Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/HUdkOXLhBSaGi7zaB3tiAzHsu2w.roa
File: HUdkOXLhBSaGi7zaB3tiAzHsu2w.roa (raw, json)
Hash identifier: SMC3snHw7F/Tr45ZUYM0iuFzgEgu3dYKECc195mdzRs=
Subject key identifier: 1D:47:64:39:72:E1:05:26:86:8B:BC:DA:07:7B:62:03:31:EC:BB:6C
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019DF769578EEB8D6CC641F125ED3D328BF5
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/HUdkOXLhBSaGi7zaB3tiAzHsu2w.roa
Signing time: Tue 05 May 2026 09:12:49 +0000
ROA not before: Tue 05 May 2026 09:12:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 141039
IP address blocks: 172.216.255.0/24 maxlen: 24
2a09:a702:a::/48 maxlen: 48
2a09:a702:a8::/48 maxlen: 48
2a09:a702:aa::/48 maxlen: 48
2a09:a702:ab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:69:57:8e:eb:8d:6c:c6:41:f1:25:ed:3d:32:8b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: May 5 09:12:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d47643972e10526868bbcda077b620331ecbb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3c:7b:75:6d:6b:21:de:a2:7b:b7:dd:44:45:
b8:6b:54:71:6e:36:5c:41:9b:84:50:e6:26:f2:f7:
64:4d:cb:bb:ae:40:33:8d:9c:36:c3:20:28:7c:14:
5c:19:85:e5:cf:77:40:e2:56:09:cb:cc:81:d5:7e:
6b:c4:88:ea:04:b8:6b:75:16:af:67:13:e2:f3:55:
0c:d2:17:93:35:9d:1b:1b:01:cf:54:63:76:48:40:
08:8c:03:70:b6:e3:8b:09:5d:79:3c:4b:46:cf:2c:
f2:0c:d0:ef:51:3b:56:d3:69:5b:2c:bc:83:2d:68:
ba:b4:16:f0:4b:6a:94:70:5d:57:46:a7:98:e9:e1:
3f:4f:0a:df:3b:24:ab:66:78:5b:98:e8:ac:7f:57:
24:35:b0:9f:bb:0d:b0:ff:2f:d2:a7:9b:25:c6:ec:
5b:f1:6e:9f:91:46:bb:8c:80:97:04:94:72:f7:3e:
c3:56:b8:94:59:a5:72:a0:32:7d:6b:86:fd:77:e1:
97:88:b9:9a:2e:13:96:4a:a3:f0:e2:f2:1a:8d:f0:
d5:e8:9f:e1:13:59:c9:a3:6d:14:c7:92:82:47:03:
08:d6:07:8c:d9:85:a1:d3:58:01:7c:e7:f8:c5:08:
38:f5:d7:60:d2:3c:d8:85:01:64:50:2b:8d:94:0e:
58:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:47:64:39:72:E1:05:26:86:8B:BC:DA:07:7B:62:03:31:EC:BB:6C
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/HUdkOXLhBSaGi7zaB3tiAzHsu2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
172.216.255.0/24
IPv6:
2a09:a702:a::/48
2a09:a702:a8::/48
2a09:a702:aa::/47
Signature Algorithm: sha256WithRSAEncryption
06:2b:59:21:75:ec:e1:d7:d8:c1:95:1c:e0:43:3f:08:c9:af:
f1:1f:8f:00:8b:22:02:81:4f:af:24:4c:fd:54:88:85:df:9e:
34:bb:c1:22:13:7a:f7:59:68:2d:1b:8f:ae:76:71:24:21:f3:
fd:81:76:6b:41:82:43:4a:db:cb:44:14:5d:67:57:e9:59:fe:
b2:a2:b1:7a:f0:4d:84:ba:0e:4b:4d:2a:e4:92:40:ed:f7:15:
3e:06:6a:f8:7b:1e:be:ef:ff:01:c2:be:09:bf:01:01:2f:f6:
78:f3:b4:35:0f:70:31:a5:5d:11:37:c6:a1:0d:e3:85:d0:38:
d8:77:d2:b8:3f:a5:b0:53:40:ac:52:bf:5b:0e:5c:2e:c0:83:
3f:44:3c:05:0a:40:a8:51:94:63:39:10:85:09:c7:70:f2:fd:
be:4f:36:87:87:3f:d8:98:f8:d2:38:9d:08:2a:fd:15:9e:8d:
bf:61:49:2f:a4:0f:0e:b6:56:72:e9:8f:0b:77:7e:d8:d0:ab:
ed:eb:65:85:81:0d:e2:a5:e6:86:e9:e6:94:54:fb:5c:9f:c1:
22:8b:22:ba:15:14:47:89:d2:8c:59:0a:8a:06:c1:2e:f1:7a:
21:5d:25:39:de:dc:11:1b:77:71:90:7e:31:c2:e8:37:3e:36:
5c:90:b2:dc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ33aVeO641sxkHxJe09Mov1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjYwNTA1MDkxMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ3NjQzOTcyZTEwNTI2ODY4YmJjZGEwNzdiNjIwMzMxZWNiYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zx7dW1rId6ie7fdREW4a1RxbjZc
QZuEUOYm8vdkTcu7rkAzjZw2wyAofBRcGYXlz3dA4lYJy8yB1X5rxIjqBLhrdRav
ZxPi81UM0heTNZ0bGwHPVGN2SEAIjANwtuOLCV15PEtGzyzyDNDvUTtW02lbLLyD
LWi6tBbwS2qUcF1XRqeY6eE/TwrfOySrZnhbmOisf1ckNbCfuw2w/y/Sp5slxuxb
8W6fkUa7jICXBJRy9z7DVriUWaVyoDJ9a4b9d+GXiLmaLhOWSqPw4vIajfDV6J/h
E1nJo20Ux5KCRwMI1geM2YWh01gBfOf4xQg49ddg0jzYhQFkUCuNlA5YIQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB1HZDly4QUmhou82gd7YgMx7LtsMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvSFVka09YTGhCU2FHaTd6YUIzdGlBekhzdTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQArNj/MCEE
AgACMBsDBwAqCacCAAoDBwAqCacCAKgDBwEqCacCAKowDQYJKoZIhvcNAQELBQAD
ggEBAAYrWSF17OHX2MGVHOBDPwjJr/EfjwCLIgKBT68kTP1UiIXfnjS7wSITevdZ
aC0bj652cSQh8/2BdmtBgkNK28tEFF1nV+lZ/rKisXrwTYS6DktNKuSSQO33FT4G
avh7Hr7v/wHCvgm/AQEv9njztDUPcDGlXRE3xqEN44XQONh30rg/pbBTQKxSv1sO
XC7Agz9EPAUKQKhRlGM5EIUJx3Dy/b5PNoeHP9iY+NI4nQgq/RWejb9hSS+kDw62
VnLpjwt3ftjQq+3rZYWBDeKl5obp5pRU+1yfwSKLIroVFEeJ0oxZCooGwS7xeiFd
JTne3BEbd3GQfjHC6Dc+NlyQstw=
-----END CERTIFICATE-----
Generated at Wed May 6 01:14:18 2026 by rpki-client