Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hMRL9HPUECRX1xAUN1DB4CaU438.roa
File: hMRL9HPUECRX1xAUN1DB4CaU438.roa (raw, json)
Hash identifier: fgk12qy5xTdrcQadF6Br9KhCcKB6bzg0JRwf95yeeb0=
Subject key identifier: 84:C4:4B:F4:73:D4:10:24:57:D7:10:14:37:50:C1:E0:26:94:E3:7F
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E3CE899993DED85FD6801AC6E09B2C140
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hMRL9HPUECRX1xAUN1DB4CaU438.roa
Signing time: Mon 18 May 2026 21:05:36 +0000
ROA not before: Mon 18 May 2026 21:05:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29262
IP address blocks: 93.190.14.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:46c0::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
2a10:8b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3c:e8:99:99:3d:ed:85:fd:68:01:ac:6e:09:b2:c1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 18 21:05:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=84c44bf473d4102457d710143750c1e02694e37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d6:9c:ec:34:56:60:35:75:66:00:1f:42:09:
d1:c8:d3:9c:20:84:cf:73:38:e5:6d:07:21:6d:b1:
52:f4:9c:4d:0b:18:4c:00:fd:8b:d7:b6:c7:70:5b:
db:f0:7d:d6:5b:98:95:b2:2b:1f:3d:11:46:75:3e:
43:d1:36:42:d8:52:36:7a:59:70:b1:0c:f9:59:45:
2c:9b:fb:b7:1c:e3:b9:4e:29:fd:3c:a7:fd:ca:23:
23:6e:de:f3:67:11:bf:2f:83:3d:a6:95:13:bf:01:
77:43:e7:30:6e:2e:bb:7d:48:96:da:5c:e1:a4:36:
fc:1a:c5:17:ac:4e:80:22:90:02:c1:7e:7b:cc:a9:
8e:a9:b5:31:c6:7f:da:96:2d:b5:10:09:75:cd:92:
a2:6b:9b:4a:8b:15:4f:e1:8c:39:17:49:51:17:b5:
a1:c9:9a:dc:0e:a6:06:89:ff:9c:dd:83:e9:13:87:
0f:e7:82:93:69:90:bc:22:5f:f6:15:64:95:ef:5c:
05:35:15:f2:93:aa:65:57:d1:eb:d6:98:6f:4d:98:
f1:d3:3a:f5:08:c8:cb:04:27:0b:5e:62:21:07:15:
63:0b:e8:c8:db:25:e8:80:8d:49:85:58:79:ff:95:
31:4f:5a:a1:cc:dc:f3:19:bc:94:d2:87:75:17:00:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C4:4B:F4:73:D4:10:24:57:D7:10:14:37:50:C1:E0:26:94:E3:7F
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hMRL9HPUECRX1xAUN1DB4CaU438.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.14.0/24
185.85.189.0-185.85.190.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.98.63.0/24
185.119.80.0/24
185.249.200.0/22
IPv6:
2a0b:6780::/29
2a0c:46c0::/29
2a0c:67c0::/29
2a10:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:41:74:4b:7d:b3:28:16:83:f2:09:10:e7:1e:b9:e1:f1:7b:
07:89:73:a3:e3:fc:33:ac:1e:c8:04:aa:a4:ac:94:64:f6:55:
d5:fa:82:6b:01:62:4b:41:ad:d6:68:3c:76:7d:7b:e2:c6:d8:
85:f2:b1:b7:19:a6:82:8a:73:80:d1:fa:8d:8d:d1:09:9e:97:
a4:62:95:4b:34:9d:c3:99:e9:c5:6c:79:ad:4d:80:d8:cf:8e:
b7:d5:cc:55:dc:f3:8d:f5:80:a7:f7:43:15:b3:f9:d7:3d:ac:
67:b6:9e:e2:13:ed:e8:9e:79:5a:45:4d:73:30:7d:24:5b:8b:
b2:e6:39:e1:4f:fe:a7:8c:96:77:08:28:62:f5:aa:60:d0:d4:
8f:5c:45:c5:b6:c8:f8:98:19:81:43:e2:be:4b:b3:e6:74:22:
a3:b6:de:13:a6:58:08:92:0e:71:c2:85:86:a1:60:52:4c:3f:
d0:ea:1f:c3:40:7a:6d:61:b7:58:3f:c1:22:92:a9:ce:f4:ec:
c7:f9:39:c8:c8:f5:bc:b3:a7:30:0b:d3:be:4f:93:92:60:0c:
46:3e:7f:f8:36:4e:2e:75:a5:bc:63:57:d5:81:6e:4e:23:ac:
00:8a:d1:fd:57:c8:7f:ba:15:89:72:2c:4d:9d:69:a1:e8:13:
a0:5f:e6:1d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZ486JmZPe2F/WgBrG4JssFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTE4MjEwNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM0NGJmNDczZDQxMDI0NTdkNzEwMTQzNzUwYzFlMDI2OTRlMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNac7DRWYDV1ZgAfQgnRyNOcIITP
czjlbQchbbFS9JxNCxhMAP2L17bHcFvb8H3WW5iVsisfPRFGdT5D0TZC2FI2ellw
sQz5WUUsm/u3HOO5Tin9PKf9yiMjbt7zZxG/L4M9ppUTvwF3Q+cwbi67fUiW2lzh
pDb8GsUXrE6AIpACwX57zKmOqbUxxn/ali21EAl1zZKia5tKixVP4Yw5F0lRF7Wh
yZrcDqYGif+c3YPpE4cP54KTaZC8Il/2FWSV71wFNRXyk6plV9Hr1phvTZjx0zr1
CMjLBCcLXmIhBxVjC+jI2yXogI1JhVh5/5UxT1qhzNzzGbyU0od1FwBckQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFITES/Rz1BAkV9cQFDdQweAmlON/MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvaE1STDlIUFVFQ1JYMXhBVU4xREI0Q2FVNDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBABAIAATA6AwQAXb4OMAwD
BAC5Vb0DBAC5Vb4wDAMEALlV7QMEBLlV4AMEALlWBQMEALliPwMEALl3UAMEArn5
yDAiBAIAAjAcAwUDKgtngAMFAyoMRsADBQMqDGfAAwUDKhCLADANBgkqhkiG9w0B
AQsFAAOCAQEAW0F0S32zKBaD8gkQ5x654fF7B4lzo+P8M6weyASqpKyUZPZV1fqC
awFiS0Gt1mg8dn174sbYhfKxtxmmgopzgNH6jY3RCZ6XpGKVSzSdw5npxWx5rU2A
2M+Ot9XMVdzzjfWAp/dDFbP51z2sZ7ae4hPt6J55WkVNczB9JFuLsuY54U/+p4yW
dwgoYvWqYNDUj1xFxbbI+JgZgUPivkuz5nQio7beE6ZYCJIOccKFhqFgUkw/0Oof
w0B6bWG3WD/BIpKpzvTsx/k5yMj1vLOnMAvTvk+TkmAMRj5/+DZOLnWlvGNX1YFu
TiOsAIrR/VfIf7oViXIsTZ1poegToF/mHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:16:43 2026 by rpki-client