Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hxKzT-dnSu-KlflT6cgEN3x3hzA.roa
File: hxKzT-dnSu-KlflT6cgEN3x3hzA.roa (raw, json)
Hash identifier: lO8bMTarbG51loGeUHxUHu9MibNMVGS7tlradBBDMoQ=
Subject key identifier: 87:12:B3:4F:E7:67:4A:EF:8A:95:F9:53:E9:C8:04:37:7C:77:87:30
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019F0CD9EE254413EFC1E43EAEA33BEE883E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hxKzT-dnSu-KlflT6cgEN3x3hzA.roa
Signing time: Sun 28 Jun 2026 06:10:36 +0000
ROA not before: Sun 28 Jun 2026 06:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
83.137.159.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.198.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:0c:d9:ee:25:44:13:ef:c1:e4:3e:ae:a3:3b:ee:88:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 28 06:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8712b34fe7674aef8a95f953e9c804377c778730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:a2:d6:fc:e4:0b:ef:1e:12:58:01:d8:3a:
e6:9c:f8:82:85:82:40:d9:18:7e:69:03:a8:3a:7e:
e6:b3:40:86:43:38:87:c5:6f:9c:a7:18:ee:19:bd:
c6:e6:f6:26:df:5b:82:4e:59:d6:2a:14:30:bd:dc:
20:d4:b5:f3:d8:42:69:94:c6:09:e1:04:33:32:19:
ba:03:d7:4a:e9:5a:10:ad:ab:01:6a:7a:43:e3:37:
78:81:53:39:12:a2:09:04:66:f9:72:b4:71:fd:1b:
10:98:1d:df:74:05:cb:94:59:ed:8e:f2:73:5f:16:
c2:86:63:89:20:fa:88:b3:9e:8d:69:87:10:fa:55:
a3:2c:1f:dd:ed:28:2e:8a:30:8e:ff:fc:db:d8:8b:
b4:7a:82:32:35:67:90:bd:8c:46:25:75:7b:72:d9:
68:8d:65:3b:c8:35:55:8b:9e:5c:76:9a:f0:32:6b:
29:39:29:66:f5:f6:9e:38:0a:c1:7a:98:bf:79:49:
4b:7b:1a:c0:5c:84:32:b1:40:41:61:1b:f8:dd:8d:
53:39:a3:6f:69:76:4a:72:fc:c3:c6:7b:a8:18:db:
e9:d9:ad:0a:32:9a:37:f3:cc:b8:d0:95:3f:b0:c9:
df:0e:bd:e1:11:38:3e:36:29:04:9a:bc:13:b6:fe:
16:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:12:B3:4F:E7:67:4A:EF:8A:95:F9:53:E9:C8:04:37:7C:77:87:30
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hxKzT-dnSu-KlflT6cgEN3x3hzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
83.137.159.0/24
88.151.56.0/23
88.209.198.0/24
88.209.201.0/24
88.209.216.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:ae:be:ab:15:e4:84:9c:ca:05:46:dc:78:91:4a:26:2a:41:
a5:b4:b4:75:0d:d0:e0:d8:cd:75:88:bd:c8:b3:19:86:3c:e4:
91:40:89:8d:47:99:ef:ef:d2:cd:84:2b:0f:a0:28:76:63:71:
54:70:0a:24:05:ae:ff:e0:b5:12:fa:b1:19:cd:1a:dc:c4:09:
ac:4a:1c:6c:f6:71:6f:a1:ed:20:6e:68:27:2b:7a:84:d8:38:
6a:bc:59:db:64:0d:60:dd:4a:62:6e:39:4b:e3:3b:42:95:fa:
5e:3b:53:f4:d6:c9:5c:68:29:f9:dc:54:92:e0:4a:d1:36:ca:
ad:33:d5:53:62:3e:f5:c1:4f:32:7e:e6:b4:c8:31:18:f2:84:
8b:85:cc:0b:bf:03:52:11:1e:0a:16:f8:f7:4b:a7:38:2c:4c:
07:ff:d0:e1:ec:46:a9:a5:ba:0c:8d:95:6a:64:b0:68:27:21:
25:ad:ff:4c:eb:f5:b3:53:e9:05:f7:18:d8:a1:d2:27:a5:fb:
81:22:48:e4:87:c9:7b:6b:81:33:ee:da:6a:41:37:48:6b:4d:
e1:cc:6d:31:66:ec:08:e1:f1:2e:39:04:6c:97:01:b2:01:4c:
59:7b:4c:7d:d2:54:f3:6d:5f:98:c4:5b:a9:71:4f:6b:8e:91:
1f:4c:4b:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ8M2e4lRBPvweQ+rqM77og+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNjI4MDYxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzEyYjM0ZmU3Njc0YWVmOGE5NWY5NTNlOWM4MDQzNzdjNzc4NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3+i1vzkC+8eElgB2DrmnPiChYJA
2Rh+aQOoOn7ms0CGQziHxW+cpxjuGb3G5vYm31uCTlnWKhQwvdwg1LXz2EJplMYJ
4QQzMhm6A9dK6VoQrasBanpD4zd4gVM5EqIJBGb5crRx/RsQmB3fdAXLlFntjvJz
XxbChmOJIPqIs56NaYcQ+lWjLB/d7SguijCO//zb2Iu0eoIyNWeQvYxGJXV7ctlo
jWU7yDVVi55cdprwMmspOSlm9faeOArBepi/eUlLexrAXIQysUBBYRv43Y1TOaNv
aXZKcvzDxnuoGNvp2a0KMpo388y40JU/sMnfDr3hETg+NikEmrwTtv4WbQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIcSs0/nZ0rvipX5U+nIBDd8d4cwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaHhLelQtZG5TdS1LbGZsVDZjZ0VOM3gzaHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTfKSAwQA
U4mfAwQBWJc4AwQAWNHGAwQAWNHJAwQAWNHYAwQCWNHoMA0GCSqGSIb3DQEBCwUA
A4IBAQCPrr6rFeSEnMoFRtx4kUomKkGltLR1DdDg2M11iL3IsxmGPOSRQImNR5nv
79LNhCsPoCh2Y3FUcAokBa7/4LUS+rEZzRrcxAmsShxs9nFvoe0gbmgnK3qE2Dhq
vFnbZA1g3UpibjlL4ztClfpeO1P01slcaCn53FSS4ErRNsqtM9VTYj71wU8yfua0
yDEY8oSLhcwLvwNSER4KFvj3S6c4LEwH/9Dh7EappboMjZVqZLBoJyElrf9M6/Wz
U+kF9xjYodInpfuBIkjkh8l7a4Ez7tpqQTdIa03hzG0xZuwI4fEuOQRslwGyAUxZ
e0x90lTzbV+YxFupcU9rjpEfTEuA
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:17 2026 by rpki-client