Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/hjr9OWyFnGQkO3uJElA_CU6JvLw.roa
File: hjr9OWyFnGQkO3uJElA_CU6JvLw.roa (raw, json)
Hash identifier: z3JLINlts21nBvM6E0zMFfTsR5zhI/+x0jPseLU+n7M=
Subject key identifier: 86:3A:FD:39:6C:85:9C:64:24:3B:7B:89:12:50:3F:09:4E:89:BC:BC
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E46506FFA52808814F2B6168B5C254D82
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/hjr9OWyFnGQkO3uJElA_CU6JvLw.roa
Signing time: Wed 20 May 2026 16:55:37 +0000
ROA not before: Wed 20 May 2026 16:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3949
IP address blocks: 80.174.148.0/22 maxlen: 22
80.174.152.0/22 maxlen: 22
80.174.156.0/22 maxlen: 22
80.174.216.0/22 maxlen: 24
80.174.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:50:6f:fa:52:80:88:14:f2:b6:16:8b:5c:25:4d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 20 16:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=863afd396c859c64243b7b8912503f094e89bcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:42:79:9a:7b:8b:70:3e:67:74:f4:3d:2e:a0:
47:c6:ff:0b:db:9a:82:65:97:17:ed:50:96:07:1e:
a2:5a:a3:46:ed:27:77:5d:eb:76:40:03:fe:47:5f:
67:0f:32:6c:e3:67:0e:b2:48:d0:c5:3d:cf:4a:bc:
e3:3e:dc:fe:fc:18:a8:0d:73:40:ba:11:5b:e5:28:
33:99:fc:42:53:aa:06:19:80:23:5c:bc:af:8d:1a:
43:5a:67:d3:db:ac:31:de:2e:5b:9c:de:ec:fa:4e:
aa:2a:e7:a0:2e:c6:70:6e:02:07:2d:24:01:27:4e:
d5:a9:07:92:41:1c:83:6c:b3:2b:f6:c0:f0:2e:14:
54:c8:61:27:e0:d9:9b:c4:38:b4:20:80:c4:59:ff:
a2:67:98:bc:16:d9:de:1f:80:55:50:20:3e:fd:77:
bb:47:32:e9:17:e5:11:62:54:67:54:42:31:f5:21:
2b:17:66:64:8b:f5:e6:25:e7:80:25:eb:6b:66:a3:
29:8e:3a:00:39:e7:db:9d:cb:03:eb:e3:d2:1e:b2:
a5:9f:a9:79:6f:21:fd:42:eb:37:af:65:75:50:b6:
d4:f0:16:ee:fd:a6:30:6e:66:ce:12:78:c4:a5:e9:
4b:54:0e:3b:c5:84:40:ce:7c:4a:07:1b:7a:fd:90:
b0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3A:FD:39:6C:85:9C:64:24:3B:7B:89:12:50:3F:09:4E:89:BC:BC
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/hjr9OWyFnGQkO3uJElA_CU6JvLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.148.0-80.174.159.255
80.174.216.0/21
Signature Algorithm: sha256WithRSAEncryption
33:35:4d:ff:55:65:19:0e:1e:f9:35:f6:72:9d:54:12:6a:e3:
a7:33:5b:bf:93:86:64:ba:7e:91:5b:71:c4:ab:80:ac:95:11:
9d:2c:df:fb:1e:33:92:a9:0b:b2:58:fd:ca:eb:6c:2f:f7:4d:
f9:54:10:b4:db:98:1e:bf:1d:86:2a:ed:ed:1c:3f:61:47:ea:
57:c6:54:1a:aa:cb:5e:4f:74:74:a3:81:30:9c:2c:a0:15:4a:
1b:25:8d:0c:0d:16:b8:ae:f5:dc:7a:89:13:c2:44:f2:23:09:
fa:9a:cf:d7:09:74:99:93:c3:32:aa:2f:d8:2b:09:2e:7f:bf:
de:22:7e:fd:b3:3c:68:5b:d5:cc:28:4e:aa:68:a2:3e:4b:eb:
02:fb:09:57:69:94:23:fd:b7:71:7e:d7:22:22:05:0b:4d:47:
e2:c2:09:c6:07:80:33:a9:8b:25:23:34:14:e7:be:bb:de:d6:
a7:ee:25:5f:42:0f:77:5f:86:b0:d8:2b:f1:71:75:ed:be:4c:
2e:59:28:7a:af:d2:88:cc:2c:df:0e:2f:06:fe:d3:2a:b4:79:
f6:34:f0:67:f7:d2:11:fa:5a:69:78:08:b4:ba:77:14:bc:78:
13:4e:f5:2a:b4:d8:06:ae:bb:0e:db:ab:f7:ff:f2:04:88:c4:
02:f7:9f:3d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ5GUG/6UoCIFPK2FotcJU2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTIwMTY1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNhZmQzOTZjODU5YzY0MjQzYjdiODkxMjUwM2YwOTRlODliY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0J5mnuLcD5ndPQ9LqBHxv8L25qC
ZZcX7VCWBx6iWqNG7Sd3Xet2QAP+R19nDzJs42cOskjQxT3PSrzjPtz+/BioDXNA
uhFb5SgzmfxCU6oGGYAjXLyvjRpDWmfT26wx3i5bnN7s+k6qKuegLsZwbgIHLSQB
J07VqQeSQRyDbLMr9sDwLhRUyGEn4NmbxDi0IIDEWf+iZ5i8FtneH4BVUCA+/Xe7
RzLpF+URYlRnVEIx9SErF2Zki/XmJeeAJetrZqMpjjoAOefbncsD6+PSHrKln6l5
byH9Qus3r2V1ULbU8Bbu/aYwbmbOEnjEpelLVA47xYRAznxKBxt6/ZCwrwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIY6/TlshZxkJDt7iRJQPwlOiby8MB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvaGpyOU9XeUZuR1FrTzN1SkVsQV9DVTZKdkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJQrpQD
BAVQroADBANQrtgwDQYJKoZIhvcNAQELBQADggEBADM1Tf9VZRkOHvk19nKdVBJq
46czW7+ThmS6fpFbccSrgKyVEZ0s3/seM5KpC7JY/crrbC/3TflUELTbmB6/HYYq
7e0cP2FH6lfGVBqqy15PdHSjgTCcLKAVShsljQwNFriu9dx6iRPCRPIjCfqaz9cJ
dJmTwzKqL9grCS5/v94ifv2zPGhb1cwoTqpooj5L6wL7CVdplCP9t3F+1yIiBQtN
R+LCCcYHgDOpiyUjNBTnvrve1qfuJV9CD3dfhrDYK/Fxde2+TC5ZKHqv0ojMLN8O
Lwb+0yq0efY08Gf30hH6Wml4CLS6dxS8eBNO9Sq02Aauuw7bq/f/8gSIxAL3nz0=
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:32 2026 by rpki-client