Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HZ7C4ms11ElfIAOCXz2KP1UZQOo.roa
File: HZ7C4ms11ElfIAOCXz2KP1UZQOo.roa (raw, json)
Hash identifier: XB0mb76ajFkdDxe5edVo54FP1IvbB8otJuWMuOU3oU8=
Subject key identifier: 1D:9E:C2:E2:6B:35:D4:49:5F:20:03:82:5F:3D:8A:3F:55:19:40:EA
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019EAA4509E8127F10D679700C89C1ED5C96
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HZ7C4ms11ElfIAOCXz2KP1UZQOo.roa
Signing time: Tue 09 Jun 2026 02:45:11 +0000
ROA not before: Tue 09 Jun 2026 02:45:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60
IP address blocks: 2a02:23b8:1a00:200::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:aa:45:09:e8:12:7f:10:d6:79:70:0c:89:c1:ed:5c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jun 9 02:45:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d9ec2e26b35d4495f2003825f3d8a3f551940ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d3:a8:80:01:a9:5e:da:4c:80:57:e0:9c:36:
2d:f8:e7:26:fa:b8:16:1e:4d:f8:5e:14:3d:ed:23:
11:a4:f7:4e:44:f6:e6:df:fa:35:c7:3f:98:5c:62:
d5:be:1b:38:69:ed:a5:49:e2:2b:72:fb:9d:0e:27:
e9:ec:a1:f0:f0:b5:f6:ad:3e:42:8d:d8:38:a0:9e:
7e:26:4d:b6:fe:88:fb:f0:0d:6a:da:8d:09:24:cd:
ed:bf:26:a4:ca:3f:c0:35:a6:d6:a1:f7:d0:b5:e6:
0c:8d:9a:c2:08:73:d7:81:e0:cd:9c:20:89:64:3b:
dd:0f:0b:11:d8:f6:15:c4:4a:6b:ef:76:37:a0:2d:
2c:91:91:4c:ea:d1:31:d2:8f:bc:1e:3c:76:f9:97:
b5:95:8f:23:58:45:a4:3f:38:8f:d2:0a:b3:bc:ca:
3f:d5:5a:3c:bf:67:5c:69:89:e1:b9:ab:e5:02:8c:
19:c6:2f:d5:36:1e:f4:fd:44:4e:dc:d2:22:85:0e:
87:31:06:0d:a2:a8:07:73:f0:90:22:3a:be:a0:98:
16:92:20:38:6b:34:96:97:dd:50:35:2a:8a:89:72:
e3:d2:de:f8:36:fb:5d:23:eb:ee:57:0a:28:f2:6d:
27:c1:36:32:e1:6f:9e:b2:bd:61:8a:ce:a4:2b:81:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9E:C2:E2:6B:35:D4:49:5F:20:03:82:5F:3D:8A:3F:55:19:40:EA
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HZ7C4ms11ElfIAOCXz2KP1UZQOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:23b8:1a00:200::/56
Signature Algorithm: sha256WithRSAEncryption
0a:4a:16:a3:cd:d0:02:a9:49:7d:6a:97:50:e0:a0:7c:6c:fa:
5b:41:f3:0a:e7:99:73:f7:36:79:51:d4:58:3d:fd:6d:fd:bb:
d1:f8:c9:75:b0:ed:85:0e:40:87:27:e0:d0:a5:7e:2a:32:3e:
cd:53:21:45:14:4d:54:0e:37:87:f0:c2:2c:16:9d:58:ea:64:
d4:87:c8:b3:d4:63:88:b5:30:3d:45:5c:05:31:81:f7:8d:63:
98:94:a7:ea:44:1c:22:77:14:a4:c5:76:b9:66:d0:4d:7b:b1:
8d:ab:c2:09:f9:88:4b:53:4b:6f:fd:88:6e:e2:76:e5:e8:91:
57:55:3b:ce:c3:a7:58:4e:52:36:e2:a0:12:89:c5:38:3e:a8:
ee:cb:fd:84:66:00:e0:e9:d8:d5:17:33:58:be:9b:5f:be:02:
89:00:47:5e:cc:13:d3:f2:9c:3f:4b:4c:d6:64:16:c0:8c:45:
3f:dc:8a:8f:dd:1f:bd:d7:af:6a:19:e8:55:e5:55:7f:b2:11:
58:ad:2d:87:f2:18:0e:02:1e:8b:da:75:db:44:d2:3b:f0:3e:
56:23:0d:31:e7:6b:e6:63:20:4e:ae:e5:b3:2e:e4:e0:6d:9d:
c9:dd:b4:91:d3:d8:d9:65:a8:ad:c3:3d:85:33:0b:a1:8c:7f:
7f:b9:56:0c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZ6qRQnoEn8Q1nlwDInB7VyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjYwNjA5MDI0NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDllYzJlMjZiMzVkNDQ5NWYyMDAzODI1ZjNkOGEzZjU1MTk0MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztOogAGpXtpMgFfgnDYt+Ocm+rgW
Hk34XhQ97SMRpPdORPbm3/o1xz+YXGLVvhs4ae2lSeIrcvudDifp7KHw8LX2rT5C
jdg4oJ5+Jk22/oj78A1q2o0JJM3tvyakyj/ANabWoffQteYMjZrCCHPXgeDNnCCJ
ZDvdDwsR2PYVxEpr73Y3oC0skZFM6tEx0o+8Hjx2+Ze1lY8jWEWkPziP0gqzvMo/
1Vo8v2dcaYnhuavlAowZxi/VNh70/URO3NIihQ6HMQYNoqgHc/CQIjq+oJgWkiA4
azSWl91QNSqKiXLj0t74NvtdI+vuVwoo8m0nwTYy4W+esr1his6kK4FxUQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFB2ewuJrNdRJXyADgl89ij9VGUDqMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvSFo3QzRtczExRWxmSUFPQ1h6MktQMVVaUU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgAKgIjuBoA
AjANBgkqhkiG9w0BAQsFAAOCAQEACkoWo83QAqlJfWqXUOCgfGz6W0HzCueZc/c2
eVHUWD39bf270fjJdbDthQ5Ahyfg0KV+KjI+zVMhRRRNVA43h/DCLBadWOpk1IfI
s9RjiLUwPUVcBTGB941jmJSn6kQcIncUpMV2uWbQTXuxjavCCfmIS1NLb/2IbuJ2
5eiRV1U7zsOnWE5SNuKgEonFOD6o7sv9hGYA4OnY1RczWL6bX74CiQBHXswT0/Kc
P0tM1mQWwIxFP9yKj90fvdevahnoVeVVf7IRWK0th/IYDgIei9p120TSO/A+ViMN
Medr5mMgTq7lsy7k4G2dyd20kdPY2WWorcM9hTMLoYx/f7lWDA==
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:27:36 2026 by rpki-client