Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/htg7kCTaFgQhQM51EIhRhg4YOjE.roa
File: htg7kCTaFgQhQM51EIhRhg4YOjE.roa (raw, json)
Hash identifier: 1oT2TNdcqWoJOnAgaRDC7vRl78I93zLsOx4dMhvI0cQ=
Subject key identifier: 86:D8:3B:90:24:DA:16:04:21:40:CE:75:10:88:51:86:0E:18:3A:31
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019E53999F9C65EBBB085FA3ACD4D0905D50
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/htg7kCTaFgQhQM51EIhRhg4YOjE.roa
Signing time: Sat 23 May 2026 06:50:37 +0000
ROA not before: Sat 23 May 2026 06:50:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402215
IP address blocks: 194.231.152.0/24 maxlen: 24
194.231.159.0/24 maxlen: 24
194.231.214.0/24 maxlen: 24
194.231.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:53:99:9f:9c:65:eb:bb:08:5f:a3:ac:d4:d0:90:5d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 23 06:50:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86d83b9024da16042140ce75108851860e183a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:39:2c:54:18:9c:df:8e:98:9f:39:05:0f:
65:f0:c7:6b:be:a5:01:12:2f:2c:f8:90:5d:1d:06:
70:69:61:af:e0:f3:54:9f:16:61:38:e3:be:54:2b:
f3:2d:a0:c6:76:c6:7b:91:4e:1d:34:35:9a:ea:16:
50:ab:f5:34:15:34:9d:46:64:bb:f3:78:d0:c7:b8:
05:a7:a8:32:c4:a5:f8:3f:05:7e:bf:c8:a3:cc:2c:
86:b4:bc:27:6e:ff:6e:bc:26:0f:87:a2:01:3f:ba:
4c:9b:c0:32:72:6d:98:3e:e4:96:31:ce:cc:6a:72:
40:41:fe:56:23:e4:43:5d:2f:f9:e6:c4:28:4c:4c:
07:af:51:f6:73:7e:e9:ba:e6:32:5e:f6:c1:a6:dd:
75:b9:e4:33:8a:a0:45:35:f8:4e:ac:ec:c2:ad:b8:
d2:2d:9c:66:24:72:e6:68:48:48:08:6c:f0:df:54:
28:ba:7e:fe:95:76:aa:9d:09:71:3f:2b:8d:1b:29:
45:05:a6:27:73:ed:38:f9:19:7b:ce:95:4d:79:c5:
3f:76:d7:ce:14:a7:07:d7:72:f6:f1:ff:04:77:cc:
7c:c6:55:d2:f6:f4:4e:a5:e0:19:6e:76:55:ed:5a:
c4:aa:21:4a:c5:f5:4f:ec:8f:b3:2d:11:ef:67:bc:
e3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D8:3B:90:24:DA:16:04:21:40:CE:75:10:88:51:86:0E:18:3A:31
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/htg7kCTaFgQhQM51EIhRhg4YOjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.152.0/24
194.231.159.0/24
194.231.214.0/24
194.231.218.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:24:14:75:0d:5f:86:e1:77:73:36:ca:01:69:37:c2:37:0e:
e5:3f:bb:c1:91:50:6b:90:95:59:4d:4c:b5:f9:5d:2e:58:05:
de:51:88:f2:2c:03:43:5f:83:b5:b3:df:e0:7b:c4:4f:0a:9b:
db:f5:28:93:86:81:45:b8:aa:f7:3a:53:6c:76:50:a9:13:2c:
47:27:c2:76:3d:d9:98:71:c4:c1:90:8f:0f:d6:9a:06:12:9f:
7a:19:6e:d3:10:22:6f:23:08:8f:95:7a:a3:f1:16:41:0b:46:
75:cf:5e:f8:d9:61:44:27:aa:54:45:e2:f9:02:58:ab:26:79:
94:87:3a:7f:ee:e0:aa:c7:c2:55:40:1b:dc:88:47:87:56:8e:
15:c1:31:70:87:fe:4b:a7:19:2a:51:51:c8:b5:67:eb:88:b1:
da:7d:f4:20:62:fe:11:09:fd:5f:13:1d:de:90:30:c4:42:a0:
73:f3:82:55:ba:a6:ff:e4:86:91:53:c4:bd:e5:ed:78:c8:c4:
40:7d:7c:9d:a6:c8:c0:ea:68:77:69:7a:16:ea:a1:7e:84:c8:
32:5a:04:04:83:79:74:71:87:04:9e:11:a5:85:d8:a6:bd:80:
8c:e1:94:73:92:f8:a9:3c:b9:1f:4c:fb:5e:5c:9a:d6:44:a2:
d6:49:92:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5TmZ+cZeu7CF+jrNTQkF1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNTIzMDY1MDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ4M2I5MDI0ZGExNjA0MjE0MGNlNzUxMDg4NTE4NjBlMTgzYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSU5LFQYnN+OmJ85BQ9l8MdrvqUB
Ei8s+JBdHQZwaWGv4PNUnxZhOOO+VCvzLaDGdsZ7kU4dNDWa6hZQq/U0FTSdRmS7
83jQx7gFp6gyxKX4PwV+v8ijzCyGtLwnbv9uvCYPh6IBP7pMm8Aycm2YPuSWMc7M
anJAQf5WI+RDXS/55sQoTEwHr1H2c37puuYyXvbBpt11ueQziqBFNfhOrOzCrbjS
LZxmJHLmaEhICGzw31Qoun7+lXaqnQlxPyuNGylFBaYnc+04+Rl7zpVNecU/dtfO
FKcH13L28f8Ed8x8xlXS9vROpeAZbnZV7VrEqiFKxfVP7I+zLRHvZ7zjBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIbYO5Ak2hYEIUDOdRCIUYYOGDoxMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvaHRnN2tDVGFGZ1FoUU01MUVJaFJoZzRZT2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwueYAwQA
wuefAwQAwufWAwQAwufaMA0GCSqGSIb3DQEBCwUAA4IBAQAKJBR1DV+G4XdzNsoB
aTfCNw7lP7vBkVBrkJVZTUy1+V0uWAXeUYjyLANDX4O1s9/ge8RPCpvb9SiThoFF
uKr3OlNsdlCpEyxHJ8J2PdmYccTBkI8P1poGEp96GW7TECJvIwiPlXqj8RZBC0Z1
z1742WFEJ6pUReL5AlirJnmUhzp/7uCqx8JVQBvciEeHVo4VwTFwh/5LpxkqUVHI
tWfriLHaffQgYv4RCf1fEx3ekDDEQqBz84JVuqb/5IaRU8S95e14yMRAfXydpsjA
6mh3aXoW6qF+hMgyWgQEg3l0cYcEnhGlhdimvYCM4ZRzkvipPLkfTPteXJrWRKLW
SZKD
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:22 2026 by rpki-client