYrzr5vEFVuNCGAKkpdQ51ML9+BgLguAJDx+sgRxfhu
CE1ioNuXo2m/WgZlltAzbke9ijNEwTEqVMVsa48wj3oNJ36SXngnl7Y5n3EkQjFj
4W8xUwR9/al2Y66O8z63yHFMFRl/UQ4CQ2kMMVwQ0XcwgEuioGb3FnITNL7t
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:34:32 2026 by rpki-client