Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/hbeIEnlJLGCUvc-bfFDQtYlNuoI.roa
File: hbeIEnlJLGCUvc-bfFDQtYlNuoI.roa (raw, json)
Hash identifier: lsxRlcpEOwKSepvmoUR1XtdYnRnB8rc4Z/mYeHXQHuQ=
Subject key identifier: 85:B7:88:12:79:49:2C:60:94:BD:CF:9B:7C:50:D0:B5:89:4D:BA:82
Certificate issuer: /CN=7250baadff2c286c60b96107d2c64d537ec0aca6
Certificate serial: 019ED55CC83A43F9D0E98465034270E16E29
Authority key identifier: 72:50:BA:AD:FF:2C:28:6C:60:B9:61:07:D2:C6:4D:53:7E:C0:AC:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clC6rf8sKGxguWEH0sZNU37ArKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/hbeIEnlJLGCUvc-bfFDQtYlNuoI.roa
Signing time: Wed 17 Jun 2026 11:34:48 +0000
ROA not before: Wed 17 Jun 2026 11:34:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206091
IP address blocks: 185.196.176.0/22 maxlen: 22
185.222.0.0/22 maxlen: 22
2a0a:70c0::/29 maxlen: 29
2a0c:b000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/clC6rf8sKGxguWEH0sZNU37ArKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/clC6rf8sKGxguWEH0sZNU37ArKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/clC6rf8sKGxguWEH0sZNU37ArKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d5:5c:c8:3a:43:f9:d0:e9:84:65:03:42:70:e1:6e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7250baadff2c286c60b96107d2c64d537ec0aca6
Validity
Not Before: Jun 17 11:34:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=85b7881279492c6094bdcf9b7c50d0b5894dba82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:2f:9d:c5:4d:a8:4b:8f:12:af:60:c5:58:
85:a8:5a:f7:dc:73:2e:5d:83:a7:0c:e9:1e:08:71:
fe:ab:0f:69:5a:9b:c2:56:7a:6c:cf:13:da:6b:3e:
6b:93:e7:0e:dd:99:ee:1a:69:81:5d:af:de:87:da:
1a:81:35:dc:39:17:77:56:59:5c:1f:6d:ff:3a:64:
fe:99:85:8d:cb:e6:8f:1a:42:83:81:d1:31:73:d9:
b7:5f:c9:b8:33:4a:5a:6d:ab:d3:92:46:4f:7c:0c:
5e:ac:54:69:df:ea:85:35:90:10:ee:8e:ca:27:8f:
39:86:2c:e3:6e:0c:63:ad:f4:cc:f9:7e:34:44:6d:
46:3a:c4:42:20:4c:ef:fc:f6:0e:79:f2:7a:d9:91:
10:bc:df:ab:e9:cd:ac:e4:cc:86:64:a3:6e:f8:ad:
b0:6b:3e:2a:29:a7:30:a7:6b:31:ed:3f:1d:1f:7e:
58:82:57:8e:5d:41:90:93:03:75:4b:cd:19:1d:5f:
43:91:3b:e2:cd:6a:a2:8f:3a:34:7e:15:8a:a7:57:
d9:66:cb:42:0d:14:e9:c6:ce:54:c7:e1:d9:46:78:
65:d3:85:ea:ce:df:e5:45:ef:cc:29:08:48:76:9f:
db:d2:1d:be:2a:99:e5:21:fa:f8:e1:2c:06:a6:40:
36:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B7:88:12:79:49:2C:60:94:BD:CF:9B:7C:50:D0:B5:89:4D:BA:82
X509v3 Authority Key Identifier:
keyid:72:50:BA:AD:FF:2C:28:6C:60:B9:61:07:D2:C6:4D:53:7E:C0:AC:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clC6rf8sKGxguWEH0sZNU37ArKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/hbeIEnlJLGCUvc-bfFDQtYlNuoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/27e031-1386-4fca-bbe1-8e9b511cac1a/1/clC6rf8sKGxguWEH0sZNU37ArKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.176.0/22
185.222.0.0/22
IPv6:
2a0a:70c0::/29
2a0c:b000::/29
Signature Algorithm: sha256WithRSAEncryption
9f:85:43:b2:b6:23:6f:49:a8:54:77:8a:41:00:5c:7d:d7:21:
62:98:a0:55:3f:35:22:5f:47:7a:b9:cb:6f:c2:cb:5c:df:5e:
79:3b:45:77:7a:18:2f:97:3c:50:3f:e8:c6:14:d9:c7:e2:d1:
24:5f:c9:ae:97:c9:0d:3a:e5:5e:4a:d2:ea:c3:98:16:da:9a:
a4:b6:60:f5:28:b0:85:f8:bb:71:6e:99:9a:80:68:42:72:d3:
e1:50:60:44:a7:cd:d2:ed:b7:8f:9e:0b:d2:b7:a2:98:22:16:
0a:f5:e6:af:8d:09:4f:27:3e:40:21:bd:a9:49:4b:95:39:a5:
7b:42:c4:35:66:63:d8:46:ee:56:9c:df:17:41:44:05:7f:7d:
4b:ac:19:c0:1f:34:21:dd:74:11:a5:32:8a:0e:da:9a:83:b7:
6a:fe:e1:f4:83:52:9d:1c:03:3c:fb:65:17:ca:b7:87:3e:15:
a4:24:70:b4:eb:92:d1:7e:6d:e3:de:93:61:de:71:20:e4:2f:
71:d1:83:55:e4:51:a5:2f:35:76:b8:4d:92:52:53:68:d2:c5:
86:ab:57:9c:40:91:0d:a0:fa:de:bb:ba:bc:ee:50:ac:5c:18:
ef:e6:e9:78:8d:bd:a9:bb:8b:e5:bf:18:61:36:4b:d5:ae:8f:
67:c6:5d:39
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ7VXMg6Q/nQ6YRlA0Jw4W4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTBiYWFkZmYyYzI4NmM2MGI5NjEwN2QyYzY0ZDUzN2Vj
MGFjYTYwHhcNMjYwNjE3MTEzNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI3ODgxMjc5NDkyYzYwOTRiZGNmOWI3YzUwZDBiNTg5NGRiYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9svncVNqEuPEq9gxViFqFr33HMu
XYOnDOkeCHH+qw9pWpvCVnpszxPaaz5rk+cO3ZnuGmmBXa/eh9oagTXcORd3Vllc
H23/OmT+mYWNy+aPGkKDgdExc9m3X8m4M0pabavTkkZPfAxerFRp3+qFNZAQ7o7K
J485hizjbgxjrfTM+X40RG1GOsRCIEzv/PYOefJ62ZEQvN+r6c2s5MyGZKNu+K2w
az4qKacwp2sx7T8dH35YgleOXUGQkwN1S80ZHV9DkTvizWqijzo0fhWKp1fZZstC
DRTpxs5Ux+HZRnhl04Xqzt/lRe/MKQhIdp/b0h2+KpnlIfr44SwGpkA22wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIW3iBJ5SSxglL3Pm3xQ0LWJTbqCMB8GA1UdIwQY
MBaAFHJQuq3/LChsYLlhB9LGTVN+wKymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xDNnJmOHNLR3hndVdFSDBzWk5VMzdBcktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yN2UwMzEtMTM4Ni00ZmNhLWJiZTEt
OGU5YjUxMWNhYzFhLzEvaGJlSUVubEpMR0NVdmMtYmZGRFF0WWxOdW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yN2UwMzEtMTM4Ni00ZmNhLWJiZTEtOGU5YjUxMWNhYzFh
LzEvY2xDNnJmOHNLR3hndVdFSDBzWk5VMzdBcktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCucSwAwQC
ud4AMBQEAgACMA4DBQMqCnDAAwUDKgywADANBgkqhkiG9w0BAQsFAAOCAQEAn4VD
srYjb0moVHeKQQBcfdchYpigVT81Il9HernLb8LLXN9eeTtFd3oYL5c8UD/oxhTZ
x+LRJF/JrpfJDTrlXkrS6sOYFtqapLZg9Siwhfi7cW6ZmoBoQnLT4VBgRKfN0u23
j54L0reimCIWCvXmr40JTyc+QCG9qUlLlTmle0LENWZj2EbuVpzfF0FEBX99S6wZ
wB80Id10EaUyig7amoO3av7h9INSnRwDPPtlF8q3hz4VpCRwtOuS0X5t496TYd5x
IOQvcdGDVeRRpS81drhNklJTaNLFhqtXnECRDaD63ru6vO5QrFwY7+bpeI29qbuL
5b8YYTZL1a6PZ8ZdOQ==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:38 2026 by rpki-client