Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0J4-8506cAU1Sj7w1LLAg7amxxg.roa
File: 0J4-8506cAU1Sj7w1LLAg7amxxg.roa (raw, json)
Hash identifier: wh9Xu59jbjqFVziqslObakWl7Nmm5/y+R1t/EZER9uU=
Subject key identifier: D0:9E:3E:F3:9D:3A:70:05:35:4A:3E:F0:D4:B2:C0:83:B6:A6:C7:18
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DDF693FBB99E43802FBF35E592B58CD9C
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0J4-8506cAU1Sj7w1LLAg7amxxg.roa
Signing time: Thu 30 Apr 2026 17:21:49 +0000
ROA not before: Thu 30 Apr 2026 17:21:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15083
IP address blocks: 2.26.40.0/22 maxlen: 24
2.26.56.0/22 maxlen: 24
144.31.20.0/22 maxlen: 24
144.31.88.0/24 maxlen: 24
144.31.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:69:3f:bb:99:e4:38:02:fb:f3:5e:59:2b:58:cd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 30 17:21:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d09e3ef39d3a7005354a3ef0d4b2c083b6a6c718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:67:24:eb:82:14:e9:3e:09:1e:de:5b:ed:8d:
2a:de:9c:bd:ad:4b:fc:19:e0:a0:1b:40:4e:34:96:
ee:a8:69:c3:81:20:18:37:95:b5:1e:16:1d:39:b4:
32:e1:a6:06:08:a8:0d:5b:e7:c9:1d:98:3a:35:e8:
23:78:8f:0a:af:db:72:1e:dd:c3:58:63:1e:9c:a7:
7d:de:af:ba:07:e1:32:e0:5b:61:0f:ba:47:7b:0c:
e0:bb:87:8b:dd:4f:3f:18:c2:bb:85:96:df:6f:78:
65:b1:17:27:2d:64:40:c2:45:ab:32:db:cd:3e:a4:
5c:d3:f5:99:21:55:4b:11:f4:41:9d:44:00:02:67:
32:74:c6:9b:8d:6e:c1:54:90:d5:38:f8:fe:9b:c1:
03:d6:68:b0:5a:36:00:a6:3b:22:94:c1:de:92:bc:
cd:c4:91:38:69:84:11:c8:38:3d:90:29:3e:8e:4e:
a8:54:1f:46:53:2d:ab:09:f5:7f:be:12:11:3b:e2:
2a:f1:de:0c:af:e4:c7:5f:25:dc:9a:86:ea:db:6f:
0a:21:7a:0d:4d:9d:f5:21:76:8c:c0:ab:91:9b:fa:
67:10:d3:46:d2:8a:05:d6:33:6f:86:78:ef:56:02:
c4:ec:4d:08:63:fa:05:66:a3:18:b7:8b:fc:8a:d0:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9E:3E:F3:9D:3A:70:05:35:4A:3E:F0:D4:B2:C0:83:B6:A6:C7:18
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0J4-8506cAU1Sj7w1LLAg7amxxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.40.0/22
2.26.56.0/22
144.31.20.0/22
144.31.88.0/24
144.31.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:b5:5c:53:bd:86:b7:76:56:df:00:ea:ab:b5:2d:9a:37:63:
a2:9c:f3:71:e9:4b:24:bb:8a:54:fb:c8:71:32:ad:fc:32:c8:
0f:c7:7e:9b:cf:b2:61:83:ae:15:2e:bf:85:a5:e4:bf:b7:f8:
05:93:76:02:7e:15:54:69:66:7a:f4:e6:80:8e:45:a4:79:f9:
cc:36:35:7d:92:30:2c:dc:42:19:f3:c2:be:1b:66:68:a4:4d:
90:7e:1a:8d:d2:1e:d6:8f:44:a4:9c:57:7a:99:51:48:6b:91:
57:e0:c2:9e:7e:ea:f8:31:30:84:90:2e:5f:6f:bb:8f:5f:2b:
eb:d0:9d:96:2f:37:21:8a:fa:52:84:d8:16:42:f1:84:32:22:
cc:e9:e6:fe:f5:a7:8a:12:14:4c:1f:3c:91:5e:62:73:0a:ad:
d4:f5:a2:bc:bc:9e:03:07:37:0d:3a:0f:6c:29:01:52:d4:80:
e8:ad:c5:a0:f4:e7:a4:88:6b:88:ba:8a:42:f5:82:f1:63:13:
4a:4f:b7:fc:28:d1:d8:5a:51:ff:90:f3:6d:74:bd:76:25:c2:
9f:2d:8b:a3:63:36:d5:32:59:5f:06:ad:42:20:38:6f:5b:53:
95:44:71:47:dc:d3:04:9d:02:9d:d6:09:9c:e0:ac:17:59:3e:
ed:97:21:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3faT+7meQ4AvvzXlkrWM2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDMwMTcyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDllM2VmMzlkM2E3MDA1MzU0YTNlZjBkNGIyYzA4M2I2YTZjNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGck64IU6T4JHt5b7Y0q3py9rUv8
GeCgG0BONJbuqGnDgSAYN5W1HhYdObQy4aYGCKgNW+fJHZg6NegjeI8Kr9tyHt3D
WGMenKd93q+6B+Ey4FthD7pHewzgu4eL3U8/GMK7hZbfb3hlsRcnLWRAwkWrMtvN
PqRc0/WZIVVLEfRBnUQAAmcydMabjW7BVJDVOPj+m8ED1miwWjYApjsilMHekrzN
xJE4aYQRyDg9kCk+jk6oVB9GUy2rCfV/vhIRO+Iq8d4Mr+THXyXcmobq228KIXoN
TZ31IXaMwKuRm/pnENNG0ooF1jNvhnjvVgLE7E0IY/oFZqMYt4v8itAPTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNCePvOdOnAFNUo+8NSywIO2pscYMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMEo0LTg1MDZjQVUxU2o3dzFMTEFnN2FteHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAhooAwQC
Aho4AwQCkB8UAwQAkB9YAwQAkB98MA0GCSqGSIb3DQEBCwUAA4IBAQArtVxTvYa3
dlbfAOqrtS2aN2OinPNx6Usku4pU+8hxMq38MsgPx36bz7Jhg64VLr+FpeS/t/gF
k3YCfhVUaWZ69OaAjkWkefnMNjV9kjAs3EIZ88K+G2ZopE2QfhqN0h7Wj0SknFd6
mVFIa5FX4MKefur4MTCEkC5fb7uPXyvr0J2WLzchivpShNgWQvGEMiLM6eb+9aeK
EhRMHzyRXmJzCq3U9aK8vJ4DBzcNOg9sKQFS1IDorcWg9OekiGuIuopC9YLxYxNK
T7f8KNHYWlH/kPNtdL12JcKfLYujYzbVMllfBq1CIDhvW1OVRHFH3NMEnQKd1gmc
4KwXWT7tlyHV
-----END CERTIFICATE-----
Generated at Tue May 5 16:51:37 2026 by rpki-client