Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/HybXN-G-KoQ8KtOAksEIUKs1GU4.roa
File: HybXN-G-KoQ8KtOAksEIUKs1GU4.roa (raw, json)
Hash identifier: QiZY4fsu/4K9aunyOeMV9Nmj2TKdUPeLsfCr5TiOOs4=
Subject key identifier: 1F:26:D7:37:E1:BE:2A:84:3C:2A:D3:80:92:C1:08:50:AB:35:19:4E
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019C8CCC06303EFD444C84C0BFBC9B785DF8
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/HybXN-G-KoQ8KtOAksEIUKs1GU4.roa
Signing time: Mon 23 Feb 2026 23:18:27 +0000
ROA not before: Mon 23 Feb 2026 23:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200819
IP address blocks: 2a06:9801:83::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8c:cc:06:30:3e:fd:44:4c:84:c0:bf:bc:9b:78:5d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Feb 23 23:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f26d737e1be2a843c2ad38092c10850ab35194e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2e:62:93:ba:ba:e7:78:de:8a:1d:fd:17:79:
60:29:e1:ad:ed:28:19:11:8b:2a:15:7c:80:84:7f:
7e:66:93:e7:94:a0:55:ee:f0:5b:37:b9:0e:e1:5c:
92:80:05:d4:20:d7:9a:bc:34:fd:8b:43:85:97:de:
d8:48:48:4a:1f:27:74:0c:79:a2:75:6b:5f:3f:b2:
b8:dd:25:a4:1e:38:5a:8a:97:20:e0:f8:0d:14:d2:
e5:66:73:5a:1c:05:28:67:b4:bf:63:86:2a:36:06:
96:93:aa:fc:7e:74:c6:59:d4:f6:d0:e8:2f:cb:72:
78:69:58:be:16:2c:60:70:41:f8:9c:eb:c8:8f:71:
fc:dc:0d:d7:67:c0:9b:9f:5c:e8:60:6b:c1:bc:82:
80:11:b9:8a:f8:c4:19:60:8c:bd:ba:08:43:c2:f9:
14:df:4d:8d:48:ed:36:3a:44:9d:99:11:f3:10:f8:
d9:57:3a:3c:32:90:da:9b:02:5b:c5:dd:b6:c2:19:
b5:1d:a2:fa:d6:d3:ae:72:1c:fd:7f:55:83:29:5a:
3d:ba:b7:28:21:43:97:18:fb:89:57:6d:23:21:f5:
5d:f8:4c:3c:c6:1a:8b:06:d8:b9:4c:e3:ee:28:16:
ac:9c:3a:41:c3:31:4c:c7:db:da:1a:8b:8d:18:aa:
64:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:D7:37:E1:BE:2A:84:3C:2A:D3:80:92:C1:08:50:AB:35:19:4E
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/HybXN-G-KoQ8KtOAksEIUKs1GU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:83::/48
Signature Algorithm: sha256WithRSAEncryption
04:91:0f:92:e7:81:73:44:e1:dc:7b:d0:d8:47:38:03:7f:85:
12:9c:32:a3:97:ad:98:34:12:aa:e8:4d:80:bf:5c:e6:86:63:
e2:f9:3e:67:c6:36:02:cb:1e:e2:c6:fb:eb:22:08:54:4b:e2:
5d:81:dc:d8:5b:67:00:a2:2d:97:aa:4e:71:97:54:95:4b:c7:
81:83:1a:a0:6a:a4:1a:7f:f6:f0:71:f4:03:6e:57:d5:1e:88:
e4:f3:77:f1:cc:3f:6b:bd:af:d3:b0:c0:4d:9d:2a:b5:5c:82:
6b:c4:5f:10:07:ae:4d:66:c9:df:f6:35:29:76:9f:2c:a8:6b:
c8:62:4a:62:08:82:d7:71:c9:5b:71:c7:34:d1:28:bc:51:a4:
cf:6c:4f:97:e4:6a:e9:8a:d7:9c:b8:81:4e:e1:ed:1c:41:7a:
53:5c:d9:2d:54:4e:0c:50:29:ed:d8:d5:5b:90:36:41:04:47:
21:26:2d:3d:58:7b:f4:24:44:00:91:f8:2b:44:cd:0c:44:e4:
1f:41:e2:c9:d5:d4:e5:2c:8d:36:be:fd:fe:49:1e:0c:1c:7a:
0b:d0:43:f2:43:8a:88:97:e9:a6:c8:9b:b9:0d:d6:1e:c3:23:
c1:3d:62:77:19:c7:01:f2:e3:a8:2b:24:ae:98:d5:53:af:f7:
c2:95:5b:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZyMzAYwPv1ETITAv7ybeF34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMjIzMjMxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2ZDczN2UxYmUyYTg0M2MyYWQzODA5MmMxMDg1MGFiMzUxOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S5ik7q653jeih39F3lgKeGt7SgZ
EYsqFXyAhH9+ZpPnlKBV7vBbN7kO4VySgAXUINeavDT9i0OFl97YSEhKHyd0DHmi
dWtfP7K43SWkHjhaipcg4PgNFNLlZnNaHAUoZ7S/Y4YqNgaWk6r8fnTGWdT20Ogv
y3J4aVi+FixgcEH4nOvIj3H83A3XZ8Cbn1zoYGvBvIKAEbmK+MQZYIy9ughDwvkU
302NSO02OkSdmRHzEPjZVzo8MpDamwJbxd22whm1HaL61tOuchz9f1WDKVo9urco
IUOXGPuJV20jIfVd+Ew8xhqLBti5TOPuKBasnDpBwzFMx9vaGouNGKpkrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB8m1zfhviqEPCrTgJLBCFCrNRlOMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvSHliWE4tRy1Lb1E4S3RPQWtzRUlVS3MxR1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQCD
MA0GCSqGSIb3DQEBCwUAA4IBAQAEkQ+S54FzROHce9DYRzgDf4USnDKjl62YNBKq
6E2Av1zmhmPi+T5nxjYCyx7ixvvrIghUS+JdgdzYW2cAoi2Xqk5xl1SVS8eBgxqg
aqQaf/bwcfQDblfVHojk83fxzD9rva/TsMBNnSq1XIJrxF8QB65NZsnf9jUpdp8s
qGvIYkpiCILXcclbccc00Si8UaTPbE+X5GrpitecuIFO4e0cQXpTXNktVE4MUCnt
2NVbkDZBBEchJi09WHv0JEQAkfgrRM0MROQfQeLJ1dTlLI02vv3+SR4MHHoL0EPy
Q4qIl+mmyJu5DdYewyPBPWJ3GccB8uOoKySumNVTr/fClVtn
-----END CERTIFICATE-----
Generated at Thu Feb 26 09:16:14 2026 by rpki-client