Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/h-TXKTs2z83duhijvkOTLjBA2L0.roa
File: h-TXKTs2z83duhijvkOTLjBA2L0.roa (raw, json)
Hash identifier: NO0Zua97gRBGlloifTJEnUitNqj6I03SjAgTJgL7qe0=
Subject key identifier: 87:E4:D7:29:3B:36:CF:CD:DD:BA:18:A3:BE:43:93:2E:30:40:D8:BD
Certificate issuer: /CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Certificate serial: 019E45777363E33B958E223692CFC8EC9C11
Authority key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/h-TXKTs2z83duhijvkOTLjBA2L0.roa
Signing time: Wed 20 May 2026 12:58:36 +0000
ROA not before: Wed 20 May 2026 12:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201262
IP address blocks: 185.52.192.0/22 maxlen: 24
199.195.56.0/22 maxlen: 24
2a01:9aa0:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:77:73:63:e3:3b:95:8e:22:36:92:cf:c8:ec:9c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Validity
Not Before: May 20 12:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=87e4d7293b36cfcdddba18a3be43932e3040d8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ac:5e:1b:ec:85:47:c6:f3:e0:06:34:56:fd:
9d:fa:a3:08:1f:1c:2d:e5:f3:51:e0:03:fa:0f:9d:
b0:3c:6a:55:e9:9c:70:45:da:fc:a5:77:c3:e4:5b:
b7:40:46:e3:dd:c5:38:6e:f2:e1:3f:20:5f:b0:3e:
e8:70:6a:1a:51:1c:36:24:ab:01:bf:42:ea:87:eb:
6a:4f:73:1e:c3:c2:77:ba:c6:06:3a:1d:d7:73:2a:
54:13:e8:fd:33:ac:db:14:51:1c:9c:51:6b:1d:e9:
9b:0a:0b:25:79:19:7f:8c:3e:34:5b:b5:37:7e:ec:
9e:c1:24:23:7a:91:96:f4:f2:44:20:fc:0f:56:8a:
91:4c:a7:d3:59:e5:9f:26:3a:03:28:68:68:07:7c:
e9:d4:fd:fc:f6:d0:7b:ac:14:83:97:72:a0:53:28:
96:93:63:4e:93:97:eb:a0:d0:9b:08:4f:0c:60:51:
82:0c:19:6c:47:d8:36:fc:75:e2:eb:87:fa:86:c0:
ab:77:5d:18:9b:54:8d:d3:81:a3:ae:74:ae:e3:06:
28:dd:71:78:27:e0:87:58:a2:58:8f:a3:4b:23:58:
09:56:0c:1a:43:2a:be:e8:a5:c0:cb:c8:38:64:8c:
e7:31:f9:58:b9:87:ab:e9:c4:20:f4:83:1b:b7:45:
31:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E4:D7:29:3B:36:CF:CD:DD:BA:18:A3:BE:43:93:2E:30:40:D8:BD
X509v3 Authority Key Identifier:
keyid:51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/h-TXKTs2z83duhijvkOTLjBA2L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.192.0/22
199.195.56.0/22
IPv6:
2a01:9aa0:200::/40
Signature Algorithm: sha256WithRSAEncryption
30:75:d5:f5:17:18:2d:80:27:a0:66:a4:ef:e6:0a:f4:4f:26:
d9:97:8b:70:6b:24:c2:65:74:ee:ae:df:70:4c:ac:5a:4c:d2:
e9:a9:9a:fc:53:80:a6:b5:52:8b:4e:d5:3d:f1:19:3d:1f:59:
bd:27:46:17:0c:7e:d1:b5:b4:31:27:78:9b:f2:4f:22:6a:48:
fb:d5:f0:83:f9:cc:c5:14:79:28:05:b2:18:c4:ac:45:51:90:
b7:76:40:55:04:68:5f:bd:a8:e6:25:1c:9a:4c:06:56:d2:7c:
85:f3:77:31:e4:93:23:79:72:9d:77:7c:3d:ea:bd:68:90:9a:
84:fe:92:20:75:59:21:7d:fa:ba:3c:a6:24:af:71:59:11:27:
e8:de:c1:63:4d:4f:17:f6:8f:f8:c1:f3:f8:c6:25:e0:66:c0:
a4:cd:ac:27:64:08:24:f7:54:a6:81:65:ed:b6:d3:58:e7:c1:
47:cf:17:49:d2:30:01:54:c1:1f:9e:09:20:c4:ab:02:af:46:
9f:82:25:9b:75:95:19:70:a9:1e:2f:cc:34:03:4f:3d:fb:3b:
b1:a2:0c:8e:ca:b7:36:09:a1:e8:2d:45:71:a6:ab:69:d7:61:
13:70:cb:79:d1:f7:f3:db:1a:8c:25:12:18:84:37:82:f8:b5:
00:2a:3d:ab
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ5Fd3Nj4zuVjiI2ks/I7JwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjRiMGIwNDY5ZWIwZDA3MTk5NGNkODIzOGYzNGJlZjAw
YzZmYmUwHhcNMjYwNTIwMTI1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U0ZDcyOTNiMzZjZmNkZGRiYTE4YTNiZTQzOTMyZTMwNDBkOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKxeG+yFR8bz4AY0Vv2d+qMIHxwt
5fNR4AP6D52wPGpV6ZxwRdr8pXfD5Fu3QEbj3cU4bvLhPyBfsD7ocGoaURw2JKsB
v0Lqh+tqT3Mew8J3usYGOh3XcypUE+j9M6zbFFEcnFFrHembCgsleRl/jD40W7U3
fuyewSQjepGW9PJEIPwPVoqRTKfTWeWfJjoDKGhoB3zp1P389tB7rBSDl3KgUyiW
k2NOk5froNCbCE8MYFGCDBlsR9g2/HXi64f6hsCrd10Ym1SN04GjrnSu4wYo3XF4
J+CHWKJYj6NLI1gJVgwaQyq+6KXAy8g4ZIznMflYuYer6cQg9IMbt0UxAwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIfk1yk7Ns/N3boYo75Dky4wQNi9MB8GA1UdIwQY
MBaAFFH0sLBGnrDQcZlM2COPNL7wDG++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEt
Nzg4NDRlMTAxMTMzLzEvaC1UWEtUczJ6ODNkdWhpanZrT1RMakJBMkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEtNzg4NDRlMTAxMTMz
LzEvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuTTAAwQC
x8M4MA4EAgACMAgDBgAqAZqgAjANBgkqhkiG9w0BAQsFAAOCAQEAMHXV9RcYLYAn
oGak7+YK9E8m2ZeLcGskwmV07q7fcEysWkzS6ama/FOAprVSi07VPfEZPR9ZvSdG
Fwx+0bW0MSd4m/JPImpI+9Xwg/nMxRR5KAWyGMSsRVGQt3ZAVQRoX72o5iUcmkwG
VtJ8hfN3MeSTI3lynXd8Peq9aJCahP6SIHVZIX36ujymJK9xWREn6N7BY01PF/aP
+MHz+MYl4GbApM2sJ2QIJPdUpoFl7bbTWOfBR88XSdIwAVTBH54JIMSrAq9Gn4Il
m3WVGXCpHi/MNANPPfs7saIMjsq3Ngmh6C1FcaaraddhE3DLedH389sajCUSGIQ3
gvi1ACo9qw==
-----END CERTIFICATE-----
Generated at Fri Jun 5 18:42:48 2026 by rpki-client