Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/2Z6IYH5r9rEHXyb6yaUAQh53_hk.roa
File: 2Z6IYH5r9rEHXyb6yaUAQh53_hk.roa (raw, json)
Hash identifier: iFsFHaHiOwiJNWh0rDjxLKPBB1FTnSIyeAFgavIf9wA=
Subject key identifier: D9:9E:88:60:7E:6B:F6:B1:07:5F:26:FA:C9:A5:00:42:1E:77:FE:19
Certificate issuer: /CN=c8f667e6081303385f13fd4cb6d3da4d8cb1b6c1
Certificate serial: 019E72F2FC278C531B867DE7E6CBE1BE2A91
Authority key identifier: C8:F6:67:E6:08:13:03:38:5F:13:FD:4C:B6:D3:DA:4D:8C:B1:B6:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPZn5ggTAzhfE_1MttPaTYyxtsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/2Z6IYH5r9rEHXyb6yaUAQh53_hk.roa
Signing time: Fri 29 May 2026 08:56:27 +0000
ROA not before: Fri 29 May 2026 08:56:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12874
IP address blocks: 176.122.196.0/23 maxlen: 23
176.122.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/yPZn5ggTAzhfE_1MttPaTYyxtsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/yPZn5ggTAzhfE_1MttPaTYyxtsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yPZn5ggTAzhfE_1MttPaTYyxtsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:f2:fc:27:8c:53:1b:86:7d:e7:e6:cb:e1:be:2a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f667e6081303385f13fd4cb6d3da4d8cb1b6c1
Validity
Not Before: May 29 08:56:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d99e88607e6bf6b1075f26fac9a500421e77fe19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0b:05:d7:18:e1:29:c4:fb:3e:74:7e:36:b5:
2a:ce:e0:fb:cb:02:d2:25:d1:d8:99:ca:85:ab:2c:
a5:b3:54:d0:56:8c:5b:3d:4d:99:67:e4:56:86:f7:
50:c7:fd:b6:a4:32:c0:a2:d7:aa:3d:83:58:31:a1:
e6:5d:bf:f0:5b:62:e1:18:7e:ff:26:3a:5b:e7:f3:
be:9a:c0:7f:e8:ed:21:d6:4e:71:61:04:5b:32:53:
42:5b:77:47:39:68:3f:6a:0f:a9:3e:52:b6:a4:a0:
fe:b8:97:05:39:1c:cc:d3:72:09:71:58:42:e7:3a:
c4:56:39:05:cf:90:52:9c:ce:c2:bd:55:7d:9a:a6:
7d:c5:10:cc:06:fe:0f:20:03:5a:91:d9:23:64:33:
8c:14:b2:fa:5f:c1:3f:e5:c0:e8:fc:73:e8:aa:1a:
47:ee:ed:50:66:30:10:30:40:3d:37:e6:16:3c:04:
01:fc:e5:4c:b5:3b:5e:a8:d6:d8:93:1e:6d:bf:ab:
37:34:c5:ac:de:8e:6d:20:3b:17:3d:1b:ce:c0:c7:
79:ec:12:7e:22:1a:27:3f:e8:73:1b:f5:70:50:0b:
26:b4:56:98:96:dd:14:59:e1:d7:07:70:db:ce:fd:
c5:f9:22:6b:30:08:b4:7a:7e:3a:be:0b:5b:d7:e0:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9E:88:60:7E:6B:F6:B1:07:5F:26:FA:C9:A5:00:42:1E:77:FE:19
X509v3 Authority Key Identifier:
keyid:C8:F6:67:E6:08:13:03:38:5F:13:FD:4C:B6:D3:DA:4D:8C:B1:B6:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPZn5ggTAzhfE_1MttPaTYyxtsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/2Z6IYH5r9rEHXyb6yaUAQh53_hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/201ea2-55ea-46da-bc6f-a05ff37e82e9/1/yPZn5ggTAzhfE_1MttPaTYyxtsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.196.0-176.122.198.255
Signature Algorithm: sha256WithRSAEncryption
67:b4:52:7f:b7:19:3e:df:93:4f:b3:e0:32:56:5a:0f:00:0a:
a5:0f:77:81:32:0b:79:1c:94:07:e8:8b:45:19:47:40:64:91:
27:fd:0f:6b:c0:c6:70:db:48:6d:cc:18:5e:84:bd:44:1f:53:
92:a0:fa:28:4c:a0:4a:cb:2b:d9:97:c4:89:8d:46:ff:f3:e2:
b0:0f:d7:90:b4:57:73:ab:21:66:ef:60:02:db:30:a1:95:a0:
9a:23:95:92:13:87:fe:16:db:a4:5b:2a:0b:c1:4b:d4:b6:9b:
31:31:d5:3b:0e:be:e4:70:60:89:71:5c:44:69:62:4d:4d:ae:
a7:67:5f:ca:2a:1d:05:71:98:ea:30:5c:e1:4d:39:d7:44:d8:
20:4f:b9:1d:e8:11:d9:4f:7a:c9:cf:78:2b:81:73:0f:ee:f8:
3f:f6:42:cb:43:03:85:4a:a1:87:54:7d:a1:5e:b6:f0:c1:31:
37:44:ee:6f:27:9e:29:d5:86:3e:87:eb:16:fb:af:3e:f9:f1:
b8:c5:90:3f:40:52:13:17:d0:68:bc:2f:3b:25:de:c3:65:b4:
6e:dd:69:e4:de:cf:af:50:dc:61:36:ad:19:5c:81:5c:14:db:
5c:94:bb:79:27:35:e5:70:c5:f2:0c:8c:fc:77:cb:f2:bf:f7:
fd:53:1e:a1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ5y8vwnjFMbhn3n5svhviqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjY2N2U2MDgxMzAzMzg1ZjEzZmQ0Y2I2ZDNkYTRkOGNi
MWI2YzEwHhcNMjYwNTI5MDg1NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTllODg2MDdlNmJmNmIxMDc1ZjI2ZmFjOWE1MDA0MjFlNzdmZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQsF1xjhKcT7PnR+NrUqzuD7ywLS
JdHYmcqFqyyls1TQVoxbPU2ZZ+RWhvdQx/22pDLAoteqPYNYMaHmXb/wW2LhGH7/
Jjpb5/O+msB/6O0h1k5xYQRbMlNCW3dHOWg/ag+pPlK2pKD+uJcFORzM03IJcVhC
5zrEVjkFz5BSnM7CvVV9mqZ9xRDMBv4PIANakdkjZDOMFLL6X8E/5cDo/HPoqhpH
7u1QZjAQMEA9N+YWPAQB/OVMtTteqNbYkx5tv6s3NMWs3o5tIDsXPRvOwMd57BJ+
IhonP+hzG/VwUAsmtFaYlt0UWeHXB3Dbzv3F+SJrMAi0en46vgtb1+Be4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNmeiGB+a/axB18m+smlAEIed/4ZMB8GA1UdIwQY
MBaAFMj2Z+YIEwM4XxP9TLbT2k2MsbbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBabjVnZ1RBemhmRV8xTXR0UGFUWXl4dHNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMDFlYTItNTVlYS00NmRhLWJjNmYt
YTA1ZmYzN2U4MmU5LzEvMlo2SVlINXI5ckVIWHliNnlhVUFRaDUzX2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yMDFlYTItNTVlYS00NmRhLWJjNmYtYTA1ZmYzN2U4MmU5
LzEveVBabjVnZ1RBemhmRV8xTXR0UGFUWXl4dHNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKwesQD
BACwesYwDQYJKoZIhvcNAQELBQADggEBAGe0Un+3GT7fk0+z4DJWWg8ACqUPd4Ey
C3kclAfoi0UZR0BkkSf9D2vAxnDbSG3MGF6EvUQfU5Kg+ihMoErLK9mXxImNRv/z
4rAP15C0V3OrIWbvYALbMKGVoJojlZITh/4W26RbKgvBS9S2mzEx1TsOvuRwYIlx
XERpYk1NrqdnX8oqHQVxmOowXOFNOddE2CBPuR3oEdlPesnPeCuBcw/u+D/2QstD
A4VKoYdUfaFetvDBMTdE7m8nninVhj6H6xb7rz758bjFkD9AUhMX0Gi8Lzsl3sNl
tG7daeTez69Q3GE2rRlcgVwU21yUu3knNeVwxfIMjPx3y/K/9/1THqE=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:41 2026 by rpki-client