Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hoyndMTx0JMpF3_ZIoAjRXEQ9wQ.roa
File: hoyndMTx0JMpF3_ZIoAjRXEQ9wQ.roa (raw, json)
Hash identifier: HpV+fH9wH3j/cGULGErieGwjQXQgLaDcRMHmp7wwSdk=
Subject key identifier: 86:8C:A7:74:C4:F1:D0:93:29:17:7F:D9:22:80:23:45:71:10:F7:04
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E8E4D9B2B5B6B6FAA1CC020819B24097D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hoyndMTx0JMpF3_ZIoAjRXEQ9wQ.roa
Signing time: Wed 03 Jun 2026 16:25:11 +0000
ROA not before: Wed 03 Jun 2026 16:25:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202413
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
31.59.161.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 11:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:4d:9b:2b:5b:6b:6f:aa:1c:c0:20:81:9b:24:09:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 3 16:25:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=868ca774c4f1d09329177fd9228023457110f704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0c:fa:8f:07:19:cd:f5:64:e7:cc:9b:f7:1e:
85:8d:61:a6:b1:88:ba:1a:b6:d1:58:91:21:92:53:
a3:1b:ea:38:4a:89:a3:70:e1:b7:9e:38:25:ea:6d:
9e:54:71:76:12:16:44:47:e0:6d:24:24:83:9c:07:
af:3b:76:25:f3:55:b9:53:fb:10:e1:5a:91:d5:d7:
ed:fe:ad:fc:46:17:e6:03:43:32:72:64:cd:ce:6a:
0f:7b:93:d2:16:c2:ab:01:32:44:b8:5a:3e:98:0a:
a5:e7:12:bb:9e:d4:eb:d1:41:b4:d6:80:6d:a0:cb:
f6:6a:55:49:18:1f:67:ff:b6:41:0d:39:14:88:c2:
4d:29:08:6a:57:92:a0:65:8a:d2:3c:60:4d:eb:e4:
cc:72:cc:e3:7a:b3:d9:8f:0d:d1:24:66:7d:cf:d4:
f9:7b:ef:b0:3e:c4:f2:96:df:04:97:fb:18:22:91:
2d:69:d6:e6:0a:06:6d:16:de:e7:89:4f:9e:3d:2c:
30:99:fb:78:99:8a:0c:e4:65:46:33:3b:eb:b8:db:
2d:9a:12:30:f8:84:d5:62:b4:07:3e:1c:96:03:5d:
22:b0:46:13:20:02:98:f0:ec:d1:15:9e:df:a6:ea:
40:6b:6a:05:04:aa:c3:d9:fa:49:d4:e8:d4:b1:8b:
c9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8C:A7:74:C4:F1:D0:93:29:17:7F:D9:22:80:23:45:71:10:F7:04
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hoyndMTx0JMpF3_ZIoAjRXEQ9wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
31.59.161.0/24
94.183.170.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
33:58:1f:28:7b:ed:75:f7:36:01:58:86:8d:52:36:1e:d1:c2:
fa:0e:d1:0a:73:84:df:a9:da:76:f0:8f:3e:62:c4:8d:91:3f:
b3:93:d6:51:fb:db:d0:be:33:b4:ce:e0:eb:46:5e:7a:41:d6:
9c:6c:85:22:c2:62:a8:bf:20:2e:51:cf:01:1b:84:0e:c3:aa:
8a:bc:89:11:d5:f8:22:02:b8:b1:18:98:1f:ca:81:7d:16:27:
37:c7:15:5c:2c:72:7d:fd:a6:64:c0:45:b1:75:56:04:35:62:
17:fb:ce:27:b2:e7:fc:00:bf:4e:f9:c6:31:05:48:93:d7:a8:
eb:fc:1e:13:a0:6d:92:77:a1:6d:fd:79:a5:ef:4a:57:69:cf:
ac:c3:a8:58:d2:94:46:b8:58:69:e4:4d:1c:b3:38:05:06:13:
b6:43:a0:02:19:98:b8:a3:5c:ec:ca:31:ff:c8:77:5f:65:e9:
9a:30:ed:29:c2:a2:17:08:5d:f0:50:fc:dc:48:71:a3:0c:17:
a2:81:93:a7:72:8b:fc:99:16:5e:23:4f:55:33:b4:b1:17:0a:
6d:90:2d:63:9e:a3:cd:ae:a3:b8:0d:57:0b:49:ee:65:b7:77:
23:7c:99:da:06:29:b4:fa:3a:56:0f:14:4c:07:9d:7d:d4:f1:
49:7d:12:a6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ6OTZsrW2tvqhzAIIGbJAl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjAzMTYyNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhjYTc3NGM0ZjFkMDkzMjkxNzdmZDkyMjgwMjM0NTcxMTBmNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQz6jwcZzfVk58yb9x6FjWGmsYi6
GrbRWJEhklOjG+o4SomjcOG3njgl6m2eVHF2EhZER+BtJCSDnAevO3Yl81W5U/sQ
4VqR1dft/q38RhfmA0MycmTNzmoPe5PSFsKrATJEuFo+mAql5xK7ntTr0UG01oBt
oMv2alVJGB9n/7ZBDTkUiMJNKQhqV5KgZYrSPGBN6+TMcszjerPZjw3RJGZ9z9T5
e++wPsTylt8El/sYIpEtadbmCgZtFt7niU+ePSwwmft4mYoM5GVGMzvruNstmhIw
+ITVYrQHPhyWA10isEYTIAKY8OzRFZ7fpupAa2oFBKrD2fpJ1OjUsYvJ+QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIaMp3TE8dCTKRd/2SKAI0VxEPcEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaG95bmRNVHgwSk1wRjNfWklvQWpSWEVROXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBHzroAwQA
HzskAwQAHzsnAwQAHzuhAwQAXreqAwQBXrfuAwQAXrf+AwQB2TwIAwQA2TwYAwQA
2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQAzWB8oe+119zYBWIaNUjYe0cL6DtEKc4Tf
qdp28I8+YsSNkT+zk9ZR+9vQvjO0zuDrRl56QdacbIUiwmKovyAuUc8BG4QOw6qK
vIkR1fgiArixGJgfyoF9Fic3xxVcLHJ9/aZkwEWxdVYENWIX+84nsuf8AL9O+cYx
BUiT16jr/B4ToG2Sd6Ft/Xml70pXac+sw6hY0pRGuFhp5E0cszgFBhO2Q6ACGZi4
o1zsyjH/yHdfZemaMO0pwqIXCF3wUPzcSHGjDBeigZOncov8mRZeI09VM7SxFwpt
kC1jnqPNrqO4DVcLSe5lt3cjfJnaBim0+jpWDxRMB5191PFJfRKm
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:07:06 2026 by rpki-client