Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6RAzlF7wDzIJGOguzTUfUFu2xAI.roa
File: 6RAzlF7wDzIJGOguzTUfUFu2xAI.roa (raw, json)
Hash identifier: 8QzftoUXq+/H1CVerX/zlp0ujC140wbl+p0XfwT1TQE=
Subject key identifier: E9:10:33:94:5E:F0:0F:32:09:18:E8:2E:CD:35:1F:50:5B:B6:C4:02
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019ED6B8B40F389CC5D665440A4A05A1010D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6RAzlF7wDzIJGOguzTUfUFu2xAI.roa
Signing time: Wed 17 Jun 2026 17:54:49 +0000
ROA not before: Wed 17 Jun 2026 17:54:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216127
IP address blocks: 2.26.16.0/22 maxlen: 24
2.26.28.0/22 maxlen: 24
2.26.116.0/22 maxlen: 24
2.26.158.0/24 maxlen: 24
2.26.192.0/21 maxlen: 24
2.26.248.0/22 maxlen: 24
2.27.18.0/24 maxlen: 24
2.27.19.0/24 maxlen: 24
31.76.16.0/22 maxlen: 24
31.76.44.0/22 maxlen: 24
31.76.72.0/22 maxlen: 24
31.76.96.0/22 maxlen: 24
31.76.224.0/22 maxlen: 24
31.77.132.0/22 maxlen: 24
31.77.174.0/23 maxlen: 24
31.77.218.0/24 maxlen: 24
31.77.223.0/24 maxlen: 24
77.239.96.0/22 maxlen: 24
144.31.96.0/22 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.188.0/23 maxlen: 24
144.31.200.0/23 maxlen: 24
144.31.204.0/23 maxlen: 24
144.31.250.0/23 maxlen: 24
150.241.90.0/23 maxlen: 24
185.184.120.0/24 maxlen: 24
185.184.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d6:b8:b4:0f:38:9c:c5:d6:65:44:0a:4a:05:a1:01:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 17 17:54:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e91033945ef00f320918e82ecd351f505bb6c402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:76:8e:54:e5:7b:cb:19:b0:84:40:52:84:42:
7d:91:33:95:8d:6e:2a:a7:10:e2:aa:66:55:50:50:
6a:12:47:81:bf:fc:a0:d9:e7:14:8e:06:b4:9b:63:
70:32:52:bd:5d:b5:7d:f7:3f:44:f2:ba:10:45:b8:
fd:c7:2b:a8:6b:7f:36:a0:76:d6:d4:ca:9a:0c:26:
ad:da:04:3c:04:85:cc:e4:5f:c2:61:7c:99:94:6c:
ee:df:bc:57:71:2b:24:c5:df:c9:99:ca:69:46:58:
02:c1:16:8f:fa:51:02:dc:8f:57:95:82:04:43:90:
2a:72:b7:52:a4:a8:7a:e6:1d:f0:71:f5:e7:d9:44:
41:98:bf:fc:a2:e5:a8:cf:f5:49:c2:17:8d:2b:1c:
19:b7:e2:b5:20:de:14:05:32:04:65:5f:34:f4:38:
69:2e:f7:a5:e3:c5:d4:90:f0:59:a9:42:37:f6:a0:
54:c3:e0:de:61:4b:49:ff:25:e1:4a:d6:9c:03:96:
3f:90:e0:4a:aa:a5:a7:15:0d:a0:23:96:1f:1f:a9:
f1:4c:7a:38:53:4b:73:11:86:c0:59:04:c9:b1:c7:
10:f5:ad:f7:e9:24:25:d5:83:eb:23:87:80:47:52:
04:37:02:7c:fc:6d:64:cc:e3:e8:3a:c4:e6:c0:d8:
9b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:10:33:94:5E:F0:0F:32:09:18:E8:2E:CD:35:1F:50:5B:B6:C4:02
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6RAzlF7wDzIJGOguzTUfUFu2xAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.16.0/22
2.26.28.0/22
2.26.116.0/22
2.26.158.0/24
2.26.192.0/21
2.26.248.0/22
2.27.18.0/23
31.76.16.0/22
31.76.44.0/22
31.76.72.0/22
31.76.96.0/22
31.76.224.0/22
31.77.132.0/22
31.77.174.0/23
31.77.218.0/24
31.77.223.0/24
77.239.96.0/22
144.31.96.0/22
144.31.154.0/23
144.31.180.0/22
144.31.188.0/23
144.31.200.0/23
144.31.204.0/23
144.31.250.0/23
150.241.90.0/23
185.184.120.0/23
Signature Algorithm: sha256WithRSAEncryption
80:03:0a:94:54:d7:53:3d:27:19:85:71:72:d4:47:18:67:98:
14:6a:c3:8c:29:17:3b:b9:1c:49:f7:d5:7a:05:5f:e1:e9:1d:
0b:46:98:13:c8:ec:36:24:de:34:0e:30:80:50:25:8d:c1:58:
49:5c:cb:7a:15:db:34:70:5f:27:3f:da:3d:26:61:3d:56:4b:
f8:db:fb:de:44:8b:26:db:18:26:60:90:f3:f1:47:79:62:52:
0c:4d:96:1f:d7:25:42:b1:a3:20:d4:40:b1:ca:71:74:b8:f3:
ec:64:43:08:fa:6f:b1:ba:95:53:b8:9a:4c:d6:74:d7:1d:84:
29:b2:ca:3a:cd:84:23:b8:80:56:d6:e3:1d:1e:fb:91:74:bd:
34:64:87:79:98:63:0a:e0:32:25:c9:d6:05:1f:37:ff:21:fe:
6b:a3:88:81:57:7a:b1:5d:62:7c:e3:bb:8c:11:b4:11:46:6b:
5f:98:bd:fa:e3:7c:7d:37:b8:19:64:e3:5a:2e:73:88:c9:19:
37:52:c1:b3:b1:8e:78:93:4e:d6:e5:84:09:38:78:80:73:5a:
b3:78:45:8c:7c:3b:88:e2:ad:8b:b4:9a:fe:e9:c8:fb:4e:b8:
e0:a6:23:f8:ee:5c:0f:ef:21:ef:38:58:ab:fa:f2:1e:f0:d5:
c6:b8:4e:02
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZ7WuLQPOJzF1mVECkoFoQENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjE3MTc1NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTEwMzM5NDVlZjAwZjMyMDkxOGU4MmVjZDM1MWY1MDViYjZjNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HaOVOV7yxmwhEBShEJ9kTOVjW4q
pxDiqmZVUFBqEkeBv/yg2ecUjga0m2NwMlK9XbV99z9E8roQRbj9xyuoa382oHbW
1MqaDCat2gQ8BIXM5F/CYXyZlGzu37xXcSskxd/JmcppRlgCwRaP+lEC3I9XlYIE
Q5AqcrdSpKh65h3wcfXn2URBmL/8ouWoz/VJwheNKxwZt+K1IN4UBTIEZV809Dhp
Lvel48XUkPBZqUI39qBUw+DeYUtJ/yXhStacA5Y/kOBKqqWnFQ2gI5YfH6nxTHo4
U0tzEYbAWQTJsccQ9a336SQl1YPrI4eAR1IENwJ8/G1kzOPoOsTmwNibNwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFOkQM5Re8A8yCRjoLs01H1BbtsQCMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNlJBemxGN3dEeklKR09ndXpUVWZVRnUyeEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIC
GhADBAICGhwDBAICGnQDBAACGp4DBAMCGsADBAICGvgDBAECGxIDBAIfTBADBAIf
TCwDBAIfTEgDBAIfTGADBAIfTOADBAIfTYQDBAEfTa4DBAAfTdoDBAAfTd8DBAJN
72ADBAKQH2ADBAGQH5oDBAKQH7QDBAGQH7wDBAGQH8gDBAGQH8wDBAGQH/oDBAGW
8VoDBAG5uHgwDQYJKoZIhvcNAQELBQADggEBAIADCpRU11M9JxmFcXLURxhnmBRq
w4wpFzu5HEn31XoFX+HpHQtGmBPI7DYk3jQOMIBQJY3BWElcy3oV2zRwXyc/2j0m
YT1WS/jb+95EiybbGCZgkPPxR3liUgxNlh/XJUKxoyDUQLHKcXS48+xkQwj6b7G6
lVO4mkzWdNcdhCmyyjrNhCO4gFbW4x0e+5F0vTRkh3mYYwrgMiXJ1gUfN/8h/muj
iIFXerFdYnzju4wRtBFGa1+YvfrjfH03uBlk41ouc4jJGTdSwbOxjniTTtblhAk4
eIBzWrN4RYx8O4jirYu0mv7pyPtOuOCmI/juXA/vIe84WKv68h7w1ca4TgI=
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:06:28 2026 by rpki-client