Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7y1I8KjX8JGMO55NbZKCaaBq2nc.roa
File: 7y1I8KjX8JGMO55NbZKCaaBq2nc.roa (raw, json)
Hash identifier: hfi4hmu0MITat1yOTMXmmcDvFSebNyF81wclqeanaqM=
Subject key identifier: EF:2D:48:F0:A8:D7:F0:91:8C:3B:9E:4D:6D:92:82:69:A0:6A:DA:77
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DBCD93F28C5F427C138B12CA2C81A7BB9
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7y1I8KjX8JGMO55NbZKCaaBq2nc.roa
Signing time: Fri 24 Apr 2026 00:17:27 +0000
ROA not before: Fri 24 Apr 2026 00:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206134
IP address blocks: 2.26.16.0/22 maxlen: 24
2.26.28.0/22 maxlen: 24
2.26.116.0/22 maxlen: 24
2.26.248.0/22 maxlen: 24
2.27.16.0/22 maxlen: 24
2.27.120.0/22 maxlen: 24
31.76.224.0/22 maxlen: 24
64.188.115.0/24 maxlen: 24
77.239.127.0/24 maxlen: 24
144.31.98.0/24 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.188.0/23 maxlen: 24
144.31.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bc:d9:3f:28:c5:f4:27:c1:38:b1:2c:a2:c8:1a:7b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 24 00:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef2d48f0a8d7f0918c3b9e4d6d928269a06ada77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:d7:9c:b9:91:97:6d:93:ca:26:75:b1:b9:
df:b7:25:af:ff:11:0d:5d:71:60:35:7b:16:dd:79:
48:4b:0f:08:eb:92:b7:ac:19:db:04:0b:8e:66:9f:
cd:8f:6c:4e:3d:c7:69:d2:05:da:17:53:85:94:f2:
6f:15:72:b9:6d:0d:25:9d:a4:7c:88:99:2f:95:a8:
a5:62:e4:88:87:41:44:1f:b4:39:7f:d4:0c:98:6e:
fc:ab:c8:4d:9e:31:2e:f3:2f:81:a5:26:5f:de:b5:
5d:6e:b5:2e:82:f0:36:be:f5:75:9e:5e:ec:84:16:
49:07:7d:fb:ac:8a:e8:00:b0:d8:ef:c7:fb:4d:1a:
ef:46:60:a4:a8:73:ec:14:1a:c6:74:cf:4f:4e:a3:
e7:5d:bc:e7:aa:2a:69:57:13:fc:eb:f4:5f:59:56:
f6:cc:ff:9c:91:ba:52:47:de:c4:da:54:ee:dd:db:
f0:36:0e:c5:9e:ea:aa:66:21:92:e2:72:27:c2:24:
33:20:ee:fa:c3:f8:4e:62:08:cb:48:53:a2:2e:5e:
b5:58:05:ef:ff:be:fc:db:a6:9f:2a:d5:13:46:f1:
15:67:83:94:e6:19:ea:9b:56:2e:4d:1e:92:b9:01:
d4:93:9c:6e:5b:2f:73:88:b3:35:a2:c4:58:92:c0:
c1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2D:48:F0:A8:D7:F0:91:8C:3B:9E:4D:6D:92:82:69:A0:6A:DA:77
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7y1I8KjX8JGMO55NbZKCaaBq2nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.16.0/22
2.26.28.0/22
2.26.116.0/22
2.26.248.0/22
2.27.16.0/22
2.27.120.0/22
31.76.224.0/22
64.188.115.0/24
77.239.127.0/24
144.31.98.0/24
144.31.154.0/23
144.31.180.0/22
144.31.188.0/23
144.31.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:08:24:0f:7c:d2:08:f7:30:96:e6:e0:1d:61:24:05:50:54:
36:cb:fd:cc:30:22:5a:ce:5c:a6:98:04:6e:d6:bd:c4:e8:67:
85:39:2a:c7:94:7c:4f:10:bb:f2:7e:cf:73:b8:8f:6c:0c:d9:
67:b1:d3:d2:93:93:ee:14:65:8b:94:a3:a3:37:c7:63:99:a6:
96:aa:c4:41:03:22:95:da:1e:43:6a:18:28:12:97:64:b6:04:
db:35:4f:56:3b:98:f8:23:f4:fa:37:dd:75:41:95:1f:b3:0e:
c8:bd:58:d5:51:64:7b:b1:b6:fb:28:fa:25:c4:e0:c1:e0:27:
d5:b8:2a:c2:e8:78:ae:d0:25:32:05:1e:f2:29:cd:72:1e:a7:
af:f9:9b:e4:d6:c7:f6:c5:94:fb:a5:9a:a9:40:ca:3f:37:3a:
2a:b9:69:ad:e0:ff:05:fb:cf:a6:81:ff:ed:3b:d9:2b:fe:62:
3e:07:46:23:26:3d:92:21:aa:ff:a9:99:2d:7b:21:9e:bf:61:
fa:31:8e:92:a9:b4:7a:ae:87:02:18:e0:fd:68:ac:4f:9b:4b:
39:96:6c:40:d9:ee:07:94:37:16:13:12:03:a3:17:75:ff:99:
a2:99:2b:08:63:93:14:a9:57:1c:27:ec:fb:6d:d6:8d:a6:7b:
65:88:38:b5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ282T8oxfQnwTixLKLIGnu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDI0MDAxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJkNDhmMGE4ZDdmMDkxOGMzYjllNGQ2ZDkyODI2OWEwNmFkYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNHXnLmRl22TyiZ1sbnftyWv/xEN
XXFgNXsW3XlISw8I65K3rBnbBAuOZp/Nj2xOPcdp0gXaF1OFlPJvFXK5bQ0lnaR8
iJkvlailYuSIh0FEH7Q5f9QMmG78q8hNnjEu8y+BpSZf3rVdbrUugvA2vvV1nl7s
hBZJB337rIroALDY78f7TRrvRmCkqHPsFBrGdM9PTqPnXbznqippVxP86/RfWVb2
zP+ckbpSR97E2lTu3dvwNg7FnuqqZiGS4nInwiQzIO76w/hOYgjLSFOiLl61WAXv
/77826afKtUTRvEVZ4OU5hnqm1YuTR6SuQHUk5xuWy9ziLM1osRYksDBGwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFO8tSPCo1/CRjDueTW2Sgmmgatp3MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvN3kxSThLalg4SkdNTzU1TmJaS0NhYUJxMm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCAhoQAwQC
AhocAwQCAhp0AwQCAhr4AwQCAhsQAwQCAht4AwQCH0zgAwQAQLxzAwQATe9/AwQA
kB9iAwQBkB+aAwQCkB+0AwQBkB+8AwQAkB/7MA0GCSqGSIb3DQEBCwUAA4IBAQBt
CCQPfNII9zCW5uAdYSQFUFQ2y/3MMCJazlymmARu1r3E6GeFOSrHlHxPELvyfs9z
uI9sDNlnsdPSk5PuFGWLlKOjN8djmaaWqsRBAyKV2h5DahgoEpdktgTbNU9WO5j4
I/T6N911QZUfsw7IvVjVUWR7sbb7KPolxODB4CfVuCrC6Hiu0CUyBR7yKc1yHqev
+Zvk1sf2xZT7pZqpQMo/NzoquWmt4P8F+8+mgf/tO9kr/mI+B0YjJj2SIar/qZkt
eyGev2H6MY6SqbR6rocCGOD9aKxPm0s5lmxA2e4HlDcWExIDoxd1/5mimSsIY5MU
qVccJ+z7bdaNpntliDi1
-----END CERTIFICATE-----
Generated at Tue May 5 16:50:49 2026 by rpki-client