Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hpNIrmJCPI6L_ZXbSjkOa1bMOeo.roa
File: hpNIrmJCPI6L_ZXbSjkOa1bMOeo.roa (raw, json)
Hash identifier: FGoCCLcEY9SWp4NRcCx9RpTYAQ7WD4q5S4G/+Mn7Yto=
Subject key identifier: 86:93:48:AE:62:42:3C:8E:8B:FD:95:DB:4A:39:0E:6B:56:CC:39:EA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E87BA351B65C2E2408198608A2F525F7B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hpNIrmJCPI6L_ZXbSjkOa1bMOeo.roa
Signing time: Tue 02 Jun 2026 09:46:27 +0000
ROA not before: Tue 02 Jun 2026 09:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 18:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:ba:35:1b:65:c2:e2:40:81:98:60:8a:2f:52:5f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 2 09:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=869348ae62423c8e8bfd95db4a390e6b56cc39ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0b:88:e3:1c:ad:5c:ed:66:80:25:bf:b1:65:
c5:b7:5e:12:3f:c4:2e:2b:83:96:5f:b9:2b:42:6d:
92:78:ef:b1:bc:dc:db:24:24:54:9f:9e:fc:62:6d:
2f:7a:53:9b:a2:9f:da:37:0f:5d:fe:7c:8a:af:ad:
7e:4c:ce:8e:cb:2f:1a:25:1e:91:93:ae:6a:0a:d8:
fb:1b:b0:a8:e5:99:69:48:b5:08:92:fd:7e:87:2a:
ff:ad:d7:5e:ef:b3:0f:15:b4:f8:ba:75:fa:b2:a9:
69:b1:42:55:6e:3e:19:af:c1:9d:bb:e3:6b:97:53:
7c:58:a6:98:97:cf:c2:5c:28:2e:c9:b4:d4:c9:6b:
00:45:d1:35:b0:50:2d:57:7f:a1:64:8e:77:e2:92:
ef:82:da:1e:71:45:bf:83:6b:19:3a:5e:3a:d2:cc:
56:0d:4f:4e:e4:c4:7e:24:f8:19:d1:73:bd:c4:ad:
3b:f1:f3:e5:24:c1:64:9e:5e:54:3d:b6:99:12:fa:
e6:56:00:5e:a8:e9:9b:ff:90:9b:b2:a8:9e:d6:09:
24:50:50:da:89:f3:33:be:18:57:93:95:9c:b7:e3:
6a:af:e0:14:47:19:d5:55:b1:d3:6e:c4:ac:aa:a1:
99:7a:84:c1:f8:98:49:aa:99:9e:72:36:99:10:73:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:93:48:AE:62:42:3C:8E:8B:FD:95:DB:4A:39:0E:6B:56:CC:39:EA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hpNIrmJCPI6L_ZXbSjkOa1bMOeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/23
185.210.155.0/24
185.210.232.0/24
185.210.235.0/24
185.225.0.0/24
185.227.145.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:70:7b:a5:49:3d:7a:cc:b7:d7:ba:7e:97:2f:6f:7d:ca:ac:
c5:a6:a1:af:09:c3:04:27:90:85:df:df:c7:63:33:af:e1:33:
26:34:4d:df:4c:f3:99:d3:67:e7:b4:3a:cf:4b:ec:70:f6:99:
dc:a3:55:20:c1:11:8e:3f:9c:6f:2a:bd:68:51:7d:8d:26:bb:
d0:e1:6e:f8:4e:9f:02:ee:dd:21:c1:07:51:3f:12:cc:94:2d:
2b:5d:ae:92:b1:42:91:dc:25:4b:f6:fc:7f:f7:b3:b9:f5:58:
18:13:a8:67:76:53:00:f4:6f:59:6f:e1:d2:b7:31:98:9c:7e:
eb:a0:6c:4c:cc:0c:49:35:56:ef:b4:fe:95:7f:16:36:c4:28:
5d:70:a8:4c:6a:63:14:af:11:ae:11:6a:21:d8:b9:5e:bb:1d:
5a:c8:3c:d1:bd:78:d9:61:96:8d:82:c4:46:a4:bf:72:87:2c:
48:e5:b9:7e:e8:81:e8:80:02:49:7e:cc:b2:c9:c2:fd:ee:e6:
fc:ab:5d:1b:89:58:0a:de:18:1b:de:0a:5c:0e:92:b7:76:aa:
56:e9:84:36:d2:22:a0:e2:9c:f6:4b:e5:a5:84:73:4e:ec:7e:
56:67:4a:d3:79:44:56:36:57:ae:2e:0a:f3:48:a7:4b:7c:30:
f7:4c:bb:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ6HujUbZcLiQIGYYIovUl97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNjAyMDk0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkzNDhhZTYyNDIzYzhlOGJmZDk1ZGI0YTM5MGU2YjU2Y2MzOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApguI4xytXO1mgCW/sWXFt14SP8Qu
K4OWX7krQm2SeO+xvNzbJCRUn578Ym0velObop/aNw9d/nyKr61+TM6Oyy8aJR6R
k65qCtj7G7Co5ZlpSLUIkv1+hyr/rdde77MPFbT4unX6sqlpsUJVbj4Zr8Gdu+Nr
l1N8WKaYl8/CXCguybTUyWsARdE1sFAtV3+hZI534pLvgtoecUW/g2sZOl460sxW
DU9O5MR+JPgZ0XO9xK078fPlJMFknl5UPbaZEvrmVgBeqOmb/5Cbsqie1gkkUFDa
ifMzvhhXk5Wct+Nqr+AURxnVVbHTbsSsqqGZeoTB+JhJqpmecjaZEHOzqQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIaTSK5iQjyOi/2V20o5DmtWzDnqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaHBOSXJtSkNQSTZMX1pYYlNqa09hMWJNT2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAsH34AwQA
uc77AwQBudEkAwQBudKYAwQAudKbAwQAudLoAwQAudLrAwQAueEAAwQAueORAwQA
ufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCMcHulST16zLfXun6XL299yqzFpqGvCcME
J5CF39/HYzOv4TMmNE3fTPOZ02fntDrPS+xw9pnco1UgwRGOP5xvKr1oUX2NJrvQ
4W74Tp8C7t0hwQdRPxLMlC0rXa6SsUKR3CVL9vx/97O59VgYE6hndlMA9G9Zb+HS
tzGYnH7roGxMzAxJNVbvtP6VfxY2xChdcKhMamMUrxGuEWoh2Lleux1ayDzRvXjZ
YZaNgsRGpL9yhyxI5bl+6IHogAJJfsyyycL97ub8q10biVgK3hgb3gpcDpK3dqpW
6YQ20iKg4pz2S+WlhHNO7H5WZ0rTeURWNleuLgrzSKdLfDD3TLuw
-----END CERTIFICATE-----
Generated at Mon Jun 8 04:48:16 2026 by rpki-client