Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/AGHW7fKuSo3ObGy_YaGY_6Su1c0.roa
File: AGHW7fKuSo3ObGy_YaGY_6Su1c0.roa (raw, json)
Hash identifier: Yitpsyyi4uJuhgWlu5oqRyR4xEZS/ROFLT1KbeVZcn4=
Subject key identifier: 00:61:D6:ED:F2:AE:4A:8D:CE:6C:6C:BF:61:A1:98:FF:A4:AE:D5:CD
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DD5614ADDFF1D4F37B719F1AF64C2430B
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/AGHW7fKuSo3ObGy_YaGY_6Su1c0.roa
Signing time: Tue 28 Apr 2026 18:36:56 +0000
ROA not before: Tue 28 Apr 2026 18:36:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 2.26.64.0/22 maxlen: 24
2.26.64.0/24 maxlen: 24
2.26.65.0/24 maxlen: 24
2.26.72.0/23 maxlen: 24
2.26.73.0/24 maxlen: 24
2.26.121.0/24 maxlen: 24
2.27.1.0/24 maxlen: 24
2.27.48.0/23 maxlen: 24
2.27.49.0/24 maxlen: 24
2.27.50.0/23 maxlen: 24
37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.72.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
144.31.80.0/24 maxlen: 24
144.31.81.0/24 maxlen: 24
144.31.132.0/24 maxlen: 24
144.31.133.0/24 maxlen: 24
144.31.184.0/24 maxlen: 24
144.31.185.0/24 maxlen: 24
144.31.194.0/24 maxlen: 24
144.31.195.0/24 maxlen: 24
150.241.76.0/24 maxlen: 24
150.241.77.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:61:4a:dd:ff:1d:4f:37:b7:19:f1:af:64:c2:43:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 28 18:36:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0061d6edf2ae4a8dce6c6cbf61a198ffa4aed5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:ec:da:e3:ed:7b:d6:16:5c:98:7b:2d:25:
6e:1e:7e:65:4c:dd:43:5f:3b:2d:bc:61:1a:6f:06:
2a:3f:1d:57:6e:58:12:a0:f4:26:f6:a6:9a:5c:6c:
6e:26:1f:99:26:4f:7f:12:9d:c7:76:7e:29:21:e2:
86:d3:b7:07:90:2f:01:9c:12:eb:ba:f8:57:a5:87:
5d:47:c4:0e:25:63:c2:49:1c:fb:28:71:a3:2f:20:
11:83:67:cc:61:ad:a4:78:d6:1b:8b:17:15:21:d7:
cd:aa:89:df:18:da:de:52:18:a2:9f:a3:37:9d:e2:
90:88:9c:f1:cc:43:98:4f:95:64:36:d5:40:2f:7b:
66:6b:90:5e:72:f2:db:c2:b7:21:c2:72:8c:c0:94:
4a:fc:0a:3a:5a:f4:de:44:9e:9a:6b:09:d2:a3:e2:
27:97:c4:f6:f7:87:03:3e:dc:80:b9:2f:d5:88:40:
c2:79:a6:3b:55:f9:d9:99:69:fc:8b:49:88:63:33:
be:b9:93:8e:20:bd:53:d7:63:93:3a:ec:50:a1:23:
12:80:61:5e:f0:b2:84:be:a7:d6:8f:a9:39:9d:c0:
7e:81:ce:42:f4:91:f6:b5:dd:04:4b:e6:ab:c2:92:
62:5f:eb:a6:2b:e2:49:6b:d9:da:58:ee:44:2f:d0:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:61:D6:ED:F2:AE:4A:8D:CE:6C:6C:BF:61:A1:98:FF:A4:AE:D5:CD
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/AGHW7fKuSo3ObGy_YaGY_6Su1c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.64.0/22
2.26.72.0/23
2.26.121.0/24
2.27.1.0/24
2.27.48.0/22
37.46.16.0/22
64.188.72.0/24
64.188.99.0/24
77.239.106.0/24
144.31.80.0/23
144.31.132.0/23
144.31.184.0/23
144.31.194.0/23
150.241.76.0/23
150.241.113.0-150.241.114.255
Signature Algorithm: sha256WithRSAEncryption
41:2d:e9:90:a9:99:22:33:6f:a8:ce:33:58:c7:64:b4:1c:fa:
a5:34:f2:4f:2f:94:59:86:e8:85:81:d6:97:c6:71:cb:20:08:
b0:a1:10:d3:66:04:7e:46:cb:4e:09:d7:3a:67:ad:ab:3e:ad:
56:11:d0:e7:9c:e9:b9:57:c3:a3:33:bb:1d:d9:59:07:b8:ea:
17:b9:9c:5d:13:b9:14:df:f1:69:91:46:57:a1:a9:cc:6c:6a:
9a:30:24:9a:0b:fc:19:69:ef:73:5d:a6:5e:89:e2:06:f4:af:
80:b5:50:8c:4a:d3:e2:f6:a9:7d:d9:11:1b:17:2b:42:1f:7c:
51:ca:6f:32:88:e5:2b:c4:06:85:b0:23:aa:38:2c:55:2c:93:
47:e4:b3:1a:7e:ea:24:83:93:f1:90:dd:f8:01:93:b7:62:c0:
94:e2:11:63:8c:84:88:19:56:6b:c3:2c:af:e7:70:2c:94:ad:
52:a7:c4:f6:e2:d4:40:ea:f3:83:30:e2:f8:a6:01:02:66:6c:
2a:5a:37:5d:16:5b:ae:6e:0a:51:89:28:ae:2b:f5:b9:5e:06:
23:6e:25:68:51:7c:b0:9a:1f:ef:d5:36:6e:7e:95:42:5f:fd:
b5:0b:8c:07:96:d4:2f:70:05:96:48:64:c9:9b:f8:61:99:7d:
48:94:6f:ec
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ3VYUrd/x1PN7cZ8a9kwkMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDI4MTgzNjU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDYxZDZlZGYyYWU0YThkY2U2YzZjYmY2MWExOThmZmE0YWVkNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk7s2uPte9YWXJh7LSVuHn5lTN1D
XzstvGEabwYqPx1XblgSoPQm9qaaXGxuJh+ZJk9/Ep3Hdn4pIeKG07cHkC8BnBLr
uvhXpYddR8QOJWPCSRz7KHGjLyARg2fMYa2keNYbixcVIdfNqonfGNreUhiin6M3
neKQiJzxzEOYT5VkNtVAL3tma5BecvLbwrchwnKMwJRK/Ao6WvTeRJ6aawnSo+In
l8T294cDPtyAuS/ViEDCeaY7VfnZmWn8i0mIYzO+uZOOIL1T12OTOuxQoSMSgGFe
8LKEvqfWj6k5ncB+gc5C9JH2td0ES+arwpJiX+umK+JJa9naWO5EL9AhVwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFABh1u3yrkqNzmxsv2GhmP+krtXNMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvQUdIVzdmS3VTbzNPYkd5X1lhR1lfNlN1MWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCAhpAAwQB
AhpIAwQAAhp5AwQAAhsBAwQCAhswAwQCJS4QAwQAQLxIAwQAQLxjAwQATe9qAwQB
kB9QAwQBkB+EAwQBkB+4AwQBkB/CAwQBlvFMMAwDBACW8XEDBACW8XIwDQYJKoZI
hvcNAQELBQADggEBAEEt6ZCpmSIzb6jOM1jHZLQc+qU08k8vlFmG6IWB1pfGccsg
CLChENNmBH5Gy04J1zpnras+rVYR0Oec6blXw6Mzux3ZWQe46he5nF0TuRTf8WmR
RlehqcxsapowJJoL/Blp73Ndpl6J4gb0r4C1UIxK0+L2qX3ZERsXK0IffFHKbzKI
5SvEBoWwI6o4LFUsk0fksxp+6iSDk/GQ3fgBk7diwJTiEWOMhIgZVmvDLK/ncCyU
rVKnxPbi1EDq84Mw4vimAQJmbCpaN10WW65uClGJKK4r9bleBiNuJWhRfLCaH+/V
Nm5+lUJf/bULjAeW1C9wBZZIZMmb+GGZfUiUb+w=
-----END CERTIFICATE-----
Generated at Tue May 5 16:49:01 2026 by rpki-client