Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/37HGWq3iy7kf-E9TUO8bNJsBOgc.roa
File: 37HGWq3iy7kf-E9TUO8bNJsBOgc.roa (raw, json)
Hash identifier: Ofv4cx1bjy6gq2q0GNNBPlZ0e1TNlKS7GMe64Z+/I1Y=
Subject key identifier: DF:B1:C6:5A:AD:E2:CB:B9:1F:F8:4F:53:50:EF:1B:34:9B:01:3A:07
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D06EA952E8F421C26F4711215DEB9DDDF
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/37HGWq3iy7kf-E9TUO8bNJsBOgc.roa
Signing time: Thu 19 Mar 2026 16:25:30 +0000
ROA not before: Thu 19 Mar 2026 16:25:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210457
IP address blocks: 2.27.60.0/24 maxlen: 24
2.27.62.0/24 maxlen: 24
2.27.63.0/24 maxlen: 24
144.31.12.0/24 maxlen: 24
144.31.25.0/24 maxlen: 24
144.31.106.0/24 maxlen: 24
144.31.136.0/24 maxlen: 24
144.31.169.0/24 maxlen: 24
144.31.221.0/24 maxlen: 24
150.241.66.0/24 maxlen: 24
193.23.199.0/24 maxlen: 24
193.23.209.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:ea:95:2e:8f:42:1c:26:f4:71:12:15:de:b9:dd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 19 16:25:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dfb1c65aade2cbb91ff84f5350ef1b349b013a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:a3:12:83:d7:ab:e3:22:ca:30:66:09:8d:
25:e6:1a:81:8c:5d:d7:05:7c:8e:52:61:92:81:25:
76:cb:5a:7e:c1:01:e6:d2:44:8d:63:74:e9:64:a0:
fa:8c:44:d1:0d:58:00:16:f2:da:ee:78:db:41:b6:
de:1b:82:62:70:5a:db:83:a1:40:f7:93:79:de:fb:
a2:85:e7:72:58:38:e3:30:7d:45:53:5c:f0:9a:a6:
0d:b2:01:3c:b4:35:a7:a2:15:16:9a:bf:5a:2e:a5:
17:51:a9:7f:ea:19:e4:41:f5:21:04:be:79:aa:31:
c8:b8:22:b5:84:45:6a:b2:2c:59:ff:91:99:16:84:
77:c7:59:32:e5:23:48:82:c4:98:43:fc:52:0e:ad:
41:51:b0:3a:af:1c:30:62:e8:5f:9a:37:78:51:d3:
a7:7e:6e:0c:22:11:de:1d:93:42:f2:0b:5d:c8:0e:
0b:9d:79:8d:25:7c:64:be:47:14:c7:b3:1a:a5:d6:
05:d5:18:03:fc:ee:f4:ca:bd:0a:34:8b:1a:ff:b7:
cb:2e:60:28:85:21:5b:c8:b7:96:1c:ee:9a:b9:6d:
c7:2a:2c:6a:a4:91:61:19:1f:46:d3:17:79:9e:67:
be:57:f8:30:34:8f:51:85:5c:92:c5:7c:51:14:00:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B1:C6:5A:AD:E2:CB:B9:1F:F8:4F:53:50:EF:1B:34:9B:01:3A:07
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/37HGWq3iy7kf-E9TUO8bNJsBOgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.60.0/24
2.27.62.0/23
144.31.12.0/24
144.31.25.0/24
144.31.106.0/24
144.31.136.0/24
144.31.169.0/24
144.31.221.0/24
150.241.66.0/24
193.23.199.0/24
193.23.209.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
06:35:f2:a5:ce:41:0f:eb:83:22:84:24:e0:ea:17:62:aa:2a:
c1:3d:a2:9c:94:4d:d2:b4:ec:67:fe:90:66:12:48:6a:93:92:
07:6a:05:30:67:d3:13:89:e1:4a:9c:ae:36:f7:d2:5d:4c:53:
9d:21:a3:4b:ca:c1:82:20:75:ff:12:7a:5d:8e:bf:c4:fb:70:
4b:77:42:9d:28:67:23:8f:cd:dc:04:01:a8:53:8f:84:88:89:
26:87:c7:da:73:57:9e:84:8f:04:ea:c9:9c:86:b3:2d:83:3a:
a3:6b:c2:45:12:85:a2:aa:b9:4a:92:60:1f:ff:46:9e:93:1d:
73:34:b1:4c:d4:81:73:15:55:98:81:08:7e:3b:2e:9d:08:c4:
8d:53:5a:17:a6:26:9b:4c:87:06:76:3e:c4:2b:b5:e6:0b:5a:
e5:52:ff:5f:5e:dd:56:88:68:38:97:96:3e:de:88:62:77:76:
b7:c0:b5:a3:1c:2d:ac:53:da:bb:1d:03:11:6c:14:cf:7b:bc:
8f:eb:82:c5:2b:d2:da:36:09:55:7b:7c:69:10:9c:4c:82:8e:
82:f1:b6:6c:67:9a:99:ef:26:fe:56:a9:76:61:c9:c7:67:6e:
6d:51:cd:15:48:bc:ca:b3:3d:d3:8b:7a:ba:e7:1c:ed:42:e0:
53:a2:95:6a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ0G6pUuj0IcJvRxEhXeud3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzE5MTYyNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmIxYzY1YWFkZTJjYmI5MWZmODRmNTM1MGVmMWIzNDliMDEzYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCOjEoPXq+MiyjBmCY0l5hqBjF3X
BXyOUmGSgSV2y1p+wQHm0kSNY3TpZKD6jETRDVgAFvLa7njbQbbeG4JicFrbg6FA
95N53vuihedyWDjjMH1FU1zwmqYNsgE8tDWnohUWmr9aLqUXUal/6hnkQfUhBL55
qjHIuCK1hEVqsixZ/5GZFoR3x1ky5SNIgsSYQ/xSDq1BUbA6rxwwYuhfmjd4UdOn
fm4MIhHeHZNC8gtdyA4LnXmNJXxkvkcUx7MapdYF1RgD/O70yr0KNIsa/7fLLmAo
hSFbyLeWHO6auW3HKixqpJFhGR9G0xd5nme+V/gwNI9RhVySxXxRFADpJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN+xxlqt4su5H/hPU1DvGzSbAToHMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMzdIR1dxM2l5N2tmLUU5VFVPOGJOSnNCT2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAhs8AwQB
Ahs+AwQAkB8MAwQAkB8ZAwQAkB9qAwQAkB+IAwQAkB+pAwQAkB/dAwQAlvFCAwQA
wRfHAwQAwRfRAwQAwRfdMA0GCSqGSIb3DQEBCwUAA4IBAQAGNfKlzkEP64MihCTg
6hdiqirBPaKclE3StOxn/pBmEkhqk5IHagUwZ9MTieFKnK4299JdTFOdIaNLysGC
IHX/Enpdjr/E+3BLd0KdKGcjj83cBAGoU4+EiIkmh8fac1eehI8E6smchrMtgzqj
a8JFEoWiqrlKkmAf/0aekx1zNLFM1IFzFVWYgQh+Oy6dCMSNU1oXpiabTIcGdj7E
K7XmC1rlUv9fXt1WiGg4l5Y+3ohid3a3wLWjHC2sU9q7HQMRbBTPe7yP64LFK9La
NglVe3xpEJxMgo6C8bZsZ5qZ7yb+Vql2YcnHZ25tUc0VSLzKsz3Ti3q65xztQuBT
opVq
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:36:24 2026 by rpki-client