Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HeF6d8ZqtUvtEoT9qRqtEngFhqs.roa
File: HeF6d8ZqtUvtEoT9qRqtEngFhqs.roa (raw, json)
Hash identifier: dhG6uJKOm86K/y5frB7DsRL5AFqcRJYZPyAuXes5z60=
Subject key identifier: 1D:E1:7A:77:C6:6A:B5:4B:ED:12:84:FD:A9:1A:AD:12:78:05:86:AB
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019CB80C69E369D8AA0AFC6DE9A785B4056A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HeF6d8ZqtUvtEoT9qRqtEngFhqs.roa
Signing time: Wed 04 Mar 2026 08:52:27 +0000
ROA not before: Wed 04 Mar 2026 08:52:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398465
IP address blocks: 89.47.100.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
93.114.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 14:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:0c:69:e3:69:d8:aa:0a:fc:6d:e9:a7:85:b4:05:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 4 08:52:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1de17a77c66ab54bed1284fda91aad12780586ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5a:ea:bc:5e:35:ac:2a:04:ae:85:3a:27:af:
d3:15:4e:7d:12:5c:18:36:de:e1:f3:b6:f9:c2:0b:
43:0c:79:80:89:4c:35:09:8c:45:74:e0:a2:6c:2c:
18:55:44:4f:d0:b0:fa:07:8a:aa:e8:02:de:6d:53:
e1:29:e3:7f:01:41:04:bc:07:ac:b5:8c:f4:f9:d1:
1b:78:65:ea:2e:14:27:c0:90:13:d7:e9:f4:27:6c:
2e:98:64:c1:41:2c:8b:7a:f2:55:1f:e5:cd:58:0c:
b7:d9:92:92:cd:f1:bc:f3:3b:4a:e9:de:c6:ee:84:
ef:83:4f:44:0a:eb:02:b1:12:93:15:56:cc:ff:36:
b1:2b:49:df:a1:39:d2:f7:de:f5:8e:34:39:d6:85:
04:be:75:57:08:be:25:4b:96:90:2a:e1:95:af:16:
e9:28:23:68:79:fc:98:0d:a5:23:5f:8a:9c:26:3b:
b9:21:61:89:23:15:09:cb:fb:77:de:c0:46:82:f9:
8c:18:58:4b:48:6d:38:43:15:ba:80:46:00:35:34:
02:28:da:b5:35:b1:08:00:3a:d6:09:0a:ea:65:ba:
0f:00:1f:5d:2e:05:19:10:cd:fd:10:b7:83:27:5e:
89:db:a6:36:0f:b7:1c:6f:23:fd:7a:eb:d1:e8:7e:
06:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E1:7A:77:C6:6A:B5:4B:ED:12:84:FD:A9:1A:AD:12:78:05:86:AB
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HeF6d8ZqtUvtEoT9qRqtEngFhqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.100.0/24
89.47.114.0/24
93.114.73.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:09:8d:05:d0:99:47:65:69:d3:1c:21:92:98:b5:fb:2e:24:
33:43:a8:bc:59:92:c2:34:58:59:15:81:af:56:8c:82:32:26:
02:78:ac:72:2a:a2:df:29:c0:58:44:8a:6e:a9:a9:62:63:89:
34:84:c8:a8:3a:c0:1b:f4:8e:b9:e1:db:b2:df:b1:a3:40:16:
c3:ec:dc:34:7d:31:1c:c6:1f:e3:d6:00:df:c6:ec:56:b6:ee:
1f:1c:e2:30:7a:24:25:4a:0e:1a:83:38:03:7c:72:ac:53:bf:
23:69:e6:fb:15:f8:51:83:30:76:c4:c7:7b:66:48:b6:6d:54:
77:be:02:33:69:4e:69:31:e9:c6:aa:26:37:3b:35:96:0f:8b:
e1:57:45:33:38:0d:72:48:6b:3c:19:9f:fb:96:7e:3a:45:4c:
20:1d:3c:7d:f5:1a:ff:a0:97:5c:e0:1f:5a:6c:6b:2c:50:97:
9f:72:9c:ca:83:8b:27:73:64:3a:83:2c:d7:53:29:d1:a6:42:
b1:d1:bb:d8:ca:0b:b4:df:70:21:c8:38:f9:c5:b6:10:79:a8:
30:ee:41:cf:14:c7:d0:37:06:b7:58:c1:c2:27:84:91:7a:33:
ac:1c:2c:44:11:69:ce:65:23:b8:ca:d3:93:b3:8d:d1:cc:ab:
fd:6f:3f:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZy4DGnjadiqCvxt6aeFtAVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMzA0MDg1MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGUxN2E3N2M2NmFiNTRiZWQxMjg0ZmRhOTFhYWQxMjc4MDU4NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21rqvF41rCoEroU6J6/TFU59ElwY
Nt7h87b5wgtDDHmAiUw1CYxFdOCibCwYVURP0LD6B4qq6ALebVPhKeN/AUEEvAes
tYz0+dEbeGXqLhQnwJAT1+n0J2wumGTBQSyLevJVH+XNWAy32ZKSzfG88ztK6d7G
7oTvg09ECusCsRKTFVbM/zaxK0nfoTnS9971jjQ51oUEvnVXCL4lS5aQKuGVrxbp
KCNoefyYDaUjX4qcJju5IWGJIxUJy/t33sBGgvmMGFhLSG04QxW6gEYANTQCKNq1
NbEIADrWCQrqZboPAB9dLgUZEM39ELeDJ16J26Y2D7ccbyP9euvR6H4GWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB3henfGarVL7RKE/akarRJ4BYarMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSGVGNmQ4WnF0VXZ0RW9UOXFScXRFbmdGaHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWS9kAwQA
WS9yAwQAXXJJMA0GCSqGSIb3DQEBCwUAA4IBAQAsCY0F0JlHZWnTHCGSmLX7LiQz
Q6i8WZLCNFhZFYGvVoyCMiYCeKxyKqLfKcBYRIpuqaliY4k0hMioOsAb9I654duy
37GjQBbD7Nw0fTEcxh/j1gDfxuxWtu4fHOIweiQlSg4agzgDfHKsU78jaeb7FfhR
gzB2xMd7Zki2bVR3vgIzaU5pMenGqiY3OzWWD4vhV0UzOA1ySGs8GZ/7ln46RUwg
HTx99Rr/oJdc4B9abGssUJefcpzKg4snc2Q6gyzXUynRpkKx0bvYygu033AhyDj5
xbYQeagw7kHPFMfQNwa3WMHCJ4SRejOsHCxEEWnOZSO4ytOTs43RzKv9bz8+
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:16 2026 by rpki-client