Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/HVAKOChJvzlPOcqJ_ehcMgXUK9o.roa
File: HVAKOChJvzlPOcqJ_ehcMgXUK9o.roa (raw, json)
Hash identifier: 2mWGKvxbtg/GycElX7B4p0Awmc5Qwctw5xexjAFCbUI=
Subject key identifier: 1D:50:0A:38:28:49:BF:39:4F:39:CA:89:FD:E8:5C:32:05:D4:2B:DA
Certificate issuer: /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial: 019DD7CB9597BDBEEA4729D365A16F2B60C3
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/HVAKOChJvzlPOcqJ_ehcMgXUK9o.roa
Signing time: Wed 29 Apr 2026 05:52:16 +0000
ROA not before: Wed 29 Apr 2026 05:52:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206525
IP address blocks: 87.121.88.0/24 maxlen: 24
185.183.208.0/22 maxlen: 22
185.183.208.0/24 maxlen: 24
185.183.209.0/24 maxlen: 24
185.183.210.0/24 maxlen: 24
185.183.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:cb:95:97:bd:be:ea:47:29:d3:65:a1:6f:2b:60:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Validity
Not Before: Apr 29 05:52:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d500a382849bf394f39ca89fde85c3205d42bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:5b:da:28:92:cd:02:9d:47:5f:90:97:ba:
b5:91:b9:c3:ef:35:31:2a:f7:49:98:38:4d:f9:0b:
91:f3:af:44:5a:73:d0:5d:16:4e:d5:21:31:aa:77:
37:56:bd:5f:ad:b0:74:a3:2e:c6:ec:b0:fe:32:77:
56:e4:2d:00:2f:d7:09:f8:de:f9:9c:a4:13:f2:96:
39:8a:3d:12:ab:69:32:8c:ed:31:14:6b:16:60:40:
f6:87:7e:cd:ee:2b:c9:d1:77:4a:ea:de:89:d2:59:
36:ba:cd:aa:1a:e4:b3:98:33:ec:18:33:4b:5a:4f:
d9:c0:0d:50:2b:7a:bf:95:61:b6:67:a5:8a:f1:aa:
30:a2:c1:e9:67:d4:83:17:ff:7f:e2:f5:27:ac:54:
74:3b:a6:6c:4f:fd:cf:e3:54:79:62:6b:e8:a7:15:
c6:34:1f:bf:20:ea:79:8e:0e:55:2b:91:b9:01:ab:
ec:97:aa:c6:02:95:09:52:f5:f9:f7:eb:07:25:aa:
6e:e3:2b:97:e1:16:e6:c3:1c:7e:eb:42:14:f1:bd:
09:69:8f:63:09:dd:43:8e:4b:58:4b:3d:f5:37:76:
48:47:98:13:45:1a:ee:a4:66:a2:5a:b7:37:cb:f3:
c5:6b:2b:34:40:15:41:83:9a:c1:12:48:27:d9:dc:
39:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:50:0A:38:28:49:BF:39:4F:39:CA:89:FD:E8:5C:32:05:D4:2B:DA
X509v3 Authority Key Identifier:
keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/HVAKOChJvzlPOcqJ_ehcMgXUK9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.88.0/24
185.183.208.0/22
Signature Algorithm: sha256WithRSAEncryption
49:02:d6:7b:13:8c:e7:da:8b:67:26:c0:2d:41:64:49:d7:75:
93:ae:32:9a:96:8c:51:5b:8b:11:6a:d9:f5:9d:8d:33:47:56:
fd:5e:7c:bc:55:bd:de:54:91:4c:0b:67:19:06:91:16:e3:2f:
52:9f:62:da:71:09:40:ec:22:bb:b8:54:7d:d3:bc:af:31:d4:
1e:e2:25:1c:b2:e6:0a:b0:ab:76:67:46:02:71:4e:35:5f:d4:
2b:f2:3e:47:af:98:b7:39:0b:aa:01:bf:d7:d9:0a:20:f0:9e:
8c:f4:59:69:ab:3a:99:c1:41:12:87:56:c1:03:72:a1:65:26:
f1:30:9b:a0:d6:e2:f9:a4:21:1c:62:22:85:94:e7:19:7a:95:
32:b2:90:09:c7:a6:07:20:f7:d0:18:a4:52:2d:65:d4:fd:01:
19:56:b5:b3:c6:9b:6a:71:cd:56:64:e9:70:94:7d:11:aa:f4:
d1:0b:01:6b:09:b5:d5:31:30:b0:82:3c:fb:81:d8:cc:2f:8c:
cf:e2:77:68:02:e1:00:71:c4:15:fd:4d:c0:32:e5:57:1a:c1:
a1:0c:ba:7c:c7:dd:50:e2:c9:6e:5b:79:c5:91:40:c1:d9:0a:
ac:fb:0f:3c:43:27:88:69:e7:f9:d6:c0:f3:43:92:03:f6:6b:
6a:f1:db:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3Xy5WXvb7qRynTZaFvK2DDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjYwNDI5MDU1MjE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDUwMGEzODI4NDliZjM5NGYzOWNhODlmZGU4NWMzMjA1ZDQyYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGNb2iiSzQKdR1+Ql7q1kbnD7zUx
KvdJmDhN+QuR869EWnPQXRZO1SExqnc3Vr1frbB0oy7G7LD+MndW5C0AL9cJ+N75
nKQT8pY5ij0Sq2kyjO0xFGsWYED2h37N7ivJ0XdK6t6J0lk2us2qGuSzmDPsGDNL
Wk/ZwA1QK3q/lWG2Z6WK8aowosHpZ9SDF/9/4vUnrFR0O6ZsT/3P41R5YmvopxXG
NB+/IOp5jg5VK5G5Aavsl6rGApUJUvX59+sHJapu4yuX4Rbmwxx+60IU8b0JaY9j
Cd1DjktYSz31N3ZIR5gTRRrupGaiWrc3y/PFays0QBVBg5rBEkgn2dw5CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1QCjgoSb85TznKif3oXDIF1CvaMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvSFZBS09DaEp2emxQT2NxSl9laGNNZ1hVSzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3lYAwQC
ubfQMA0GCSqGSIb3DQEBCwUAA4IBAQBJAtZ7E4zn2otnJsAtQWRJ13WTrjKaloxR
W4sRatn1nY0zR1b9Xny8Vb3eVJFMC2cZBpEW4y9Sn2LacQlA7CK7uFR907yvMdQe
4iUcsuYKsKt2Z0YCcU41X9Qr8j5Hr5i3OQuqAb/X2Qog8J6M9FlpqzqZwUESh1bB
A3KhZSbxMJug1uL5pCEcYiKFlOcZepUyspAJx6YHIPfQGKRSLWXU/QEZVrWzxptq
cc1WZOlwlH0RqvTRCwFrCbXVMTCwgjz7gdjML4zP4ndoAuEAccQV/U3AMuVXGsGh
DLp8x91Q4sluW3nFkUDB2Qqs+w88QyeIaef51sDzQ5ID9mtq8dtX
-----END CERTIFICATE-----
Generated at Thu Apr 30 12:53:57 2026 by rpki-client