Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6TxoIxQQS62hp2HvnE2yR1bdhK8.roa
File: 6TxoIxQQS62hp2HvnE2yR1bdhK8.roa (raw, json)
Hash identifier: oUXubKp/0gTTVAC0nOmVDxn05FT2N2k/qjyW3L3XYdY=
Subject key identifier: E9:3C:68:23:14:10:4B:AD:A1:A7:61:EF:9C:4D:B2:47:56:DD:84:AF
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E749479028CA5E26C9D520454F74B0ABD
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6TxoIxQQS62hp2HvnE2yR1bdhK8.roa
Signing time: Fri 29 May 2026 16:32:27 +0000
ROA not before: Fri 29 May 2026 16:32:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 2.27.64.0/22 maxlen: 24
2.27.68.0/24 maxlen: 24
2.27.69.0/24 maxlen: 24
2.27.70.0/24 maxlen: 24
2.27.71.0/24 maxlen: 24
2.27.72.0/23 maxlen: 24
2.27.74.0/23 maxlen: 24
2.27.76.0/24 maxlen: 24
2.27.77.0/24 maxlen: 24
2.27.80.0/24 maxlen: 24
2.27.81.0/24 maxlen: 24
2.27.87.0/24 maxlen: 24
2.27.89.0/24 maxlen: 24
2.27.90.0/24 maxlen: 24
2.27.91.0/24 maxlen: 24
31.77.0.0/22 maxlen: 24
31.77.4.0/22 maxlen: 24
31.77.8.0/22 maxlen: 24
31.77.12.0/22 maxlen: 24
31.77.16.0/22 maxlen: 24
31.77.20.0/22 maxlen: 24
31.77.24.0/22 maxlen: 24
31.77.28.0/22 maxlen: 24
31.77.32.0/23 maxlen: 24
31.77.34.0/23 maxlen: 24
31.77.36.0/23 maxlen: 24
31.77.38.0/23 maxlen: 24
31.77.40.0/23 maxlen: 24
31.77.42.0/23 maxlen: 24
31.77.44.0/23 maxlen: 24
31.77.46.0/23 maxlen: 24
31.77.58.0/23 maxlen: 24
31.77.60.0/23 maxlen: 24
31.77.70.0/23 maxlen: 24
31.77.74.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:74:94:79:02:8c:a5:e2:6c:9d:52:04:54:f7:4b:0a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 29 16:32:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e93c682314104bada1a761ef9c4db24756dd84af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b4:26:b5:69:59:ba:de:0c:1c:8e:4a:6c:da:
b6:41:e1:6a:77:62:a7:75:ec:a9:86:eb:6d:f3:61:
56:4a:07:5a:04:4b:99:1c:5c:ee:33:80:b3:5e:b0:
f3:b9:72:72:7d:bb:27:33:6d:d5:17:f3:10:7d:0a:
cf:94:2d:de:b3:b4:f8:9b:75:1c:a1:bc:e9:2e:fd:
2d:11:3c:cf:94:1b:29:f2:04:22:82:1f:61:d2:19:
fc:c6:d1:80:de:8e:8f:c9:74:44:c5:f1:22:9c:d3:
d9:d1:e4:72:c7:de:08:21:db:3b:f7:5c:3b:a9:6c:
28:23:90:86:ad:93:34:74:fb:81:a1:3e:2b:ac:7a:
9b:39:c5:82:9f:26:5c:7a:6e:53:4c:2d:55:1e:a7:
b4:d5:b5:52:47:6d:28:9e:2f:23:94:36:c9:28:bd:
44:a2:8c:88:f7:05:e6:f0:b2:08:9c:1d:ef:fe:a2:
cf:ea:c9:c2:bf:2f:02:7d:18:7c:31:c7:25:98:12:
77:f7:2a:f0:26:58:6a:f6:3f:de:db:a0:6e:79:ee:
ae:4e:7b:03:10:85:c2:6d:9a:6e:62:ae:ec:c1:21:
4f:37:53:9f:97:6d:1c:ab:16:0c:38:6b:4c:83:1a:
bd:54:71:cb:81:3c:c2:f6:0d:cb:10:0d:19:0b:57:
e6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3C:68:23:14:10:4B:AD:A1:A7:61:EF:9C:4D:B2:47:56:DD:84:AF
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/6TxoIxQQS62hp2HvnE2yR1bdhK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.64.0-2.27.77.255
2.27.80.0/23
2.27.87.0/24
2.27.89.0-2.27.91.255
31.77.0.0-31.77.47.255
31.77.58.0-31.77.61.255
31.77.70.0/23
31.77.74.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:93:f3:db:95:20:21:d2:45:d8:76:a7:82:df:ac:6d:1d:a4:
48:6b:c4:1b:7f:f2:05:a2:f2:92:92:53:b2:aa:42:39:13:da:
0a:87:5b:77:13:f8:87:e6:68:53:af:70:65:12:fc:bb:a8:53:
da:70:b4:45:b7:64:90:a0:33:3b:dd:1e:fa:d4:5a:49:9f:47:
a9:2f:c9:05:4d:84:d0:6c:db:5b:1f:eb:6b:97:95:2c:6b:f8:
96:13:8e:32:9a:04:d2:09:2f:e6:a9:3c:c9:6c:81:b9:c0:aa:
5e:ce:7b:1d:f2:23:2f:95:7c:22:d0:61:d8:78:7e:72:2f:d7:
85:e7:f9:92:f4:d7:bd:69:0a:b5:21:25:bf:59:ad:00:16:25:
b8:3e:f5:40:83:4f:39:85:86:2a:91:c7:90:81:6a:2d:ae:3a:
1c:ff:b1:f8:de:e5:0a:6a:64:ca:52:de:e2:44:3c:96:50:02:
bc:c5:f4:6f:9a:6c:ff:45:c2:cd:e5:88:55:f5:7f:0b:85:66:
78:de:fe:44:bf:56:b7:ae:4f:35:b6:48:b9:2e:9c:23:3e:a1:
4f:b5:ae:e7:36:92:f6:b5:22:80:3d:e6:c1:15:ab:75:d1:16:
70:93:9f:ef:d2:fc:70:0f:b3:39:e2:cb:ba:5a:de:f4:ae:ce:
b0:be:61:c7
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZ50lHkCjKXibJ1SBFT3Swq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTI5MTYzMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTNjNjgyMzE0MTA0YmFkYTFhNzYxZWY5YzRkYjI0NzU2ZGQ4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLQmtWlZut4MHI5KbNq2QeFqd2Kn
deyphutt82FWSgdaBEuZHFzuM4CzXrDzuXJyfbsnM23VF/MQfQrPlC3es7T4m3Uc
obzpLv0tETzPlBsp8gQigh9h0hn8xtGA3o6PyXRExfEinNPZ0eRyx94IIds791w7
qWwoI5CGrZM0dPuBoT4rrHqbOcWCnyZcem5TTC1VHqe01bVSR20oni8jlDbJKL1E
ooyI9wXm8LIInB3v/qLP6snCvy8CfRh8McclmBJ39yrwJlhq9j/e26Buee6uTnsD
EIXCbZpuYq7swSFPN1Ofl20cqxYMOGtMgxq9VHHLgTzC9g3LEA0ZC1fmGwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOk8aCMUEEutoadh75xNskdW3YSvMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNlR4b0l4UVFTNjJocDJIdm5FMnlSMWJkaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPMAwDBAYCG0AD
BAECG0wDBAECG1ADBAACG1cwDAMEAAIbWQMEAgIbWDALAwMAH00DBAQfTSAwDAME
AR9NOgMEAR9NPAMEAR9NRgMEAR9NSjANBgkqhkiG9w0BAQsFAAOCAQEAPpPz25Ug
IdJF2Hangt+sbR2kSGvEG3/yBaLykpJTsqpCORPaCodbdxP4h+ZoU69wZRL8u6hT
2nC0RbdkkKAzO90e+tRaSZ9HqS/JBU2E0GzbWx/ra5eVLGv4lhOOMpoE0gkv5qk8
yWyBucCqXs57HfIjL5V8ItBh2Hh+ci/Xhef5kvTXvWkKtSElv1mtABYluD71QINP
OYWGKpHHkIFqLa46HP+x+N7lCmpkylLe4kQ8llACvMX0b5ps/0XCzeWIVfV/C4Vm
eN7+RL9Wt65PNbZIuS6cIz6hT7Wu5zaS9rUigD3mwRWrddEWcJOf79L8cA+zOeLL
ulre9K7OsL5hxw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:21:56 2026 by rpki-client